Spyware, viruses, & security : antivirus pro 2009 - can't get rid of it
antivirus pro 2009 - can't get rid of it
by raycop2 - 11/16/08 6:13 AMi'm infected with antivirus pro 2009 on XP Sp3; i tried downloading a malwarebyte removal program. i am unable to go to malwarebyte.org on the infected machine so i downloaded the malwarebyte program on another machine/ copied to desktop of bad machine but setupfile won't run/open. this virus is ugly. now i know why the call it malware. truly malicious! how do i get rid of this thing?
Rename the MBAM.exe into something else........
by Marianna Schmudlach
- 11/16/08 8:19 AM
In reply to: antivirus pro 2009 - can't get rid of it by raycop2
that should do the "trick" to run the program.
mbam still won't work
by raycop2 - 11/16/08 6:06 PM In reply to: Rename the MBAM.exe into something else........ by Marianna Schmudlach
i tried renaming mbam set file. this time it started installing, got to the "finishing installation" stage, then froze up.
Can you run MalwareBytes Anti Malware......
by Marianna Schmudlach - 11/16/08 10:09 PM
In reply to: mbam still won't work by raycop2
in SAFEMODE ??
If not,
You could try doing a Scan with Avira Rescue cd
http://www.free-av.de/en/tools/12/avira_antivir_rescue_system.html
Burn this to a disc http://www.free-av.de/en/tools/12/avira_an...cue_system.html it runs on bootup it also has the burning software built in.
After you ran the above scan, try Malwarebytes again.
Now it should work.
Same exact problem
by faithrs - 11/17/08 12:52 PM In reply to: Can you run MalwareBytes Anti Malware...... by Marianna Schmudlach
Hey I was wondering if any of these suggestions have worked? I got hit with this over the weekend and can't do anything. I was able to rename and install MalwareBytes but I can't start it up.
Yes and is the recommendation from MalwareBytes ...
by Marianna Schmudlach - 11/17/08 1:08 PM
In reply to: Same exact problem by faithrs
Post #2:
Try to create the cd from a working computer if for some reason it will not properly work on the infected one.
Requires access to a working computer with a CD/DVD burner to create a bootable CD.
Avira AntiVir Rescue System download
Avira AntiVir Rescue System
Avira AntiVir Rescue System is a Linux-based application that allows accessing computers that cannot be booted anymore. Thus it is possible to:
* repair a damaged system,
* rescue data,
* scan the system for virus infections.
Just double-click on the rescue system package to burn it to a CD/DVD. You can then use this CD/DVD to boot your computer.
The Avira AntiVir Rescue System is updated several times a day so that the most recent security updates are always available.
Once you have done this with Avira, Malwarebytes should install and run. Make sure you update it right away and select Scan.
http://www.malwarebytes.org/forums/index.php?s=51eab3a4b0d33a2d6416f631ee02131f&showtopic=7563
tried avira/won't boot
by raycop2 - 11/17/08 4:39 PM In reply to: Yes and is the recommendation from MalwareBytes ... by Marianna Schmudlach
I followed suggestion to burn avira to CD. when I boot up the infected machine with CD in it tries to run the CD on bootup but goes right to WindowsXP signon. dumb question but how do I get it to run avira from startup? i thought if CD was in that it would start the avira program from boot up. do I need to do something special when I turn the machine on (a function key or something)?
Let's see IF this helps........
by Marianna Schmudlach - 11/17/08 4:53 PM
In reply to: tried avira/won't boot by raycop2
Once you've booted up your computer with Avira Rescue System, you get a boot option to either boot from hard drive or AntiVir Rescue System. Press the number 2 on your keyboard to boot into AntiVir Rescue System. It will start loading linux and you get to select either deutsch or english. Next, drivers will be loaded, and when it completes, the Rescue System main menu will show.
