Use a Flash Drive to Rescue a Malware-Infested PC ( Antivirus Live )

Bnet ^ | 1/30/2010 | Rick Broida

[dr_lew]

There’s a particularly nasty virus making the rounds right now. It’s informally known as the Antivirus Live virus, as it bombards your PC with scary, real-looking security warnings and masquerades as a program — Antivirus Live (pictured) — that can protect and repair your system.

[foolishboi]

Trouble with Avira is that the free version doesn’t scan emails

[kempo]

Read post 36

[kempo]

Make sure you update malwarebytes everytime before you run a scan.

[HalfFull]

mark

[xone]

ph

[Electric Graffiti]

This is the first malware script I’ve been infected with in 10 years.

It was simple to get rid of....First I unplugged my network cable then shut down the computer. Since it won’t let you open any executable programs after it boots up into memory, after restart, I immediately opened MSCONFIG and disabled it under the startup tab. Rebooted and it was gone. Searched for all remnants and removed them. Fixed the corrupt proxy setting with Hijack this!. 15 minutes tops....Harmless bugger.

[foolishboi]

“This is the first malware script I’ve been infected with in 10 years.”

You must not surf the net much, or you have incredible luck.

[Electric Graffiti]

Actually I don’t think I’ve had a virus, trojan, worm, malware, script ever until this one and I’ve been online since Al Gore invented the internet. I don’t use an Anti-virus either. ;)

[SeeRushToldU_So]

My brother in law, small cash register co owner, used the quick(grace) method to rid a customer of this bug.

I couldn’t get to the control panel on one of my customers PC. I booted to safe mode and used a flash drive to install Malwarebytes. I also ran the program from safe mode. Cleared it right up.

[PubliusMM]

Ping for later.

[muir_redwoods]

This is also (or used to be)known as RapidAntivirus and it is horrible. I spent the better part of a weekend about a year ago trying to get rid of it. As the author indicates, it prevent the downloading of the removal tool so it was a pain.

Using the flashdrive is a great idea

[foolishboi]

“I’ve been online since Al Gore invented the internet.”

LOL, Well God Bless, and I hope your luck holds out.

[northwinds]

@dr_lew: Thanks for the advice....I am now posting from my previously infected PC. Best Buys wanted $200 for what you and other Freepers helped me do in about an hour. But I did kind of back into the “fix”. Like you I put the flash drive with the downloaded program in before I started the “safe mode” start-up. Then I couldn’t get out of “safe-mode” without going through the “restore” process. I restored to a date prior to the trojan/virus showing up and everything is now fine. I guess there’s more than one way to “skin a rabbit”. Since I am pretty computer/software illiterate I am pretty darn proud of myself today. Thanks again for starting this thread.

[foolishboi]

“I restored to a date prior to the trojan/virus showing up and everything is now fine.”

Very fortunate, most virus disable the sys restore functionality, even in safe mode.

[MediaMole]

There is a version of this called Malware Defense that installs a rootkit on your PC. The rootkit has to be disposed of before you can remove the infection.

The rootkit can be killed with a program called TDSS Killer found at the Kaspersky antivirus site. You’ll need to download it on a different computer, then transfer it on a thumb drive.

Once you’ve run the TDSSKiller, the real AV software will come back and you can download and run Malware Bytes to get rid of the infection.

My mom’s PC was infected with this garbage. It shut off her antivirus and bombarded her with popups, shutting off everything except an IE window that went to the page where she could purchase the “full version” of this virus. Luckily, she called me before she entered a credit card.

[Jack Hydrazine]

I got that crap and had to use AVG anti-virus. Then it came back and I used PC Tools anti-virus software called Spyware Doctor. It’s gone for good now!!!!

[Travis McGee]

Thanks, I’ll try that next time.

[McGruff]

What this programs does:

Antivirus Live is a rogue anti-spyware and ransomware program from the same family as Antivirus System Pro. This infection is installed on your computer through Trojans that install it automatically without your permission. Once installed, Antivirus Live will be configured to start automatically when Windows starts. Once running it will scan your computer and display numerous infections, but will state it will not remove them until you purchase the program. In reality, the scan results it detects are all fake and do not actually exist on your computer.

Tools Needed for this fix:

• Malwarebytes' Anti-Malware

Both my son and Mother In Law have had this type of virus. My advise. Install Malwarebytes' Anti-Malware before you have the problem and update it once in a while.

[Bloody Sam Roberts]

Hmmm...looks suspiciously very similar to the AVG Free interface.

[Darnright]

Thanks for posting this. I have a Mac, but DH has a Dell.