How to remove XP Antispyware 2010

Thursday, February 4th, 2010 at 7:14 am
Home » Rogue Antispyware » XP Antispyware 2010

XP Antispyware 2010 description

XP Antispyware 2010 spreads via trojans and deceptive online advertisements. Avoid installing this program if you have a choice.

XPAntispyware2010

XPAntispyware 2010 targets your money. It loads imitation of system scan and then displays fabricated system scan results. XPAntispyware2010 urges paying for the program for deleting the imaginary threats. Trust none of the notifications loaded by XP Antispyware 2010. The program is actually a malware. Besides generating large amounts of counterfeit alerts, XP Antispyware2010 also interrupts web browsing and terminates reputable security tools.

XP Antispyware 2010 displays the following falsified warnings:

XP Antispyware 2010 – Unregistered Version
Attention: DANGER!
ALERT! System scan for spyware, adware, trojans and viruses is complete. XP Antispyware 2010 detected 28 critical system objects. These security breaches may be exploited and lead to the following:
! Your system becomes a target for spam and bulky, intruding ads
! Browser crashes frequently and web access speed decreases
! Your personalfiles, photos, document and passwords get stolen
! Your computer is used for criminal activity behind your back
! Bank details and credit card information gets disclosed
Click REGISTER to register your copy of XP Antispyware 2010 and perform threat removal on your system. The list of infections and vulnerabilities detected will become available after registration.

XP Antispyware 2010 Firewall Alert
XP Antispyware 2010 has blocked a program from accessing the internet
Internet Explorer is infected with Trojan-BNK.Win32.Keylogger.gen
Private data can be stolen by third parties, including credit card details and passwords.
Windows recommend Activate XP Antispyware 2010
Click “Yes, Activate…” to register your copy of XP Antispyware 2010 and perform threat removal on your system.

XP Antispyware 2010 is a Rogue Antispyware software

How to manually remove XP Antispyware 2010

To remove XP Antispyware 2010 spyware you must block XP Antispyware 2010 sites, stop and remove processes, unregister DLL files, search and delete all other XP Antispyware 2010 files and registry utility. Follow the XP Antispyware 2010 detection and removal instructions below.

The most typical software removal method is to remove XP Antispyware 2010 by using "Add or Remove Programs" service. However there may be hidden XP Antispyware 2010 files, running processes and registries in your computer, so XP Antispyware 2010 may recreate all other files after reboot.

XP Antispyware 2010 manual removal instructions

Block XP Antispyware 2010 sites:
pc-winlive.com Read more how to block XP Antispyware 2010 sites

Stop and remove XP Antispyware 2010 processes:
pw.exe
MSASCui.exe Read more how to kill XP Antispyware 2010 processes

Locate and delete XP Antispyware 2010 registry entries:
HKEY_CURRENT_USER\Software\Classes\pezfile
HKEY_CLASSES_ROOT\pezfile
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\pw.exe" /START "%1" %*
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\pw.exe" /START "%1" %*
HKEY_CLASSES_ROOT\.exe\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\pw.exe" /START "%1" %*
HKEY_CLASSES_ROOT\pezfile\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\pw.exe" /START "%1" %*
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\pw.exe" /START "C:\Program Files\Mozilla Firefox\firefox.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command "(Default)" = "%UserProfile%\Local Settings\Application Data\pw.exe" /START "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\pw.exe" /START "C:\Program Files\Internet Explorer\iexplore.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "AntiVirusOverride" = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "FirewallOverride" = "1" Read more how to delete XP Antispyware 2010 registry entries
Download RegistryBooster 2010 to scan errors caused by XP Antispyware 2010

Detect and delete other XP Antispyware 2010 files:
%UserProfile%\Local Settings\Application Data\opRSK
%UserProfile%\Local Settings\Application Data\pw.exe
%UserProfile%\Local Settings\Application Data\MSASCui.exe
%UserProfile%\AppData\Local\opRSK
%UserProfile%\AppData\Local\pw.exe
%UserProfile%\AppData\Local\MSASCui.exe

We strongly recommend you to use spyware remover to track XP Antispyware 2010 and automaticaly remove XP Antispyware 2010 processes, registries and files as well as other spyware threats.

