"Antivirus System Pro" Malware Infection

Discussion in 'ESET NOD32 Antivirus' started by PanicButton, Jul 6, 2009.

Thread Status:
Not open for further replies.
  1. PanicButton

    PanicButton Registered Member

    Jul 6, 2009
    I have been infected with "Antivirus System Pro" malware. It has installed it self somewhere in my PC, and has included an icon on my dashboard. I did not know that I was infected till this morning when I booted and the thing started what looked like a 'scan' of my computer. Now I get a pop-up every two minutes that says "Windows Security alert, windows reports my computer infected, click here to scan your computer. Your system might be at risk now."

    I did some looking about this, and it seems to be a critical invasion, and there are lots of removal tools out there, but I'm not sure which one to go with. Can you please provide me some advice on the best way to remove this thing, and why NOD32 did not gut-shoot it at the border :D ?

    Thanks in advance.

    My system is:

    Windows XP sp2
    ESET NOD32 Anti-virus
  2. ASpace

    ASpace Guest


    Following these "stupid" general instruction you are most likely to get rid of this pest .

    Start by downloading Malwarebytes Anti-Malware (the free version) from:

    Install it using the default options . At the end make sure it will update and run a scan . If you are unsure , update manually .

    Perform complete scan . At the end make sure it removes all the threats found and reboot the computer .

    Proceed by downloading and installing Microsoft's Windows Defender -

    Install it with default options . Make sure it is updated and perform full scan . Like with MBAM , let is remove whatever it finds and reboot the computer.

    Visit ESET's download page here

    and download the very latest version of the product - 4.0.4xx . Make sure to update it and again perform complete scan with it. Reboot to complete the process.

    Visit Microsoft's Protect your PC web-page and learn how to stay protected:

    If you still have problems or suspect of being infected even after following my suggestions , contact ESET Customer Care (email to support@eset.com) or post in a forum that provides malware cleaning services (such as my favourite - AumHa , for example).

  3. e36

    e36 Registered Member

    Apr 13, 2004
  4. Ronin12

    Ronin12 Registered Member

    Jul 9, 2006
    Unfortunately there are new malware programs that appear almost every day. It does take anti malware companies some time to receive samples so that they may add signatures to their database. What you have sounds like rogue malware. I would recommend installing the free versions of Malwarebytes and Superantispyware and running a scan after you check for updates. Both are good at dealing with these types of malware. Links to their sites are as follows.
  5. PanicButton

    PanicButton Registered Member

    Jul 6, 2009
    ASpace, I followed your 'stupid' instructions and got er done. They weren't too stupid, they did the job.

    Thanks to all who replied. I'm sure I'll be back with questions; I know just about enough about computers to be a danger to myself.
  6. ASpace

    ASpace Guest

    They aren't stupid - I mean they are too general . Glad they worked for you.

    You are most welcome :thumb:
  7. ioniancat21

    ioniancat21 Registered Member

    Apr 23, 2008
    Google "Combofix" and download yourself a copy, it cleans up this particlular piece of malware quite well. It's also free, or better yet, download it here!!!

    The Antivirus System Pro, Antivirus 2008 and 2009 and other similar infections are complex in design and can wreak havoc on most antivirus products including NOD32 as I have seen personally.

    Fortunately, there are countermeasures you can take to avoid downtime and loss of data:
    -Take disk images frequently. I personally do daily images, scheduled to run while I'm asleep. I keep my last 3 days as a cycle. With 1TB sized drives selling for less than $100, why disk images are not more mainsteam is beyond me.......
Thread Status:
Not open for further replies.