Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

xp antimalware removal


  • Please log in to reply
No replies to this topic

#1 billbel

billbel

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:08:46 PM

Posted 11 April 2010 - 11:37 AM

Hi everyone. Let's start with some history because I do not know if these are isolated incidents but basically this is the 3rd time I have had fake anti-virus/spyware crap installed on my pc. I do not open random links or any of the normal entry points. I use AVG and no have Malwarebytes and Superantispyware and have become quite good at the manual/semi-automatic removal of these things.

Each time this has happened it has been a different one so they are probably not related but it just seems odd that it continues to happen.

I use Seamonkey as my browser...let me know if this is an issue.

The last one to get me was xp antimalware. I removed by using creating and installing an .ini file that removed the code to run the program and then ran malwarebytes after rebooting.

I expected to get a lot of issues but the only ones remaining were the registry entries shutting down the firewall and avg:

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

AVG found nothing as well.

How can I make sure this is gone?

BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users