Skip to content


Reply
Stone Emissary
Rosenborg
Posts: 5
Registered: ‎02-10-2012
Accepted Solution

HowTo remove TROJ_FAKEAV.HPX (Internet Security 2012)

How do I clean/remove this sucker on a Windows 7 computer?

 

TROJ_FAKEAV.HPX - also known as 'Internet Security 2012'

 

I have a Trend Micro Internet Security Client Agent running on this computer but altough this one came trough.

Please use plain text.
Legendary Noble
malwarekiller
Posts: 3,981
Registered: ‎08-08-2011

Re: HowTo remove TROJ_FAKEAV.HPX (Internet Security 2012)

Welcome aboard! Posted Image

 

Please download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

 

NEXT

 

•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan
•Click the  button.
•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

  • Click on  to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the  icon on your desktop.

•Check 
•Click the  button.
•Accept any security warnings from your browser.
•Check 
•Push the Start button.
•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
•When the scan completes, push 
•Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
•Push the  button.
•Push 
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt 

—————
Was this post helpful? Say “thanks” by giving me a “Kudo”!
Was your question answered or issue solved? Mark that post as an “Accepted Solution”!
Please use plain text.
Stone Emissary
Rosenborg
Posts: 5
Registered: ‎02-10-2012

Re: HowTo remove TROJ_FAKEAV.HPX (Internet Security 2012)

[ Edited ]

Thanks - I will try this.

 

Should System Protection on the computer be turned off first and should I run Malwarebytes as Administrator instead of double clicking on it?

Please use plain text.
Legendary Noble
malwarekiller
Posts: 3,981
Registered: ‎08-08-2011

Re: HowTo remove TROJ_FAKEAV.HPX (Internet Security 2012)

[ Edited ]

Run or double click doesnt make a difference...

 

 

no action needs to be taken on system protection.

—————
Was this post helpful? Say “thanks” by giving me a “Kudo”!
Was your question answered or issue solved? Mark that post as an “Accepted Solution”!
Please use plain text.
Stone Emissary
Rosenborg
Posts: 5
Registered: ‎02-10-2012

Re: HowTo remove TROJ_FAKEAV.HPX (Internet Security 2012)

Ok - thanks

 

I have done what you suggested. Found som warnings and removed the files. I´m not sure if those warnings were related to TROJ_FAKEAV.HPX but I hope so...

 

How do I know that I have removed that particular trojan (the log didn´t refere to that spesific file name) ?

Please use plain text.
Legendary Noble
malwarekiller
Posts: 3,981
Registered: ‎08-08-2011

Re: HowTo remove TROJ_FAKEAV.HPX (Internet Security 2012)

Please run malwarebytes and ESET and attach the logs...

—————
Was this post helpful? Say “thanks” by giving me a “Kudo”!
Was your question answered or issue solved? Mark that post as an “Accepted Solution”!
Please use plain text.
Stone Emissary
Rosenborg
Posts: 5
Registered: ‎02-10-2012

Re: HowTo remove TROJ_FAKEAV.HPX (Internet Security 2012)

[ Edited ]

The logs are attached.

 

I did run FakeAV Remover earlier to day so that log is also attached. ESET didn't find anything so I don't have this log.

Please use plain text.
Legendary Noble
malwarekiller
Posts: 3,981
Registered: ‎08-08-2011

Re: HowTo remove TROJ_FAKEAV.HPX (Internet Security 2012)

Well,

 subject to no further problems?

your computer is clean.

Now let me do some tune-ups.

 



Mark this topic as solved...use the options tab of your topic to do so.Select the reply which u think is the solution to your problem..and click on the options tab of that particular reply and select mark as solution.

 

Remove combofix

  • Hold down the Windows key + R on your keyboard. This will display the Run dialogue box
  • In the Run box, type in ComboFix /Uninstall(Notice the space between the "x" and "/") then click OK
    Posted Image
  • Follow the prompts on the screen
  • A message should appear confirming that ComboFix was uninstalled


For the first run I would recommend a boot defrag and disk check 



Download and run Puran Disc Defragmenter

 

 

u may use this tool to keep junk temp files away:

http://www.piriform.com/ccleaner/download


 
 Malwarebytes.  Update and run it today also i recommend to run it weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link


Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. 

Please follow these steps to remove older version of Java components and upgrade the application.

Upgrading Java:

  • Go to this site  and click Do I have Java
  • It will check your current version and then offer to update to the latest version



To manually create a new Restore Point
 

  • Go to Control Panel and select System 
  • Select System
  • On the left select System Protection and accept the warning if you get one
  • Select System Protection Tab
  • Select Create at the bottom 
  • Type in a name i.e. Clean
  • Select Create

Now we can purge the infected ones

  • GoStart > All programs > Accessories > system tools 
  • Right click Disc cleanup and select run as administrator
  • Select Your main drive and accept the warning if you get one 
  • For a few moments the system will make some calculations
  • Select the More Options tab
  • In the System Restore and Shadow Backups select Clean up
  • Select Delete on the pop up 
  • Select OK
  • Select Delete.

 

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. 

To keep your operating system up to date visit

To learn more about how to protect yourself while on the internet read our little guide  How did I get infected in the first place ?

 

Stay Safe! :smileyhappy:

—————
Was this post helpful? Say “thanks” by giving me a “Kudo”!
Was your question answered or issue solved? Mark that post as an “Accepted Solution”!
Please use plain text.
Stone Emissary
Rosenborg
Posts: 5
Registered: ‎02-10-2012

Re: HowTo remove TROJ_FAKEAV.HPX (Internet Security 2012)

Ha, ha, ha, you're the best, malwarekiller! Thanks a lot! :smileyhappy:

 

My computer couldn't detect Combofix so that one is probably long gone?

 

I've updated both java and Windows for a few minutes ago.

 

I also have both firewall AND anti viruse (Trend Micro Client/Server Security Agent) for protection...

 

So I will now run defrag and check disk, create a new restore point and at last follow your steps to purge the infected ones.

Right?

Please use plain text.
Legendary Noble
malwarekiller
Posts: 3,981
Registered: ‎08-08-2011

Re: HowTo remove TROJ_FAKEAV.HPX (Internet Security 2012)

[ Edited ]

u should never run tools like combofix unless suggested...u can continue with my recommended precaution steps now.

 

Glad i could help u!

—————
Was this post helpful? Say “thanks” by giving me a “Kudo”!
Was your question answered or issue solved? Mark that post as an “Accepted Solution”!
Please use plain text.