Since I have had to remove this from 2 computers today, which coincidently were both running AVG, I thought I would post up the way to remove it from an ‘infected’ computer.
NOTE: These instructions are intended as a guideline on how to remove this infection. If you are not sure how to do this then please make sure you consult a professional. All such information and related graphics are provided “as is” without warranty of any kind.
The first step is to repair the running of executable files (exe files):
Click on Start, Run and type ‘notepad’ then press enter. Now copy and paste the information below into Notepad.
Windows Registry Editor Version 5.00
Now save this file by clicking on File, Save As; select the file type and set it to “All Files” then enter ‘fix.reg’ into the file name box making sure you save the file to the Desktop and click OK.
Now double-click the ‘fix.reg’ file on the desktop and click Yes to confirm.
There is a second method which you may need to use to stop XP Anti-Malware from running, in both cases I have had use both methods so here is the second method.
Click on Start, Run and type ‘Notepad’ then press enter. Copy and paste all of the information below into Notepad.
HKCR, exefileshellopencommand,,,"""%1"" %*"
HKCR, .exe,"Content Type",,"application/x-msdownload"
Now save this file by clicking on File, Save As; select the file type and set it to “All Files” then enter ‘fix.inf’ into the file name box making sure you save the file to the Desktop and click OK.
Now right-click on the “fix.inf” file on the Desktop and select Install. Now reboot the computer into ‘Safe-mode with Network Support’.
Now download MalwareBytes Anti-malware, install and ensure that it fully updates before running. Now run a ‘Quick Scan’, once it has completed it will display the results. Now click on ‘Remove Selected’ and reboot the computer. Details about how to install and run MalwareBytes Anti-malware can be found on other sites but the important part is the Registry file and INF file above.