Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

System Pro

0 views
Skip to first unread message

davesplace54701

unread,
Nov 27, 2009, 9:22:01 AM11/27/09
to
Surfing where I should not have been - suddenly start getting "alerts" that
my system has been infected and that I need to purchase System Pro antivirus.
Have seen this before, but my Malwarebytes Antimalware has always seemed to
remove it no problem. Well this time I also get a message that "application
cannot be executed whatever.exe has been infected. Do you want to activate
your antivirus software now" this happens no matter what program I try to
open including Task Manager. Have unplugged my infected system from the
internet and am using another unit for this. Please help . .

Leythos

unread,
Nov 27, 2009, 10:14:30 AM11/27/09
to
In article <831E6F81-1A60-41FF...@microsoft.com>,
davespl...@discussions.microsoft.com says...

I had a single computer have the same thing happen, as soon as I noticed
it doing improper things I removed the network cable.

It sounds like yours is long gone - meaning that it's keeping you from
removing it in several ways.

You said you're on aother "Unit" and I assume you mean PC - take the
drive out of the infected machine, install it in the good machine, scan
it with MBAM and Avira Antiver.

Before you install it in the good machine, download MBAM and Avira and
make sure they are updated and working properly - once you clean the
compromised drive in the good machine you should be able to reinstall it
and boot and then download MBAM/Avira and run updates and full scans
again.

In my case, it took several cleaning cycles to remove everything.

--
You can't trust your best friends, your five senses, only the little
voice inside you that most civilians don't even hear -- Listen to that.
Trust yourself.
spam9...@rrohio.com (remove 999 for proper email address)

VanguardLH

unread,
Nov 27, 2009, 10:19:20 AM11/27/09
to
davesplace54701 wrote:

Did you reboot into Windows' Safe Mode and then run MalwareBytes (along with
an updated copy of whatever is your anti-virus software)?

@nomail.afraid.org FromTheRafters

unread,
Nov 27, 2009, 10:58:59 AM11/27/09
to
"davesplace54701" <davespl...@discussions.microsoft.com> wrote in
message news:831E6F81-1A60-41FF...@microsoft.com...

It might be one of those that requires a renaming of the MBAM executable
in order to work, or it may be too new and MBAM needs to develop a
detection/removal especially for it.

Depending upon your ability to remove malware by using tools like MBAM,
rather than avoiding malware by changing your habits, is a method doomed
to failure. Some malware will eventually do something that cannot be
fixed.


Derek Knight

unread,
Nov 27, 2009, 3:27:36 PM11/27/09
to

"FromTheRafters" <erratic @nomail.afraid.org> wrote in message news:OOkzKq3b...@TK2MSFTNGP04.phx.gbl...

this cra@pware installs a service that stops MBAM & many antiviruses from running

boot to safe mode & on a cmd prompt type SC disable AntiSpyFilter

boot back to normal mode & run MBAM to clean up

any problems post on http://thespykiller.co.uk/index.php/board,3.0.html after following instructions at
http://thespykiller.co.uk/index.php/topic,8974.0.html and I'll help you clean up

done several of these today already

Derek

Microsoft MVP Consumer Security

Derek Knight

unread,
Nov 27, 2009, 3:40:11 PM11/27/09
to

Sorry mistyped
should have typed

sc config AntiSpyFilter start= disabled

reboot & type on a cmd prompt

sc delete AntiSpyFilter

then run mbam which should get the rest of this cr@p

"Derek Knight" <de...@oneknight.co.uk> wrote in message news:OHHcTA6b...@TK2MSFTNGP04.phx.gbl...

David H. Lipman

unread,
Nov 27, 2009, 4:05:51 PM11/27/09
to
From: "Derek Knight" <de...@oneknight.co.uk>


| Sorry mistyped
| should have typed

| sc config AntiSpyFilter start= disabled

| reboot & type on a cmd prompt

| sc delete AntiSpyFilter

| then run mbam which should get the rest of this cr@p


Can't just type in a command prompt w/o a reboot ...

sc stop AntiSpyFilter
sc delete AntiSpyFilter

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp


Derek Knight

unread,
Nov 27, 2009, 5:05:06 PM11/27/09
to

"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message news:O3P6oV6b...@TK2MSFTNGP02.phx.gbl...
Hi David

You can try but several of these protect the service while it is running but it can be set to start up disabled so it can
be deleted on next boot. That way is normally more guaranteed than a stop which can be blocked by a protecting file or
other driver

Derek

David H. Lipman

unread,
Nov 27, 2009, 5:14:03 PM11/27/09
to
From: "Derek Knight" <de...@oneknight.co.uk>


>> Can't just type in a command prompt w/o a reboot ...

>> sc stop AntiSpyFilter
>> sc delete AntiSpyFilter


| Hi David

| You can try but several of these protect the service while it is running but it can be
| set to start up disabled so it can
| be deleted on next boot. That way is normally more guaranteed than a stop which can be
| blocked by a protecting file or
| other driver

| Derek

Thanx Derek.

0 new messages