Go Back   nV News Forums > Software Forums > Networking And Security

Newegg Daily Deals

Reply
 
Thread Tools
Old 06-14-09, 07:32 PM   #1
XDanger
Whaaat?
 
XDanger's Avatar
 
Join Date: Nov 2005
Posts: 5,723
Default Having fun with "Personal Antivirus"

Has anyone had any experience with this one?

I'm having trouble getting any program to run to get rid of the thing

Ive tried some recovery cd but didn't find anything ???

The references to reg keys on the interweb seem to be old versions so I'm not sure if I got everything...


attempting to boot into safe mode gives a bsod

Malwarebytes wont install properly.
__________________
2500K 4.4ghz,P8P67Pro,120gb Force3, 12gb Vengeance,R9290,TX850v2,W7HP,LaCie Blue 22" crt COMMODORE 64 Silver Label 1Mhz/128D 4Mhz(Z80)
XDanger is offline   Reply With Quote
Old 06-14-09, 09:54 PM   #2
AthlonXP1800
Registered User
 
AthlonXP1800's Avatar
 
Join Date: Jan 2003
Location: United Kingdom
Posts: 4,352
Default Re: Having fun with "Personal Antivirus"

Try this guide to remove Personal Antivirus.

http://www.spywarevoid.com/personal-...antivirus.html
__________________
Intel Core i7 3770K, Corsair H80 liquid cooler with Noctua S12-1200 fan, ASUS P8Z77V with UEFI 2104, 16GB Samsung Green 30nm DDR3-RAM, Pioneer BDR-S09XLT 16x Blu-ray writer, Corsair AX850 PSU, Western Digital 2TB SATA3 hard drive, CanonScan LiDE 210 scanner, Microsoft Internet Keyboard, Microsoft Touch Explorer mouse, 32inch Sharp LC32LE600 LED TV, EVGA Geforce GTX 670 SC 4GB with Geforce 370.50 driver, 50Mb broadband Virgin Media VMDG480 Super Hub, Aspire Xplorer Midi Tower, Windows 8.1 Pro 64bit.
AthlonXP1800 is offline   Reply With Quote
Old 06-15-09, 06:37 AM   #3
bacon12
Registered User
 
bacon12's Avatar
 
Join Date: Jul 2007
Posts: 3,532
Default Re: Having fun with "Personal Antivirus"

Rename malwarebytes.exe to something like fix.exe and see if it will run.
bacon12 is offline   Reply With Quote
Old 06-15-09, 07:23 AM   #4
Revs
Registered User
 
Join Date: May 2007
Location: UK
Posts: 6,365
Default Re: Having fun with "Personal Antivirus"

^ Reported
Revs is offline   Reply With Quote
Old 06-15-09, 02:19 PM   #5
XDanger
Whaaat?
 
XDanger's Avatar
 
Join Date: Nov 2005
Posts: 5,723
Default Re: Having fun with "Personal Antivirus"

I would just re-install but she's got office 2007 on there.

Malwarebytes managed to install ,but It still wont run.

I don't trust spyhunter.

I tried Kaspersky Rescue Disk and it found nada ,I'm gonna try Antivir.
__________________
2500K 4.4ghz,P8P67Pro,120gb Force3, 12gb Vengeance,R9290,TX850v2,W7HP,LaCie Blue 22" crt COMMODORE 64 Silver Label 1Mhz/128D 4Mhz(Z80)
XDanger is offline   Reply With Quote
Old 06-15-09, 02:52 PM   #6
ninelven
Registered User
 
Join Date: Jan 2003
Posts: 132
Default Re: Having fun with "Personal Antivirus"

Give SuperAntiSpyware a try.

Could be rootkitted, in which case you will probably want to use something like HijackThis.
ninelven is offline   Reply With Quote
Old 06-15-09, 03:20 PM   #7
bacon12
Registered User
 
bacon12's Avatar
 
Join Date: Jul 2007
Posts: 3,532
Default Re: Having fun with "Personal Antivirus"

Quote:
Originally Posted by XDanger View Post
I would just re-install but she's got office 2007 on there.

Malwarebytes managed to install ,but It still wont run.

I don't trust spyhunter.

I tried Kaspersky Rescue Disk and it found nada ,I'm gonna try Antivir.
Any well written piece of malware will prevent you from running some av suites. DId you try renaming the .exe like I suggested?
bacon12 is offline   Reply With Quote
Old 06-15-09, 03:46 PM   #8
XDanger
Whaaat?
 
XDanger's Avatar
 
Join Date: Nov 2005
Posts: 5,723
Default Re: Having fun with "Personal Antivirus"

Quote:
Originally Posted by bacon12 View Post
Any well written piece of malware will prevent you from running some av suites. DId you try renaming the .exe like I suggested?
But that doesn't apply to bootable linux based rescue disks does it? ,I will try the .exe thing next.