Download does not start? Try a mirror download here

Tags: , , , ,

68 Responses to

XP Antispyware 2010

  1. nick
    February 6th, 2010 at 1:56 pm

    this is not working for me and what can i do to stop this stuff from going deeper in my computer?

    Luciana Reply:
    February 8th, 2010 at 12:37 am

    It won’t do anything more than it already did. However, you should remove XP Antispyware 2010 as soon as possible. Use the manual removal guidelines or run an anti-spyware tool.

  2. Daniel A.
    February 9th, 2010 at 6:37 pm

    first make a backup of your registry,

    then delete the whole keys:
    HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command
    HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command
    HKEY_CLASSES_ROOT\.exe\shell\open\command
    HKEY_CLASSES_ROOT\secfile

    make sure the following values are correct:
    [HKEY_CLASSES_ROOT\.exe]
    Default=”exefile”
    “Content Type”=”application/x-msdownload”

    in my case the above Default value was “secfile”, which prevented me from running any exe files

    johnny Reply:
    February 28th, 2010 at 9:44 am

    where do i do this? in the command promt? i dont get it? please explain, i really need help. Thank You!

    SPHINX Reply:
    March 4th, 2010 at 1:57 am

    Thanks for putting this up i just force started regedit and inserted it so everything started working again. I’m doing this on a corporate computer at work and the other employees keep getting this same crap on here. THANKS to all my fellow hacker/nerds/system admins.

    LE Reply:
    March 6th, 2010 at 3:04 pm

    I was having a panic as I needed those files right away. I checked what you said and mine was set to secfile as well. Switched it and now it all works!!!

    Thanks so much Daniel A

  3. man with a large coaster
    February 14th, 2010 at 10:17 am

    Sorted it – as some exe files would run and others wouldnt I delved a bit deeper. I typed run – command – regedit and then it started and yes Daniel A my default vlue was also set to ’secfile’. Thanks a lot to both of you for your help.

  4. Jeff
    February 18th, 2010 at 8:05 pm

    Daniel A.:

    Thanks a lot for that extra tidbit, that’s exactly what prevents exe files from running. Saved me a lot of time.

  5. shawn
    February 19th, 2010 at 6:32 am

    if you remove the exe association, you’ll have trouble opening regedit to get back in and correct it (as I did.. pays to read the whole chain first…). this link will help you open the regedit if you’ve hosed it. http://support.microsoft.com/kb/555067 then you can change the [HKEY_CLASSES_ROOT\.exe] value..

    Cory Reply:
    March 2nd, 2010 at 11:56 am

    removed the regisrty values and now some of my programs will run whil others won’t. what should I do?

    bryan Reply:
    March 3rd, 2010 at 12:08 am

    follow a guide in a link above and fix your registry entries

    Cory Reply:
    March 4th, 2010 at 9:53 am

    went into registry and got it fixed thanks!

  6. Bill
    February 19th, 2010 at 6:54 am

    I only realized Daniel A’s point now, and I’ve already deleted the values, so I can’t access regedit now, when I try to run it, it comes up with the little box saying: Windows can not open this file, windows needs to know what program created it. I just want to go the the registry and check that the value isn’t secfile. Can anyone help?

    bryan Reply:
    February 19th, 2010 at 6:57 am

    Bill,
    check Shawn’s solution above

  7. Bill
    February 19th, 2010 at 7:00 am

    Cheers for that, sorted it and got rid of that bloody fake xp antispyware for the second time in a week.

  8. Kelly Liu
    February 19th, 2010 at 1:20 pm

    This is the only site helped my problem. I searched many other places, the registry and file name did not match my case. I stilled can not find av.exe on my machine. But it was in several places in the registry. Using Search in XP, I only found av.exe-0798f1fd.pf. How can I find this av.exe and delete it forever?

    Thank you very much.

    bryan Reply:
    February 20th, 2010 at 1:42 am

    try to search in:
    %UserProfile%\AppData\Local\
    %UserProfile%\Local Settings\Application Data\

    dann Reply:
    April 8th, 2010 at 8:16 am

    On mine the application itself was actually called ave.exe, just incase anybody else had that process, i have a program that manages processes so i got that to keep terminating it while i tried to get rid of it from the registry because when i look in the folder it originated from the file isnt there?

