Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Issues Removing Antivirus Action Malware


  • This topic is locked This topic is locked
2 replies to this topic

#1 coot66

coot66

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:12:57 AM

Posted 05 December 2010 - 03:55 AM

Hi,

I came across this useful guide and tried using it to remove the Antivirus Action malware that found its way on my computer earlier today. I followed it step-by-step, however, am still getting attacked upon logging in :angry:

Steps I took:
1) Run Safe Mode
2) Run RKILL via iExplore
3) Install Malwarebytes and run a full scan, deleting the infected files
4) Restarting as requested

This is where things may have gone awry- when the machine restarted, Windows launched normally (not in safe mode), however, I assumed that Malwarebytes would still run as normal. Unfortunately, it didn't. Windows gave me the message that it blocked some programs from starting up (i.e. Malwarebytes) and the Antivirus Action was doing its thing- pop-ups in the form of Windows messages, scary things next to the Start bar, etc. I thought this may be due to the host file step which I promptly completed, however, that didn't change anything.

I'd love to get some help on getting this resolved. The only way I'm able to get online and browse is by running RKILL and changing system settings in Chrome to not use the proxy setting any more. Whatever help you can provide will be much appreciated!

Thanks!

Edited by coot66, 05 December 2010 - 04:01 AM.


BC AdBot (Login to Remove)

 


#2 snemelk

snemelk

    inżynier


  • Malware Response Team
  • 1,468 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Poland
  • Local time:07:57 AM

Posted 12 December 2010 - 12:53 PM

Hi coot66, and welcome to Bleeping Computer.

I need to see a detailed logfile before we proceed...

Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your Desktop.

    NOTE: Before scanning, make sure all other running programs are closed.
    There shouldn't be any scheduled antivirus scans running while the scan is being performed.
    Do not use your computer for anything else during the scan.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • >>Post the contents of both DDS.txt and Attach.txt into the thread.<<
  • Close the program window, and delete the program from your Desktop.

Posted Image
snemelk.hekko.pl - my site with a few computer security tips...
Silesia - that's where I live!

"If I had some duct tape, I could fix that." - MacGyver


#3 snemelk

snemelk

    inżynier


  • Malware Response Team
  • 1,468 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Poland
  • Local time:07:57 AM

Posted 26 December 2010 - 10:23 AM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, just send me a PM (Send message from my profile) with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
Posted Image
snemelk.hekko.pl - my site with a few computer security tips...
Silesia - that's where I live!

"If I had some duct tape, I could fix that." - MacGyver





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users