Antivirus Pro 2010 - How to remove?

 

What is Antivirus Pro 2010?

Antivirus Pro 2010 is a clone of PC Antispyware 2010 – a highly popular rogue anti-spyware program, which is still one of the main cyber threats in the wild today. Antivirus Pro 2010 works the same way as it’s predecessor, meaning it’s a fake spyware remover, which enters the system by employing various trojans to exploit browser security holes. Simply put, you can get infected by clicking a link or downloading a “codec” or installing freeware games – the possibilities are many.

Antivirus Pro 2010 floods the user with popups and fake system notifications, which are made to look like threat reports. These popups usually (falsely) claim your system is infected and urges that you download Antivirus Pro 2010 in order to dispose of the infection. In addition to the popups, you are also bound to encounter fake system scans – whether local or online – which mark legitimate files as threats and thus create the illusion that your system is infected. Both the popups and the scans link to the purchase page of Antivirus Pro 2010, where you will have the opportunity to loose some money for a fake program.

Much like any other rogue, Antivirus Pro 2010 will only give you a slow system and tons of popups – do NOT download or buy it and remove it immediatelly upon detection.

 

Automatic Antivirus Pro 2010 removal tools

 
  Download Spyhunter for Antivirus Pro 2010 detectionNote: Spyhunter trial provides detection of parasite like Antivirus Pro 2010 and assists in its removal for free. You can remove detected files, processes and registry entries yourself or purchase a full version.
 
 
 
* Support is performed by Callstream.
 
 

Manual Antivirus Pro 2010 removal

 

Important Note: Although it is possible to manually remove Antivirus Pro 2010, such activity can permanently damage your system if any mistakes are made in the process, as advanced spyware parasites are able to automatically repair themselves if not completely removed. Thus, manual spyware removal is recommended for experienced users only, such as IT specialists or highly qualified system administrators. For other users, we recommend using Spyhunter or other tools found on 2-viruses.com.

Processes:
Files:
Dll:
Registers:

It is impossible to list all file names and locations of modern parasites. You can identify remaining parasites, other Antivirus Pro 2010 infected files and get help in Antivirus Pro 2010 removal by using Spyhunter scanner. 

 

Antivirus Pro 2010 screenshots

 
avpro2010_scan
           
     

107 thoughts on “Antivirus Pro 2010

  1. Lab Vyas
     

    How can i remove the antivirus pro 2010 program, i do not know how i got that,
    it want let me remove the program from computer?
    I would appreciate if i get assistance.

    Lab

     
    1. admin
       

      If you do not know how you got it, you have some trojans in your system. Follow manual removal guide, or download scanner/ remover. I recommend Spyware Doctor, but there are more good removers as well.

       
  2. ihatecomputers
     

    This seems to be embedded in many websites, and is a pain to get rid of if it is ignored for too long. I have a pc now where it has disabled access to the registry, and task manager. It also will not let me run my avg and malewarebytes….

     
    1. admin
       

      Try spyware doctor. AVG fails against rootkits. And malwarebytes are often blocked by parasites nowdays.

       
  3. fightspyware
     

    Do you know of a free program that could get rid of Antivirus Pro 2010? Spyware Doctor is good at finding the paths of the spyware but unless you pay for it, it won’t get rid of Antivirus.

     
    1. admin
       

      You could try malwarebytes (no real time protection in free version), superantispyware (I think limited amount of infections cured in free version) or spybot S&D (very good for older parasites, but update frequency is quite bad). Also, there is an issue, that all of mentioned solutions are susceptible to some trojans that block them from working sometimes.

       
  4. marco
     

    I already bought the antivirus pro 2010, can they use my credit card # to make another transactions?

     
    1. admin
       

      Marco : Yes, it is highly possible. You should contact your bank and make sure there is no extra charges in your bank account. If there is (even from different “company”) you should ask to change your CC

       
  5. argh.
     

    i usd malwarebytes and it said that it deleted antispyware 2010 and requested that i reboot my pc to finish the removal. however, upon rebooting, to my great displeasure i found that the malware was still intact and acting as before! what would you recommend be my next course of action?

     
    1. admin
       

      Argh: There is a hidden rootkit/trojan that is still active. Malwarebytes is my second choice due to the fact that it has no real time protection in free version. Try scanning with spyware doctor and see what it finds.

       
  6. Southern
     

    It seems that everone is trying to sell you the “Spyware Doctor” which in itself is a pay and I will remeove the antivirus pro 2010 program for you and it is listed in several listing when you look for a remover for the pro 2010.

    nuff said

    oh the email is legit but if I get more mail than I think should be there I will delete it cause its a throw away email for me…

     
    1. admin
       

      Southern : the difference between legitimate and rogue is that legitimate program works, and some company had spent 5+ years for developing it (Not 2 weeks). And we do not use commenter emails.

