In my day job, I’m a one man IT shop for a 50 user company, so I’ve seen a fair number for dirty machines. Machines with malware, viruses, trojans and root kits. Usually, I am able to cleanup the machines and return them to service. Until now. Real-Av has gotten of a few of my machines and I had to resort to format/reload Windows.
Real-AV is not nice. It renames system files and folders, prevents normal AV programs from running, locks into the WinLogon process, Windows boot process, changes the wallpaper and creates fake AV buttons. Once the machine is infected, clicking on just about anything causes the program to run.
Real-AV is immune to Norton Antivirus, ClamwinAV, Spybot S&D, discovery with CCleaner and manually going through files and RegEdit; however, MalwareBytes is able to remove it!
Real-AV is able to prevent MalwareBytes from running, but simply renaming the mbam.exe file to something else took care of the problem.
The only weird thing I ran into wat that during the installation, MalwareBytes sat for 5 mintues at the “Finishing Installation”. Maybe it was Real-AV, maybe not, but it did installation complete and it did a fantastic job!
Edited to Add: MalwareBytes works great to remove AntiVirus 360 (A360) Also!