ceewi1
VIP Member
The infections themselves are updated very frequently. If Malwarebytes' doesn't have the updated version in its database, it will most likely be unable to detect it.
How do I delete anit-virus-1 from my computer?
- Thread starter grampi
- Start date
My only advice to you would be to take the hard drive out and slave it to another system and run a full virus scan on it using AVG or one of the other free ones. I've had to in the past do this exact same procedure to kill things that won't allow combofix, malwarebytes, and superantispyware to run. Once AVG had quarantined the bad infections, I then put the drive back in the original machine and was able to use the other programs to update and then scan the drive.
I completely reformatted my hard drive and reinstalled the operating system. That finally got rid of anti-virus-1. FWIW, Malwarebytes will not detect this virus. Anti-virus-1 was not allowing my computer to download an update of Malwarebytes, so I downloaded the updated version on my daughter's computer, burned it into a CD, then ran the scan on this computer from the CD. Once again it ran through the entire scan without finding a single infection. anti-vitus-1 must be invisable to Malwarebytes. If you're unfortunate enough to end up with this awful virus on your computer, don't waste your time trying to get rid of it with Malwarebytes cause it won't do the trick. You'll have to use other methods to get rid of it.
One scanner will not catch everything, thats why you use multiple scanners which include Malwarebytes, Superantispyware, Combofix, an antivirus program, an online scanner, etc... The 3 that usually work for me is AVG, Malwarebytes, and Combofix.
BUT, according to this page, Malwarebytes does remove this infection.
I noticed in your hijackthis log, that you had some host files that were infected.
O1 - Hosts: 217.20.175.74 www.review.2009softwarereviews.com
O1 - Hosts: 217.20.175.74 review.2009softwarereviews.com
O1 - Hosts: 217.20.175.74 a1.review.zdnet.com
O1 - Hosts: 217.20.175.74 www.d1.reviews.cnet.com
O1 - Hosts: 217.20.175.74 www.reviews.toptenreviews.com
O1 - Hosts: 217.20.175.74 reviews.toptenreviews.com
O1 - Hosts: 217.20.175.74 www.reviews.download.com
O1 - Hosts: 217.20.175.74 reviews.download.com
O1 - Hosts: 217.20.175.74 www.reviews.pcadvisor.c.uk
O1 - Hosts: 217.20.175.74 reviews.pcadvisor.co.uk
O1 - Hosts: 217.20.175.74 www.reviews.pcmag.com
O1 - Hosts: 217.20.175.74 reviews.pcmag.com
O1 - Hosts: 217.20.175.74 www.reviews.pcpro.co.uk
O1 - Hosts: 217.20.175.74 reviews.pcpro.co.uk
O1 - Hosts: 217.20.175.74 www.reviews.reevoo.com
O1 - Hosts: 217.20.175.74 reviews.reevoo.com
O1 - Hosts: 217.20.175.74 www.reviews.riverstreams.co.uk
O1 - Hosts: 217.20.175.74 reviews.riverstreams.co.uk
O1 - Hosts: 217.20.175.74 www.reviews.techradar.com
O1 - Hosts: 217.20.175.74 reviews.techradar.com
Also your combofix log showed a lot of infections still present especially here....
2008-12-17 00:49 6,239 ----a-w c:\documents and settings\Owner\bQE1kvp.exe
2008-12-16 20:13 6,239 ----a-w c:\documents and settings\Hoon\C31efp3.exe
2008-12-05 20:14 6,239 ----a-w c:\documents and settings\Owner\ksdKHsÿ.exe
2008-11-28 19:11 6,239 ----a-w c:\documents and settings\Owner\NndKT77.exe
2008-11-28 17:36 6,239 ----a-w c:\documents and settings\Owner\r23wn22.exe
2008-11-19 20:28 6,239 ----a-w c:\documents and settings\Owner\kp3w68N.exe
2008-11-06 22:57 6,239 ----a-w c:\documents and settings\Owner\jjjJI72.exe
2008-11-06 00:06 6,239 ----a-w c:\documents and settings\Owner\tjv6x6U.exe
2008-11-02 02:56 6,239 ----a-w c:\documents and settings\Owner\RxGlGf7.exe
2008-10-24 00:29 6,239 ----a-w c:\documents and settings\Owner\Gj508ÿO.exe
2008-10-14 12:32 6,239 ----a-w c:\documents and settings\Owner\uedtd3i.exe
2008-10-13 21:44 6,239 ----a-w c:\documents and settings\Owner\nf527Jm.exe
2008-10-13 14:14 6,239 ----a-w c:\documents and settings\Owner\fT1N43V.exe
2008-10-11 14:39 6,239 ----a-w c:\documents and settings\Owner\p4mIlpS.exe
2008-10-11 14:24 6,239 ----a-w c:\documents and settings\Owner\Jr4voQ3.exe
2008-10-04 17:43 6,239 ----a-w c:\documents and settings\Owner\F2k5IGA.exe
2008-10-03 01:51 6,239 ----a-w c:\documents and settings\Owner\NbcU468.exe
2008-09-22 00:40 6,239 ----a-w c:\documents and settings\Hoon\W5mF5xa.exe
2008-09-22 00:12 6,239 ----a-w c:\documents and settings\Owner\xGs0Ju1.exe
2008-09-09 20:51 6,239 ----a-w c:\documents and settings\Owner\lv6KOUg.exe
2008-09-08 17:11 6,239 ----a-w c:\documents and settings\Owner\fw4uddu.exe
2008-09-06 19:01 6,239 ----a-w c:\documents and settings\Hoon\hXUVd2j.exe
2008-09-06 18:54 6,239 ----a-w c:\documents and settings\Hoon\n0fqUiÿ.exe
2008-09-05 00:19 6,239 ----a-w c:\documents and settings\Hoon\deJMv7J.exe
2008-09-02 01:51 6,239 ----a-w c:\documents and settings\Hoon\Nmhk803.exe
2008-09-01 21:00 6,239 ----a-w c:\documents and settings\Owner\PPjQOLÿ.exe
BUT, according to this page, Malwarebytes does remove this infection.
