Solved

Does the program Antivirus Action Ultimate pose a threat to PC's?  If so How to remove it?

Posted on 2010-11-21
6
856 Views
Last Modified: 2013-12-06
I was surfing the net looking at a variety of video web sites. I pressed on a preview video to watch and all of a sudden this warning message appears saying stuff like Trogans and Viruses have corrupted some part of my PC. I no longer could connect to the internet. I turned my computer on and off and still I could not connect to the internet. I could open my softwear programs like Word etc. Oddly my AVAST antivirus was disabled with some sort of error message. Then the only thing that would connect on the internet was this Antivirus Action window that offered three different priced antivirus solutions. I purchased it and my laptop went back to normal. I noticed on my bank statement  that it was a company in Russia.
0
Comment
Question by:Hers2keep
6 Comments
 
LVL 66

Accepted Solution

by:
johnb6767 earned 200 total points
ID: 34185420
Inside IE>Tools>Options>Connections Tab>LAN Settings, and uncheck the "Use A proxy" value.

0
 
LVL 66

Expert Comment

by:johnb6767
ID: 34185423

As for the rest of it, I would contact the Credit Card company, and dispute the charge, and even further, request that card be closed and a new one reissued, with a different number.

More then likely the app might still be present, just laying dormant. You buying the one it was scaring you into, basically just turned it off, but I am 100% sure it is still there.....

Check out Malware Bytes/Super AntiSpyware and run full scans.
0
 
LVL 66

Expert Comment

by:johnb6767
ID: 34185433
Also, see my accepted answer in this thread, for the usual location where they hide.....

Fake Antivirus IS Virus
http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Windows/XP/Q_26511483.html

Dont forget to check c:\Program Files, %allusersprofile%....
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 

Author Comment

by:Hers2keep
ID: 34185466
Thank you for getting back to me.  I will check into it now.....
0
 
LVL 17

Expert Comment

by:sgsm81
ID: 34186034
consider running malwarebytes antimalware as well
0
 
LVL 29

Expert Comment

by:Sudeep Sharma
ID: 34190931
To clean and to check if you system is clean do following:

Run malwarebytes in Safe Mode with Networking and update it before running a full system scan:
http://www.malwarebytes.org/mbam-download.php

Then try HitManpro to make sure anything which might be left behind is clean:
32bit
http://dl.surfright.nl/HitmanPro35.exe
http://download.cnet.com/Hitman-Pro-3/3000-2239_4-10895604.html

64bit
http://dl.surfright.nl/HitmanPro35_x64.exe

If issue is not resolved by these tools try TDSSKiller:
http://support.kaspersky.com/downloads/utils/tdsskiller.zip
http://support.kaspersky.com/downloads/utils/tdsskiller.exe

Tutorial on TDSSKiller:
http://support.kaspersky.com/viruses/solutions?qid=208280684

or you could also try FixTDSS.exe from Symantec

http://www.symantec.com/content/en/us/global/removal_tool/threat_writeups/FixTDSS.exe

If this does not resolve your issue then try Combofix:

Download Combofix
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://www.forospyware.com/sUBs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Tutorial on how to use combofix:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Post logs here for further analysis.

Sudeep
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
iOS vulnerability (9.3.5) 5 79
Anti-Spam SMTP Proxy Server (@SSP) 7 81
What to look for in Fraud Protection Solutions  PoC 1 33
Ransomeware 11 56
HOW TO REMOTELY CLEAN MEROND.O WITH ESET SILENTLY PROBLEM       If you have the fortunate luck to contract the Merond.O virus on your network, it can be quite troublesome to remove as it propagates to network shares on your network. In my case, the …
There are many reasons malware will stay around and continue to grow as a business.  The biggest reason is the expanding customer base.  More than 40% of people who are infected with ransomware, pay the ransom.  That makes ransomware a multi-million…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
A company’s greatest vulnerability is their email. CEO fraud, ransomware and spear phishing attacks are the no1 threat to a company’s security. Cybercrime is responsible for the largest loss of money to companies today with losses projected to r…

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now