Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Personal Antivirus Infection


  • This topic is locked This topic is locked
14 replies to this topic

#1 chipsummers

chipsummers

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:25 PM

Posted 20 June 2009 - 02:56 PM

Hi I'm new to the forum and could use some help. My PC is infected with the Personal Antivirus malware and I am struggling to remove it. I contacted the support group at Kaspersky and was provided instructions by their rep to use ComboFix combined with a scrip he wrote. I followed his direction and it seems to have helped but failed to completely remove the infection. The PAV menu is gone (at boot-up) as is the PAV icon on the bottom of my screen. Unfortunately, the PAV is still lurking in my Internet Explorer and preventing me from accessing some websites including, but not limited to, my bank.

Can anyone help?

Thanks!

BC AdBot (Login to Remove)

 


#2 acelsolcier

acelsolcier

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Manila , Philippines
  • Local time:05:25 PM

Posted 20 June 2009 - 03:36 PM

Download these Malwarebytes
- Install the application
- If an update is found please update (It will automatically update itself)
- Then Launch Malwarebytes.
- Make sure Perform Quick-Scan is selected then click on Scan.
- Select the Drive you want to Scan.
- When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found". Click OK
- Click Show Results button to see the list of malware found.
- Select everything and click Removed Selected.
- After that there will be a log report and make sure to post it on your next reply.

Note:
If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately.
And disable any antivirus or security programs if you don't know how refer to this link: http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/

Edited by acelsolcier, 20 June 2009 - 03:57 PM.


#3 chipsummers

chipsummers
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:25 PM

Posted 20 June 2009 - 04:07 PM

Thanks for the help, I sincerely appreciate it. I tried using Malwarebytes last night without success. The scan results didn't identify any "malicious files" on my machine. Any other recommendations?

#4 acelsolcier

acelsolcier

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Manila , Philippines
  • Local time:05:25 PM

Posted 20 June 2009 - 04:13 PM

Yes you can try this : Microsoft Online Scan and Malicious Malware Removal

#5 chipsummers

chipsummers
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:25 PM

Posted 20 June 2009 - 04:17 PM

I tried that too without success. Same thing as Malwarebytes.... no malicious files found. Any other ideas?

#6 acelsolcier

acelsolcier

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Manila , Philippines
  • Local time:05:25 PM

Posted 20 June 2009 - 04:32 PM

Can you download these: Personal Antivirus Free Scanner and Remover install it and click on the virus scan.

#7 chipsummers

chipsummers
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:25 PM

Posted 20 June 2009 - 04:53 PM

Okay, I did what you suggested and ran the Spyware Doctor. It identified the items listed below but wouldn't remove them without purchasing the software. I really don't want to do that given that I have already invested $80 in Kaspersky without success.

Here is what Spyware Doctor Found:

44 Application.Tracking.Cookies
12 Adware.Advertising
26 Application.NirCmd
1 Trojan.Generic


Where do I go from here?

#8 acelsolcier

acelsolcier

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Manila , Philippines
  • Local time:05:25 PM

Posted 20 June 2009 - 05:20 PM

Does your MalwareBytes already updated?

Edited by acelsolcier, 20 June 2009 - 05:21 PM.


#9 acelsolcier

acelsolcier

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Manila , Philippines
  • Local time:05:25 PM

Posted 20 June 2009 - 05:23 PM

Make sure that your MalwareBytes are version 1.33 and then post the log

#10 chipsummers

chipsummers
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:25 PM

Posted 20 June 2009 - 06:06 PM

I downloaded Malwarebytes again and ran another scan. The result was the same: "no malicious items were detected". Where do I go from here?

#11 acelsolcier

acelsolcier

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Manila , Philippines
  • Local time:05:25 PM

Posted 20 June 2009 - 06:09 PM

Are you really sure your MalwareBytes is updated refer to this link : http://www.bleepingcomputer.com/virus-remo...sonal-antivirus

#12 chipsummers

chipsummers
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:25 PM

Posted 20 June 2009 - 06:15 PM

I am using Malwarebytes 1.38.

Here is the log:

Malwarebytes' Anti-Malware 1.38
Database version: 2317
Windows 5.1.2600 Service Pack 3

6/20/2009 4:04:05 PM
mbam-log-2009-06-20 (16-04-05).txt

Scan type: Full Scan (C:\|)
Objects scanned: 184199
Time elapsed: 36 minute(s), 16 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#13 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,962 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:06:25 PM

Posted 20 June 2009 - 10:11 PM

Hello chipsummers,

I think we're going in circles here:

I contacted the support group at Kaspersky and was provided instructions by their rep to use ComboFix combined with a scrip he wrote.


Given this, I think your best bet is to post in our HiJack This forum so the disinfection process can be completed.

Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results, click no to the Optional_Scan
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. You can find information on A/V control HERE

Once you have created those logs, then make a NEW TOPIC and post it ==>HERE<== In that topic, include a clear description of the problems you're having, along with any steps you may have performed so far. Also, include a link to your topic at Kaspersky support - I'm assuming you were working in a forum. Please post back here with a link to your new topic once you have made it.

If you cannot produce the DDS logs, then post back here and we will provide you with further instructions.

Orange Blossom :thumbsup:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#14 chipsummers

chipsummers
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:25 PM

Posted 21 June 2009 - 01:24 PM

Thank you very much Orange Blossom. I've run DDS and will now create a new posting.

#15 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,962 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:06:25 PM

Posted 21 June 2009 - 02:24 PM

Hello chipsummers,

I see that you have your new topic posted here: http://www.bleepingcomputer.com/forums/t/235636/having-trouble-removing-personal-antivirus/ and that you already have a response.

To avoid confusion, I am closing this topic. Good luck with your log. You're in good hands.

Orange Blossom :thumbsup:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users