  9. Boicho Miloshov
    February 20th, 2010 at 8:13 pm

    After removing the “XP Antispyware 2010″ by running certain software, I performed manual check-up of my system registry and I found from all of the files described in your website only two remaining in directory HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center as follows: “AntiVirusOverride” = “1″ and “FirewallOverride” = “1″, so I removed them.
    However, there where three more files in the same directory, which carry the same icon as the removed ones: “AntiVirusDisableNotify” = “0″; “FirewallDisableNotify” = “0″ and “UpdatesDisableNotify” = “0″. Question: should I remove these three as well?

    Also, I have searched for av.exe and I found AV.EXE-38C58F5E.pf in C\WINDOWS\Prefetch. Should I delete this exe?

    Thank you for your help.
    Boicho Miloshov

    bryan Reply:
    February 21st, 2010 at 7:01 am

    yes delete everything

    Anne Reply:
    March 8th, 2010 at 2:48 am

    I followed all the instructions listed and it appears that the virus has been removed. I did all the manual steps, ran the system checker, and extra steps listed here just to be sure it was all gone. Including deleting all the items listed above, but now my firewall wont start up or anything. What do I need to do to fix this?? Everything else is working fine, just that is messed up so far…

    jackee Reply:
    February 27th, 2010 at 8:12 am

    what certain software did you use?? I cant get anything to run its course on my PC?

  10. Lisa
    February 21st, 2010 at 12:33 am

    Thank you so much, it pop up on my home pc and we didn’t believe it. We did have to go to the task manager and remove the av.exe and go into regedit and remove the following
    HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command
    HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command

    This removed the “advertised” program and allow us to get by on the internet. We have downloaded the removal tool from this website as well. When the “program” popped up it disable our ability to get on the internet. Thank you for all the help.

    Stephen Reply:
    February 21st, 2010 at 7:38 pm

    This worked!!! The spyware was totally taking over one of our computers! This removed it right away!

  11. Vivek Gupta
    February 21st, 2010 at 8:26 am

    You guys are excellent. You saved me from tons of trouble.

    Thank you for all the help.

  12. OM nom nom
    February 21st, 2010 at 2:47 pm

    Ok, so before I do this (I’m not techy), how do I make a back up of these registries?

    bryan Reply:
    February 22nd, 2010 at 5:15 am

    open registry editor and click File -> Export

  13. Nish
    February 21st, 2010 at 8:53 pm

    Hi, Looks like I messed up my Registry by deleting the unknown values in regedit. Now I am not able to access it to change it in the right way. I checked Shawn’s solution above but even with it, I was not able to get to the regedit. Anything I try to open with .exe, the message comes up as “The file does not have a program associated with it for performing the action. Create an association in the folder options control panel”

    Can any one please help me with it?

    Cory Reply:
    March 2nd, 2010 at 11:59 am

    same problem- need help!

  14. Nicki
    February 22nd, 2010 at 5:39 am

    Hi everyone,

    I followed all of your directions above completely and when I got to the delete registry files, I clicked on the “Read more how to delete XP Antispyware 2010 registry entries” link below that section because I didn’t know how to do this before. I did all the way through step D. After that it talks about adding a new value or new key… am I supposed to do any of this??

    Thanks again for all your help! Those pop ups for “XP Antispyware 2010″ were making me nuts!

    Now if I could just become a computer genius! =)

  15. Scott
    February 22nd, 2010 at 10:06 am

    Thank you to both Daniel A. and Shawn for your comments. They helped me out!

    Nish – With regard to Shawn’s comment, I couldn’t get that to work either. I couldn’t get the command to work to copy regedit.exe to regedit.com, so I just changed regedit.exe to regedit.com and then I was able to open regedit.com and fix the registry. (regedit.exe was auto-re-created for me) Hope that helps.

