My PC is infected with a virus that periodically puts up the message ed.
"ATTENTION! If your computer is struck by the spyware, you could suffer data loss, erratic PC behavior, PC freezes and creahes .."
I opend the task manager when this cam up and saw that it has a link back to
advanced-anti-virus-scanner.com/...
Help!!!!!!!!!!!!! I cannot get a response from BD Support and business is down until this is resolved.
Anny suggestions?
Full Version: Advanced-anti-virus-scanner.com Virus
Please provide an AVIS log. (HOWTO section)
QUOTE (Catalin Salgau @ Jan 2 2009, 06:22 PM) 
Please provide an AVIS log. (HOWTO section)
Thanks Catalin,
Attached is the AVIS log. The ticket ID is 200901021010599. I have replied to the ticket email with a zip containing avis log, gmer log, deep scan log, and doc with images of some messages produced by the malware.
Thanks again,
Paul
Attach the following to a new post(packed in a password protected archive using the password "infected"). You may need gmer(gmer.net) to save some of them.
c:\windows\tasks\bgsczjak.job
c:\windows\system32\hggyvtun.dll
c:\windows\system32\kuyukd.dll
c:\windows\system32\urqnfwuv.dll
c:\windows\system32\psqlpwd.dll
c:\windows\system32\fmojqg.dll
c:\windows\tasks\bgsczjak.job
c:\windows\system32\hggyvtun.dll
c:\windows\system32\kuyukd.dll
c:\windows\system32\urqnfwuv.dll
c:\windows\system32\psqlpwd.dll
c:\windows\system32\fmojqg.dll
QUOTE (Catalin Salgau @ Jan 3 2009, 11:43 AM)
Attach the following to a new post(packed in a password protected archive using the password "infected"). You may need gmer(gmer.net) to save some of them.
c:\windows\tasks\bgsczjak.job
c:\windows\system32\hggyvtun.dll
c:\windows\system32\kuyukd.dll
c:\windows\system32\urqnfwuv.dll
c:\windows\system32\psqlpwd.dll
c:\windows\system32\fmojqg.dll
c:\windows\tasks\bgsczjak.job
c:\windows\system32\hggyvtun.dll
c:\windows\system32\kuyukd.dll
c:\windows\system32\urqnfwuv.dll
c:\windows\system32\psqlpwd.dll
c:\windows\system32\fmojqg.dll
Hi Catalin,
Attached is a compressed file with the files you have requested.
Thanks,
Paul
Hi Catalin,
I noticed that there are quite a few downlaods for the bd_sys_log.xml.zip file I had uploaded earlier. Is there potentially any information in that file that could result in a security issue if it landed in the wrong hands? Can BD employees only down load it?
Would you like me to upload the zip with all of the logs and docs that I had originally accumulated for this issue?
Thanks,
Paul
I noticed that there are quite a few downlaods for the bd_sys_log.xml.zip file I had uploaded earlier. Is there potentially any information in that file that could result in a security issue if it landed in the wrong hands? Can BD employees only down load it?
Would you like me to upload the zip with all of the logs and docs that I had originally accumulated for this issue?
Thanks,
Paul
Doing some searching I found a forum which discusses a solution to this virus as far as I can tell.
http://forums.cnet.com/5208-6132_102-0.htm...orum-w;forums06
To remove the virus, it recommends downloading Malwarebytes' Anti-Malware software which is free. Any opinion on whether to do this or not is appreciated! I've been out of business since Thurs and can't wait any longer.
Thanks
Paul
http://forums.cnet.com/5208-6132_102-0.htm...orum-w;forums06
To remove the virus, it recommends downloading Malwarebytes' Anti-Malware software which is free. Any opinion on whether to do this or not is appreciated! I've been out of business since Thurs and can't wait any longer.
Thanks
Paul
Tiago,here we go again with another useless post of yours ,about the allmighty <removed>.
I miss your samples.
I miss your samples.
I successfully (I think) removed the virus using Malwarebytes Anti-Malware.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.