The BullGuard products and services are part of NortonLifeLock Inc., a global leader in consumer Cyber Safety with a portofolio of brands including Norton, Avira and more. Learn more at NortonLifeLock.com

ANTIVIRUS SYSTEM PRO HAS EMEBDDED AND DISABLED ITS UNINSTALLER

Posted 6/6/2009 10:25 PM
#74162
User avatar

sensitive1 Valued member

Date Joined Nov 2016
Total Posts: 11
You helped me a year and a half ago.. Thnx again.. This time around a pop up trojan or virus has embedded itself in my sytem tray. It's name AntiVirus PRO. It claims its demo version has disabled its uninstaller. Itr worked itself around McAfee virus scan. Help me get this !!!! thing off my computer bk it pops up every 10 seconds or so.. Any assistance would be appreciated. Thnx mitch
Posted 6/7/2009 2:48 AM
#74165
User avatar

Jintan Advanced member

Date Joined Nov 2016
Total Posts: 1049
Hello sensitive1,

Before we discuss any steps to be done, please go to your previous post, click the pencil icon in the upper right of the post, and remove your email address. Spambot harvesters read those from websites and add them to spam lists.


Then let's see what all is there, and start some repairs after.


To keep them from interfering with the repairs, be sure to temporarily disable all antivirus/anti-spyware softwares while these steps are being completed. This can usually be done through right clicking the software's Taskbar icons, or accessing each software through Start - Programs.


Download RSIT (random's system information tool) from here to your desktop, then click on the RSIT.exe to start the scan.

If necessary allow it to locate or download a copy of HijackThis as needed.

Once the scan completes a textbox will open - copy/paste those contents here for review please. The log can also be found at C:\rsit\log.txt.

RSIT will also create a second log, info.txt, which will be minimized to your taskbar. Post that here as well please (it will also be stored at C:\rsit\info.txt).

You can break logs into parts and use separate posts here when replying and posting the log files, if needed.

--------------

Also click here and download the installer for Gmer to your desktop, then click that file to run Gmer.


If on it's opening scan Gmer locates items shown in red or indicates "hidden" or "rootkit", stop there, and click on the Copy button and rightclick on your Desktop, choose "New" > Text document. Once the file is created, open it and rightclick again and choose Paste. Copy the information and post it here please. We don't want any crashes just from taking an initial look at things.

If not, then click on Scan (before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan).

When completed, click on the Copy button and rightclick on your Desktop, choose "New" > Text document. Once the file is created, open it and rightclick again and choose Paste. Copy the information and post it here please.
Posted 6/7/2009 11:57 AM
#74177
User avatar

sensitive1 Valued member

Date Joined Nov 2016
Total Posts: 11
Whew sounds complicated , but I'll get started.
Posted 6/7/2009 12:12 PM
#74183
User avatar

Jintan Advanced member

Date Joined Nov 2016
Total Posts: 1049
If you check some other threads I have responded to you will see how it is done, and really not all that difficult to complete. Click RSIT.exe, it does the work and you post those two logs. And click Gmer, click Scan and again it does what it is set to do and you post the log. One, two, three.
Posted 6/9/2009 4:45 AM
#74237
User avatar

sensitive1 Valued member

Date Joined Nov 2016
Total Posts: 11
Thnx I will wait till weekend. this will give family time to get final projects on computer before war begins..
Posted 6/9/2009 4:34 PM
#74256
User avatar

Jintan Advanced member

Date Joined Nov 2016
Total Posts: 1049
If the system really is very infected you will want to minimize any online activities, to avoid the malware gaining more ground as well as to minimize issues like data theft. But post when ready.
Posted 6/21/2009 1:21 AM
#74525
User avatar

Jintan Advanced member

Date Joined Nov 2016
Total Posts: 1049
Antispy, as a few of us are volunteering our time and knowledge to help folks here, your spamming that link to that meaningless affiliate click-profit "pcindanger.com" is truly not looked upon kindly. And in checking that site I see it offers downloads to rogue softwares like Adware Alert (see Emisoft/a-squared software's real info page here on that). So you are spamming a link to a potential malware download site. Let's see if a Moderator or Administrator can't just delete your spam posts so we can continue to help here without spammer interruptions.
Posted 6/21/2009 2:37 AM
#74528
User avatar

sensitive1 Valued member

Date Joined Nov 2016
Total Posts: 11
Kids are home from college using computer. I am just waiting till after



Fathers Day before I start the process since they are using computer.



Anti virus has been eleiminated or diffused via Kaspersky Anti virus and malwarebytes. But I can tell it's stilllurking bk computer has a host of issues..



After Father's Day it's on..
Posted 6/21/2009 3:59 AM
#74534
User avatar

Jintan Advanced member

Date Joined Nov 2016
Total Posts: 1049
That will be fine - enjoy the time.
Posted 7/7/2009 6:10 PM
#74943
User avatar

viruskiller1 Member

Date Joined Nov 2016
Total Posts: 1
if you want to manually remove it, you have to first find and kill the .exe process
then, you have to go delete all of the files and folders associated with antivirus system pro
finally, you have to go into your registry and delete all the remains of the virus

I was able to remove it by trying a free virus scan at Antivirus System PRO which found the virus and a bunch of other malware and I just paid $36 to remove all of the stuff

the manual method works too, check out the site for more detailed explanation and exactly what files to delete.. etc.

good luck :)
Posted 7/7/2009 10:20 PM
#74952
User avatar

Jintan Advanced member

Date Joined Nov 2016
Total Posts: 1049
Other than that being some rogue garbage software there viruskiller1, let me see if I can't get a Moderator to manually remove you and your spam posts.

This thread seems to be attracting replies from everyone but you sensitive1. Do you still plan on following up here?
  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Monday, July 4, 2022, 7:15 AM (GMT +2)
There are a total of 61,974 posts in 13,697 threads.
In the last 3 days there were 0 new threads and 0 reply posts.

Who's online

This forum has 38,684 registered members. Please welcome our newest member, james44.
41 Guest(s), 0 Registered Member(s) are currently online.