I've poured over this site and the internet trying to find a solution and I seem to either have multiple malware programs or a bizarre variant of one of them. What follows is a detailed account of the specific problems I noticed and I suppose I might as well mention right up front that I have already read from this website the how-to guides for removing:
-Antivirus System Pro (including manual removal)
-I followed this guide: http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/
Let me start at the beginning when I first noticed a problem on my PC and go from there.
When I first logged in I got a message saying that 'windows has encountered a critical error and will now shut down'. After multiple restarts I got the following message:
(error message header) b.exe Application Error
The application failed to initialize properly (0xc0000142). Click OK to terminate the application.
So after fighting this thing for a while I realized that the only way I could get my computer to start up was to immediately hit control+alt+delete after entering my login pw which seems to screw up the b.exe's startup and results in the error message above. Unfortunately that only gets me onto the computer - b.exe is still active. I can find this item in my processes tab and shut it down but the malware is still there.
So far nothing has worked. What I know so far is that I have the b.exe and Antivirus System Pro malware trojan because I get the idiotic spam about my computer being infected and how this glorious program "Antivirus System Pro" will solve it all, BUT System Pro is acting exactly like what is described under Police Pro in that it is disabling all of my programs including Sys mechanic, AVG, Malwarebytes, PC Doctor, rootrepeal, (even dds) and anything else I attempt to run to kill it. They might start running once for a few seconds after an initial install but quickly shut down and won't re-open. I have tried doing this in safe mode with networking as well as normal mode. The message I get is the following:
"Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item."
So I'm stonewalled from doing anything. The problem is that in my processes I have no idea what to look for in order to try the fix listed for Police Pro because there are no obvious program names listed (not obvious to me anyway) like that which would identify the virus. The applications tab is also empty. What I can identify and stop (under the processes tab) is b.exe but that only seems to be a fraction of the problem. I tried the manual deletion of the infected files listed on the Antivirus System Pro thread but when I even highlight the files the virus goes berserk and iolo blocked 800+ fake warning messages. I tried everything I could think of but couldn't get past the virus telling me I don't have the proper access to remove those files. I was able to run a full system scan with Iolo but it could not find the virus. Any help would be hugely appreciated.
Addendum: I've noticed it doesn't take long for b.exe to reappear in the processes tab once I close it.
Edited by brandtguy, 22 October 2009 - 03:03 AM.