Jump to content
IGNORED

Help needed with computer

ediddy

By ediddy
in Watering Hole

 Share

Recommended Posts

ediddy

ediddy

Posted
Posted

Anyone have any knowledge about a malware called anti virus pro? I started my computer at the office this morning and this program came up and said it was scanning for a virus. This is a scam. I turned off my computer and restarted. This program opens up and starts scanning. It has disabled all of my programs. I can't run any of the malware programs. This happened with another program before and a google search had blogs from people all over the US that had this problem and one guy had a detailed report on which files to delete from the registry. I did that and got rid of the program. This one is tough and there isn't any info on the web. I found the program but can't get it out of my computer because it has locked out all the other programs. Anyone know anything about this program or how to get it out? I am shut down.

Link to comment
Share on other sites
SilvrT

SilvrT

Posted
Posted

There's a few things described in the following post that would assist...specifically post # 6

 

 

http://www.venturerider.org/forum/showthread.php?t=42764&highlight=computer

 

And here's a couple websites about removing it

 

http://www.2-spyware.com/remove-internet-antivirus-pro.html

 

http://www.spywareremove.com/removeAntiVirusPro.html

Link to comment
Share on other sites
SilvrT

SilvrT

Posted
Posted
I have run computer in safe mode and deleted the program but when you restart in regular mode the sypware loads itself again. When it does this you can't get into any program to get it out. This one is a real problem.

 

You can't just delete it... you have to restore your PC to a date earlier than when you got the spyware... or, follow the directions on those web pages. Did you try either of those methods?

Link to comment
Share on other sites
LilBeaver

LilBeaver

Posted
Posted
I have run computer in safe mode and deleted the program but when you restart in regular mode the sypware loads itself again. When it does this you can't get into any program to get it out. This one is a real problem.

 

You can't just delete it... you have to restore your PC to a date earlier than when you got the spyware... or, follow the directions on those web pages. Did you try either of those methods?

 

SilverT is correct on this. What this one in particular does is put itself in the OS registry so that when you start it, the malware basically reinstalls itself on your computer. By doing the 'restore to an earlier date' the computer reverts the registry to a version that was good BEFORE the malware made its way in.

 

If you can follow the instructions given on those pages, you will be fine.

 

Good luck.

Link to comment
Share on other sites
ediddy

ediddy

Posted
  • Author
Posted

I tried to restore the computer to last week but you can't do anything. This program starts up and locks out every program. I've never seen one this bad. The first program was spyware 2009. It did the same thing but it didn't lock you out so you could go into the registry and get it out. With this antivirus pro you can't get into your directory or load or start any scans. The jerk that developed this one really covered all bases. I don't know what to do except wipe the hard drive clean and start over. That is a real pain.

Link to comment
Share on other sites
LilBeaver

LilBeaver

Posted
Posted
I tried to restore the computer to last week but you can't do anything. This program starts up and locks out every program. I've never seen one this bad. The first program was spyware 2009. It did the same thing but it didn't lock you out so you could go into the registry and get it out. With this antivirus pro you can't get into your directory or load or start any scans. The jerk that developed this one really covered all bases. I don't know what to do except wipe the hard drive clean and start over. That is a real pain.

 

You ought to be able to run the windows restore point function when you boot in safe mode. This should resolve the problem you are having where you cannot do anything because you get 'locked out'.

 

The other thing you could do is download one of the free spyware/malware removal tools that you can boot from the CD and run it that way. Either way ought to work.

Link to comment
Share on other sites
SilvrT

SilvrT

Posted
Posted
I tried to restore the computer to last week but you can't do anything. This program starts up and locks out every program. I've never seen one this bad. The first program was spyware 2009. It did the same thing but it didn't lock you out so you could go into the registry and get it out. With this antivirus pro you can't get into your directory or load or start any scans. The jerk that developed this one really covered all bases. I don't know what to do except wipe the hard drive clean and start over. That is a real pain.

 

Restore to a date earlier than "last week".

 

Other alternative is to boot with your windows CD and go to the Repair. It may be that this virus is loading itself even in Safe Mode so booting with the CD will bypass that.

Link to comment
Share on other sites
ediddy

ediddy

Posted
  • Author
Posted

Thanks Don for your input but this program won't even let me on the internet to download a program. I just talked to our computer tech and he said this program is the worst he has seen and he doesn't know anything to do other than come by the office monday and wipe the hard drive clean and reload all the programs. I had rather take a beating than do this but it appears there isn't any other option. We have so many insurance company programs, agency management program, rating program, address program, insurance company form programs that take forever to reload. Oh well.

Link to comment
Share on other sites
LilBeaver

LilBeaver

Posted
Posted
Thanks Don for your input but this program won't even let me on the internet to download a program. I just talked to our computer tech and he said this program is the worst he has seen and he doesn't know anything to do other than come by the office monday and wipe the hard drive clean and reload all the programs. I had rather take a beating than do this but it appears there isn't any other option. We have so many insurance company programs, agency management program, rating program, address program, insurance company form programs that take forever to reload. Oh well.

 

 

Since you are obviously able to get on the internet with A computer (ie. the one you are using to post in here). You could download a program and burn it to a CD. That way you could boot from that CD in the infected computer.

 

Wiping the hard drive clean, and reloading all of your programs would certainly produce a solution, but, it is very unlikely that is 'the only' solution....

Link to comment
Share on other sites
RossKean

RossKean

Posted
Posted

Been there and done that...

This is one of a series of nasty trojans that hijacks the computer. I had a variant that blocked many useful websites; especially those that would enable a fix. It locked the desktop so you couldn't remove the desktop screen it installed, disabled restore points and kept telling you to buy their "fix" to get rid of it as it continually did fake scans that informed me how badly infected my computer was. Picked it up while innocently "surfing" - no downloads and nothing opened from an email. I believe that it even blocked safe mode, but I can't remember for sure.

 

In any case, it could not be removed by any software on the computer and essentially rendered the computer useless. I was just about to reformat the hard drive and start over but decided to try one more thing...

 

I removed the drive from the computer and installed it as a slave in another machine with the latest fix programs installed and updated on the primary drive. I used Malwarebytes to scan the afflicted drive - also ran Spybot for good measure as well as the Microsoft Security Essentials - new free software from Microsoft. Once reinstalled on the original computer, it ran OK and the trojan did not reinstall itself. Had to do a direct registry edit to restore the ability to change the desktop wallpaper (instructions available if you do a search).

 

Individuals who create such trash should be strung up!! I wasted about four hours but managed to get the system back without losing anything. Easier than a new install of the OS and all programs - not to mention what would be lost in terms of email, photos and MP3 files.

 

Note: if you do have to reformat, you can at least install the drive as a slave in another computer and retrieve any files that have not already been backed up. As long as you are not running anything from the infected disk, it is unlikely to infect the other computer. If you are anything like me, good intentions for regular backups are often put off until too late.

 

Good luck

 

Ross

Link to comment
Share on other sites
ddoggma

ddoggma

Posted
Posted

I can tell you that "SuperAntiSpyware" works on this type of hijacker. You will have to get the computer into "safemode" Put SAS on a thumbdrive or disk and install it in safemode. Then run it from there, follow directions etc. Your restore files are probably trashed by the Trojan and its recommended you turn off system restore while your trying to remove the spyware.

 

So...Safemode>turn off system restore>Install SAS and run a complete scan>keep fingers crossed>

 

 

I bought the app for 20 bucks after it got rid of one just like the one you have. And it runs in the background also, for some realtime protection. I use it and Malewarebyte, which is another scanner that works well and picks up stuff SAS has missed. Its free to use the basic also. I also have Spybots "teatime" going, blocking bad sites. And their "Immunize" function is nice too. Those three keep my system free of bad stuff...Once or twice a year some new crap trys to get me but with these tools I can stop 99% Oh, and "CrapCleaner" get this to clean up temp files and manage cookies and it does a couple other things too. Having CC installed helps if you get a nasty, you can run it in safemode and have it scan the registry for 'Issues" It can remove some of the spywares tools before you try and get rid of it with SAS or Malewarebyte etc. Good luck.

Link to comment
Share on other sites
ediddy

ediddy

Posted
  • Author
Posted

Thanks everyone for your input with this problem. My computer tech came by this afternoon and picked up up my notebook to clean it up. We have our computers networked here at my office and I use the notebook as a workstation and I have a replicator so I can unhook it from the network and take it home. The computer tech said this malware/ virus is a new version that just started showing up in the last couple of weeks. It locks down your computer and you can't load, download get in your registry or do anything on your computer. This one is very bad.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...