  16. Alex
    February 22nd, 2010 at 3:15 pm

    Hey All,

    I’m in the same boat as the above guys. Sahwn’s solution worked for me and I can now run regedit from the the Run… comand but I can’t run any exe file it just brings up the “open with” window. I’m assuming one of the other instructed regestry entries to delete needs a proper setting. Can someone post the default value for all of those?

    Many thanks in advance

  17. Robert
    February 22nd, 2010 at 10:25 pm

    Please! Someone help! I am a noob and I just was trying to help my girlfriend get rid of this on her computer and I accidentally told her to delete the following in her registry.

    HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command “(Default)” = “av.exe” /START “%1? %*”
    HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command “(Default)” = “av.exe” /START “%1? %*”
    HKEY_CLASSES_ROOT\.exe\shell\open\command “(Default)” = “av.exe” /START “%1? %*”
    HKEY_CLASSES_ROOT\secfile\shell\open\command “(Default)” = “av.exe” /START “%1? %*”
    HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = “av.exe” /START “firefox.exe”
    HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = “av.exe” /START “firefox.exe” -safe-mode
    HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command “(Default)” = “av.exe” /START “iexplore.exe”

    But we just deleted it all and didn’t do it right and now she can’t run firefox and IE and can’t even run the registry in start run. We also can’t open any .exe files!

    ANY HELP WOULD BE GREATLY APPRECIATED.

    EC Reply:
    March 1st, 2010 at 7:36 am

    HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = c:\Program Files\Mozilla\firefox.exe

    HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command “(Default)” = c:\Program Files\Internet Explorer\iexplore.exe

    Firefox and IE will now open.

  18. ted
    February 23rd, 2010 at 12:18 am

    guys guys
    use Registry Booster 2010 to fix registry errors

    Cory Reply:
    March 2nd, 2010 at 12:03 pm

    but how do you get it to run? if the exe are not able to run how?

  19. dgroman1
    February 23rd, 2010 at 3:06 am

    just posting to see if the comment section is fake

    bryan Reply:
    February 23rd, 2010 at 3:55 am

    ha!

  20. gus
    February 24th, 2010 at 9:09 pm

    This fix along with the comment clarifications worked perfectly. Thank You!

  21. Mike Massie
    February 24th, 2010 at 11:13 pm

    Excellent directions and results achieved. I would love to make a donation for the help. But , that could be construed as indirectly promoting the proliferation of this spyware. So instead I offer to first in line to tea bag the jack hole who wrote this program.

  22. lookouts3d
    February 25th, 2010 at 8:25 am

    Mike Massie – I think that line is going to be pretty long. Count me in.

  23. gchang
    February 25th, 2010 at 5:08 pm

    This message really helped my case. There are other instructions for removing this malware but did not fit my case. Thanks so much

  24. kevin O
    February 26th, 2010 at 6:45 pm

    I have XP Anitspyware 2010 on my computer, and it won’t let me get on the internet, so I get on it in Safe Mode. Will the XP Anitspyware tool kit work and be effective against the virus if I download it and use it in Safe Mode? In addition, I’m not too computer savy, so do you think I will be able to remove the virus with the tool kit?Thanks for any help you can give me on this.

  25. Abby
    February 27th, 2010 at 6:36 am

    Ok so I followed the comments and successfully deleted the virus, however now I can’t run .exe files. I tried following the directions to fix it, and as I cant get into regedit, but when I tried to follow the directions from that support link, it wouldn’t work. When I tried to add the value regedit.exe to regedit.com it said that it could not be added. I saw a message saying that maybe I have to turn off systems restore in xp in order to get it to work, but I can’t do that either because right clicking on “my computer” and clicking on properties is not allowed, since that is apparently an exe operation too! I don’t know what to do… I’m definitely not computer savvy.

  26. jackee
    February 27th, 2010 at 8:10 am

    HELP!!! I have this XP antispyware on my PC… I am unable to download any tools to help. I was able to delete the av.exe in the process area, but I am not able to get my registry open, much less delete the bad files. I have read all the intructions.. I don’t know what to do.. I keep getting an X that windows cannot perfom the action I may not have certain permissions. I cant get into my add remove programs.. etc nothing. I am however able to access internet via XP’s so- called security page.. What do I do? Please help!! Thanks!!