I noticed in your hijackthis log, that you had some host files that were infected.
O1 - Hosts: 217.20.175.74 www.review.2009softwarereviews.com
O1 - Hosts: 217.20.175.74 review.2009softwarereviews.com
O1 - Hosts: 217.20.175.74 a1.review.zdnet.com
O1 - Hosts: 217.20.175.74 www.d1.reviews.cnet.com
O1 - Hosts: 217.20.175.74 www.reviews.toptenreviews.com
O1 - Hosts: 217.20.175.74 reviews.toptenreviews.com
O1 - Hosts: 217.20.175.74 www.reviews.download.com
O1 - Hosts: 217.20.175.74 reviews.download.com
O1 - Hosts: 217.20.175.74 www.reviews.pcadvisor.c.uk
O1 - Hosts: 217.20.175.74 reviews.pcadvisor.co.uk
O1 - Hosts: 217.20.175.74 www.reviews.pcmag.com
O1 - Hosts: 217.20.175.74 reviews.pcmag.com
O1 - Hosts: 217.20.175.74 www.reviews.pcpro.co.uk
O1 - Hosts: 217.20.175.74 reviews.pcpro.co.uk
O1 - Hosts: 217.20.175.74 www.reviews.reevoo.com
O1 - Hosts: 217.20.175.74 reviews.reevoo.com
O1 - Hosts: 217.20.175.74 www.reviews.riverstreams.co.uk
O1 - Hosts: 217.20.175.74 reviews.riverstreams.co.uk
O1 - Hosts: 217.20.175.74 www.reviews.techradar.com
O1 - Hosts: 217.20.175.74 reviews.techradar.com
Also your combofix log showed a lot of infections still present especially here....
2008-12-17 00:49 6,239 ----a-w c:\documents and settings\Owner\bQE1kvp.exe
2008-12-16 20:13 6,239 ----a-w c:\documents and settings\Hoon\C31efp3.exe
2008-12-05 20:14 6,239 ----a-w c:\documents and settings\Owner\ksdKHsÿ.exe
2008-11-28 19:11 6,239 ----a-w c:\documents and settings\Owner\NndKT77.exe
2008-11-28 17:36 6,239 ----a-w c:\documents and settings\Owner\r23wn22.exe
2008-11-19 20:28 6,239 ----a-w c:\documents and settings\Owner\kp3w68N.exe
2008-11-06 22:57 6,239 ----a-w c:\documents and settings\Owner\jjjJI72.exe
2008-11-06 00:06 6,239 ----a-w c:\documents and settings\Owner\tjv6x6U.exe
2008-11-02 02:56 6,239 ----a-w c:\documents and settings\Owner\RxGlGf7.exe
2008-10-24 00:29 6,239 ----a-w c:\documents and settings\Owner\Gj508ÿO.exe
2008-10-14 12:32 6,239 ----a-w c:\documents and settings\Owner\uedtd3i.exe
2008-10-13 21:44 6,239 ----a-w c:\documents and settings\Owner\nf527Jm.exe
2008-10-13 14:14 6,239 ----a-w c:\documents and settings\Owner\fT1N43V.exe
2008-10-11 14:39 6,239 ----a-w c:\documents and settings\Owner\p4mIlpS.exe
2008-10-11 14:24 6,239 ----a-w c:\documents and settings\Owner\Jr4voQ3.exe
2008-10-04 17:43 6,239 ----a-w c:\documents and settings\Owner\F2k5IGA.exe
2008-10-03 01:51 6,239 ----a-w c:\documents and settings\Owner\NbcU468.exe
2008-09-22 00:40 6,239 ----a-w c:\documents and settings\Hoon\W5mF5xa.exe
2008-09-22 00:12 6,239 ----a-w c:\documents and settings\Owner\xGs0Ju1.exe
2008-09-09 20:51 6,239 ----a-w c:\documents and settings\Owner\lv6KOUg.exe
2008-09-08 17:11 6,239 ----a-w c:\documents and settings\Owner\fw4uddu.exe
2008-09-06 19:01 6,239 ----a-w c:\documents and settings\Hoon\hXUVd2j.exe
2008-09-06 18:54 6,239 ----a-w c:\documents and settings\Hoon\n0fqUiÿ.exe
2008-09-05 00:19 6,239 ----a-w c:\documents and settings\Hoon\deJMv7J.exe
2008-09-02 01:51 6,239 ----a-w c:\documents and settings\Hoon\Nmhk803.exe
2008-09-01 21:00 6,239 ----a-w c:\documents and settings\Owner\PPjQOLÿ.exe
olzenkhaw
New Member
Download the Anti-virus-1 removal tool at Softpedia:
http://www.softpedia.com/get/Antivirus/Remove-Anti-Virus-1.shtml or refer the removal guide at http://freeofvirus.blogspot.com/2009/03/anti-virus-1-removal-tool.html
http://www.softpedia.com/get/Antivirus/Remove-Anti-Virus-1.shtml or refer the removal guide at http://freeofvirus.blogspot.com/2009/03/anti-virus-1-removal-tool.html