PDA

View Full Version : "Antivirus live" -unwanted programme



arko
20-12-2009, 10:40 AM
Hi all. My laptop has been invaded by the above programme.
It clogs up my laptop with warning messages of spyware etc affecting the laptop and keeps trying to tell me that all my other anti virus programmes arnt working, that going to Google is an unsafe site and the only way to fix this is to give them money to download their product (yeah right).

Anyway I can seem to get rid of it??

Any help here please. Cheers Al

Speedy Gonzales
20-12-2009, 10:49 AM
Disable system restore / or boot into safe mode / networking, post a hijackthis log. Do a full scan with malwarebytes

wainuitech
20-12-2009, 11:09 AM
Go to This site (http://www.bleepingcomputer.com/virus-removal/remove-antivirus-live) there are full instructions on how to remove it.

Theres is a program you HAVE to use to kill the process first, #7, ( rkill.com link) its a small file -- safe mode wont kill it. I had this on a customers PC last week, took 9 runs from memory of that program to finally kill the process.

It will also change your internet connection details, instructions there also as how to restore them.

wainuitech
20-12-2009, 11:34 AM
Add to above -- make sure you run Malwarebytes in FULL SCAN mode, quick will miss plenty.

After thats run, from my sig, download and install Spybot S&D - run that as well, it will detect items malwarebytes misses.

arko
20-12-2009, 11:54 AM
Thanks guys, this thing is killing me -wont let me download anything on internet and just has multiple warning messages that clogs everything up
Will keep trying

Speedy Gonzales
20-12-2009, 11:54 AM
Boot into safe mode / networking and see if you can download whatever

wainuitech
20-12-2009, 12:50 PM
Make sure system restore is disabled first.

You download the programs Malwarebytes & rkill.com on another PC to a USB drive, copy the rkill across to the desktop, run it, go into IE settings as per that site I linked, change back the IE settings - install/ run malwarebytes - update it, then get Spybot - run that.

Depending on the amount of data and speed of the PC can easily take an hour or more to run FULL scans (each program).

This infection also runs in safe mode so half the time safe mode is hopeless.