System Pro

Discussion in 'Virus Information' started by davesplace54701, Nov 27, 2009.

  1. Surfing where I should not have been - suddenly start getting "alerts" that
    my system has been infected and that I need to purchase System Pro antivirus.
    Have seen this before, but my Malwarebytes Antimalware has always seemed to
    remove it no problem. Well this time I also get a message that "application
    cannot be executed whatever.exe has been infected. Do you want to activate
    your antivirus software now" this happens no matter what program I try to
    open including Task Manager. Have unplugged my infected system from the
    internet and am using another unit for this. Please help . .
     
    davesplace54701, Nov 27, 2009
    #1
    1. Advertisements

  2. davesplace54701

    Leythos Guest

    I had a single computer have the same thing happen, as soon as I noticed
    it doing improper things I removed the network cable.

    It sounds like yours is long gone - meaning that it's keeping you from
    removing it in several ways.

    You said you're on aother "Unit" and I assume you mean PC - take the
    drive out of the infected machine, install it in the good machine, scan
    it with MBAM and Avira Antiver.

    Before you install it in the good machine, download MBAM and Avira and
    make sure they are updated and working properly - once you clean the
    compromised drive in the good machine you should be able to reinstall it
    and boot and then download MBAM/Avira and run updates and full scans
    again.

    In my case, it took several cleaning cycles to remove everything.
     
    Leythos, Nov 27, 2009
    #2
    1. Advertisements

  3. davesplace54701

    VanguardLH Guest

    Did you reboot into Windows' Safe Mode and then run MalwareBytes (along with
    an updated copy of whatever is your anti-virus software)?
     
    VanguardLH, Nov 27, 2009
    #3
  4. It might be one of those that requires a renaming of the MBAM executable
    in order to work, or it may be too new and MBAM needs to develop a
    detection/removal especially for it.

    Depending upon your ability to remove malware by using tools like MBAM,
    rather than avoiding malware by changing your habits, is a method doomed
    to failure. Some malware will eventually do something that cannot be
    fixed.
     
    FromTheRafters, Nov 27, 2009
    #4
  5. davesplace54701

    Derek Knight Guest

    this cra@pware installs a service that stops MBAM & many antiviruses from running

    boot to safe mode & on a cmd prompt type SC disable AntiSpyFilter

    boot back to normal mode & run MBAM to clean up

    any problems post on http://thespykiller.co.uk/index.php/board,3.0.html after following instructions at
    http://thespykiller.co.uk/index.php/topic,8974.0.html and I'll help you clean up

    done several of these today already

    Derek

    Microsoft MVP Consumer Security
     
    Derek Knight, Nov 27, 2009
    #5
  6. davesplace54701

    Derek Knight Guest

    Sorry mistyped
    should have typed

    sc config AntiSpyFilter start= disabled

    reboot & type on a cmd prompt

    sc delete AntiSpyFilter

    then run mbam which should get the rest of this cr@p
     
    Derek Knight, Nov 27, 2009
    #6
  7. From: "Derek Knight" <>


    | Sorry mistyped
    | should have typed

    | sc config AntiSpyFilter start= disabled

    | reboot & type on a cmd prompt

    | sc delete AntiSpyFilter

    | then run mbam which should get the rest of this cr@p


    Can't just type in a command prompt w/o a reboot ...

    sc stop AntiSpyFilter
    sc delete AntiSpyFilter
     
    David H. Lipman, Nov 27, 2009
    #7
  8. davesplace54701

    Derek Knight Guest

    Hi David

    You can try but several of these protect the service while it is running but it can be set to start up disabled so it can
    be deleted on next boot. That way is normally more guaranteed than a stop which can be blocked by a protecting file or
    other driver

    Derek
     
    Derek Knight, Nov 27, 2009
    #8
  9. | Hi David

    | You can try but several of these protect the service while it is running but it can be
    | set to start up disabled so it can
    | be deleted on next boot. That way is normally more guaranteed than a stop which can be
    | blocked by a protecting file or
    | other driver

    | Derek

    Thanx Derek.
     
    David H. Lipman, Nov 27, 2009
    #9
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.