       
  7. JNYBOY
     

    I tried all the above with spywareDoctor. registry mechanics and did some work but the best way to remove this horrable virus is doing it manual, but please follow exact directions as above if not you can damage your computer…It worked for me(Manual)…thank god! best of luck..

     
  8. robert
     

    As of now my computer does not shoe that I have downloaded Antivirus Pro 2010 but I am getting that annoying pop-up alert saying that my computer has been infected and to click on it to download the antivirus software. Houw do I get rid of that annoying pop-up?

     
    1. admin
       

      Robert : scan with spyware doctor, you got trojans promoting Antivirus Pro 2010

       
  9. noelle
     

    I somehow ended up with both Total Security and Antivirus Pro 2010. I was fortunately able to download AVG and it seemed to get rid of Total Security but now I have Anitvirus 2010 in my computer and cannot get rid of it. It took 8 hours for AVG to scan my computer and it still wasn’t finished and I still have this dumbass Antivirus thing in my laptop. I have read over everyone’s comments and questions posted above but I really don’t want to pay for removal of anything or for that matter be putting my credit card number on here as clearly my laptop is infected. I really don’t understand how to remove it manually. Is there a phone number or hotline for this kind of thing where I can get step by step help. Or maybe you can explain in depth how to manually remove it? Like what to open and what to click on and what exactly to delete because I don;t want to do anything that may potentially screw up my computer any further. Thank you!!!

     
    1. admin
       

      Noelle : symantec charges around 100 USD for such service (online repair). I would recommend trying to scan with spyware doctor if you are not computer expert.
      AVG free version does not find all kinds of infections.

       
  10. Peggy
     

    I have been working on my mothers computer for three days trying to get this crap off her computer. I dont usually buy “fixes” but I finally gave up and paid the 29.95 for Spyware Doctor that several websites recommend. I ran scans both the quick and full and still have AVPro2010 popping up. I have emailed support at Spyware Doctor and after two days have not had a response. Their website says they work 24/7 and try to respond within 24 hours. Maybe all of you that push their programs need to know this.
    Got any other fantastic ideas other than pay an IT person to wipe the hard drive clean? thanks

     
    1. admin
       

      Peggy
      Have you run updates? Typically, they respond very fast for me. However, sometimes trojans update their versions and Spyware doctor have temporal problems removing them. Also, no remover is 100% proof (or they lie ).
      Update spyware doctor (run updates) then do full scans both in safe mode and normaly.
      If it does not work, try downloading malwarebytes anti-malware, scan with it, and later re-scan with spyware doctor. Malwarebytes removal module is free and sometimes detect parasites that spyware doctor misses, though spyware doctor has better detection rate for me.

       
  11. Mizzt
     

    This virus blocked my PC, i can turn it on, after its the windows xp screen it restarts i cant enter even safe mode :(

     
  12. Vince
     

    I also have this and can’t connect in safe mode or connect to the Internet. If they are obtaining credit card numbers can’t we trace the people doing this and lock them up?

     
  13. Jeremy
     

    Why do I have McAfee if it won’t get rid of this thing. It keeps popping up saying its got trojans and their being removed, but nothing improves. I’ve tried all the manual stuff, I found its just easier to do everything in safe mode. But why won’t McAfee get rid of this, we pay them over $50 a year for protection and it doesn’t work. Can’t even call them unless I want to pay at least $39. Don’t ever buy McAfee, god forbid you ever need service, it won’t be there for you.

     
    1. admin
       

      Jeremy : mcaffee, like other antiviruses , specialise into broader spectrum of parasites and have problems to keep up with latest infections. It is ok, but not the best product.
      ck : use spyware doctor, download it to usb drive, try using safe mode.

       
  14. CK
     

    The pro2010 has blocked my access to the internet as well. In addition, the trojon will not allow me to run any type of virus protection in normal mode. Any suggestions? Malware, spy bot is not locating and removing the virus.

     
  15. steve
     

    If i cannot get this crap off, i am going to buy a 300 dollar HP mini. and if viruses attack it, i am goign to throw it away and get a new one. not worth all the headaches.

    these dumbasses make viruses, then you gotta pay to remove them… its a never ending cycle!

     
  16. JB
     

    I’ve joined the crowd with Antivirus Pro 2010. My McAfee hasn’t touched it and I don’t want to order spydoctor online while I have this. I backed up my whole computer 2 weeks ago. If I do a restore, will that get rid of the virus and put me back where I was?

     
  17. Zoli
     

    it’s a shame that there’s a program that could delete this virus but it only says “i found it pay cash to delete it!”

    i know it’s people’s job they live from these moneys but it’s still pathetic :(

    btw yesterday SpyWare Search & Destroy removed the virus, but it returned this morning… :S

     
    1. admin
       

      Zoli : Good software requires maintenance. Though there are freebies, like malwarebytes anti-malware (no real time protection in free version ), superantispyware, etc I have better experience with spyware doctor.

       
  18. chris
     

    I have installed Spyware Doctor and Malwarebytes to remove Antivirus Pro 2010, but both programs either freeze or shutdown once I start to run them… any other suggestions???

