Help with AntiVirus System Pro

Hello!

I stumbled upon this awkward virus today called Antvirus System Pro. It bypasses my Avast! shield. I was able to download Malware Bytes, and remove a bunch of infected files. At first, I thought i managed to completely delete this virus, but then when i restarted my computer, the AntVirus Systen Pro came back.

The virus blocked my Malwarebytes program from running (but not firefox), and also my taskmanager, regedit.

Then again I restarted my computer and got my my taskmanager and MalwareBytes before the AntiVirus System Pro loaded. I used the taskmanager and managed to get the AntiVirus System pro icon to go away, and starting to scan my comp again with the MalwareByte.

The websites keep coming up and now Avast! keeps sending me Virus Cautions while Im running my MalwareByte called Win32:Trojan-gen, Win32:Virus-gen, all located in my C:\Windows\system32(randomletters).exe

I delete them but they keep coming back, I move them to chest and they keep coming back, I try to repair but the same result.

I tried getting rid of Antiv System Pro manually, but always when i delete them from my taskmanager, the files are gone in regedit and documents. (and I have to delete them from taskmanger first otherwise regedit wont open)

MalwareBytes isnt doing any good for me, when I restart my comp the virus comes back!

I am desperate! Please help me solve this problem. Ive already though about system restore but I accidently deleted all my old checkpoints :frowning:

Note: avast! warning only comes up when MalwareBytes is on scanning.

Hello,

you can get hitman pro from here : http://www.surfright.nl/en/hitmanpro (download the appropriate one - 32 bit or 64 bit). - (this is the first time I recommending it to someone.)

scan using it (you should have an active internet connection) and when asked to enter the key while about to remove, select trial version and clean the computer. after restart come back and post.

nmb

my firewall blocked the program activation window :cry:

add a an exception for that, as simple as that.

nmb

i have no idea why, but I already added HitmanPro 3.5 to my firewall exception list but it still won’t let me open the 30-day free trail.

The toolbar says it might be firewall blocking it.

Sorry, I have no computer sense :frowning:

However, the scans showed pretty much all of C:\Windows\system32(randomlettrs).mph or dll

Description is suspicious malware

disable the firewall for a moment untill the product is activated and as soon as it is activated, enable the firewall.

nmb

Remove Antivirus System Pro (Uninstall Guide)
http://www.bleepingcomputer.com/virus-removal/remove-antivirus-system-pro

ack, sorry

i disabled my firewall for 1minute and still wont let me activate trial

what is the error you get?

run this tool from microsoft, which resets your hosts file and then try activating : http://go.microsoft.com/?linkid=9668866

nmb

If you read the link from Pondus you will see some processes need to be killed in order that MBAM can remove this program.Read the instructions carefully,especially part 3 .When you have done this post your MBAM log.
Its not your firewall blocking hitman its the malware. ( or if you have Vista, you may need to run as admin )

:slight_smile: Hi :

When it comes to EFFECTIVELY dealing with “Antivirus System Pro”, Best to
ask an experienced, CERTIFIED, Volunteer “Malware Removal Specialist” on an
Advanced Malware Removal Forum, such as the One where “essexboy” helps
out at www.geekstogo.com/forum/forums.html ; unless he comes here to
help you, start by following the Info at www.geekstogo.com/forum/Malware-Spyware-Cleaning-Guide-t2852.html , particularly using the “OTL” program .

Within the last several days, I read through a large portion of a “Hitman Pro”
thread on the Wilders Security Forums ( currently 635 Posts ) at
www.wilderssecurity.com/showthread.php?t=236732 and came away with
the impression that it is a “work-in-progress” that is NOT to be trusted at
this point in time .

@ Spiritsongs

And what pray is wrong with the comprehensive removal instructions in the link pondus gave to bleepingcomputers.

If you spent just half the time helping users that you do trying to drive them away, would be a better use of your time and help avast users seeking help in the avast forums.

I don’t want to turn this thread into a slagging off debacle.I really hope the OP returns, as I think if he follows the instructions given by Pondus, he can solve his problem.
However, once again, Spiritsongs, has jumped in,without, the OP, even trying the option suggested.
I think this person has some sort of problem/grudge with this forum, and is making a mockery of it. He appears to offer no practical help, and suggests the people offering help here, are useless.

I suggest you try MBAB and/or SAS aswell these use to solve this kind of malware problems quite good.

http://filehippo.com/download_malwarebytes_anti_malware/
http://filehippo.com/download_superantispyware/

good luck

Thank you everyone for your replies, and I think I’ve finally got rid of Anti Virus System Pro

But sometimes my avast! still detects this virus called Win32:Trojan-Gen/Win32:Virus-Gen all located in my system 32 folder.

I am unable to repair it, but I could delete/move it to chest.

However, once i delete/move to chest another alert pops up with the same virus name but on different folder; C:\Windows\system32(randomlettrs).mph/exe/dll.

The alerts only come up when im using MalwareBytes for some reason…

Ive scanned with SUPERanyspyware aswell but it detected nothing.

Ive also tried HitmanPro 3.5 and it did detect a bunch of them but I always get Error code 20 when I try to activate my 30-day trial.

Is there any other way I could completely remove this Win32: Trojan/virus-gen out of my system?

Try these

Norman Malware Cleaner http://www.norman.com/support/support_tools/58732/en
Dr.WebCureit http://www.freedrweb.com/cureit/

For some reason Norman Malware Cleaner picked up nothing
MalwareBytes picked up nothing
SUPER antispyware picked nothing

but avast finds Win32: Trojan-gen
Hitman Pro finds a bunch of malware

who do I believe? and how do I complete get rid of it

Is it possible to post some logs. Whats the name and location of files found by Avast. Does HMP produce a log ?

i think we need essexboy to look at this, he is probably watching and will respond soon

the files were from C:\Windows\system32(randomletters).exe/mph/dll

the one by hitmanpro were all the same C:\windows\system32(randomleters).exe/mph/dll

I’m doing a full computer rescan with avast! right now
and scanning system 32 with malwarebytes and avast

Ok, the scan on system32 by Malwarebytes and avast! are finished, malwarebytes detects nothing, avast quick scan just closed without the results ??? Did it twice and cant find it on log.

HitmanPro still finds malware and DP.sys