  27. johnnyv
    February 27th, 2010 at 1:32 pm

    whats hot key, do go into command prompt? can i have a step by step guide for someone illiterate please thanks!

  28. biznatch-atl
    February 27th, 2010 at 5:07 pm

    I was weary of downloading the removal tool so instead, I just followed the manual removal instructions and now have my computer back. Thanks a to all the posts.

  29. Kelly Liu
    February 28th, 2010 at 9:20 am

    After I delete av.exe in my registry, I couldn’t open any exe files. On Microsoft website, there is a blog teaching how to reset registry to change secfile back to exefile. That solved my problem.

  30. Kenny
    March 1st, 2010 at 7:54 am

    For those complaining about the solution, READ and FOLLOW the instructions line by line. Worked for me
    thanks guys

  31. Mike
    March 3rd, 2010 at 6:07 am

    What I found when I had this virus:

    1) You can’t stop the process AV.exe is running in because you can’t start task manager.
    2) My ZoneAlarm was halted via a registry update I found in my C: directory. That meant I no longer had any control over incoming or outgoing processes on my PC. So I disconnected my LAN cable.
    3) You can’t run most executables, particularly by double-clicking. What you can do is rename or copy some of them to .com extensions. The virus redirects .exe extensions, but not .com. Also, you can right click on file icons and there is a start option you can use to make programs like regedit run.
    4) You can’t delete the av.exe file because it’s “in use”, but you CAN rename it. When you restart your computer, it then can’t reload. The location is exactly where this article says it will be.
    5) The guidance to use Safe Mode to turn off system restore before doing the registry edits wasn’t useful because I couldn’t get into the System Restore settings even in Safe Mode. Executable function and system tools were still blocked in safe mode.

    Once I renamed the executable and restarted my PC, I forced the ZA client to restart. I scanned the system and had the file that originally loaded the AV trojan quarantined. Then I did the registry edits listed above. That cleared up my infection.

    Pay attention to the MS article Shawn refers to. That will allow exe files to run again.

  32. Rebecca
    March 5th, 2010 at 8:42 am

    Changing the registry worked!! Thank you, thank you!!

  33. robert
    March 6th, 2010 at 7:48 pm

    I want to thank you guys and gals for the excellent info. It worked great.
    I want on the list to tbag the scumbags who inflict this crap on everyone.
    Thanks again

  34. Stephanie
    March 7th, 2010 at 12:09 pm

    Thank you, this was all very helpful. I was able to find and delete the files. I had to rename regedit before I could get into it, but then was able to clean everything out of there as well. The only issue I have now is that I am not allowed to rename regedit back to an .exe file because it seems there is another file with the same name.

  35. Bruin
    March 7th, 2010 at 3:29 pm

    I couldn’t find the av.exe file in either my processes or by searching my computer. After so Task Manager work, i narrowed the file down to MSASCui.exe(blahblah.pf) so maybe they’ve updated their filename? Anyways, after deleting that file, i’m back up and running.
    (I also did the registry edits, just in case, but a lot of them were missing. Maybe i had something different)

    Anyways, thanks for the help!

  36. FumbleFingers
    March 7th, 2010 at 7:32 pm

    It seems to me what this nasty piece of malware does is copy the itself (filename av.exe) onto your computer.

    AND it changes several registry settings controlling how Windows actually runs ANY programs. In fact these malicious changes just make Windows run av.exe regardless of which program you’re trying to run.

    If you find and delete all copies of av.exe, Windows behaves really oddly because mostly regardless of whatever you actually wanted to run, Windows still tries to run av.exe, which no longer exists!

    THE SOLUTION (for me with WinXP, at least) is to right-click the program file you want in explorer, and use the “Run as…” option. YOU MUST uncheck the “Protect my computer…” option, and run the program as current user.

    Obviously the best program to run is System Restore (filename rstrui.exe, which on my system was in \windows\system\restore). Using the “Run as…” method described above, I ran it and restored back to last night, then rebooted – all in less than a minute, after which all problems are gone.

    tomcas Reply:
    April 4th, 2010 at 3:32 pm

    FumbleFinger’s solution is the simplest and worked perfectly in minutes. I never used system restore before but I’m a big fan of it now. For once Microsoft makes a program that’s usefull and it works.