     
    1. admin
       

      Chris : try booting in safe mode and scanning from it. Also, update definitions.

       
  19. Ogy
     

    Use Combo Fix in safe mode.

     
  20. jayson
     

    @admin So Admin?? do you work for Spyware Doctor. It apparently seems so and i wonder if they created the antipro virus to boost sales

     
    1. admin
       

      Jayson – No, I am not employee of PC Tools. And I am 100% sure that PC Tools (creators of spyware doctor) haven’t created Antivirus pro , because they would be out of business quite soon. The competition in antispyware market is harsh, and any bad work will cause security firm to go out of business.
      Btw, I am using spyware doctor myself on couple machines of my family. And really, I am happy with it. I will not recommend any software that I haven’t tried myself.
      System restore does not always help, as you can not predict date when first trojan has infected the machine.

       
  21. jayson
     

    @chris all you have to do is goto start> help and support> System Restore> then pick a day like a month ago and backdate your computer to a previous day … tada… its freaking gone.. y buy spyware doctor bull crap

     
  22. p.o
     

    How can I get rid? it disables system restore, task manager, internet.. everything.

     
  23. Michael
     

    I fixed mine myself without paying a thing. Download and install the free version of SuperAntiSpyware. Navigate to its program folder and change the name of the SuperAntiSpyware.exe file and run it. Run a quick scan. It found over 100 infections on my pc and removed them. I rebooted and all back to normal. Goodluck.

     
  24. Steve
     

    I’m cleaning up a Antivirus Pro 2010 mess myself. From what I’ve discovered, it seems to be profile specific. I logged into a different profile on XP and experienced no popups at all. I’d recommend going through the manual removal process, above, create a new profile, copy over anything in ‘my documents’ you need (be careful copying anything else from the infected profile), then blow away the old profile. [Do all the copying in safe mode.]

    I’d be careful with reverting to a restore point, as I found several infected restore points during a scan on this PC.

     
  25. ThaCoola
     

    I got this godforsaken antivirus pro2010. And i have done everything that a possibly van do, but no luck with getting rid of it.
    Soo my last way out was to reinstall the whole computer, and i must say so far so good.
    Any other user that have done the same ? Would appriciate respondens.

     
  26. Patrick
     

    I tried to start the PC in Safe Mode, but it freezes with a series of lines looking similar to this

    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS\system32\config\system
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS\system32\C_1252.nls
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS\system32\C_437.nls
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS\system32\l_intl.nls
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS\FONTS\vgaoem.fon
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS\AppPatch\drvmain.sdb……….

    I only kept it like this for 2 minutes before i manually shut off the computer.

    What should I do?

     
  27. Ricky
     

    I just purchased Micro Trend to Remove AntiVirus Pro 2010 and it seems to have removed it but now I can’t do a System Restore or Defrag on my Windows XP, I could priooor to being infected, any suggestions on how to fix this? I get a Error message saying that the Restore capabilities are turned off by Group Policy and I need to check with the domain administrator. which I;m the System admin and can’t seem to getting my system Restored. Please Help if possible Thanks

     
    1. admin
       

      Ricky : your registry is corrupted. Read this guide : http://support.microsoft.com/kb/283073

       
  28. Jason
     

    Hi if you use something like a banking website with this virus on your computer are you at risk of your passwords etc. being discovered ?

     
    1. admin
       

      Jason:
      It is unlikely, but it is possible. Typically, they are expecting you to pay for their software, and get CC details at that point. It is a bit safer for them. But there is a possibility for keyloggers.

       
  29. Dean Terry
     

    I downloaded antivirus 2010 and it cost me roughly £33 it hasnt removed any of the problems and still saying system malfunction anti spyware tool needed can you help otherwise i want my money back in my account as its not helped get back to me soon as possible

    Dean

     
  30. Fedupmommi
     

    This is the fourth time Ive gotten this Antiviruspro 2010 and I thought I got rid of it. I even had a IT specialist clean my computer off and it came back 2 days later. Does that mean he never got it? It also seems as if it had gotten smarter because the ways I removed (or so I thought) before dont let me anymore. I cant even remove it from my Add/Remove Programs! Can you help me.

     
    1. admin
       

      Fedupmommi : There might be 3 reasons for this:
      1. Your system is already infected with some downloader that is constantly missed by techs.
      2. You visit same infected sites
      3. Your computer is exposed to same infected media – another infected computer in network, infected usb disk or CD.
      In all cases, check what antivirus and antispyware you use. You should use both that provide active real time protection and automatical daily updates. That reduces risks for such infections significantly.

       
  31. Timboston
     

    @JNYBOY I want to try this manually….above gives you the information to do it…but exactly where do I type the info in. Can someone give me a more step by step approach. I see above the commands to type….but where do I type them.
    txs

     
  32. Timboston
     

    Is ad-awareSE at all good for antivirus 2010?? I see its a free and well used tool.

