AntiVirus System Pro

Hey, didn’t know there was an avast forum.

Anyways, onto the topic. My sister’s computer running windows XP SP2 has gotten one of those annoying fake antivirus programs that have misspell word on them. (See what i did there?) :wink:

However, this one found a way to sneak past avast, completely disable my internet, and evade malwarebytes. Even after using rkill.com to end the process, my internet still will not work. Now, i can’t update malwarebytes or avast. Strangely, i’m kind of impressed at this program. It’s very well made. >:(

Remove Antivirus System Pro (Uninstall Guide)
http://www.bleepingcomputer.com/virus-removal/remove-antivirus-system-pro

Yeah, i had already tried that. wouldn’t work because malwarebytes didn’t have the latest definition files.

Is it still on the system, or has it been removed and simply cannot update/use internet.

Windows XP Service Pack 3 has been available for over a year and provides many Critical Updates plus performance improvements.

You need to start Internet Explorer then go to Tools then Windows Update and download all of the available updates.

Also you should enable Automatic Updates or at least be notified that Updates are available.

Go to Control Panel then Automatic Updates then select Automatic (recommended) or at least Notify me but don’t automatically download or install them.

Go to Secunia Online Software Inspector then run it to see what other applications are vulnerable:
http://secunia.com/vulnerability_scanning/online

If other than not having internet connection try this.
Lost Internet Connection - To recover you internet connection, try downloading and running WinsockXPfix: http://www.snapfiles.com/get/winsockxpfix.html

Or

For XP SP2, try Windows Start button, Run - type ‘netsh winsock reset’ without the quotes - this may be enough to fix the issue.

Or http://cexx.org/lspfix.htm

If unable to regain your connection, install MBAM on a clean computer. Update it. Got to the folder “C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes\Malwarebytes’ Anti-Malware” and copy the “rules.ref” file to the same folder on the sick computer. (Replace the original, which should be present but older.)
Try scanning again.

Could i get these instructions in Windows Vista / 7 Format? I’m new to the restructuring in 7.

I don’t use win7, try doing a search of the c drive for rules.ref.

Trying an update to SP3, seeing if that will work.

It probably won’t.
Keeping a system up to date can help prevent vulnerable software on the system. It won’t remove malware if the vulnerability has already caused a breach.
Horse/barn door.

YoKenny, it would be appropriate to wait until a users’ system is on the way to being clean before suggesting the relevant update should be applied.

The malware is gone. I was able to move the rules.ref over to the infected computer. However, none of the fixes above seem to restore connectivity. Any solutions to this?

If you use IE have a look in tools > internet options > connections > lan settings > and see if the proxy server box is ticked, if so and you don’t use a proxy untick.Or post a HijackThis log http://filehippo.com/download_hijackthis/ Choose scan and save a log file then post the txt log. This will mean transfering the program from another pc then transferring the log back :o

:slight_smile: Hi :

When combatting Antivirus System Pro and its possible aftereffects, I recommend the GeeksToGo Support Forums at
www.geekstogo.com/forum/forums.html ( unless “essexboy” shows up here ) .

The first solution worked, thanks!

No need to go to geekstogo, then. If the problem returns after reboot, do the same again, then with the internet, download HJT and post a log.
Spiritsongs, while I realise your intentions are good, there is no need to try and scare people away, they will soon look elsewhere if they get no joy here. Maybe you should put as much effort into helping people, as you do, telling them to go elsewhere.
Or maybe your to busy, preaching your unwanted religious views on other forums