WiredWX Hobby Weather ToolsLog in

 


descriptionpersonal antivirus Emptypersonal antivirus

more_horiz
hi, this lovely little thing called personel antivirus seems to have invaded my computer, can anyone help me to be rid of this? please...........?

descriptionpersonal antivirus EmptyRe: personal antivirus

more_horiz
Hi

personal antivirus Mbamicontw5 Please download Malwarebytes Anti-Malware from here.

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

descriptionpersonal antivirus EmptyRe: personal antivirus

more_horiz
Malwarebytes' Anti-Malware 1.41
Database version: 2825
Windows 5.1.2600 Service Pack 3

2009/09/19 10:28:59 PM
mbam-log-2009-09-19 (22-28-59).txt

Scan type: Full Scan (C:\|E:\|)
Objects scanned: 382862
Time elapsed: 5 hour(s), 51 minute(s), 6 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 31
Registry Values Infected: 4
Registry Data Items Infected: 2
Folders Infected: 15
Files Infected: 41

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\WINDOWS\system32\msxmlm.dll (Trojan.FakeAlert) -> Delete on reboot.

Registry Keys Infected:
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx.1 (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2b96d5cc-c5b5-49a5-a69d-cc0a30f9028c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{70004d5d-3bf6-4d51-43b2-02fc0002cdb5} (Rogue.Errorsafe) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a77d3539-581d-450c-9e44-a84c415a6172} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a77d3539-581d-450c-9e44-a84c415a6172} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a77d3539-581d-450c-9e44-a84c415a6172} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{500bca15-57a7-4eaf-8143-8c619470b13d} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8c875948-9c60-4381-9248-0df180542d53} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{014da6c1-189f-421a-88cd-07cfe51cff10} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{2b96d5cc-c5b5-49a5-a69d-cc0a30f9028c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{497dddb6-6eee-4561-9621-b77dc82c1f84} (Rogue.Ascentive) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4e980492-027b-47f1-a7ab-ab086dacbb9e} (Rogue.Ascentive) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{5ead8321-fcbb-4c3f-888c-ac373d366c3f} (Rogue.Ascentive) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{31f3cf6e-a71a-4daa-852b-39ac230940b4} (Rogue.Ascentive) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{10EE433D-A290-4811-B562-8A1878AEE706} (Rogue.SmitFraudFixTool) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Installer\UpgradeCodes\EF138E14611BA61409610A78A0285E8E (Rogue.SmitFraudFixTool) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchwbtoolbar.temperaturebarbutton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchwbtoolbar.temperaturebarbutton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ErrorKiller (Rogue.ErrorKiller) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\RegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\SmitFraudFixTool (Rogue.SmitFraudFixTool) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\VB and VBA Program Settings\Registry Defender (Rogue.Registry.Defender) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel\NameSpace\{10EE433D-A290-4811-B562-8A1878AEE706} (Rogue.SmitFraudFixTool) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0DB72C2C70E48F34A898781CD253EC04 (Rogue.SmitFraudFixTool) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4FC4B1A375C0D8941BC39DB8BB47D245 (Rogue.SmitFraudFixTool) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\630D493643B41934EB237345CEEF4E5B (Rogue.SmitFraudFixTool) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EA89927B602E18D4AA02A27FED4E0040 (Rogue.SmitFraudFixTool) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F2F26FF30CAEE3C4EAEDB812E4B27304 (Rogue.SmitFraudFixTool) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Error Nuker (Rogue.ErrorNuker) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\system32\SysRestore.dll (Rogue.Ascentive) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Environment\avapp (Rogue.PersonalAntiVirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Environment\avuninst (Rogue.PersonalAntiVirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SmitFraudFixTool (Rogue.SmitFraudFixTool) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
C:\Documents and Settings\Jim\Application Data\ErrorKiller (Rogue.ErrorKiller) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jim\Application Data\ErrorKiller\Log (Rogue.ErrorKiller) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jim\Application Data\ErrorKiller\Registry Backups (Rogue.ErrorKiller) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jim\Application Data\SmitFraudFixTool (Rogue.SmitFraudFixTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jim\Application Data\SmitFraudFixTool\Log (Rogue.SmitFraudFixTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jim\Application Data\SmitFraudFixTool\Settings (Rogue.SmitFraudFixTool) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\Uninstall\PersonalAV (Rogue.PersonalAntiVirus) -> Quarantined and deleted successfully.
C:\Program Files\PersonalAV (Rogue.PersonalAntiVirus) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\backup (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\RegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Program Files\RegistrySmart\Log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Program Files\RegistrySmart\Registry Backups (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Program Files\SmitFraudFixTool (Rogue.SmitFraudFixTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\PersonalAV (Rogue.PersonalAntiVirus) -> Quarantined and deleted successfully.