     
    1. admin
       

      Timboston : Last time I checked Adaware update list, I was severely disappointed. They added some month-old rogues to definition DBs. I am not so sure how well it performs now, but … I would go with different tools.

       
  33. John Joyce
     

    I have recently purchased Antivirus Pro 2010 but it keeps blocking my work stating i Have spyware or intercepting programs Please give me the appropriate removal mateial

     
    1. admin
       

      John Joyce : Contact your bank asap and check if there arent extra charges in your bank account.
      Get a good antivirus and antispyware as well. I recommend Spyware Doctor, other choices superantispyware, malwarebytes anti-malware, spyware terminator are good.

       
  34. Swanny
     

    Hi fellow sufferers….
    I have spent the last 48 hrs battling this ****** thing. AVG not effective and PC Tools, although it can identify and clean in the course of a long scan, appears ineffective in ridding me of this (Antivirus Pro reloads on reboot, and is now gobbling up resources. One problem seems to be the agp440.sys file …. which AVG says is ‘white-listed’ and so won’t touch, even though it identifies it as infected… can I rename this to disable? What will this do to my system? Help! Please! Thanks.

     
    1. admin
       

      Swanny: the problem is new rootkit. Send agp440.sys to PCtools support – they will help you and the others to remove it.
      First, I would download rootkit revealer and/or gmer (if you are on vista) or AVG rootkit tool. Scan with one of these tools to pinpoint where the problem is and disable to rootkit.
      Then I would do following: Clear everything with Spyware Doctor, restart in safe mode and try to rename agp440.sys to something else.

       
  35. Swanny
     

    Thanks am in the process of scanning with GMER. Thought I had conquered the beast this afternoon only for it to come back again more vigorously! A very silly question, I know, but there IS an an alleged uninstaller in the program files folder for Antivirus Pro – don’t suppose it works – has anyone had the nerve to try it?

     
    1. admin
       

      Swanny : for some rogues it works, but it NEVER removes trojans that show advertisements nor rootkits.

       
  36. Limciu
     

    What do do to remove this shit:
    Start windows in service mode. Look for files: seres.exe, bypup.lib, irowy.dll, svcst.exe, wofuke.sys and delete it. This files probably will be located in subdir of Documents and Settings.

    Start regedit and search for this files in registry. Remove it all.

    After this my PC (Win XP) works OK!

     
  37. thane
     

    I had the same trouble…. can’t access registry, can’t get to safe mode, can’t download any programs, anti spyware won’t run… etc… So I went to control panel and created a new user… rebooted and logged into new user account, and then removed the spyware and viruses by downloading and running malwarebytes. All is better now. Hope this works for you too.

     
  38. Tia
     

    I installed AVG free 30 day trial after I found the Anitvirus pro 210 software.. didnt think it found it, open the control centre of AVG and click on the advance button look for the antivirus pro 2010 and quaranteen it.. once I done that I just uninstalled it (which it wouldnt let me do before)seems to have gone…

     
  39. Ira J. Madsen
     

    Microsoft’s October version of the Malicious Software Removal Tool will scan for, detect and remove this problem, too.

    Just click START, RUN, and type in “MRT” without the quotes. It runs a system scan, and then removes all threats it locates.

     
  40. Alex
     

    @argh.
    Hi, I just made the mistake of purchasing this software, and I can’t stop the payment but I’m worried that they might use my info as well, Did they for you?

     
  41. Perkie
     

    I just got this crap and it did not allow me to tskmgr, or regedit, no safe modes, could not do anything on PC, I had Kaspersky’s 2010 and Malware Bytes, windows 7,Kids were playing on Facebook and that pop up appeared about viruses.(Future advice is end iexplore.exe in task manager) all goodies were backed up so I wiped it, has anyone had this and sucessfully survived the aftermath? And how to clean?

    Thanks

     
  42. Perkie
     

    Forgot to mention that anything you try and open it says is a virus and blocks it. These people should be tracked down and cut with razors all over their bodies and die a slow death……

     
  43. J-ston
     

    @ihatecomputers

    Been dealing with this problem for a while, I’ve found that many of the file names online guides mark for deletion aren’t on my cpu, and i suspect name changes. As to your issue, immediately after logging in as a user, and before the startup tray loads, press ctrl+alt+delete, so that this software isn’t able to prevent you from opening it in time.

    It took some time to find the files personally, but look for things that look unfamiliar, take up a lot of memory, or are useless enough to end without reprecussion

     
  44. strekoza
     

    Malwarebytes’ Anti-Malware worked fine by me in disposing of Antivirus Pro 2010. I even got infected with it a second time for amusement))) Both times I used Malwarebytes and it worked excelent. Both times I disconnected the internet when scanning.
    I have no resident antivirus, just do occasional scans with Malwarebytes’ Anti-Malware and DrWeb CureIt in tandem and system runs quite healthy with only Windows Firewall on. XP SP2 and IE6

     
  45. Ryan
     

    System is close to being shut down by a virtual loop. Antivirus Pro 2010 has taken over and I can’t run any .exe files or use the Remove Program features. Can’t get to any internet site other than the one that it directs me to.
    But using the task manager ctr-alt-del when freshly rebooting the computer allowed me to shut down a few of the Processes and Aplications before they took over. Also, I have a red circle with an X in it in the lower right corner then contiually notifies me that Your computer is infected! When I click on it Antivirus Pro 2010 kicks into instalation mode.
    When I research the problem, many remedies included deleting program files, but they must have renamed them. I’m stuck.