I think the Avira cd is having some success.

edit :
SUCCESS!!, I don't know how badly PAV ****ed up the PC though ,I set Avira to just delete the bad stuff
__________________
2500K 4.4ghz,P8P67Pro,120gb Force3, 12gb Vengeance,R9290,TX850v2,W7HP,LaCie Blue 22" crt COMMODORE 64 Silver Label 1Mhz/128D 4Mhz(Z80)
XDanger is offline   Reply With Quote

Old 06-28-09, 10:43 PM   #9
TheBigOne
Taking over the universe
 
TheBigOne's Avatar
 
Join Date: Dec 2007
Location: Chicago
Posts: 283
Default Re: Having fun with "Personal Antivirus"

Chance's of Rootkits and other virus still on your system are great Before cleaning you system do a ctrl+alt+del look at your processes, If you see Reader_S or Virut win*32 running don't bother going any futher, backup your data and lowlevel format you drive there no fixed.
Reason
Unfortunately, the virus you have infects every .exe and .scr (actually an executable) file on your system, and when you scan with a virus scanner, it will normally delete it as uncleanable. Eventually you end up loosing more and more files. The only viable alternative is to format the system. You will need to backup your important files before a format and reinstall, but you can not backup any .exe or .scr files, because they are infected. And as I already explained, Virut infects every exe. This means that you may not delete these files, but they should be disinfected. And since it's a buggy virus, the files cannot be properly disinfected.


Now if you don't have this virus and running Windows XP (Running Vista better to do a reload since combofix or most software won't run)
1. Mount the harddrive to another machine delete any 1256hg.exe or any weird .exe in your root directory or system32 folder or run AVG FREE and run full scan it will find them.
2. Put harddrive back into you machine then go to safemode with networking run malwarebytes sure run with no problems, do updates and do full scan.
3. Then download and run Combofix it free.
4. Then download and run a-squared Free 4.5 does better job then most antivirus do full scan.
5. Then type MSCONFIG look at your startup uncheck all unnecessary processes
6. Boot system into normal mode download and run mcafee rootkit detective looks for hidden processes.
7. Deleted any temp files
8. You system sure be fully cleaned and running good.
__________________
Quote:
Originally Posted by Mr Bigman
I battle this universe for 6.5 billion people, i don't need to babysit.
Main System
Asus P6T, Intel I7 965 extreme 3.2 ghz
12gb CORSAIR DDR3 1600
2X 256gb Samsung SSD Raid 0, 1x 1.5tb seagate
2x XFX 4890 Crossfire
Visiontek 650 TvTuner, Sound X-Fi Titanium Fata1ity
LG GBW-H20L Blu-ray, Samsung SH-S203N DVD-RW
OCZ ProXStream 1000w, Case Coolermaster HAF 932
swifttech 655 pump, Apogee GTZ Ci7, MCR220-QP,
ek-fc4890 x2 video waterblocks Antec vers elite disply
Sunbeam 4ch 20w fan controller

Mediacenter
MSI K9A2 Platinum, AMD 9950 X4 Phenom
8gb dominator 1066MHZ
2x500gb Western digital raid 0, 2x1tb Western digtal
1x EVGA 250 videocard
hauppuage 1600 TV Tuner, Creative X-FI
LG GBW-H20L Blu-ray, Silverstone 650w PSU
Netgear wifi a/b/g/n card
TheBigOne is offline   Reply With Quote
Old 06-29-09, 06:24 PM   #10
XDanger
Whaaat?
 
XDanger's Avatar
 
Join Date: Nov 2005
Posts: 5,723
Default Re: Having fun with "Personal Antivirus"

Quote:
Originally Posted by TheBigOne View Post
Chance's of Rootkits and other virus still on your system are great Before cleaning you system do a ctrl+alt+del look at your processes, If you see Reader_S or Virut win*32 running don't bother going any futher, backup your data and lowlevel format you drive there no fixed.
Reason
Unfortunately, the virus you have infects every .exe and .scr (actually an executable) file on your system, and when you scan with a virus scanner, it will normally delete it as uncleanable. Eventually you end up loosing more and more files. The only viable alternative is to format the system. You will need to backup your important files before a format and reinstall, but you can not backup any .exe or .scr files, because they are infected. And as I already explained, Virut infects every exe. This means that you may not delete these files, but they should be disinfected. And since it's a buggy virus, the files cannot be properly disinfected.


Now if you don't have this virus and running Windows XP (Running Vista better to do a reload since combofix or most software won't run)
1. Mount the harddrive to another machine delete any 1256hg.exe or any weird .exe in your root directory or system32 folder or run AVG FREE and run full scan it will find them.
2. Put harddrive back into you machine then go to safemode with networking run malwarebytes sure run with no problems, do updates and do full scan.
3. Then download and run Combofix it free.
4. Then download and run a-squared Free 4.5 does better job then most antivirus do full scan.
5. Then type MSCONFIG look at your startup uncheck all unnecessary processes
6. Boot system into normal mode download and run mcafee rootkit detective looks for hidden processes.
7. Deleted any temp files
8. You system sure be fully cleaned and running good.
The PC is back with the owner now (who I don't really care for anyway) But If any bad stuff shows its face I'll be sure to do what you said there.

They'll probably be doing their evil silently though...
__________________
2500K 4.4ghz,P8P67Pro,120gb Force3, 12gb Vengeance,R9290,TX850v2,W7HP,LaCie Blue 22" crt COMMODORE 64 Silver Label 1Mhz/128D 4Mhz(Z80)
XDanger is offline   Reply With Quote
Reply


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -5. The time now is 12:05 PM.


Powered by vBulletin® Version 3.7.1
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Copyright 1998 - 2014, nV News.