To scan a computer, select the second option "Scan" and hit enter. You get to select whether to scan all files, only program files or only boot sectors. You can then select either to log scanning events or try to repair infected files. If Rescue System is unable to repair infected files, you have the option to rename the files. Finally, you can select additional file types to scan such as dialers, jokes, games, and security privacy risk software. The whole process simplifies the command-line arguments so you don't need to manually type the commands.
The open command at the main menu will launch Linux console, not DOS command prompt. Unless you're familiar with Linux commands, I wouldn't recommend you selecting that option. If you've accidentally got into the linux console, press CTRL+F1 simultaneously to go back to Rescue System Main Menu.
http://geeksfeeds.blogspot.com/2008/06/tips-and-hacks-free-avira-antivir.html
cant boot avira
by raycop2 - 11/18/08 9:20 AM In reply to: Let's see IF this helps........ by Marianna Schmudlach
when i put CD with avira it doesn't give me these 2 boot options. it just goes to windows login
Another thought.....
by Marianna Schmudlach - 11/18/08 9:49 AM
In reply to: cant boot avira by raycop2
a) from DeviceManager -> Show hidden peripherals
disable Tdssxyx.sys where xyz are random characters (found on non plug and play peripherals)
c) REBOOT SAFE MODE (press F8 while Windows boots) no command prompt
d) move to Windows\system32 and NOW the tdssxyz.xyz files become visible!! Deleted them all.
e) move to system32\drivers, deleted tdssxyz.sys
f) reboot safe mode (?) and unistall the peripheral driver tdssxyx.sys
g) reboot normal - deleted all what possible from registry - search tdss (all values) if and when found -> delete
h) Scan MB did not found any tdss anymore !!! Neither tdss.sys has been installed nor process explorer (www.sysinternals.com) finds any handle or dll attached.
Victory
http://www.malwarebytes.org/forums/index.php?showtopic=7194
Have Microsoft remove it
by mt500 - 11/18/08 2:13 PM In reply to: antivirus pro 2009 - can't get rid of it by raycop2I discovered this from another forum member: if you're running a Microsoft product - no matter how you may feel about the company - contact it at: 1-800-642-7676 and ask for "Security."
My computer was virtually locked down by the Antivirus Pro 2009. Couldn't do anything to get rid of it. Most antispyware programs wouldn't launch, wouldn't update, wouldn't do anything. A Microsoft tech manually removed the total infection via remote access using Team Viewer. It took awhile because there were individual registry items and others that required manual removal. Didn't cost me a dime. Now my computer is back to normal.
I highly recommend going that route.
on windows xp
by rr918 - 12/20/08 4:48 PM In reply to: antivirus pro 2009 - can't get rid of it by raycop2in addition to renaming the mbam-setup.exe and mbam.exe, i had to run both in Windows2000 compatibility by right clicking and selecting the "Run As" option.
clarication
by rr918 - 12/20/08 4:53 PM In reply to: on windows xp by rr918On XP, neither mbam-setup.exe nor mbam.exe programs would run until I right-clicked the icons of the programs and selected the "Properties" option. In the Properties' Compatibility tab, I checked "Run this program in compatibility mode for:" and selected Windows 2000. Both programs worked after changing the names of the programs and the compatibility mode. Sorry for any confusion.
--rjreynoso
mabam.exe works now...thanks lots
by dwissel - 3/3/09 1:12 PM In reply to: clarication by rr918Yep...that works...use propertities, change compatibility to win 2000, rename file...works.
With same virus you will find desktop display hijacked so u can't change it. Gpedit.msc won't work. Use regedit: Under both Current Users and Local Machine look under these \software\microsoft\windows\current version\policies\active desktop....one of what you find there you can toggle to release your desktop.
| Forum legend: | |
 |
Locked thread |
 |
Moderator |
 |
CNET staff |
 |
Samsung staff |
 |
Norton Authorized Support team |
 |
AVG staff |
 |
Windows Outreach team |
 |
Dell staff |
 |
Intel staff |
