Karl`s PC Help Forums Last active: Never
Not logged in [Login ]
Go To Bottom

In memory of Karl Davis, founder of this board, who made his final journey 12th June 2007

Printable Version | Subscribe | Add to Favourites   Post new thread Poll:
Author: Subject: Win 7 fake AV?
LSemmens
Undercover MOD
********


Avatar


Posts: 32767
Registered: 19-11-2004
Location: Riverton, South Australia
Theme: Windows XP Silver
Member Is Offline

Mood: Gone crazy, Back soo

[*] Post 436305 posted on 7-6-2011 at 12:33 Reply With Quote
Win 7 fake AV?



I just got hit with the above problem but I cannot, work out how I managed to "convince it" that I did not want it. It would pop-up telling me that I was "infected" which, in fact, I was, bit nothing I could do seemed to allow me to dispose of it. It would even pop up in safe mode! It would not allow me to instal MBAM and Avira did not report any problems, strange. Eventually I tried rebooting to the "last known good configuration" which seems to have resolved it. MBAM has now run and reports nothing found, Log follows. The question I now have, is, "Am I now nasty free?"

Quote:
MBAM log:

Malwarebytes' Anti-Malware 1.46
http://www.malwarebytes.org

Database version: 4052

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

7/06/2011 9:30:03 PM
mbam-log-2011-06-07 (21-30-03).txt

Scan type: Quick scan
Objects scanned: 130263
Time elapsed: 5 minute(s), 48 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

I've also removed a lot of stuff in Zone Alarm just to give me some clues as to what it accessing the 'net. Console Bsed Script Host keeps popping up, but even if I Deny it, so far, nothing seems to be not working, do I really need to let this have access to the net, or not?
View User's Profile View All Posts By User
Pancake
Custom User Title
*******


Avatar


Posts: 537
Registered: 17-4-2006
Location: Victoria Australia
Theme: KF Blue (Default)
Member Is Offline

Mood: No Mood

[*] Post 436383 posted on 7-6-2011 at 23:41 Reply With Quote


Because to did a restore Its still in System Restore,but not active, so I suggest you turn off System Restore to clear it all out and the start it up again
View User's Profile View All Posts By User
LSemmens
Undercover MOD
********


Avatar


Posts: 32767
Registered: 19-11-2004
Location: Riverton, South Australia
Theme: Windows XP Silver
Member Is Offline

Mood: Gone crazy, Back soo

[*] Post 436412 posted on 8-6-2011 at 12:06 Reply With Quote


Done that, so, am I ok to go? I've stopped all financial transactions on this machine until I'm certain I am clean.

What about the Console Based Script Host? I think it's a genuine mickeysoft thing, but what is its function, nothing seems broken whilst I have it blocked.
View User's Profile View All Posts By User
Post new thread Poll:

Guest Notice
You are a guest, as a guest you can only see a maximum of 3 posts per thread.

If you want to see the rest, please click here to register.