Files Infected:
C:\WINDOWS\system32\msxmlm.dll (Trojan.FakeAlert) -> Delete on reboot.
C:\WINDOWS\system32\SysRestore.dll (Rogue.Ascentive) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{9AE6D6E8-A06D-47EB-BE97-0DEC995AF459}\RP1159\A0323747.dll (Rogue.SpyCleaner) -> Quarantined and deleted successfully.
C:\Program Files\Automatic Windows Internet Washer\iea.exe (Rogue.PornCleanser) -> Quarantined and deleted successfully.
C:\Program Files\SmitFraudFixTool\SpyCleaner.dll (Rogue.SpyCleaner) -> Quarantined and deleted successfully.
C:\Program Files\Ascentive\PC SpeedScan Pro\PCSpeedScan.exe (Rogue.PCSpeedScan) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jim\Application Data\ErrorKiller\Errors.stg (Rogue.ErrorKiller) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jim\Application Data\ErrorKiller\Results.stg (Rogue.ErrorKiller) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jim\Application Data\ErrorKiller\Log\2007 Jun 30 - 09_10_47 AM.log (Rogue.ErrorKiller) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jim\Application Data\ErrorKiller\Log\2007 Jun 30 - 09_10_53 AM.log (Rogue.ErrorKiller) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jim\Application Data\ErrorKiller\Registry Backups\2007-06-30_09-18-32.reg (Rogue.ErrorKiller) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jim\Application Data\SmitFraudFixTool\rs.dat (Rogue.SmitFraudFixTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jim\Application Data\SmitFraudFixTool\Log\2009 Sep 19 - 01_51_06 PM_484.log (Rogue.SmitFraudFixTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jim\Application Data\SmitFraudFixTool\Log\2009 Sep 19 - 01_56_49 PM_281.log (Rogue.SmitFraudFixTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jim\Application Data\SmitFraudFixTool\Log\2009 Sep 19 - 02_06_21 PM_234.log (Rogue.SmitFraudFixTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jim\Application Data\SmitFraudFixTool\Log\2009 Sep 19 - 02_07_49 PM_171.log (Rogue.SmitFraudFixTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jim\Application Data\SmitFraudFixTool\Log\2009 Sep 19 - 02_12_25 PM_046.log (Rogue.SmitFraudFixTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jim\Application Data\SmitFraudFixTool\Log\2009 Sep 19 - 02_22_59 PM_343.log (Rogue.SmitFraudFixTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jim\Application Data\SmitFraudFixTool\Settings\ScanResults.pie (Rogue.SmitFraudFixTool) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\Uninstall\PersonalAV\Uninstall.lnk (Rogue.PersonalAntiVirus) -> Quarantined and deleted successfully.
C:\Program Files\PersonalAV\PersonalAV.exe (Rogue.PersonalAntiVirus) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\report.csv (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Registry Defender Platinum\backup\2008_07_12.reg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\RegistrySmart\Errors.stg (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Program Files\RegistrySmart\Results.stg (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Program Files\RegistrySmart\Log\log_2006_12_18_10_28_34.eklog (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Program Files\RegistrySmart\Log\log_2006_12_18_10_28_45.eklog (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Program Files\RegistrySmart\Log\log_2006_12_18_15_46_17.eklog (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Program Files\RegistrySmart\Registry Backups\2006-12-18_10-35-04.reg (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
C:\Program Files\SmitFraudFixTool\DataBase.ref (Rogue.SmitFraudFixTool) -> Quarantined and deleted successfully.
C:\Program Files\SmitFraudFixTool\SmitFraudFixTool.exe (Rogue.SmitFraudFixTool) -> Quarantined and deleted successfully.
C:\Program Files\SmitFraudFixTool\SmitFraudFixTool.url (Rogue.SmitFraudFixTool) -> Quarantined and deleted successfully.
C:\Program Files\SmitFraudFixTool\TCL.dll (Rogue.SmitFraudFixTool) -> Quarantined and deleted successfully.
C:\Program Files\SmitFraudFixTool\vistaCPtasks.xml (Rogue.SmitFraudFixTool) -> Quarantined and deleted successfully.
C:\Program Files\SmitFraudFixTool\zlib.dll (Rogue.SmitFraudFixTool) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\PersonalAV\Personal Antivirus.lnk (Rogue.PersonalAntiVirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\PersonalAV\Uninstall.lnk (Rogue.PersonalAntiVirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Desktop\SmitFraudFixTool.lnk (Rogue.SmitFraudFixTool) -> Quarantined and deleted successfully.
C:\WINDOWS\~.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Tasks\ErrorKiller Scheduled Scan.job (Rogue.ErrorKiller) -> Quarantined and deleted successfully.
C:\WINDOWS\Tasks\SmitFraudFixTool Scheduled Scan.job (Rogue.SmitFraudFixTool) -> Quarantined and deleted successfully.

descriptionpersonal antivirus EmptyRe: personal antivirus

more_horiz
I forgot to say thank you. I'm rid of "Personal Antivirus", and I'm extremely happy.

descriptionpersonal antivirus EmptyRe: personal antivirus

more_horiz
Hi

Please do a scan with Kaspersky Online Scanner

Click on the Accept button and install any components it needs.

  • The program will install and then begin downloading the latest definition files.
  • After the files have been downloaded on the left side of the page in the Scan section select My Computer.
  • This will start the program and scan your system.
  • The scan will take a while, so be patient and let it run.
  • Once the scan is complete, click on View scan report
  • Now, click on the Save Report as button.
  • Save the file to your desktop.
  • Copy and paste that information in your next post.

descriptionpersonal antivirus EmptyRe: personal antivirus

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum