PDA

View Full Version : Virus HELP ASAP!!!!!


novabrian
01-25-2010, 9:57 PM
Does anyone know how to ger rid of a virus called " Antivirus Live" If you know how to get rid of this explain it to me like your explaining The theory of evolution to a 5 year old!! I'm not computer savvy at all.

jchen76@gmail.com
01-25-2010, 10:12 PM
http://www.malwarebytes.org/mbam.php - download this and install.

If this is the virus. It will try to block it running this program. To bypass the virus blocker. Find the file that will execute the malware bytes program e.g.
\Program Files\Mal\mbam.exe rename the mbam.exe to tram.exe . Double click on the renamed file. This will launch the program, update, scan and get rid of your virus.

If that doesn't do it. These are manual instructions.
http://www.2-spyware.com/remove-antivirus-live.html - read instructions.

Good luck. Got a version of this last month and it was pain to get rid of.

If you get rid of it. Get Kasperesky anti-virus and install that too.

jarhead995
01-25-2010, 10:28 PM
Download those two files up there

restart your computer, but boot in safe mode and proceed to remove.

ojisan
01-25-2010, 10:51 PM
Idiot's (me) process.
Go to your kid's or wife's or friend's PC and download:
http://www.superantispyware.com/?tag=GOOGLE-SUPERANTISPYWARE
Burn it onto a disc.
Go to your computer, start it in regular mode.
Load the disc.
The virus will likely say the download failed.
Shut down.
Restart, keep hitting the F8 key until a screen comes up...one option will be "start in safe mode", select this one.
Go to programs, find the Super Spy program (or whatever you choose to use).
Open the program and run it.
Might take 30-45 minutes.
Once done, shut down and restart as normal.

nickvig
01-25-2010, 11:07 PM
Malwarebytes may not get it completely. I suggest you download spybot as well as spyware blaster to fully protect your machine.

Run spybot and malwarebytes a few times in safe mode. Shut the machine down, restart in safe mode, and re run both scans at least twice. I had that virus a few days ago and it was a PITA to get rid of.

freonr22
01-26-2010, 12:18 AM
ccleaner anyone?

Joe
01-26-2010, 1:22 AM
this virus is a pita. I reformatted

novabrian
01-26-2010, 2:36 PM
It worked!!! Thank you all for your help.My wife was able to fix it with the info you provided.I break the computer and she fixes it.

cgseanp1
01-27-2010, 7:33 PM
It worked!!! Thank you all for your help.My wife was able to fix it with the info you provided.I break the computer and she fixes it.

sounds like you got lucky. I had the same virus, but it kept me from being able to install any virus software. i finally was able to get something installed, but now the dang computer won't turn on. It was older though so maybe that played a part.

IsaacGlass
01-29-2010, 6:51 AM
sounds like you got lucky. I had the same virus, but it kept me from being able to install any virus software. i finally was able to get something installed, but now the dang computer won't turn on. It was older though so maybe that played a part.

You probably had more than one infection or a combination of spy/malware plus virus infection.

biglou
02-09-2010, 10:04 AM
I computer got this same virus yesterday. It wont let me open any security programs or finish downloading malware anti-virus. I have NOD-32, ran a complete scan and it didn't find it. I had to click on it a few times to get open it. I don't have another computer to burn a program and not computer savy. Any help would be grateful.

Uhhlexxxis
02-09-2010, 11:24 AM
this virus is a pita. I reformatted


I keep everything of mine on an external harddrive.. the second my computer goes south with a virus, I just reformat. it's less of a headache and only takes 45 minutes or so.

i leave all the drivers and what not on the external and it's good to go after an hour. runs faster, smoother.

reformat is where it's at!

5150bronco
02-09-2010, 11:34 PM
buy a mac computer. :D

nickvig
02-10-2010, 7:00 AM
I computer got this same virus yesterday. It wont let me open any security programs or finish downloading malware anti-virus. I have NOD-32, ran a complete scan and it didn't find it. I had to click on it a few times to get open it. I don't have another computer to burn a program and not computer savy. Any help would be grateful.

Run it in safe mode.

delisle
02-10-2010, 7:48 AM
buy a mac computer. :D

Yep I got one to sell if interested :hurray:

snypr
02-10-2010, 10:22 AM
1. Make sure you have the latest virus definition tables (updates)
2. Reboot into safe mode
3. Run a complete scan of every attached device including mapped drives, memory, boot sector, etc (also do this on every other computer that is networked (if you have these) as that is where it might be propagating from. If you need further help, let me know.

willm952
02-10-2010, 1:19 PM
Hi,

Ran into this bastard at work on several users computers.

link here: http://www.bleepingcomputer.com/virus-removal/remove-antivirus-live
its got a download button that you can save. save from an uninfected pc to a usb drive then copy to the infected user' machine.
you should be able to copy/run it on infected machine.
the file should be rkill.com or similar.

you'll need to remove these registry keys: but you'll need to be logged in the infected user. this malware is user specific so if you login as user b instead of user a (infected) the behavior is different and so are the reg keys.

random just refers to random letters and/or numbers.
Delete registry values:
HKEY_CURRENT_USER\Software\AvScan
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “RunInvalidSignatures” = “1″
HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Internet Settings “ProxyOverride” = “”
HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Internet Settings “ProxyServer” = “http=127.0.0.1:5555″
HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\Associations “LowRiskFileTypes” = “.exe”
HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\Attachments “SaveZoneInformation” = “1″
HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run “”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run “”
Delete files:
[random]sysguard.exe
HELP:
how to remove harmful files

Delete directories:
%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS]\
%UserProfile%\Local Settings\Application Data\[RANDOM CHARACTERS]\[random]sysguard.exe

you may or may not have sysguard.exe present but the malware is the same.

then you'll download run malware bytes, just let it update then full scan.

hope this helps out.
Does anyone know how to ger rid of a virus called " Antivirus Live" If you know how to get rid of this explain it to me like your explaining The theory of evolution to a 5 year old!! I'm not computer savvy at all.

Blackhawk556
02-10-2010, 10:01 PM
buy a mac computer. :D
No matter how anybody tries to sugar coat it, the results speak for themselves
no11eIx0x6w

biglou
02-11-2010, 9:07 AM
Thanks for all the help. I ran it in Safe Mode and did a full scan with malware bytes. It took a couple hours but found 32 infections. I reran it a second time and it came up clean. I think i'm going to get a external harddrive and do the reformat thing. A lot of good smart people on here, thanks again.

snypr
02-12-2010, 8:54 AM
anytime...if this doesnt get it, ill PM you my number, give me a ring and we'll get it cleaned.