[new problem]Need help removing "Antivirus Pro 2010"

Bulbapuck · Wed 14/10/2009 12:09:32

Antivirus Pro 2010 intalled itself on my computer

I was immediatly suspicious of it and a quick google-search prooved my suspicions to be correct.
Now it doesn't allow me to go to certain internet pages (I hope it will alow me to post this..)
And I can't remove the program asyou usually do, by clicking remove progam.. It just doesn't work

HELP!!!

Khris · Wed 14/10/2009 12:25:17

Download this:
http://dl.getdropbox.com/u/995571/SUPERAntiSpyware.exe
(put it in my dropbox in case the malware blocks the official download).

Install it and run a standard scan.
If that doesn't work, try it in safe mode (press F8 at boot time).

Bulbapuck · Wed 14/10/2009 14:19:09

IT WORKED!!!

Thank you Khris!

Thank you thank you thank you thank you thank you thank you thank you thank you thank you!

You're a lifesaver

rharpe · Mon 19/10/2009 04:08:49

I know you fixed your problem, but here are some other programs you should keep on your system updated at all times and use if you need to:

Anti-malware:
Malwarebytes
Spybot - Search and Destroy

Antivirus:
Avira Antivir (free edition)

Registry Scan:
HijackThis

Bulbapuck · Sat 02/01/2010 08:33:14

Thanks rharpe, I must've missed your post

Will definatly download those

I have a new problem and I have no clue what to do. (Suspect something bad due to all the popup messages)
I can't open windows media player, when I try it says that it's not supporting the file I'm trying to open. And I believe this is a fake message since I seem to recal a time when media player could play mp3's :

I did some research and it seems to be something called "vs codec pro", and I tried scanning my computer several times with SUPERAntiSpyware and also ran a virus scan. Neither find anything, despite the fact that I keep getting popup messages saying "Your computer is infected with spyware!" and such..

Please help!

arj0n · Sat 02/01/2010 08:44:55

You can run SwD to autodetect and remove VSCodec PRO.

Or manually remove it:

delete file:
wextract.exe

remove reg entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "VSCodecPRO"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Image File Execution Options\taskmgr.exe

delete map and files [if existing]:
%UserProfile%\Application Data\VSCodecPRO\Autorun.ico
%UserProfile%\Application Data\VSCodecPRO\Process.ico
%UserProfile%\Application Data\VSCodecPRO\Service.ico
%UserProfile%\Application Data\VSCodecPRO\settings.ini
%UserProfile%\Application Data\VSCodecPRO\uill.ini
%UserProfile%\Application Data\VSCodecPRO

Bulbapuck · Sat 02/01/2010 09:26:35

Well, it found 77 bad files, but to remove them I have to upgrade. figures...
I'll just remove the 77 manually and see what happens.

Thanks [ Arj0n ]

EDIT: How do you remove a reg entry?

Oliwerko · Sat 02/01/2010 09:57:40

Run -> "regedit"

There you just find what you want and delete it. But be careful and do not alter anything you don't know.

arj0n · Sat 02/01/2010 10:01:28

For winxpsp3:

1. Run regedit, [win start button->run->"regedit"->OK]
2. Within the left pane
Goto: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\
leftclick on Run and look in the right panel for the entry "VSCodecPRO". rightclick on it and choose delete.
Goto: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Image File Execution Options\
leftclick on Image File Execution Options and look in the right panel for the entry "taskmgr.exe". rightclick on it and choose delete.
3. Done

Bulbapuck · Sat 02/01/2010 10:19:37

For some reason I cannot run regedit, a popup window says it's infected...

arj0n · Sat 02/01/2010 10:29:21

download and run suerantispyware (free)

when that doesn't work: boot pc in safemode and run a virusscan and if possible a malware/spyware scan
Boot pc in safemode = restart pc and hit F8 until you see a dos-menu. choose 'safemode with no network options'. Windows will start with a minimum of processess and appears in 16bit color. Then run antispyware/antivirus software.

Bulbapuck · Sat 02/01/2010 10:32:38

I've heard a lot about this "rebooting"-thing. Though I have no clue what it is or how to do it.

Sorry about all the questions, I'm a n00b and on my mother's computer

auriond · Sat 02/01/2010 10:33:47

Or if you're using WinXP, try RegCleaner.

edit: rebooting means restarting your computer.

Bulbapuck · Sat 02/01/2010 11:07:44

Thank you so much for the link auriond and for the edit [ arj0n ]!

I'll get to work.