Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Antivirus System Pro - Removal


  • Please log in to reply
1 reply to this topic

#1 it support guy

it support guy

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:05:55 AM

Posted 26 November 2009 - 12:23 PM

Hi there

I work for an IT Support company called Appiam. I recently had the dreaded Antivirus System Pro virus. It wouldn't let me run anything and by anything I mean it stopped, rundll32, regedit, cmd, .exe files, you get the picture.

I followed the guide on the link from your site: http://www.bleepingcomputer.com/virus-remo...irus-system-pro, i managed to download the rkill.com program but it would not run. Was just about to rebuild it when i had an idea.

Right click and run command.com as an domain administrator. It worked, still got the "command.com is infected do you want to install antivirus" but it stayed up. from here i could run all the above. went to the desktop folder and ran the rkill.com - it worked.

Ran malwarebytes as well.

So if you get this issue just right click any application and run as domain administrator and it will work.

hope this helps anyone out there who has this issue.

Nick
EDIT: Commercial link removed~~ Moderator

Edited by Grinler, 27 November 2009 - 08:22 AM.


BC AdBot (Login to Remove)

 


#2 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,462 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:01:55 AM

Posted 27 November 2009 - 08:22 AM

Yes, I have seen this before. Typically what you need to do is run rkill a few times until it can successfully run. I am not 100% sure it was the run as administrator that solved the problem, rather than just running it enough times that it bypassed the rogues security system.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users