Antivirus XP 2010

[EpicPhailure]

Help me get rid of it. Malwarebyte's anti-malware didn't work. It detected a few infections after a full scan in both safe mode and normal, but nothing that was removed affected Antivirus Xp 2010. I also restarted my computer with both.

[NotoriousM4^]

My Reccomendation: Try PCtools Spyware Doctor [Download Link] , then follow it up with MBAM again, and finally use CCleaner [Download Link] to remove any traces from the virus left on your registry.

Consult this guide for using MBAM

1. Print out these instructions as we will need to close every window that is open later in the fix.

2. Download Malwarebytes' Anti-Malware, or MBAM, from the following location and save it to your desktop:

3. Once downloaded, close all programs and Windows on your computer, including this one.

4. Double-click on the icon on your desktop named mbam-setup.exe. This will start the installation of MBAM onto your computer.

5. When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing, make sure you leave both the Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware checked. Then click on the Finish button.

6. MBAM will now automatically start and you will see a message stating that you should update the program before performing a scan. As MBAM will automatically update itself after the install, you can press the OK button to close that box and you will now be at the main program as shown below.


7. On the Scanner tab, make sure the the Perform full scan option is selected and then click on the Scan button to start scanning your computer for Antivirus 2010 related files.

8. MBAM will now start scanning your computer for malware. This process can take quite a while, so we suggest you go and do something else and periodically check on the status of the scan. When MBAM is scanning it will look like the image below.




9. When the scan is finished a message box will appear as shown in the image below.



You should click on the OK button to close the message box and continue with the Antivirus2010 removal process.

10. You will now be back at the main Scanner screen. At this point you should click on the Show Results button.

11. A screen displaying all the malware that the program found will be shown as seen in the image below. Please note that the infections found may be different than what is shown in the image.



You should now click on the Remove Selected button to remove all the listed malware. MBAM will now delete all of the files and registry keys and add them to the programs quarantine. When removing the files, MBAM may require a reboot in order to remove some of them. If it displays a message stating that it needs to reboot, please allow it to do so. Once your computer has rebooted, and you are logged in, please continue with the rest of the steps.

12. When MBAM has finished removing the malware, it will open the scan log and display it in Notepad. Review the log as desired, and then close the Notepad window.

13. You can now exit the MBAM program.

Associated Antivirus 2010 Files:

   c:\Program Files\AV2010
   c:\Program Files\AV2010\AV2010.exe
   c:\Program Files\AV2010\svchost.exe
   c:\WINDOWS\system32\IEDefender.dll
   c:\WINDOWS\system32\wingamma.exe
   c:\Documents and Settings\All Users\Desktop\AV2010.lnk
   c:\Documents and Settings\All Users\Start Menu\Programs\AV2010
   c:\Documents and Settings\All Users\Start Menu\Programs\AV2010\AV2010.lnk
   c:\Documents and Settings\All Users\Start Menu\Programs\AV2010\Uninstall.lnk



Associated Antivirus 2010 Windows Registry Information:

   HKEY_CURRENT_USER\Software\AV2010
   HKEY_CLASSES_ROOT\AppID\{3C40236D-990B-443C-90E8-B1C07BCD4A68}
   HKEY_CLASSES_ROOT\AppID\IEDefender.DLL
   HKEY_CLASSES_ROOT\CLSID\{FC8A493F-D236-4653-9A03-2BF4FD94F643}
   HKEY_CLASSES_ROOT\IEDefender.IEDefenderBHO
   HKEY_CLASSES_ROOT\IEDefender.IEDefenderBHO.1
   HKEY_CLASSES_ROOT\Interface\{7BC7565C-5062-43CE-8797-DC2C271140A9}
   HKEY_CLASSES_ROOT\TypeLib\{705FD64B-2B7B-4856-9337-44CA1DA86849}
   HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC8A493F-D236-4653-9A03-2BF4FD94F643}
   HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E972-E325-11CE-BFC1-08002bE10318}\0012
   HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E972-E325-11CE-BFC1-08002bE10318}\0013
   HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E972-E325-11CE-BFC1-08002bE10318}\0014
   HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Windows Gamma Display"

[EpicPhailure]

Okay, I just ran Avast! I forgot to see if it could scan for anything. It found a bunch of stuff! Now, Antivirus Xp doesn't load anymore when I open up my computer. However, could there still be some remnants of it?

