Unremovable Antivirus 2010

Guest

some weeks ago I have

Post by Guest » Tue Nov 23, 2010 6:11 pm

some weeks ago I have downloaded and run a variant of this rogue into a VM running XP
It idisabled antivirus, firewall, task manager, changed important system area, no tools could run.
XP was rootkited as well and freezed.

You cannot expect any antivirus to be 100% effective in cleaning and protection abilities.

Usually booting from a CD/DVD or USB device with a Linux based Rescue CD help a lot.
AVira Rescue CD and Kaspersky Rescue Disk are very good in my opinion

http://support.kaspersky.com/viruses/rescuedisk

How to record Kaspersky Rescue Disk 10 to an USB device and boot my computer from it?

http://support.kaspersky.com/viruses/rescuedisk/all?qid=208282163


Not to count that If you catched a MBR rootkit as well , formatting is useless since Master Boot Record has been compromised

http://en.wikipedia.org/wiki/Master_boot_record

You should ask for help to a specialized security forum.
It is likely they will suggest you to run Combofix, Avenger and other tools which can work even into a compromised system

Why do not to try to ask for help here
http://forums.malwarebytes.org/index.php?s=1bb5815228563e2ff77d766206d91750&showforum=3 ?

Some known security experts will be glad to help you

giedrius
Posts: 1310
Joined: Tue Jul 20, 2010 3:34 pm

Not to count that If you

Post by giedrius » Tue Nov 23, 2010 7:55 pm


Not to count that If you catched a MBR rootkit as well , formatting is useless since Master Boot Record has been compromised

fdisk /mbr from bootable CD usually sorts these out.

c۞g
Posts: 21225
Joined: Mon Jan 05, 2009 4:02 am

@ Reprotected

Post by c۞g » Wed Nov 24, 2010 2:31 am

Did you remember to rename the removal tool files?

example
mbam.exe rename to reprotected.exe or g7w.exe

Reprotected
Posts: 458
Joined: Tue May 27, 2008 9:18 pm

Ransomware...

Post by Reprotected » Wed Nov 24, 2010 2:40 am

Unfortunately, it's good at being one of the best ransomware programs ever. Even a renamed Process Explorer is annihilated by this program.

Reprotected
Posts: 458
Joined: Tue May 27, 2008 9:18 pm

No Registry

Post by Reprotected » Wed Nov 24, 2010 2:47 am

It doesn't scan registry, and even worse; it sucks. If only I can get a hold of an avast! BART CD or a MalwareBytes Anti-Malware boot CD.

c۞g
Posts: 21225
Joined: Mon Jan 05, 2009 4:02 am

source

Post by c۞g » Wed Nov 24, 2010 3:13 am

If you know the source, add the link in a private PM - I'd like a sample of this one.

Guest

Re

Post by Guest » Wed Nov 24, 2010 3:58 am

It doesn't scan registry, and even worse; it sucks. If only I can get a hold of an avast! BART CD or a MalwareBytes Anti-Malware boot CD.

Did you try it?
SARDU has been downloaded over 200.000.000 times and it includes several free Antivirus Rescue CDs

However

http://www.avast.com/bart-cd#tab4

http://www.avast.com/bart-cd-demo-request.php

MalwareBytes Anti-Malware boot CD does not exist

Guest

me too...

Post by Guest » Wed Nov 24, 2010 5:01 am

i am also interested for RnD..post me a link too...

Guest

it doesn't seems...

Post by Guest » Wed Nov 24, 2010 5:03 am

it doesn't seems to me that you are interested in any help i have left you a PM yesterday but you have not replied yet....

Guest

correct as well. If one has

Post by Guest » Wed Nov 24, 2010 5:13 am

correct as well.
If one has a bootable Windows XP/Vista/7 CD/DVD though

I generally refer to
http://www2.gmer.net/mbr/

and I use mbr.exe in safe mode

http://www.gmer.net/#files

Post Reply

Who is online

Users browsing this forum: No registered users and 2 guests