How do I stop this type of malware?
I am running Windows XP, SP 3, I have Windows Defender running, and I have AVG Antivirus installed. My Internet Explorer privacy setting for the Internet zone is the default setting (medium-high).I recently visited a website, and a few seconds after the page loaded, a pop-up window appeared entititled "XP2010 AntiVirus", claiming that my computer was infected. By simply visiting the website (and without actually clicking on anything on it), the following things appeared to happen:1. A file named "av.exe" was downloaded to my "Application Data" folder, and this .exe file was launched.2. The Windows Security center was disabled.3. Windows firewall was disabled, and Windows was told not to monitor firewall status.4. Windows was told not to monitor Antivirus software status.5. An .exe entry was added to HKEY_CLASSES_ROOT, associating all .exe files with "~/Application Data/av.exe". So anytime I tried to run an executable file, it launched av.exe instead.I was able to correct the problem by renaming "taskman.exe" to "taskman.com", and renaming "regedit.exe" to "regedit.com". I could then launch the task manager to terminate the av.exe process, and the run the registry editor to remove the .exe file association.So my question is how I prevent this in the future. What settings do I need to change in Internet Explorer to tell it not to download, install and run executable files without my permission? And how can I configure either Windows Defender or my Antivirus Software to prevent changes to file associations and to the security center settings without my permission?2 people need an answerI do too
February 24th, 2010 10:45pm

hello a good start would be go to tools in internet explorer >security tab >reset internet settings to high or mediun high go to the privacy tab and reset to medium high or high Please click the Check Mark As Answered Check Mark On This Page If this post helps to resolve your issue, as it helps others who need quick access to Answers THANK YOU AND GOOD LUCK
Free Windows Admin Tool Kit Click here and download it now
February 25th, 2010 12:00am

What? My security settings are already at medium-high. I said that in my original post.
February 25th, 2010 8:25am

TomJuan, I'll throw out a couple of suggestions although you have probably already thought of them. In Tools \ Internet Options \ Advanced, scroll down to the Security section and see if Allow Software to Run or Install, etc. is checked. If so, uncheck it, Apply \ OK.Are you running any protection other than Windows Defender and AVG? I highly recommend downloading and installing MalwareBytes and SpywareBlaster. Both have freeware programs that are excellent. Have you considered using Microsoft Security Essentials instead of Windows Defender? I haven't tried it yet but I'm hearing really good reports from some of my techie friends.Last thought for the day...have you downloaded and installed the latest IE8 update that came out this week?Rosie Please post back to this thread with results or if you need more assistance. Dell OptiPlex GX260, 2.40 GHZ, Pentium 4, 80G HD, WindowsXP Pro (SP3), IE8, AVG, Spybot S&D, SpywareBlaster 4.2, OnlineArmor 4.0, MalwareBytes'
Free Windows Admin Tool Kit Click here and download it now
February 25th, 2010 2:50pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics