WARNING Nasty Malware hard to remove..

Discussion in 'NZ Computing' started by Greg House, Aug 4, 2007.

  1. Greg House

    Greg House Guest

    Come up with a Yellow flag about being infected plus another box (Windows Security Alert) stating
    that files are being copied, funny I am not using any MS software for this type of thing..

    This LOCKS out Control Panel, Task Manager, Regedit, Uninstall USB device and may be others.


    File name is WINAVXX.EXE PLUS PRINTER.EXE OR WINAVX.EXE


    Seems to be very new, reported 27 July and only 2 references on Google, one is a site that has a
    removal tool and details on it..

    http://fileinfo.prevx.com/adware/qq5295102229384-WINA43340638/WINAVXX.EXE.html



    Some how I got redirected to some web site when looking for tools to fix a 633 error.


    None of my Spyware or Virus programs detect it, so I was locky to detect it.
    Greg House, Aug 4, 2007
    #1
    1. Advertising

  2. Greg House

    XPD Guest

    "Greg House" <> wrote in message
    news:...
    >
    >
    > Come up with a Yellow flag about being infected plus another box
    > (Windows Security Alert) stating
    > that files are being copied, funny I am not using any MS software for this
    > type of thing..
    >
    > This LOCKS out Control Panel, Task Manager, Regedit, Uninstall USB
    > device and may be others.
    >
    >
    > File name is WINAVXX.EXE PLUS PRINTER.EXE OR WINAVX.EXE


    Been very similar ones around for many moons....always a sod to remove
    completely.... I usually manage to disable them rather than total removal.
    XPD, Aug 4, 2007
    #2
    1. Advertising

  3. Greg House

    Greg House Guest

    On Sat, 4 Aug 2007 21:59:54 +1200, "XPD" <> wrote:

    >
    >"Greg House" <> wrote in message
    >news:...
    >>
    >>
    >> Come up with a Yellow flag about being infected plus another box
    >> (Windows Security Alert) stating
    >> that files are being copied, funny I am not using any MS software for this
    >> type of thing..
    >>
    >> This LOCKS out Control Panel, Task Manager, Regedit, Uninstall USB
    >> device and may be others.
    >>
    >>
    >> File name is WINAVXX.EXE PLUS PRINTER.EXE OR WINAVX.EXE

    >
    >Been very similar ones around for many moons....always a sod to remove
    >completely.... I usually manage to disable them rather than total removal.
    >




    Have managed to remove all the files and fix most of the Lock out but not the Safely Remove Hardware
    one, the other lockout ware in the registry.
    Greg House, Aug 4, 2007
    #3
  4. Greg House

    Craig Sutton Guest

    "Greg House" <> wrote in message
    news:...
    >
    >
    > Come up with a Yellow flag about being infected plus another box
    > (Windows Security Alert) stating
    > that files are being copied, funny I am not using any MS software for this
    > type of thing..
    >
    > This LOCKS out Control Panel, Task Manager, Regedit, Uninstall USB
    > device and may be others.
    >
    >
    > File name is WINAVXX.EXE PLUS PRINTER.EXE OR WINAVX.EXE
    >
    >
    > Seems to be very new, reported 27 July and only 2 references on Google,
    > one is a site that has a
    > removal tool and details on it..
    >
    > http://fileinfo.prevx.com/adware/qq5295102229384-WINA43340638/WINAVXX.EXE.html
    >
    >
    >
    > Some how I got redirected to some web site when looking for tools to fix a
    > 633 error.
    >
    >
    > None of my Spyware or Virus programs detect it, so I was locky to detect
    > it.
    >

    Well you do insist on running an old outdated browser version. So its your
    own fault isn't it.
    Craig Sutton, Aug 4, 2007
    #4
  5. Greg House

    Greg House Guest

    On Sun, 5 Aug 2007 01:09:51 +1200, "Craig Sutton" <> wrote:

    >
    >"Greg House" <> wrote in message
    >news:...
    >>
    >>
    >> Come up with a Yellow flag about being infected plus another box
    >> (Windows Security Alert) stating
    >> that files are being copied, funny I am not using any MS software for this
    >> type of thing..
    >>
    >> This LOCKS out Control Panel, Task Manager, Regedit, Uninstall USB
    >> device and may be others.
    >>
    >>
    >> File name is WINAVXX.EXE PLUS PRINTER.EXE OR WINAVX.EXE
    >>
    >>
    >> Seems to be very new, reported 27 July and only 2 references on Google,
    >> one is a site that has a
    >> removal tool and details on it..
    >>
    >> http://fileinfo.prevx.com/adware/qq5295102229384-WINA43340638/WINAVXX.EXE.html
    >>
    >>
    >>
    >> Some how I got redirected to some web site when looking for tools to fix a
    >> 633 error.
    >>
    >>
    >> None of my Spyware or Virus programs detect it, so I was locky to detect
    >> it.
    >>

    >Well you do insist on running an old outdated browser version. So its your
    >own fault isn't it.




    Has nothing at all with the Browser I use this as it works far better, IE7 can't handle my
    Favorites list, and Fire fox you need to add a heap of adds to get it to work, may be if I used
    Netscape as that has it all.

    My very upto date Virus Malware programs did not find it as its just came out..
    Greg House, Aug 4, 2007
    #5
  6. Greg House

    Craig Sutton Guest

    "Greg House" <> wrote in message
    news:...
    > On Sun, 5 Aug 2007 01:09:51 +1200, "Craig Sutton" <>
    > wrote:
    >
    >>
    >>"Greg House" <> wrote in message
    >>news:...
    >>>
    >>>
    >>> Come up with a Yellow flag about being infected plus another box
    >>> (Windows Security Alert) stating
    >>> that files are being copied, funny I am not using any MS software for
    >>> this
    >>> type of thing..
    >>>
    >>> This LOCKS out Control Panel, Task Manager, Regedit, Uninstall USB
    >>> device and may be others.
    >>>
    >>>
    >>> File name is WINAVXX.EXE PLUS PRINTER.EXE OR WINAVX.EXE
    >>>
    >>>
    >>> Seems to be very new, reported 27 July and only 2 references on Google,
    >>> one is a site that has a
    >>> removal tool and details on it..
    >>>
    >>> http://fileinfo.prevx.com/adware/qq5295102229384-WINA43340638/WINAVXX.EXE.html
    >>>
    >>>
    >>>
    >>> Some how I got redirected to some web site when looking for tools to fix
    >>> a
    >>> 633 error.
    >>>
    >>>
    >>> None of my Spyware or Virus programs detect it, so I was locky to detect
    >>> it.
    >>>

    >>Well you do insist on running an old outdated browser version. So its your
    >>own fault isn't it.

    >
    >
    >
    > Has nothing at all with the Browser I use


    So you were surfing a website and it magically had nothing to do with the
    browser? more likel an exploit hit your old version 6 IE
    Craig Sutton, Aug 4, 2007
    #6
  7. Greg House

    neutrino Guest

    Re: WARNING Nasty Malware hard to remove..


    >
    > >>> None of my Spyware or Virus programs detect it, so I was locky to detect
    > >>> it.

    >

    what software are you using for protection? just out of interest.
    said it before and now again.....
    For myself - I have Avast AV,
    Sygate Firewall (Great! even if it was bought and disposed of by
    symantec!)
    Spyware Doctor.
    and frequently scan with Ad-aware.
    and never had an infection yet that could not be disposed of, or got
    further than temp internet folder.
    and for a "Just-in-case", and for confidence to do whatever on the Pc,
    I have a clean, fully up to date (as at backup time), Norton Ghost
    backup. or there's Acronis true Image - and probably others.
    Protect with good prog's, plus a full backup - and you can't go wrong.
    neutrino, Aug 4, 2007
    #7
  8. On Sat, 04 Aug 2007 20:48:24 +1200, Greg House <ghouse
    wrote:

    > Come up with a Yellow flag about being infected plus another box
    > (Windows Security Alert) stating that files are being copied, funny I am
    > not using any MS software for this type of thing..
    >
    > This LOCKS out Control Panel, Task Manager, Regedit, Uninstall USB
    > device and may be others.
    >
    >
    > File name is WINAVXX.EXE PLUS PRINTER.EXE OR WINAVX.EXE


    That is the joy you experience when you download and install dodgy
    applications from dodgy websites onto a PC using a dodgy operating system.

    Build a bridge, mate, and accept the consequences of your actions/choices.

    So. What Windows application did you install?


    --
    Jonathan Walker

    "The IT industry landscape is littered with the dead
    dreams of people who once trusted Microsoft."
    Jonathan Walker, Aug 5, 2007
    #8
  9. Greg House

    Greg House Guest

    Re: WARNING Nasty Malware hard to remove..

    On Sat, 04 Aug 2007 13:29:54 -0700, neutrino <> wrote:

    >
    >>
    >> >>> None of my Spyware or Virus programs detect it, so I was locky to detect
    >> >>> it.

    >>

    >what software are you using for protection? just out of interest.
    >said it before and now again.....
    >For myself - I have Avast AV,
    >Sygate Firewall (Great! even if it was bought and disposed of by
    >symantec!)
    >Spyware Doctor.
    >and frequently scan with Ad-aware.
    >and never had an infection yet that could not be disposed of, or got
    >further than temp internet folder.
    >and for a "Just-in-case", and for confidence to do whatever on the Pc,
    >I have a clean, fully up to date (as at backup time), Norton Ghost
    >backup. or there's Acronis true Image - and probably others.
    >Protect with good prog's, plus a full backup - and you can't go wrong.




    Yes only the very very best, Kerio firewall , Kaspersky KIS and Ad-Aware 2007


    This Virus Malware is very very new only 2 hits on Google.

    Showed up at the end of last month..
    Greg House, Aug 5, 2007
    #9
  10. Greg House

    Greg House Guest

    On 5 Aug 2007 11:52:30 +1200, Jonathan Walker <> wrote:

    >On Sat, 04 Aug 2007 20:48:24 +1200, Greg House <ghouse
    >wrote:
    >
    >> Come up with a Yellow flag about being infected plus another box
    >> (Windows Security Alert) stating that files are being copied, funny I am
    >> not using any MS software for this type of thing..
    >>
    >> This LOCKS out Control Panel, Task Manager, Regedit, Uninstall USB
    >> device and may be others.
    >>
    >>
    >> File name is WINAVXX.EXE PLUS PRINTER.EXE OR WINAVX.EXE

    >
    >That is the joy you experience when you download and install dodgy
    >applications from dodgy websites onto a PC using a dodgy operating system.
    >
    >Build a bridge, mate, and accept the consequences of your actions/choices.
    >
    >So. What Windows application did you install?




    I did Not install a thing, I was redirected to some web site that infected my system..

    But its all fixed now, if you get it ask me and I will tell you how to fix it, even all the lock
    outs..
    Greg House, Aug 5, 2007
    #10
  11. On Sun, 05 Aug 2007 15:01:41 +1200, Greg House <ghouse
    wrote:

    > I did Not install a thing, I was redirected to some web site that
    > infected my system..


    So...

    You installed and used a version of the M$ Browser.


    --
    Jonathan Walker

    "The IT industry landscape is littered with the dead
    dreams of people who once trusted Microsoft."
    Jonathan Walker, Aug 5, 2007
    #11
  12. Greg House

    Greg House Guest

    On 5 Aug 2007 16:14:05 +1200, Jonathan Walker <> wrote:

    >On Sun, 05 Aug 2007 15:01:41 +1200, Greg House <ghouse
    >wrote:
    >
    >> I did Not install a thing, I was redirected to some web site that
    >> infected my system..

    >
    >So...
    >
    >You installed and used a version of the M$ Browser.




    No I did not its part of XP..
    Greg House, Aug 5, 2007
    #12
  13. Greg House

    EMB Guest

    Greg House wrote:
    > On 5 Aug 2007 16:14:05 +1200, Jonathan Walker <> wrote:
    >
    >> On Sun, 05 Aug 2007 15:01:41 +1200, Greg House <ghouse
    >> wrote:
    >>
    >>> I did Not install a thing, I was redirected to some web site that
    >>> infected my system..

    >> So...
    >>
    >> You installed and used a version of the M$ Browser.

    >
    >
    >
    > No I did not its part of XP..
    >
    >

    You still failed to install the manufacturer's recommended security
    update so can only blame yourself.
    EMB, Aug 5, 2007
    #13
  14. Greg House

    Greg House Guest

    On Sun, 05 Aug 2007 19:05:29 +1200, EMB <> wrote:

    >Greg House wrote:
    >> On 5 Aug 2007 16:14:05 +1200, Jonathan Walker <> wrote:
    >>
    >>> On Sun, 05 Aug 2007 15:01:41 +1200, Greg House <ghouse
    >>> wrote:
    >>>
    >>>> I did Not install a thing, I was redirected to some web site that
    >>>> infected my system..
    >>> So...
    >>>
    >>> You installed and used a version of the M$ Browser.

    >>
    >>
    >>
    >> No I did not its part of XP..
    >>
    >>

    >You still failed to install the manufacturer's recommended security
    >update so can only blame yourself.


    I have all the MS security updates.

    This Virus is that New only one firm has a remover for it, but it does not fix the Lock outs..
    Greg House, Aug 5, 2007
    #14
  15. Greg House

    EMB Guest

    Greg House wrote:
    > On Sun, 05 Aug 2007 19:05:29 +1200, EMB <> wrote:
    >
    >> Greg House wrote:
    >>> On 5 Aug 2007 16:14:05 +1200, Jonathan Walker <> wrote:
    >>>
    >>>> On Sun, 05 Aug 2007 15:01:41 +1200, Greg House <ghouse
    >>>> wrote:
    >>>>
    >>>>> I did Not install a thing, I was redirected to some web site that
    >>>>> infected my system..
    >>>> So...
    >>>>
    >>>> You installed and used a version of the M$ Browser.
    >>>
    >>>
    >>> No I did not its part of XP..
    >>>
    >>>

    >> You still failed to install the manufacturer's recommended security
    >> update so can only blame yourself.

    >
    > I have all the MS security updates.
    >
    > This Virus is that New only one firm has a remover for it, but it does not fix the Lock outs..
    >
    >

    You DO NOT have all the security updates - WTF do you think IE7 is?
    EMB, Aug 5, 2007
    #15
  16. Greg House

    Craig Sutton Guest

    "EMB" <> wrote in message news:46b586e0$...
    > Greg House wrote:
    >> On Sun, 05 Aug 2007 19:05:29 +1200, EMB <> wrote:
    >>
    >>> Greg House wrote:
    >>>> On 5 Aug 2007 16:14:05 +1200, Jonathan Walker <>
    >>>> wrote:
    >>>>
    >>>>> On Sun, 05 Aug 2007 15:01:41 +1200, Greg House
    >>>>> <ghouse
    >>>>> wrote:
    >>>>>
    >>>>>> I did Not install a thing, I was redirected to some web site that
    >>>>>> infected my system..
    >>>>> So...
    >>>>>
    >>>>> You installed and used a version of the M$ Browser.
    >>>>
    >>>>
    >>>> No I did not its part of XP..
    >>>>
    >>>>
    >>> You still failed to install the manufacturer's recommended security
    >>> update so can only blame yourself.

    >>
    >> I have all the MS security updates.
    >>
    >> This Virus is that New only one firm has a remover for it, but it does
    >> not fix the Lock outs..
    >>
    >>

    > You DO NOT have all the security updates - WTF do you think IE7 is?


    http://secunia.com/product/11/
    Craig Sutton, Aug 5, 2007
    #16
  17. Greg House

    Greg House Guest

    On Sun, 05 Aug 2007 20:14:19 +1200, EMB <> wrote:

    >Greg House wrote:
    >> On Sun, 05 Aug 2007 19:05:29 +1200, EMB <> wrote:
    >>
    >>> Greg House wrote:
    >>>> On 5 Aug 2007 16:14:05 +1200, Jonathan Walker <> wrote:
    >>>>
    >>>>> On Sun, 05 Aug 2007 15:01:41 +1200, Greg House <ghouse
    >>>>> wrote:
    >>>>>
    >>>>>> I did Not install a thing, I was redirected to some web site that
    >>>>>> infected my system..
    >>>>> So...
    >>>>>
    >>>>> You installed and used a version of the M$ Browser.
    >>>>
    >>>>
    >>>> No I did not its part of XP..
    >>>>
    >>>>
    >>> You still failed to install the manufacturer's recommended security
    >>> update so can only blame yourself.

    >>
    >> I have all the MS security updates.
    >>
    >> This Virus is that New only one firm has a remover for it, but it does not fix the Lock outs..
    >>
    >>

    >You DO NOT have all the security updates - WTF do you think IE7 is?




    Yes utter Crap, I have tries it 2 times, its totally usless in the way it handles favorites..
    Greg House, Aug 5, 2007
    #17
  18. Greg House wrote:
    > On Sun, 05 Aug 2007 20:14:19 +1200, EMB <> wrote:
    >
    >> Greg House wrote:
    >>> On Sun, 05 Aug 2007 19:05:29 +1200, EMB <> wrote:
    >>>
    >>>> Greg House wrote:
    >>>>> On 5 Aug 2007 16:14:05 +1200, Jonathan Walker <> wrote:
    >>>>>
    >>>>>> On Sun, 05 Aug 2007 15:01:41 +1200, Greg House <ghouse
    >>>>>> wrote:
    >>>>>>
    >>>>>>> I did Not install a thing, I was redirected to some web site that
    >>>>>>> infected my system..
    >>>>>> So...
    >>>>>>
    >>>>>> You installed and used a version of the M$ Browser.
    >>>>>
    >>>>> No I did not its part of XP..
    >>>>>
    >>>>>
    >>>> You still failed to install the manufacturer's recommended security
    >>>> update so can only blame yourself.
    >>> I have all the MS security updates.
    >>>
    >>> This Virus is that New only one firm has a remover for it, but it does not fix the Lock outs..
    >>>
    >>>

    >> You DO NOT have all the security updates - WTF do you think IE7 is?

    >
    >
    >
    > Yes utter Crap, I have tries it 2 times, its totally usless in the way it handles favorites..
    >
    >

    Time to change the nym Rog, your losing this one
    collector«NZ, Aug 5, 2007
    #18
  19. On Sun, 05 Aug 2007 17:38:26 +1200, Greg House <ghouse
    wrote:

    >>You installed and used a version of the M$ Browser.

    >
    > No I did not its part of XP..


    Why did you choose to use a system that you already knew was
    faulty/buggy/vulnerable?


    --
    Jonathan Walker

    "The IT industry landscape is littered with the dead
    dreams of people who once trusted Microsoft."
    Jonathan Walker, Aug 5, 2007
    #19
  20. Greg House

    Greg House Guest

    On 5 Aug 2007 22:07:55 +1200, Jonathan Walker <> wrote:

    >On Sun, 05 Aug 2007 17:38:26 +1200, Greg House <ghouse
    >wrote:
    >
    >>>You installed and used a version of the M$ Browser.

    >>
    >> No I did not its part of XP..

    >
    >Why did you choose to use a system that you already knew was
    >faulty/buggy/vulnerable?




    Yes its because I am not a Lunny Lunix addict.


    Just keep your stupid software to yourself...
    Greg House, Aug 5, 2007
    #20
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Doug
    Replies:
    9
    Views:
    674
  2. Amy Johnson

    Cannot remove malware

    Amy Johnson, May 19, 2005, in forum: Computer Support
    Replies:
    1
    Views:
    1,247
    °Mike°
    May 19, 2005
  3. Charles

    Warning: WARNING

    Charles, Aug 15, 2005, in forum: Computer Support
    Replies:
    7
    Views:
    4,657
    =?ISO-8859-15?Q?Brian_H=B9=A9?=
    Aug 16, 2005
  4. Replies:
    3
    Views:
    4,011
    ellis_jay
    Apr 16, 2007
  5. Skybuck Flying

    Warning: 76.191.100.35 malware/virus spreader

    Skybuck Flying, May 7, 2011, in forum: Windows 64bit
    Replies:
    13
    Views:
    1,689
    Skybuck Flying
    Jun 13, 2011
Loading...

Share This Page