anti virus 2010

Viruses and worms
1

Good afternoon.

Today I was infected by Anti Virus 2010. Right now until avast 4 Professional Edition is locked. All attempts to get to work has been fruitless. Tb already tried to install antivirus programs to remove the 2010, but once installed something does not make them work.

Does anyone know how I can solve the problem?

thanks

2

Check out this topic, http://www.bleepingcomputer.com/virus-removal/remove-antivirus-2010.

Looks like this comes with a package to kill or block security applications, I would suggest checking if your firewall is also disabled.

3

Message C:\ program files\Malwarebytes Anti-Malware\mbam.exe " Windows cannot access the specified device, path or file. You may not have the appropriate permissions to access the item

've already discovered where the (anti virus 2010) is housed. Right now he is in "administrative tools. Services (local) and managed to disable

Can you tell me what I can do more to eliminate it?

thanks

4

It is being blocked by the malware then and possibly only by name, so you could try changing mbam.exe to trsm86mbam.exe and see if that gets through.

If that doesn’t get past it:
Try this a portable version of SAS (SuperAntiSpyware), http://www.superantispyware.com/portablescanner.html, no installation required. This when downloaded is saved as a unique/random file name with if I remember rightly a .com tile type, so that may have a greater chance of getting through.

There is of course a possibility that the antivirus 2010 has something protecting it (and disabling other security software), that may be a rootkit, SAS has detections for the TDSS rootkit, which is commonly used for this, however, if this is the case it can be hard to remove.

5

The program detects when the two SuperAntiSpyware Trojan Smitfraud Variant / IE Anti Spsware disappears. It makes the rest of the scan pq simply DISAPPEAR
http://

6

download process explorer from here http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx
open this program and kill the process (anti virus 2010)try to follow again what david posted(the link he posted)

7
8

two more you can try

Hitman Pro 3 - Second Opinion Malware Scanner (30 day free removal ) http://www.surfright.nl/en/hitmanpro
Hitman Pro in Force Breach Mode http://hitmanpro.wordpress.com/2010/03/16/hitman-pro-in-force-breach-mode/

If this works, try running Malwarebytes after …remeber to update first

VIPRE Rescue Program http://live.sunbeltsoftware.com/

9

unfortunately did not solve the problem

tks

10

Did you try booting into safe mode and trying these suggestions?
Joe

11

Then it is time for Essexboy`s magic tricks :wink:

Follow this guide from Essexboy and post the log`s
http://forum.avast.com/index.php?topic=53253.0

To avoid using multiple post with copy and paste you have to attach the log`s
Lower left corner: Additional Options > Attach ( OTL.Txt and Extras.Txt. and MBAM scan log )

12

Most programs recommend that have already been used by me, without success. Some do not even work, other tear, but then as they disappear instantly

Beginning to see no great solutions. I’ll waiting for your information

thanks

13
14
15

The program has RegistryBooster ability to eliminate the virus in 2010?

16

Follow Essexboy`s guide and post the OTL logs…
Essexboy can then see what an where the problem is and fix this

Essexboy is a trained and certified expert Malware remover…

17

registboster is a sh!tty program ;D
let’s try something different
boot to safe mode and change the name mbamset-up.exe to mbamsetup.com
if you have already installed mbam then rename the mbam.exe to iexplore.exe
reboot to normal mode and try to open iexpore.exe to open the program or mbatset-up.com to install it
good luck

18

Hi lets try this first, if it fails go to Plan B both of these programmes will kill all running processes

Note: If using Firefox right-click on any download links and choose Save As

Please download OTH to your desktop
Please download OTL to your desktop
Please download the attached file Scan.txt to your desktop

Double click the OTH file to run it and click Kill All Processes, your desktop will go blank.

http://oldtimer.geekstogo.com/OTH/OTH_Main.gif

Then select Start OTL. OTL will now run

[*]Double-click on the Custom Scans box and a message box will popup asking if you want to load a custom scan from a file
Select Scan.txt that you downloaded

[*]Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

[*]When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.

[*]Click the Internet Explorer button, post these logs in your Virus Removal topic.

Plan B

Download Rkill from here : there are several flavours to choose from, if one does not work then try the next

* rkill.com
* rkill.scr
* rkill.pif

Once it is downloaded, double-click on rkill in order to automatically attempt to stop any processes associated with Security Central and other Rogue programs. Please be patient while the program looks for various malware programs and ends them. When it has finished, the black window will automatically close and you can continue with the next step. If you get a message that rkill is an infection, do not be concerned. This message is just a fake warning given by Security Central when it terminates programs that may potentially remove it. If you run into these infections warnings that close Rkill, a trick is to leave the warning on the screen and then run Rkill again. By not closing the warning, this typically will allow you to bypass the malware trying to protect itself so that rkill can terminate Security Central . So, please try running Rkill until malware is no longer running. You will then be able to proceed with the rest of my instructions.

Do not reboot your computer after running rkill as the malware programs will start again.

Then run OTL as above

19

Thanks for joining the topic essexboy.