Home > Help With > Help With Older AV360 Infection

Help With Older AV360 Infection

it took some time getting to the site as it kept hijacking the browser. info.txt logfile of random's system information tool 1.06 2009-04-03 13:52:30======Uninstall list======-->C:\WINDOWS\System32\\MSIEXEC.EXE /x {8214CC02-6271-4DC8-B8DD-779933450264}-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.infAdobe Download Manager 2.0 (Remove Only)-->"C:\Program Files\Common Files\Adobe\ESD\uninst.exe"Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exeAdobe Reader 7.0.5-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70500000002}Adobe This downloads an encrypted copy of the fake scanner, which it decrypts and writes to \\_.exe. Linda says: February 8, 2009 at 7:03 pm Thanks for all of your help! this contact form

I just deleted and emptied recycle bin. If we have ever helped you in the past, please consider helping us. But too many are charlatans: know-nothings bumbling their way along with no real understanding of operating systems, networking or anything else. Some variants of Win32/FakeVimes have also been reported to add additional entries to the Hosts file to block access to security related websites, or redirect visits to search pages to sites

Users don't understand that having Norton AV, McAfee AV, Spybot, AdAware, 3 firewalls and that random "antispyware" program that popped up one day installed all at the same time is about I can't remember the last time I had an XP or 2000 box crash that wasn't caused by a 3rd party driver or a user being stupid and I've never (in charlie says: February 17, 2009 at 3:38 pm system restore seems to have worked….

  1. Click here to permanently block this activity and remove the possible threat (Recommended)System files modification alert!Internal conflict alert!Antivirus 360 has detected internal software conflict.
  2. help!!!
  3. Sad...
  4. Please thank your helpers and there will always be help here when you need it!======================================================== Back to top #5 erik06 erik06 Topic Starter Members 6 posts OFFLINE Local time:02:34 PM
  5. In fairness this particular piece of junk is spread through plugins (QuickTime, Adobe).
  6. In order to see what's going on with your computer I will ask for you to post various logs from the tools that we will use to resolve your issue.

Do that using "manage add-ons" from the IE7 toolbar.Post back its report, a fresh hjt log and above mentioned ComboFix resultant log. You will be asked Are you sure you want to execute the current script?. Perhaps it is kind of like driving a 20-year old car. good luck everyone!

Login Login with Facebook Forgotten Your Password? See the Additional information section below for images of these earlier versions. Looks for a file that says "Uninstall" and says A360 (what mine had) or AV360 or Antivirus 360. Win32/FakeVimes has been distributed with several different names.

Step 3: look for av360 and disable it. It adds an icon to the Quick Launch bar by creating a file at %APPDATA%\Microsoft\Internet Explorer\Quick Launch\.lnk. What is Click Jacking? Disable system restore…that's where virus' like to chill out…anyone with computer knowledge knows this…and if all else fails blow your OS away.

If you have problems create a thread in the forum, please.Don't post your log into other user's topic, create a new one. AV360 is the latest in a long line of "fake alert" infections that included Internet Antivirus 2009 for example.  These infections also prevent the installation of almost all widely used antivirus File not foundO3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - Reg Error: Key error. You are only asking for viruses.

i read each comment on this pge. weblink IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dllO2 - BHO: Browser Helper Object - {AFD4AD01-58C1-47DB-A404-FBE00A6C5486} - C:\Program Files\Common\_helper.dllO3 - Toolbar: Yahoo! Can't find anymore traces of the dreaded AV360. Sounds like your services are a ripoff, and it's clear you don't really know what you're doing.

This thread is closed, therefore you are unable to respond. They were infected with AV360 and Haxdoor, and 6 other fun stuff. Gabriel says: February 12, 2009 at 8:55 am Please thank you very much coz i was having problem with AV 360 but through your help i was able to remove ti. http://exomatik.net/help-with/help-with-serious-infection.php Kelsi says: February 15, 2009 at 11:57 am I hate A360 so much.

More tools from MoneySavingExpert Budget Planner Free tool to analyse your finances and scrutinise spending. Current Boot Mode: NormalScan Mode: All usersOutput = StandardFile Age = 30 DaysCompany Name Whitelist: On ========== Processes (SafeList) ========== PRC - [2007/06/13 03:23:07 | 01,033,216 | ---- | M] (Microsoft molly says: February 10, 2009 at 6:15 pm So wow do i get rid of this damn thing????

It shamelessly re-uses the same AV2009 detection names, like "Spyware.IEMonster", and presents a simliar 37 phony malware detections on a system.

We were able to stop the antivirus 360 from downloading but not soon enough… however, were unable to find the files in c: Thank you! Back to top #5 VWC VWC Newbie Members 6 posts Posted 03 March 2009 - 06:26 PM Thanks for the help so far. aliEnRIK View public profile Send private message Find more posts View all thanked posts #2 28th Feb 09, 8:41 AM #2 28th Feb 09, 8:41 AM Can Max Johnson says: February 8, 2009 at 5:58 pm These scams only work because of retards like half the people who have commented here.

It does NOT work here. IT has installed all kinds of crapware (McAfee, and a bunch of other stuff to monitor what we're doing...) - to the point that it takes the machine about 3-4 minutes It just looks like one so you'll send money to the people who made the program. his comment is here You remind me of that guy in the SNL skit that just says "Move".

DO NOT download free music, videos, etc. It creates a desktop shortcut at \.lnk (for example, \Total Anti Malware Protection.lnk) Note that the icons used by the malware differ for each product name. The memory used by the user's registry has not been freed. A competent person can fix Windows eventually (and I know Tony is more than competent), but sometimes you just don't want to waste the time because there are so many things

If you accept cookies from this site, you will only be shown this dialog once!You can press escape or click on the X to close this box. If anyone has any other info. It's nice to know there are more good people willing to help. Go to gravatar.com and upload your preferred avatar.

Our ThreatFire community is seeing and preventing far too many hits on this stuff today.