[NotoriousM4^]

Okay, I just ran Avast! I forgot to see if it could scan for anything. It found a bunch of stuff! Now, Antivirus Xp doesn't load anymore when I open up my computer. However, could there still be some remnants of it?

Yes, if it's a rouge virus, there are pretty high chances that there still are some traces of it left on your computer and may very well fully reinstall itself in the future (it's happened to me before if you don't believe me). That is why I recommend CCleaner, because even though it doesn't remove specifically viruses it does remove unused registry keys, history, old temp files etc. It does also give a significant boost in computer speed. The scans are surprisingly very fast but extremely effective.

[Pat]

I remember when my dad downloaded this when I first got my PC. I lost a lot of work :(
Before you download ANY program make sure you check its legit by googling it and making sure authentic sites have approved it and such.

[EpicPhailure]

I remember when my dad downloaded this when I first got my PC. I lost a lot of work :(
Before you download ANY program make sure you check its legit by googling it and making sure authentic sites have approved it and such.

Nah, it was forcibly downloaded onto my computer through an ad. Clicking cancel did nothing.

[Lingus]

I remember when my dad downloaded this when I first got my PC. I lost a lot of work :(
Before you download ANY program make sure you check its legit by googling it and making sure authentic sites have approved it and such.

Nah, it was forcibly downloaded onto my computer through an ad. Clicking cancel did nothing.

Which is EXACTLY what Vista's UAC prevents. No AV needed. Something tries to access your file system, UAC pops up asking for permission, you decline and go on your merry way.

[Meiun]

If Avast claimed to have gotten rid of it I wouldn't be overly parranoid about it still being there. Avast is a pretty solid AV program, and if it can recognize the virus and remove it, I'm pretty sure it would do so enough to not let it magically just pop back up unless you've got it stashed away on some external or something. Running CCleaner and stuff like that wouldn't hurt though ofcourse. Avast also has a bunch of real time shields that should prevent any further attacks to begin with. But, you can never be too safe.

[Snakeman]

I remember when my dad downloaded this when I first got my PC. I lost a lot of work :(
Before you download ANY program make sure you check its legit by googling it and making sure authentic sites have approved it and such.

Nah, it was forcibly downloaded onto my computer through an ad. Clicking cancel did nothing.

Which is EXACTLY what Vista's UAC prevents. No AV needed. Something tries to access your file system, UAC pops up asking for permission, you decline and go on your merry way.

This was possibly the best thing Vista had over XP in terms of internet browsing. I remember some !@#$ed up looking malware tried to install itself in my laptop but the UAC came up.

And to think Apple was making fun of this feature in their Mac commercials. :/

[Forum]

I got that and i had so long eventually i had to get my computer reworked and i had to buy $100 thing to recover my stuff but it didnt recover all, its basically undefeatable i think :(.

[Lingus]

I remember when my dad downloaded this when I first got my PC. I lost a lot of work :(
Before you download ANY program make sure you check its legit by googling it and making sure authentic sites have approved it and such.

Nah, it was forcibly downloaded onto my computer through an ad. Clicking cancel did nothing.

Which is EXACTLY what Vista's UAC prevents. No AV needed. Something tries to access your file system, UAC pops up asking for permission, you decline and go on your merry way.

This was possibly the best thing Vista had over XP in terms of internet browsing. I remember some !@#$ed up looking malware tried to install itself in my laptop but the UAC came up.

And to think Apple was making fun of this feature in their Mac commercials. :/

And yet this is one of the major complaints that most people who hate Vista have.