Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Remove Antivirus Action


  • Please log in to reply
1 reply to this topic

#1 CharW

CharW

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:45 AM

Posted 06 December 2010 - 10:14 PM

I have use the instructions posted (http://www.bleepingcomputer.com/virus-removal/remove-antivirus-action) to Remove Antivirus Action. My issues is that I could not login as the original user (where the malware occurred) when I boot in safe mode. XP only appears to be presenting administrator logins not limited users. It knows about the user but does not let you log in as that use. I completed the removal process as an administrator and it appeared to work. But logging back in as the user the malware was still present. Did the removal fail because I could not run the full process under the user experiencing the malware? How do I proceed to remove the Antivirus Action malware?

BC AdBot (Login to Remove)

 


#2 CharW

CharW
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:45 AM

Posted 08 December 2010 - 07:31 AM

Problem is resolved. I logged back in normally as admin (given the malware was not executed yet this worked). Changed the account with the problem to an admin account. Booted into safe mode, logged in under the problem account, and continued the removal process. Note I had to run the Rkill program multiple times (3x) to stop all processes. Then ran Malwarebytes' Anti-Malware program. Also note I had to update teh Malwarebytes' Anti-Malware program prior to booting in safe mode (once in safe mode I could not access the internet over my home network). After the last step of replacing the HOST file. The system appears to be operating properly -- Thank you Bleeping Computer.com! :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users