Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

windows antivirus 2008 extreme (disabled malware bytes anti malware) 2

Status
Not open for further replies.
electronicsfreak

electronicsfreak

Technical User
Sep 2, 2004
2,509
0
0
US
Ok, I have been helping a friend when I have time. She lives a few states away from me, so I have been using realvnc to go through and clean it out. Well 99 percent of the computers I work on, as I do this all the time, I clean without any problems.

However, I have just got defeated. This antivirus 2008 has completely disabled every program except antivir and avg anti rootkit. I can find the files with avg anti rootkit, remove them, but they come right back.

Malware bytes anti malware, super anti spyware, both are disabled. Meaning, you can not open them. I have found its files, used bart pe to delete them, or delete what I thought was some of its files. They come back. I have manually searched the registry and deleted keys, they have come back. So I figured it was time to come back to people who have more experience on this than me.

Any ideas? By the way hijackthis does little good in this scenario, as it only brings up its fake temp files that are changed everytime you delete them. Similar to cool web search on how it acts. These files below are not all of them, just some of the ones ive found. I hate when it happens, but I have been defeated.

svnshost.exe (has a weird symbol that shows up above the n)

svschost.exe

tdsspxoe.sys

There is a point in wisdom and knowledge that when you reach it, you exceed what is considered possible - Jason Schoon
 
Sort by date Sort by votes
Have you tried running your AV Programs in safe mode?

Failing this. Malwarebytes can be run from a bootable CD. there have been some recent posts on how to set this up.

You can also try
Combofix

and
SDFix

Make sure you read and understand the implications of using these, as they work a very low level.


Steve: N.M.N.F.
If something is popular, it must be wrong: Mark Twain
 
Upvote 0 Downvote
I will be giving those a try. I tried the antivir rescue cd about a week ago. Problem with it, since she was on lcd, the scan part was off the screen. You could not get to it. So that kind of stopped us from using that cd lol.

I will post back when I get a chance.

Thanks a lot for all the input, really.

There is a point in wisdom and knowledge that when you reach it, you exceed what is considered possible - Jason Schoon
 
Upvote 0 Downvote
You can run the Dr. Web live CD in text mode (rather than gui) to solve your monitor problem.
 
Upvote 0 Downvote
She got the dr. web live cd to work. It appears to have worked as all other programs are opening now. She is scanning with the others now. I'll post back with the results as I find out. Thanks again for the help!

There is a point in wisdom and knowledge that when you reach it, you exceed what is considered possible - Jason Schoon
 
Upvote 0 Downvote
I typically remove the infected hard drive and attach it to another computer using an IDE/Sata to USB Adapter and use Malwarebytes Anti-Malware, AVG Anti-Virus and Microsoft Windows Defender Anti-Spyware to eradicate those pesky varmits. A bit of extra work, sure, but nearly 100% successful. Of course I'm a tech support guy, I know most home users don't have the tools we use typically use on the job, but just wanted to share this info.
 
Upvote 0 Downvote
Yeah, I would have as well, however, if you notice, the client lives 3 states away lol. I was using a vnc connection to work on it.

There is a point in wisdom and knowledge that when you reach it, you exceed what is considered possible - Jason Schoon
 
Upvote 0 Downvote
Another thing, slaving the drive and running programs that way is a last resort. As many of times, running programs like that can cause problems.

There is a point in wisdom and knowledge that when you reach it, you exceed what is considered possible - Jason Schoon
 
Upvote 0 Downvote
Ok, its officially clean now. Thought id let you guys know.

Thanks again!!

Learned new things over that experience lol.

There is a point in wisdom and knowledge that when you reach it, you exceed what is considered possible - Jason Schoon
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

iambob
  • Locked
  • Question
Avast Anti-Virus is.. a virus?! 3
Replies
5
Views
99
Oorde
Oorde
2ffat
  • Locked
  • News
MalwareBytes may have been hacked
Replies
0
Views
43
2ffat
2ffat
goombawaho
  • Locked
  • News
Malware Injected Into CCleaner 3
Replies
2
Views
51
goombawaho
goombawaho
Henry Pence
  • Locked
  • Question
Is Norton Antivirus Necessary?
Replies
2
Views
64
Henry Pence
Henry Pence
shivajiboss
  • Locked
  • Question
I am getting a problem while opening up my windows
Replies
1
Views
79
2ffat
2ffat

Part and Inventory Search

Sponsor

Back
Top