     
  46. Ryan
     

    @Ryan
    I cleaned it up..Yeahhhhh. but had to purchase a anti spy ware program. 40$..PC tool Spyware doctor did the trick.

     
  47. Flory
     

    I installed and scaned with spyware doctor. It identified the Antivirus System Pro and claimed to have removed it but it did not. At the next scan it identified it again. What can I do? I can a number of scans….

     
    1. admin
       

      Flory : run update to spyware doctor. Maybe there is a new trojan that Spyware Doctor can not detect as of now.

       
  48. jeanne
     

    Admin – I see others have had their internet blocked. I did download a copy of spyware to a usb and tried to install -the darn virus blocked it.
    I tried F8 (safe mode) and come up with the registry nightmare as stated previously by another author…. thoughts?
    Tried re-installing norton – blocked it. Thoughts

     
    1. admin
       

      Rename download to .pif . In many cases that will help. If not, you will have to start task manager and stop processes – search for ones that should not be here. Also, you might want to try installing in safe mode.

       
  49. April
     

    Whenever I enter Safe Mode, I cannot access the internet.

    I’ve downloaded Spyware Doctor, but I can’t click anything. It just has the default menu or whatever, and when I go to click something nothing happens. It’s just a solid Spyware Doctor screen.

     
  50. Jeff
     

    I also noticed that I had a new network setup for a non private network. I guess this crap wanted to have access to my network and i think there may also be a key logger. check you network for strange items and also check you file sharing. i had private file share over my network in place and noticed that more folders were added.

     
  51. I FOUND THE WAY
     

    *** attention!!
    ((Firefox works even when this bullshit Antivrius 2010 pro is working on))
    Steps to get rid of this Antivirus 2010 pro my ass.

    1. re-start your computer and boot with safe mode.(press F8 while the booting)

    (You need to change one setting to see this hidden folder where this bull shit program is.)
    2. start -> control panel -> (classic view) -> folder option -> go to ‘view’ tab -> click ‘show hidden files and folders’ -> click ‘OK’

    (This is where the bull shit file is located. c:\Documents and Settings\**your user name:delete this part and put your user name**\Local Settings\Application Data\oklojg\lcwdsysgurd.exe)

    3. delete ‘oklojg’ folder. this folder is full of bullshit.

    4. start -> run -> type ‘msconfig’ -> go to ‘startup’ tab -> uncheck ‘lcwdsgurd’

    5. restart your computer and boot normaly. It should work fine. good job!

    ps. thank you for dumbasses who made this program.. people with mental Disability who still don’t know how to make their own money and sucking at life.go to hell. you guys are not needed for the earth.

     
  52. Mark (follow-up to "I FOUND THE WAY")
     

    I got the same virus as everyone.

    I could not open any .exe files.
    I could not run any spyware/adware programs.
    I could not open Task Manager.
    I couldn’t even scratch my left nut.
    I pretty much couldn’t do a darn thing.

    Thankfully, the last post on this list by “I FOUND THE WAY” mostly worked. I followed his STEP 1 & 2. HOWEVER, I did not find any folder called “oklogjg” as he listed in STEP 3 to delete. Instead I found a weird folder called “bjwovb” with a file called “ptttsysguard” inside of it.

    I checked the properties on this folder (or file inside of it i forgot) and it said it was created “yesterday” which was when all these problems started. So, I deleted the above folder.

    On STEP 4 of the Startup Tab I did not see any “lcwdsgurd” as the previous poster had but I did see that same “ptttsysguard” from the folder I deleted so I unchecked it. I also unchecked another one which had no Startup Item Name or Command Name.

    After I restarted I still could not open my Task Manager so I thought CRAP it didn’t work! However………no more pop-ups or spams! I can open Add/Remove Programs. I can finally even open a freaking notepad! It worked!

    Lastly, I googled how to enable Task Manager which led me to the following website…
    http://www.windowsnetworking.com/kbase/WindowsTips/WindowsXP/UserTips/Customization/EnableDisableTaskManagerinWindowsXPHomePro.html
    I followed the instructions and I my Task Manager was back online.

    So, keep this in mind. While the previous poster said to delete the folder “oklojg” I had to delete a folder called “bjwovb.” What does it all mean? You may have a different folder you may need to delete. For all I know this antivirus may be creating random-gibberish names for it’s folders. My only guess is to look for a folder with a weird name when you do STEP 2 and check the properties to see when it was created. If it was created at the time of when you problems started that’s probably the one you have to delete.

