Posted: Tue Dec 21, 2010 1:21 am Post subject: stopping antivir
Hi guys, im new to the forums here, hopefully I can get an idea of how to stop this. Im using Windows XP Pro SP3.
Lately I have been getting redirects in google from chrome and firefox.
I use VIPRE antivirus premium, it says there is nothing wrong. Should I try download and install malware bytes just to be safe?
However even more suspiciously, at startup VIPRE has been alerting me to a "setup.exe" file attempting to execute, I block it everytime, but TODAY it came up with "antivir.exe" wants to run "setup", I assume its trying to trick me... I block it also.
Here is what VIPRE is telling me about the executable.
-------------------------
Event Type 2 -- Notify
Timeout 0(s)
Monitor Source 2003 -- On File Access
Message ID {A6F11A19-1B9B-4055-9B34-707C3DE8C8F6}
Monitor Type 2 -- File
Recommend System Scan No
AP SDK Version 4.0.3904
Threat Definitions Version 7626
Event Actor Enum 2 -- Object
Event Date/Time 2010-12-13T12:07:26
Attempted to modify the following file
File Path C:\WINDOWS\Temp\dqhx\setup.exe
MD5 a58c72164420470df5a8c77d306af8cd
CRC8 6E51DADFE1D20000
Application Rating 2 -- Known Bad
Threat ID 4729607
-----------------------
Everytime it is trying to open C:\WINDOWS\Temp\XXXX\setup.exe where XXXX is different each time.
Since I got the "antivir.exe" I went googling for some solutions and found this.
THIS doesn't solve my problem though, I havn't actually installed the file because I block setup.exe everytime, so it doesn't actually help me with removing it ^^ Is it hiding in an svchost? Either way how can I stop it?
Hope someone has a clue better than I do! Off to work so Ill be back later today if there are any questions, thanks guys.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum