remove antivirusplus
in [Security]
|
From: stemco on 4 Feb 2010 19:08 antivirusplus has attacked my pc. I get pop ups every 60 seconds saying I have a virus and need to purchase this product. I have deleted it from add and delete programs, but pop ups still there. I searched the program in my files and deleted 4 files found, but 2 files say cannot be deleted. I tried to restore the system, but it says it has been turned off, when I go into the system dialog box where it is suppose to be, its not there. Any help on a back door to turn on restore, or remove a locked file woul be appreciated. The file name I need to remove is C:\documents and settings\kevin stemcosky\start menu\programs\antivirusplus.ink" any help would be appreciated
From: "FromTheRafters" erratic on 4 Feb 2010 20:53 http://www.bleepingcomputer.com/virus-removal/remove-antivirus-plus page-down to below the advertisements "stemco" <stemco(a)discussions.microsoft.com> wrote in message news:917A6C26-3A32-47E5-BD3A-88E42ADA067E(a)microsoft.com... > antivirusplus has attacked my pc. I get pop ups every 60 seconds > saying I > have a virus and need to purchase this product. I have deleted it from > add > and delete programs, but pop ups still there. I searched the program > in my > files and deleted 4 files found, but 2 files say cannot be deleted. I > tried > to restore the system, but it says it has been turned off, when I go > into the > system dialog box where it is suppose to be, its not there. Any help > on a > back door to turn on restore, or remove a locked file woul be > appreciated. > The file name I need to remove is C:\documents and settings\kevin > stemcosky\start menu\programs\antivirusplus.ink" any help would be > appreciated
From: Nil on 4 Feb 2010 23:28 On 04 Feb 2010, "FromTheRafters" <erratic @nomail.afraid.org> wrote in microsoft.public.windowsxp.security_admin: > http://www.bleepingcomputer.com/virus-removal/remove-antivirus-plus > > page-down to below the advertisements A relative recently got this bug, and I tried coaching her through these instructions by telephone. The malware seems to have been tweaked since those instructions were written, and recent versions prevent both their rkill utility and Malwarebytes from being installed. I finally had to give up and recommend she pay someone locally to clean it up. I hate to admit defeat, but this malware is very difficult to remove and I couldn't do it without having the machine in hand.
From: Leythos on 5 Feb 2010 04:08 In article <Xns9D15EEC30AA57nilch1(a)130.133.4.11>, rednoise(a)REMOVETHIScomcast.net says... > > On 04 Feb 2010, "FromTheRafters" <erratic @nomail.afraid.org> wrote > in microsoft.public.windowsxp.security_admin: > > > http://www.bleepingcomputer.com/virus-removal/remove-antivirus-plus > > > > page-down to below the advertisements > > A relative recently got this bug, and I tried coaching her through > these instructions by telephone. The malware seems to have been tweaked > since those instructions were written, and recent versions prevent both > their rkill utility and Malwarebytes from being installed. > > I finally had to give up and recommend she pay someone locally to clean > it up. I hate to admit defeat, but this malware is very difficult to > remove and I couldn't do it without having the machine in hand. The latest malware I've seen seem to specifically target and block most of the tools you can download. I've been using Trojan Remover 6.8.1 in safe mode for the initial scan when MBAM, SAS, AV tools won't run properly because of the malware. TR 6.8.1 seems to do enough to remove the parts that are keeping the other tools from running - run it in safe mode, then run it in standard mode and do the update, then run a scan now that you've updated it - your other antimalware tools should work now. http://www.simplysup.com/tremover/download.html -- You can't trust your best friends, your five senses, only the little voice inside you that most civilians don't even hear -- Listen to that. Trust yourself. spam999free(a)rrohio.com (remove 999 for proper email address)
|
Pages: 1 Prev: Mobile User - Temporary Admin Rights Next: System logging problem |