Seibertron.com Energon Pub Forums

Without my knowledge, my little brother installed the AV Security Suite Scareware/Ransomware.

That **** idiot essentially infected my Windows 7 laptop, which I paid with my own paycheck.

As a result, I cannot access my favorite MMO, the DVD player, among other .exe's.

The fact it blocked me access from System Restore, Malware Bytes (sp?), and CCleaner only worsened matters.

So, any solutions?

You're not going to like what I'm about to say:

Two computers in my house were infected with something similar (AGV, another fake security scanner), and the only way we found to kill the virus was to reformat the computers. It isn't easy but it's the only way we found.

If you find another way to fix it, then do that. you can obviously access internet to get the word out, so see if you can't find another way before you go through the painful process of reformatting.

Only for Windows 7, I managed to disable it by disabling LAN on my Internet Explorer.

I know this is a temporary move, but I don't know if I can remove it from here.

B4ULoveShine wrote:Only for Windows 7, I managed to disable it by disabling LAN on my Internet Explorer.

I know this is a temporary move, but I don't know if I can remove it from here.

I don't know if it's the same thing my sister ended up with, but here's my suggestions. first thing is to restart the computer. When you log in, immediately open up the task manager and watch what programs/processes load. If you're lucky, you can find which program is the hostageware and shut it down before it can take over your session. Beating it to the punch could let you run your cleaner programs and at least get a handle on it.

From there, knowing what exe (note: may be a numerical program name), you should be able to track down the program and delete it as well as remove it from startup using the MSconfig program. Clearing it from the registry is a bit more complicated and better left explained by more knowledgable web sites on goodle.

Try here for instructions on how to get rid of it:
http://www.bleepingcomputer.com/virus-r ... rity-suite

If that doesn't work, there is a free program called Combofix, but you have to be careful with it. I had the same problem as you a few months ago and it cleaned it right up. You MUST start your computer in Safe Mode before running Combofix. Otherwise it will wipe out registry files needed for Windows to run.
http://www.bleepingcomputer.com/combofi ... e-combofix

Ha! Just got rid of it yesterday. This is what I did (and some people might not like it) since it blocks opening Malwarebytes and taskmanager.

1. Remove the shortcut from your startup menu and launch bar if it is there.
2. Reboot windows and open it in safe mode.
3. Go to registry editor, remove the keys as described in the link below.
4. Go to command prompt, go to c:\documents and settings\[usually your windows name here]\application data(this is a hidden folder) and do dir \s *.exe. Find the strange name with .exe and delete the entire folder. Do the same thing fo c:\documnets and settings\[your name]\local settings. Some of the strange name can be found below.
5. Open your internet connection settings and disable (uncheck) the proxy setting.
6. Reboot your windows in normal mode, if you do it right, you shouldn't have it now. Now open Malwarebytes and do the scan again.
7. Good luck.

http://www.411-spyware.com/remove-av-security-suite
http://www.prevx.com/filenames/11043956 ... D.EXE.html

working in a PC repair store, we see this quite regularly.

A much quicker way that we use is to restart your PC in Safe Mode (some malware still functions in safemode) then find and RENAME the Malwarebytes exe file "mbam.exe" to anything (as this is how a lot of these types of viruses block Malwarebytes). You should then be able to double click the renamed mbam.exe and scan as per normal.

Once this is done, reboot back into "normal" windows and run Malwarebytes again, but this time make sure your able to get updates for it online.

...happy hunting