Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Antivirus Studio 2010


  • This topic is locked This topic is locked
2 replies to this topic

#1 GEORGE1937

GEORGE1937

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:03:57 AM

Posted 23 October 2010 - 05:45 PM

My System Consists of the Following:
Windows XP Home Edition
Version 5.1.2600 Service Pack 3 Build 2600
BIOS Version/Date American Megatre3nds Inc. 080012. 10/27/2006\\.\globalroot\device
System Model IL9 Pro
System Type X86-based PC
Total Memory 2.00 GB
Processor x86 Family 15 Model 4 Stepping 3 GenuineIntel ~2992 Mhz

My Computer has been infected by the Antivirus Studio 2010 via E-Mail. I have been trying to eliminate the virus following the instructions posted on "bleepingcomputer" titled "How to remove Antivirus 2010 Studio (Uninstall Guide). First I downloaded "rkill", "explorer.exe","iexplorer.exe" and malwarebytes Anti Malware. The results from each is listed below.

Services Stopped:
Processes terminated by Rkill or while it was running:
\\.\global\device\svchost.exe\svchost.exe
C:\Documents and Settings\George Ingram\Desktop\rkill.com
rkill completed on 10/22/2010

Per Instructions I ran Malwarebytes" Anti-Malware and received the following Error:

An error has occurred. Please report this error code to our support team.

MBAM_ERROR_UPDATING(12007,0,WinHttpSendRequest)

I have removed Antivirus Studio using the control panel change/remove.

I have no internet access on the infected computer.

I have run clamwin free antivirus and included the log files in the attachment.
I also have run avg antivirus and Spybot.

Each re-run still finds unwanted files.

I also receive the following messages:

This one repeats about 4 times at intervals: requiring OK to remove.
ClamWin.exe - Bad Image
(X) The application or DLL C:Windows\sustem32\winsock.dll is not a valid image. Please check this against your installation diskette.


C:\Program Files\Malwarebytes"Anti-Malware\mbam.exe
(X) Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item.

C:\Program Files\Trend Micro\HijaqckThis.exe
(X) Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item.

The initial run of Malwarebytes displayed ok and allowed me to select the full scan option but when I initiated the scan it went away.

Malwarebytesw will now not come when clicked to execute.

I have attempted to run the programs from the start menu and from the copies on CD.

I have also downloaded Combofix but have not attempted to run It per your instructions not to.

I have attempted to use the following Virus scanners.

MCafee
SpyBot
Avg Free
Clamwin

The only one that appears to be still working is Clamwin.

I cannot update any of them since I cant get on the internet.

I am now waiting for help or further instructions. Thank You for the information given so far. Please let me know if further info is needed.

Thanks In Advance

GEORGE1937

Attached Files



BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:08:57 AM

Posted 01 November 2010 - 08:54 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks :thumbup2:
Posted Image
m0le is a proud member of UNITE

#3 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:08:57 AM

Posted 06 November 2010 - 08:00 PM

This topic has been closed.

If you're the topic starter, and need this topic reopened, please contact me via pm with the address of the thread.

Everyone else please begin a New Topic.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users