Warning to all youalls...
It's called Antivirus System Pro, and it's planted mostly into movie files, and pdf files out there. It wasn't picked up from here, probably facebook is where she got it. There is a lot out there on it, but this appears to be a new version.
I've put at least 12 hours into this so far. Windows was recently updated, she was running a full blown version of McAfee, and it didn't get it. I removed McAfee, and ran AVG, AVG didn't see it either. Norton/Symantec didn't have a removal tool, and the Windows Malicious Software Removal Tool didn't see it. So I tried SpyBot which didn't see it. This sucker had me pulling my hair out. Spyware Doctor saw it, but wanted money to remove it. Finally found this little Malwarebytes program and it cleaned it.
http://download.cnet.com/Malwarebytes-A ... =mncol;pop
Trouble is that it locks you out of a lot of your system tasks. You can't get into the Add/Remove Programs, Task Mgr, or many other things. And as for removing it manually, I tried early and none of the files which are published on the internet that were supposed to be in there were there. Best I can tell, this is a new variation on an old theme.
Information is on it here: But you will need to concentrate on the system processes part and ignore the files to delete, cause they've changed them.
http://www.spywareremove.com/removeAnti ... emPro.html
You will have to stop the process though before you can repair it....and to do that you have to be darned quick with your mouse, cause it gives you about half a second to activate your Task Mgr and click on it, before it shuts it down. Once the Task Mgr is in the active window though you can proceed as normal. So polish up your quick draw...
I know this has gotten long, but I've never seen one as bad as this, and I've cleaned several viruses and trojans through the years.
Ed
OT-Nasty Little Trojan Out There
Forum rules
Welcome to the Leverguns.Com General Discussions Forum. This is a high-class place so act respectable. We discuss most anything here other than politics... politely.
Please post political post in the new Politics forum.
Welcome to the Leverguns.Com General Discussions Forum. This is a high-class place so act respectable. We discuss most anything here other than politics... politely.
Please post political post in the new Politics forum.
- Rimfire McNutjob
- Advanced Levergunner
- Posts: 3203
- Joined: Mon Sep 03, 2007 2:51 pm
- Location: Sanford, FL.
Re: OT-Nasty Little Trojan Out There
I had that same one about 6 weeks ago. It went right past Microsoft's Forefront AV. I also found that MalwareBytes was the only program that would remove it. Nasty bugger.
... I love poetry, long walks on the beach, and poking dead things with a stick.
Re: OT-Nasty Little Trojan Out There
My father found that one a few weeks ago, blew right past Systemic corporate, +1 on the Malwarebytes that was the only way I got it out of his. Had to make a trip home 35miles to download it and back up there but it was worth it. That one is a bugger.
"People who object to weapons aren't abolishing violence, they're begging for rule by brute force, when the biggest, strongest animals among men were always automatically 'right.' Guns ended that, and social democracy is a hollow farce without an armed populace to make it work."
- L. Neil Smith
- L. Neil Smith
- Old Ironsights
- Posting leader...
- Posts: 15084
- Joined: Mon Apr 02, 2007 9:27 am
- Location: Waiting for the Collapse
- Contact:
Re: OT-Nasty Little Trojan Out There
I don't use "Task Manager".
I use a bit of freeware from Microsoft called "Process Explorer". Much more robust/informative. I leave it running in the background from Boot on.
I use a bit of freeware from Microsoft called "Process Explorer". Much more robust/informative. I leave it running in the background from Boot on.
C2N14... because life is not energetic enough.
מנא, מנא, תקל, ופרסין Daniel 5:25-28... Got 7.62?
Not Depressed enough yet? Go read National Geographic, July 1976
Gott und Gewehr mit uns!
מנא, מנא, תקל, ופרסין Daniel 5:25-28... Got 7.62?
Not Depressed enough yet? Go read National Geographic, July 1976
Gott und Gewehr mit uns!
-
- Advanced Levergunner
- Posts: 6747
- Joined: Thu Mar 19, 2009 9:30 am
- Location: Lower Central NYS
Re: OT-Nasty Little Trojan Out There
When you have Acronis no worries,if the system even blinks funny its whitewash time.(15 mins)done!
Re: OT-Nasty Little Trojan Out There
I use linux. what's "windows" ?
Re: OT-Nasty Little Trojan Out There
I put taskmanager in the startup folder of my xp boxes, it's there from bootup. I run process explorer when I need it for diagnostics but haven't run it in the background the way I do taskman.Grizz wrote:I use linux. what's "windows" ?
Thanks for all the info on eliminating this one, my wife's xp box gets in trouble occasionally and I appreciate the info on dealing with this junk.
Grizz