Solved

Constant poppups of spyware infection and to activate Antivirus Sytem Pro

Posted on 2009-07-05
12
830 Views
Last Modified: 2013-11-22
I changed my antivirus from McAfee to AVG about 2 weeks ago. Yesterday I started getting constant pop ups alerting me of spyware installed on my computer and to activate Antivirus System Pro.

I upgraded from AVG Free Trial version to payverions and scannned my computer but nothing was found.

Even after disconnecting my desktop from the internet I still get the popups alerting me of spyware infections. A browser keeps opening with a subscription screen to purchase Antivirus System Pro.

Upon googling Antivirus System Pro I found several links on how to remove this spyware from my computer. However, I'm not sure who to trust.

Does anyone know a trustyworthy method of removing this spyware?

Also, how complete is this removal process? Part of me just wants to reformat my  computer if that is the best and safest choice.

Thnx.
0
Comment
Question by:TylerDerden
  • 2
  • 2
  • 2
  • +4
12 Comments
 
LVL 13

Accepted Solution

by:
JeremySBrown earned 200 total points
ID: 24780805
Try using the following...

   1. SuperAntiSpyware
http://www.superantispyware.com/

   2. Malwarebytes' Anti-Malware
http://www.malwarebytes.org/mbam.php

   3. Combofix
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

   4. Dr. Web Anti-Virus
http://www.freedrweb.com/
0
 
LVL 13

Expert Comment

by:JeremySBrown
ID: 24780822
If you do you use Combofix...make sure that you disable your firewall or any other antivirus you may be running...to not cause any conflicts...
0
 
LVL 4

Expert Comment

by:stevepicks
ID: 24780871
ok do this, i done this with this infection a month ago and worked
step1
visit
http://www.411-spyware.com/remove-antivirus-system-pro#how-to-remove
and save them on your pc  to consult
step 2
restart your pc pressing f8 at start to enter safe mode
step 3
follow the instructions from
the page you saved
step 4
restart your pc in normal mode

Good luck
0
 
LVL 90

Expert Comment

by:John Hurst
ID: 24780996
In addition to the above, you posted this in the Adobe Acrobat zone. Anything less than Adobe Reader 9.1 or Adobe Acrobat 9.1 or the very latest version of other Adobe products have serious security risks which led to a serious compromise on one client machine. If you are using Adobe, and the advice above does not solve your problem, then consider following your own instincts, reformat, reinstall, and then upgrade Adobe on the way by.
... Thinkpads_User
0
 
LVL 16

Expert Comment

by:warturtle
ID: 24781366
AntiVirus Pro is actually a rogue anti-virus application (its a malware). Use the tool MalwareBytes as suggested previously to remove it from your computer.

Here is some general information on it:
http://remove-malware.net/how-to-remove-antivirus-system-pro-rogue-anti-spyware/

Hope it helps.
0
 
LVL 25

Assisted Solution

by:Tony Giangreco
Tony Giangreco earned 200 total points
ID: 24781601
IRestart into SAFE MODE and run your anti virus and spyware detection programs. I suggest running this series in three back to back cycles, rebooting once per cycle back into safe mode:

1. Install and Run Ccleaner from www.ccleaner,.com
2, Malwarebytes
3. SuperAntiSpyware
4. Spybot
5. Symantec Endpoint or Symantec Corp AntiVirus

After three complete cycles, reboot into normal mode. If the situation continues, go to TrendMicro and run the online scan Housecall
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 
LVL 47

Assisted Solution

by:rpggamergirl
rpggamergirl earned 100 total points
ID: 24784848
If reformatting won't bother you much then that's the best solution to any virus or malware problem.

But if you want to clean it, then MalwareBytes and Combofix (as already suggested) are the best and trusted tools that will take care of it, those 2 tools are the tools I would use first.

When using Combofix, we need to see the log to make sure that all bad files are removed as Combofix will only removed bad files that are in its database.
0
 

Author Comment

by:TylerDerden
ID: 24790780
Thank you everyone for your help.

I ran MalwareBytes, removed any items found, rebooted, and ran it again and it was clean.

Should I really run another program? Or is this really good enough.
0
 
LVL 25

Expert Comment

by:Tony Giangreco
ID: 24790903
If you really want to make sure it is a s clwean as possible, atleast run one ccycle os this:

1. Ccleaner from www.ccleaner,.com
2, Malwarebytes from malwarebytes.com
3. SuperAntiSpyware from www.superantispyware.com
4. Spybot from www.spybot.com
5. Online spyware and virus checker from www.trendmicro.com called HOUSECALL
0
 
LVL 16

Expert Comment

by:warturtle
ID: 24793228
Run an online scan with Kaspersky to find any other infections on your PC:

http://www.kaspersky.co.uk/virusscanner

If it finds nothing, then your computer should be ok to go.
0
 

Author Comment

by:TylerDerden
ID: 24818754

Ok, so far I ran the following programs with the associated results:


1, Malwarebytes => Removed about 10 threats

2. Ccleaner => Clean

3. SuperAntiSpyware => Clean

4. Spybot => Clean

Last night I was able to connect to the Internet and planned on running HOUSECALL

However, today when I tried to launch FireFox I got a warning from AVG advising that Trojan horse 13.BWKR has been detected, it recommend to move it to the virus vault and warned that this action could cause system instability even crash.

I selected yes figuring what choice did I have and now I can not connect to the Internet. Nor can I even connect to my router.

I will be going on vacation and wont be checking this thread till at least Tuesday.

Thank you all for your continued assistance.
0
 
LVL 47

Expert Comment

by:rpggamergirl
ID: 24900013
Combofix which is one of the best tools already suggested you didn't run, we also need to see the log if it
s run to make sure that the log is clean.

Trying so many generic tools can sometimes worsen the problem, in some cases may render the pc unbootable as they delete bad files without removing their loading points.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Sub-Titled: “My Way” (with apologies to Francis Albert Sinatra) Let me start by stating emphatically that I am one of those Experts who prefer doing things “My Way”. It’s kind of a no-brainer. “The following procedure works for me, so here is …
Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now