Antivirus system pro?!?

Question:

2009-11-24 18:04:15 UTC

I have a computer infected with the malware or whatever, called Antivirus System Pro. I am using another computer to write this because I cannot connect to the internet on the infected computer. I have looked into procedures to remove the infection. I cannot download the necessary remover tools because it won't let me connect to the internet. I have even tried removing the "processes", "registry codes", and files but I cannot even find them to delete them.

Please help me!

Thirteen answers:

2009-11-24 18:12:21 UTC

Read this free guide, use tools. @

Rachel

2009-11-26 05:08:14 UTC

I tried many things to get rid of this. Luckily I was able to access the Internet and find some guides. Most were no help. Many said to access the Task Manager. ASP killed just about every process I tried: Task Manager, my antivirus program, Windows search, System Restore, etc. I was able to somehow download Malwarebytes Anti-Malware. But, ASP killed that process too when I tried to run it. I rebooted in Safe Mode (press F8 on restart). I ran MBAM then but it did not detect the rogue files. So, my only choice was to reboot in Safe Mode with a command prompt to do System Restore that way (this is F8 as well). Some guides will suggest this command prompt: %systemroot%\system32\restore\rstrui.exe I'm running Vista and just rstrui.exe worked. I restored my system to the previous day when I knew everything was okay. I then purchased a very strong total security suite for my computer. I had the free AVG version and it didn't catch this mess. You do get what you pay for.

Lucille

2016-08-21 12:10:34 UTC

NoBozo

2009-11-24 18:11:30 UTC

You have a smitfraud and your security program,no matter how good won't pick it up.I wrote the following to another user with a similar issue and she was trying to get rid of it with a disk cleaner but some of it will apply to you also.

Advanced System Care cleans your hard drive of temporary files and the like.This is a utility that you need but there are better like CCleaner. However,these programs won't solve your problem.

You didn't mention how you're aware of all these so I'll assume that you're infected with what's known as a smitfraud. You'll need to download a program called Malwarebytes' Anit-Malware (free)at CNET http://www.download.com

After it's installed,update the signatures,then shut your PC off. When it is completely off,hold down key F8 (not F+ 8,but key F8),restart your PC. Once you're in safe mode,open Malwarebytes' and do a complete scan.if it finds any thing,move them to quarantine,and delete them from there.

After that run CCleaner (both the cleaner and registry) and if you want Advanced System Care.Then restart your PC normally. Run your system defrag a couple of times to get those files good and tight.Find that picture that you down loaded and get rid of it.

2009-11-25 08:51:55 UTC

You should try using MSCONFIG in Windows XP to disable some of the unnecessary programs that automatically load on start-up. Disabling these programs will help your computer boot faster and crash less.

1. In Windows XP, go to Start > Run

2. Type MSCONFIG in the "Open:" box and then either press enter on your keyboard or click on the OK button.

3. This launches Microsoft's System Configuration Utility. Click on the Startup tab (the tab at the far right).

4. This takes you to a page with a list of "startup items." Startup items are programs that are automatically loaded every time you turn on your computer. Some startup programs are absolutely necessary, others are simply a waste of RAM.

Remember, disable only those programs that you recognize and don't need to have running all the time. When in doubt, leave it on.

5. Click on the OK button.

6. A message will pop up telling you that you must restart your computer before these changes will take effect. Click on "Yes" and your computer will automatically reboot.

7. That's it! Your computer should now boot faster and crash less.

Download a free antivirus software, we have a few links on the button of a faq's page http://www.unlimitedtechnicalsupport.com/faq.htm

And you should also update our Antivirus software and run a virus scan,

If the problem persist contact support http://www.unlimitedtechnicalsupport.com

Simon

2009-11-24 18:14:37 UTC

Hi,

May i say OUCH lol..

Antivirus System Pro is a rogue anti-spyware that uses false scan results, fake security alerts, and Internet Explorer hijacking in order to have you purchase this program. It is because of these actions that we classify Antivirus System Pro as a rogue anti-spyware program. When installed, Antivirus System pro will be configured to start automatically when you log into Windows. Once running it will scan your computer and display numerous infections that do not actually exist. Furthermore, it will state it will not remove these infections unless you first purchase the program. This method of stating there are infections, but not removing it until you purchase it, is just another tactic to have you purchase the software.

Please visit this site and download rkill to stop the malware process:

http://www.bleepingcomputer.com/virus-removal/remove-antivirus-system-pro

if You cant download please use a different computer and save to disk or pen drive.

Thanks

2009-11-24 22:14:35 UTC

Use a different computer, such as the one you used to write this, to download an anti-spyware, rename it's setup file, and install from a flash drive. Afterwards update and scan your system, preferably in Safe Mode, but I wouldn't be surprised if safe mode was disabled. You can also try to remove Antivirus System PRO manually by following these instructions:

http://www.2-viruses.com/remove-antivirus-system-pro

2009-11-25 02:34:18 UTC

This particular malware should be removed as soon as it has been detected.

As with many rogue applications, Antivirus System Pro is designed to coerce money from unsuspecting computer users, and should therefore NOT be trusted!

Instead, I suggest you check out the link below – here you will find information on how to rid your system of this dubious security tool.

http://www.pcthreat.com/parasitebyid-8011en.html

2009-11-24 18:19:30 UTC

Anti-Virus system pro is a rogue Anti-Virus application. It's trying to trick you into downloading viruses or paying for stuff you don't need.

Reboot into safe mode with networking (f8 on boot)

Locate these files and registry keys (when your in safe mode) and delete them if you can (you said you couldn't but not sure if you tried safe mode).

Associated Antivirus System Pro Files:

c:\WINDOWS\sysguard.exe

c:\WINDOWS\system32\iehelper.dll

Associated Antivirus System Pro Windows Registry Information:

HKEY_CURRENT_USER\Software\AvScan

HKEY_CLASSES_ROOT\CLSID\{BAD4551D-9B24-4…

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wi… Helper Objects\{BAD4551D-9B24-42cb-9BCD-818CA2D…

HKEY_CURRENT_USER\Software\Microsoft\Win… "system tool"

Now download and install Malwarebytes Anti-Malware. install, update and run it.

Whilst it's running, go to Trend Micro Housecall (free online scanner) and run that too.

Delete anything that is found by either program.

Now download Trend Micro's CWShredder and run it in safe mode. Delete anything it finds.

Hopefully that should fix your problem. Reboot in normal mode and see if your clean.

2009-11-25 00:04:34 UTC

Your computer is infected with rogue anti-spyware

Try to use some free antivirus and antispyware products

http://free.avg.com/

SPYBot Search & Destroy

http://www.safer-networking.org/en/download/index.html

MalwareBytes Anti-Malware

http://www.malwarebytes.org/mbam.php

Kaspersky Free removers

http://www.kaspersky.com/removaltools

You can also try to remove it manually. Use manual removal instructions

http://expetecsoc.com/latest-spyware-threats/antivirus-system-pro-removal-guide.html

OR

http://www.bleepingcomputer.com/virus-removal/

Use manual removal guide only in SAFE MODE.

2009-11-24 18:35:01 UTC

Ouu... you have a FAKE popper - srry that's what i call them -

ok if you want a good scanner try http://onecare.live.com/site/en-us/default.htm - this is free

if you want to get it go to http://onecare.live.com/standard/en-ca/purchase/default.htm

it should remove your virus but

if the ASP still pops up go to

Safety;located on the top right hand corner and go to

SmartScreen Filter and go to

Report Unsafe Website.

PS. YOU CAN ONLY DO THIS ON WINDOWS 8

it should stop popping in a couple of hours it takes time... but it should do the trick

2009-11-26 01:36:39 UTC

maybe the manual removal you found wasn't detailed enough. here's a great removal tutorial http://www.spywarevoid.com/remove-antivirus-system-pro-antivirus-system-pro-removal.html

2016-05-25 02:24:36 UTC

Step 1Remove the pop-up advertisements temporarily and end bad processes: * Push Ctrl + Alt + Delete at the same time * Choose "Task Manager" in the Windows Security menu * Click on the "Processes" Tab * Search for the following processes: Antivirussystempro.exe, uninstall.exe (if constantly running), and sysguard.exe * Disable these processes by clicking the "end process" button Step 2Conduct a search on your computer for Antivirus System PRO files: * Go to the start menu and click the search button * Make sure you search "All files and folders" in the "Local Hard Drive" or C Drive * Type "Antivirus System PRO" in the search box and search for all of these files including: c:\WINDOWS\system32\iehelper.dll %ProgramFiles%\Antivirus System PRO\conf.cfg %ProgramFiles%\Antivirus System PRO\mbase.vdb %ProgramFiles%\Antivirus System PRO\quarantine.vdb %ProgramFiles%\Antivirus System PRO\queue.vdb * If none of these files appear, then you may have to search for each file individually. * Search and delete the following folder: %ProgramFiles%\Antivirus System PRO\ Step 3Create a backup file of your entire registry. One way to do this is to generate a system restoration point: * Click Start, All Programs, Accessories, System Tools, System Restore * Choose "Create a restore point" and click the Next button * Type in a name to recognize the restore point and click "Create" Step 4Remove files from the registry: * Click Start, Run, and type "regedit" in the available field. * Hit the Enter key, or click "OK", and the registry editor should appear * Select Edit, Find, and search for the following: HKEY_LOCAL_MACHINE\SOFTWARE\Antivirus System PRO HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\... System PRO HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\... “Antivirus System PRO” HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\... “ieModule” HKEY_CURRENT_USER\Software\AvScan HKEY_CURRENT_USER\Software\Microsoft\W... “system tool” HKEY_CLASSES_ROOT\CLSID\{BAD4551D-9B24... HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\... Helper Objects\{BAD4551D-9B24-42cb-9BCD-818CA2D... * If you locate any of these files, right-click the file and select "Modify" and "Delete" Step 5Remove DLL files for those who have c:\WINDOWS\system32\iehelper.dll in their processes: * Go to Start, Run, type "cmd", and click "OK" * Type "cd", enter a SPACE, and type c:\WINDOWS\system32\iehelper.dll * Once the file is located, type regsvr32 /u iehelper.dll and hit "Enter" Step 6Search the local hard drive once more for "Antivirus System PRO" and "SYSGUARD" separately to make sure all of these files are deleted. Step 7Restart the computer. If no pop-ups appear after restarting the computer then the malicious software should not be on your system. Double check to make sure the Antivirus System PRO software has not returned. Step 8Repair any damages that may have occurred from the malicious software or deletion. Check to see if your desktop icons and homepage have been changed or moved.

ⓘ

This content was originally posted on Y! Answers, a Q&A website that shut down in 2021.

about - legalese