Jump to content

AV Security Suite

Recommended Posts


AV Security Suite just popped up on my computer. I followed the directions in the Self Help section for this particular problem, but I am still unable to access any sites on the internet. I downloaded Malwarebytes, ran the quick scan, and deleted the items. The directions say that no other action should be required so I am not sure how to proceed.

I would appreciate any advice.

This is the log from the quick scan:

Malwarebytes' Anti-Malware 1.46


Database version: 4290

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

7/7/2010 10:34:03 PM

mbam-log-2010-07-07 (22-34-03).txt

Scan type: Quick scan

Objects scanned: 142879

Time elapsed: 12 minute(s), 13 second(s)

Memory Processes Infected: 1

Memory Modules Infected: 0

Registry Keys Infected: 8

Registry Values Infected: 2

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 3

Memory Processes Infected:

C:\Documents and Settings\Owner\Local Settings\Application Data\hpnhlncer\gwxtlmctssd.exe (Trojan.Downloader) -> Unloaded process successfully.

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CLASSES_ROOT\cmaidctlapp.maidctrl.1 (Adware.ClosetMaid) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{7fe26be2-b923-4b41-9834-e84da1cc1f96} (Adware.ClosetMaid) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7fe26be2-b923-4b41-9834-e84da1cc1f96} (Adware.ClosetMaid) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{9d761d3a-e8bd-434b-b42b-520d8fe1da3a} (Adware.ClosetMaid) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.

Registry Values Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cmildvaw (Trojan.Downloader) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cmildvaw (Trojan.Downloader) -> Quarantined and deleted successfully.

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\Documents and Settings\Owner\Local Settings\Application Data\hpnhlncer\gwxtlmctssd.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\WINNT\Downloaded Program Files\CMAIDCTL.OCX (Adware.ClosetMaid) -> Quarantined and deleted successfully.

C:\Documents and Settings\Owner\Local Settings\Temp\svchost.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

Link to post
Share on other sites

Hello tigweld! Welcome to Malwarebytes' Anti-Malware Forums!

My name is Borislav and I will be glad to help you solve your problems with malware. Before we begin, please note the following:

  • The process of cleaning your system may take some time, so please be patient.
  • Follow my instructions step by step if there is a problem somewhere, stop and tell me.
  • Stay with the thread until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  • Instructions that I give are for your system only!
  • If you don't know or can't understand something please ask.
  • Do not install or uninstall any software or hardware, while work on.
  • Keep me informed about any changes.

Follow these instructions and post all logs if you can:


Link to post
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.