Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

AntiVirus 2010 removal via TeamViewer Remote Connection


  • Please log in to reply
No replies to this topic

#1 semiotically

semiotically

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:07:43 AM

Posted 19 December 2010 - 02:42 PM

Family member installed AntiVirus 2010 can see in 'remove programs'

I'm using TeamViewer's Remote Desktop Feature & tried to run Rkill & AntiMalware bytes which was 'intercepted' (error message) by virus.

The pre-installed Eset Smart Security finds 1 infected file but can't clean it.

Please excuse grammar/ typos as am currently connected to this computer via remote connection. Will it make a difference running Rkill & Malware Bytes (also A-Squared Free) in Safe Mode? or will the error message reoccur? I would try safe mode though the only member computer literate enough to start in safe mode & get out of safe mode is currently snowed in. I know you might think it easy to use f8 etc when computer starts though AntiVirus 2010 has disabled (! exclamation mark in device manager) the keyboard - tried deleting & reinstalling driver to no avail.

Whilst I wait for Eset Scan to end my question is will RKill & Malware Bytes actually work in Safe Mode?

Also do any of this processes seem suspect - I used print screen feature via Remote desktop to capture their taskmanager:

http://www.semiotically.com/TaskMan.bmp

As maybe I can manually end the process?
Ah, such a niuisance Ps. I'm in Portugal they're in UK :/ please help....

-----------------------------------------------------------------------

UPDATE - ESET FILE - INFECTED
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Shell.HWEventDetector_6595b64144ccf1df_5.2.2.3_x-ww_5390e909\shsvcs.dll

probably a variant of Win32/Kryptik.YQ
trojan - unable to clean

-------------------------------------------------------------------------------

2nd UPDATE

I tried the F-Secure, BitDefender & A-Squared Online Scanners & subsequently the connection to IE was cut.

I will try SafeMode with Networking next time when another member is over & hopefully I can update the installed scanners & use them in safe mode. If this isn't successful would it be possible to use a VPN connection (again TeamViewer) to scan their computer files using the scanner programs on my computer, would this risk speading the virus to me (I have the same Eset Smart Security as part of a 3 licence pack)?

------ -------------------------------------------------------------------------

3rd Update

ok found this:
http://forum.avast.com/index.php?PHPSESSID=280530772807f304ef56f9deab3c830f&topic=55178.0

which seems to use this:
http://www.bleepingcomputer.com/virus-removal/remove-antivirus-vista-2010
then this:
http://www.geekstogo.com/forum/topic/267355-how-to-remove-internet-security/

so will try first then second tomorrow & keep post up-to-date after.

Edited by semiotically, 19 December 2010 - 04:51 PM.


BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users