    Lastly, I plan to run some free spyware/adware removal programs to try to catch anything I may have missed now that I can actually open files. I’ll probably go buy an anti-virus program too.

    Good luck! I hope this helps!

     
  53. big al
     

    I couldn’t find oklojg folder. I went to documents and settings and could not find it
    anything eles i should try
    thanks

     
    1. admin
       

      Big al : the name changes, the best advice is to look that should not be there – some randomly named folder.

       
  54. sammck
     

    I booted into safe mode and ran malware bytes from a thumb drive. Installed and ran it, rebooted into xp and it was fixed.

     
  55. GK
     

    I couldn’t find any folder. I also looked what shouldn’t be there and found nothing. I found “microsoft” folder was created yesterday but the files inside the folders were created back in 2007 and 2008. Please help….

     
  56. Melvin
     

    @jayson oct 4…..u were absolutely right forget everything else just do a system restore from a date u your pc was working fine and tada no more headaches….much mahalos bro

     
  57. Eric Wolff
     

    I sucessfully ran Malware to get rid of AV2010 but I seem to be left with a non-functioning Internet. I’ve tried several web browsers which all fail. It appears to be a DNS or some other problem internal to finding the web site. Any ideas on how to fix this. My ISP said repair IE7 which ended up removing it and so all my recent installs are gone. Is there a DNS file i can just delete?

     
    1. admin
       

      Eric : run a scan with spyware doctor. Also, disable proxy server.

       
  58. Granmono
     

    Seems to be that this thing is still vulnerable…ran my computer on safe mode, and got rid of a couple of unknown files (under a new name) as “I FOUND THE WAY” suggested.
    it seems to be that is working, just in case as soon as the system is stable I’ll back up all my info, until now Malwarebytes has detected two infected files…let’s see what happens, I’ll keep you informed, and guys be careful about the sites you visit…

     
    1. admin
       

      Granmono : there are semi-new version around
      Also, I recommend getting Spyware Doctor or other anti-malware with real time protection – this will reduce chances for infection significantly compared to tools without real-time protection.

       
  59. Joe
     

    Ok so i have a machine with this and seems im screwed. I cant run any virus programs, I cant install any new ones even if renamed, cant get into safe mode, cant make a new user account as thats blocked, cant get regedit up cant open system restore, my folder options folder is gone completely, cant open taskmgr as its disabled..Tried the boot cd repair but it wont boot from the cd, no internet connection and it wont let me sign into other accounts on the machine…running windows xp so looks like total loss after 4 days of infection this is a good one for sure.

     
  60. Roge
     

    First off, thanks for all the tips.
    I have been able to locate the “glkyssysguard” file that was hidden in a random file. But i cant delete it. Need a few ideas as i cant use task mgr, or anything else

     
  61. V. Kent
     

    I have the same problem with my system all at once and I can’t do anything on my laptop, I can’t get into any program and these pop ups will not stop. It has even started popping up PORN SITES and I”VE NEVER EVER EVER had anything like this in my life on a system that I have ever viewed or anything of that nature. O purchased the Antivirus Pro some time back and all at once its telling me that my laptop is infected with 34 viruses and that I have to purchase an additional software (the same as before…and I already had McAfee in place), anyway, long story short, sounds like I am going to have to take my computer into a shop and have it looked at big time….any opinions, send to email as I can get into that from my desktop computer. CAN ANYBODY SUGGEST ANYTHING DIFFERENT PLEASE HELP ME…

     
  62. IT Consultant
     

    Here’s what I’ve done guys. First, in Vista, I logged in as another user. If you don’t have one, try to create one. If you do have one, download and run antimalware the free version. The virus seems to be user related. When my pc got infected with the bug, the main user account couldn’t access the internet but the other account could. I would keep the other account open and save all the files from the primary then delete it.

    Next option would be to use system restore. I tried this in Vista but it failed but it may work for you. Last option would be to fully wipe the hard drive. Hope this helps.

    Oh, yeah, btw, it seems the bug is all over social networks….Myspace, facebook to name a few.

     
  63. T. Jhonson
     

    I got this thing from hotmail! Does anyone know a better way of getting this thing off?

     
  64. dave
     

    Love to see the folks who created this put away for a verylong time. actually what I’d like seen done to them os not permissable by law. HAve these bums beens caught?

     
  65. JOsh
     

    how can we prevent such a program from entering into our systems from Group Policy? If you realize this is going straight into the users temp profile and there must be a way to stop the user from being able to write to the temp folder without causing much harm..

     
    1. admin
       

      JOSH : Temp folders are used to write temporal information, like storing internet page elements for faster loading. The problem is that the content of that folder can be executed.
      I would say best approach is having good firewall, antivirus and anti-spyware programs.

       
  66. IHATETHISVIRUS
     

    I cannot do anything because even when i boot in safe mode and log on to my aministrator account the screen is just black with a cursor in the middle :/ any help guys, it would be much appreciated.

     
  67. Snap
     

    What a list, read em all. Reason being, I too was hit with this christmas eve morning from (Ebaumsworld.com)<-don't go there. Viral video site that has takin too much advertising and pop ups. My PC too was frozen on reboot, ended up buying a new hardrive and got a version of XP to install on it. Nastiest virus I've ever seen. Blew right past McFee, I'll never buy their protection again

     
  68. Please Answer THIS!
     

    I have this in my system, and I am 14. I DONT want to download any ANTI-VIRUS software (being that my mom has one on this computer and she would KILL me if she found out that this was on here.) I fixed the blockings on my NET (form the tool bar menu..) but still need to manually remove the spyware. PLEASE tell me how to do this (besides going to the control panel…[not working]). I am obviously, not a computer specialist, and have absolutley NO clue how to do this. Help, would be appreciated.

     
  69. tee
     

    I have vista, got this antivirus 2010 virus, did a system restore, now I cant seem to get online?? help!!

     
  70. Bean
     

    I couldnt open, use scrips, download or run anything on my pc. I tryed what people told me to do. Nothing worked at all. Well its really easy. Just restart your pc in a “safemode, If you are using windows” Then open a scan and let it run, Done!
    I have spybot scan program. It works 10 times better then any other. If FREE not a so called “free” software. I used it for years.

    Remember, Dont be a click happen person like alot of people, read before you click. Good luck!

     
    1. admin
       

      Bean : No wonder you got infected if you are using spybot – Spybot surely can remove couple month old parasites after restore, but thats it. Most of tools can do, even poorly supported. However, it can not protect that well from fresh infections. I check sometimes they definition updates. I see “fresh updates” with parasites, popular weeks or months ago. There is another issue with Spybot which I do not like as well. That is they criteria what is parasite, adware or harmful.

       
  71. Carlos
     

    Okay well I got infected with this thing about a week ago. It was by a diffrent name but it did the same things. I succesfully got rid of it by using Malwarebyte on the first try and everything. Today though, I start my computer and I see this pop-up come up with this Virus again! It was the exact same thing except this time it was called Vista Antivirus Pro 2010. I tryed using Malwarebytes again but it only found 2 infected objects! I deleted those objects and I rebooted my computer like how I did it last time but when it restarted, Vista Antivirus Pro 2010 was still on! I kinda knew this was going to happen because Malwarebytes only found 2 objects and last time it found like 15. So right now I got new updates for Malwarebytes and everything. I’m running it right but it’s been almost 19 minutes and it has found 0 objects! Is it because it got smarter from last time or what can I do. Please help me!

     
  72. jennifer
     

    hey guys…
    im really stuck..i got this peice of crap thing in my computer several days ago from i think facebook cos that is the only site my daughter went to that day…it popped up as XP antivirus pro 2010 and did the omg the computer is infected thing…but we didnt go to the site to buy it cos i figured it was some kind of bullcrap virus… well i thought i would be smart and just restore my pc to a few days before this…well the symbol disapeared but that was the only thing cos now if i go to the desktop and try to open anything it asks me with what program i would like to use… i have tried downloading malwarebytes and then it asks me with what program i would like to open it with so it can do nothing i have mcafee but that isnt helping either…i have also looked into the control panel to remove but it isnt there… this thing isnt allowing me to even restore my pc anymore… it has totally disabled anything in control panel. i try clicking on any of the icons there in safe mode and an error box pops up saying

    C:\windows\system32\rundll32.exe
    Application not found

    ive tried on lots of icons in control panel and this is what pops up..
    i havent read (on any of the many many forums i have looked at to try to fix this thing) that anyone else is having this problem…
    im not too computer savay so when u guys say go to registry… how do u get there?? please help and if someone would please email with a detailed way to go into my pc to try to find this thing i would be ever so happy!! its really frustrating this thing and i wish ppl who put things out there into the world would get a f***ing real job and stop screwing with other ppls PCs!! Thank goodness that my daughter has a laptop that i can communicate with the world to try to fix this… ok i have rambled on long enough!! Thanks in advance to anyone would can help me!!
    :} jen

    o ps…
    i have tried even to RUN a program and the only one it will allow me to do is COMMAND… then i dont know what to do from there… HELP ME PLEASE SOMEONE!!!

     
  73. Helper
     

    @Lab Vyas

    The following steps removed it from a Vista computer – hope this will help some people

    Open Windows in safe mode using F8 at windows startup.

    1) REMOVE FILES:
    —————-
    Use windows Explorer to delete offending files.
    In the examples, [USER NAME] is your particular user name.

    DELETE FILE: C:\Users\[USER NAME]\AppData\Local\[RANDOM FOLDER NAME]\[RANDOM CHARACTERS]tssd.exe

    NOTE: The file itself will end with “tssd.exe” but will be preceded by random characters. An example
    would be “qifqxbxtssd.exe”. The file will be contained in a random folder under “Local” folder. You will
    need to locate it.

    I also deleted the following 2 files, only because it looks as though they were created
    at the same time as the [RANDOM CHARACTERS]tssd.exe file. Not sure if these really needed
    to be deleted. If these files are associated with the malware, it’s possibly that they could
    also have random names:
    C:\Users\[USER NAME]\AppData\Local\Temp\5.405369293529676E7.exe
    C:\Users\[USER NAME]\AppData\Local\Temp\mbf2820.tmp

    2) FIX WINDOWS REGISTRY:
    —————————
    Use regedit to modify the windows registry

    HKEY_USERS\S-1-5-21-1424416978-2464694987-698909382-1000_Classes\Local

    Settings\Software\Microsoft\Windows\Shell\MuiCache:
    removed entry for [RANDOM CHARACTERS]tssd.exe

    Removed entire key:
    HKEY_USERS\S-1-5-21-1424416978-2464694987-698909382-1000\Software\Microsoft\IntelliPoint\AppSpecific\[RANDOM CHARACTERS]tssd.exe

    HKEY_USERS\S-1-5-21-1424416978-2464694987-698909382-1000\Software\Microsoft\Windows\CurrentVersion\Run
    Removed entry for ybkchxbu (this is probably random), which had the value:
    C:\Users\[USER NAME]\AppData\Local\[RANDOM FOLDER NAME]\[RANDOM CHARACTERS]tssd.exe

    3) FIX INTERNET EXPLORER
    ————————
    The malware virtually disables internet explorer by pointing it to a bogus proxy server.

    To fix, open internet explorer and select Tools\Internet Options\Connections
    Click on the LAN Setting button.
    At the Local Area Network (LAN) Settings window

    Check “Use a proxy server for your LAN…” and then click on the Advanced button. Remove the HTTP entries for
    Proxy address to use (127.0.0.1) and Port (5643)
    Click OK

    Answer yes to the question “Do you want to turn off the proxy connection anyway?”
    Back at the Local Area Network (LAN) Settings window uncheck “Use a proxy server for your LAN…”, and check “Automatically detect settings”

     
  74. john
     

    whoever created it needs to be fried on the 6 oclock news

     
  75. Ben
     

    Admin… would you stop recommending spyware doctor… are you getting a kickback for doing this? If you had any clue you would realize that Antispyware Pro 2010 BLOCKS any attempt at a program like spyware to remove it. The only program I have found effective is COMBOFIX… and it is free… I have used it at least 100 times… with perfect results… I have tested other programs like Malwarebyte, spyware… etc… and NONE of them fix the problem. COMBOFIX does… and again.. it is free.

     
    1. admin
       

      Ben:
      First, Most rogues block not spyware programs, but ALL programs except whitelisted. That is why we post manual removal instructions which allow to stop processes and then continue with removing automatically or manually.
      Combofix is a good repair tool, and I am planning on adding its tutorial and recommending (selectively). However, I have reasons to recommend spyware doctor over combofix:
      1. My goal is to have my visitors PC’s protected and maximum trouble free, not just to help repair it. Thus a tool with protection capabilities for me is more valuable than just a repair tool.
      2. Combofix operation suggests some technical knowledge (in case something goes wrong). It is not meant for a typical PC owner. Not that important in malware infection cases, but it is true.
      3. I can not link to combofix directly, that is a requirement from combofix creator which I have to honour. I must link to specific malwarebytes affiliate page, which allows download of latest combofix.
      4. Combofix is not a magical bullet either, and has some alternatives : Alternate OS scanners from Symantec, PCTools, Avira, some other Boot CDs, Hitman Pro (as standalone repair tool), etc.
      5. You will still have to launch combofix, so if executable execution is blocked, you have to solve it first too. Although you can overcome it by renaming combofix to .com or firefox.exe, so you can do with majority of other programs.

       
  76. s.cecil
     

    Funny. I downloaded spyware doctor to get rid of vista AntiVirus. It worked. I then ran a registry clean re booted my pc and all was good. Or so I thought. I turned off, not removed but turned off spyware Dr., and turned my trend micro suite back on. Guess what? Yup. Vista AntiVirus came right back. Proof enough the files were not removed, simply quarantined by the obvious creators of this rogue virus software. After I attempt to manually find and remove this crap I believe my next action will be to contact an attorney in regards to this.

     
    1. admin
       

      A more likely cause is a trojan that got undetected by both SD and Trendmicro. Scan with other anti-malware tools, and update both SD and trendmicro before rescan.

       
  77. Asim
     

    @Ben
    Thanks Ben, I would like to inform that, I found what u mentioned here is very specific and worth a lot, I used COMBOFIX and found it very effective,and would recommended for those who attack by this Antivirus Pro 2010.Thanks man.

     
  78. Bianca Garrett
     

    i was charged for this but i do not have it installed on my computer can u please email me a contact number

     

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>