    Ana Reply:
    April 15th, 2010 at 9:23 am

    Dear FumbleFingers,
    What do you mean by right clicking on the programme file in explorer and use the “run as” option, alongside unchecking the “protect my computer” option and run the programme as current user?
    Not quite sure what you mean here.
    I have this antispyware on my computer at the moment, and have attempted restore but it hasn’t worked. I have also checked for the files in the regedit, but they dont seem to be there.
    Having a bit of a difficulty in cleaning it.

    FumbleFingers Reply:
    April 27th, 2010 at 3:09 pm

    Sorry for delay Ana – I don’t come here often!
    Many aspects of the Windows user interface are configurable. It’s possible your system has been set up differently to mine, so it doesn’t give you the same options within Windows Explorer.
    Having said that, Microsoft rarely change the default for configurable behaviour because it would just get too confusing. And for much the same reason I usually leave things at default settings. My system is XP Pro, mine is the only user account, and it has administrator privilege.

    Maybe one of those factors is different on yours which is why you don’t get the “Run as…” option in Explorer. Or maybe you didn’t follow my instructions properly.

    If you can’t find the “System Restore” application file called rstrui.exe in folder \windows\system\restore, try using Explorer’s “Search” facility, or see if you can get a copy of it from some other PC, or off the internet.

    If running System Restore doesn’t get rid of XP Antispyware 2010 this can only be because the date you restored to was LATER than when you got infected. Choose an earlier date.

  37. John
    March 24th, 2010 at 12:31 am

    Thank you SO much! This worked incredibly. I didn’t even need to install any spy-ware hunting software. (which is a total waste of money) I really appreciate that you took the time to put this on the internet. God bless you!

  38. FumbleFingers
    March 26th, 2010 at 5:20 pm

    @John
    Glad to help. If anyone else is reading this, all you have to do is search for the system restore program (rstrui.exe on XP, within \windows folder). Right-click it, and “Run as…”

    UNCHECK the “Protect my computer…” option, run the program as current user, and restore to the latest available date before you got the virus.

    Ana Reply:
    April 15th, 2010 at 9:53 am

    I tried doing that, but the Antispyware wouldn’t allow it, so am now attempting to restore my laptop in Safe Mode. Hopefully it should work.

    Wanted to ask whether after restore the XP Antispyware 2010 will be completetly gone from the system?

  39. graeme
    April 19th, 2010 at 12:57 pm

    well just to say had last virus year ago and got this virus on friday by stupidly down loading a file to scan for a certain video format. . . Soon realised big mistake. . Thanks for this brilliant site and esp the last entry. . . I did a restore and all is fine again. I remember a year ago my restore did not work . . But did this time. . Was easier than changing reg entries esp as only found the sec file entry . . Anyway. Thankyou.

  40. adam
    April 23rd, 2010 at 1:50 pm

    the same virus thursday morning it just showed up on my comp did a restore on my comp and it fixed it compleatly running a scan from the links above just to be sure =D

  41. J. Shelton
    August 20th, 2010 at 7:00 pm

    Has anyone ever encountered hardware problems as a result of this trojan virus? I got these same messages and completed a Restore through the System Tools (under the Start Menu Accessories). After everything came back and was normal, I shut down my PC for the night. HOWEVER, the next day, when I went to turn on my PC, it wouldn’t budge…not a sound…not a peep..no boot-up at all. The small green lit in the back of the CPU is solid green, though. Checked the power cables, disconnected/reconnected the motherboard connecters, and checked plugs/power strips…still nothing…

  42. Jewelya
    November 15th, 2010 at 5:42 pm

    Turns out my virus file name was ‘pezfile’ rather than ’secfile’. I had ‘pw.exe’ rather than ‘av.exe’. All in all though, I was able to follow these instructions once I figured out the translation and removed the Damn XP Antivirus VIRUS!!
    Great Job!! Thanks!!

Trackbacks

Comments are closed.

Download does not start? Try a mirror download here
«
»