Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trouble removing "antivirus .net"


  • Please log in to reply
1 reply to this topic

#1 GenC

GenC

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:59 PM

Posted 08 February 2011 - 07:48 PM

Computer is my husband's, an HP running Windows Vista. He's been getting pop-ups from "antivirus .net", tried to something about it himself with no success.

I tried to follow the instructions on this page: http://www.bleepingcomputer.com/virus-removal/remove-antivirus-.net, however...

rkill.exe doesn't find anything.

MBAM doesn't find anything, quick or full scan.

I tried running HiJack, but I'm not familiar with the program and didn't feel comfortable clicking things all willynilly, and didn't find anything that matched the path on the above bleepingcomputer page (temp folder and all).

So, this virus is apparently invisible, yet it's still showing up and it's still blocking him from searching for antiviral information on that computer (I'm on my laptop right now).

What do I do next? I've exhausted my limited skills in this arena.

BC AdBot (Login to Remove)

 


#2 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:03:59 AM

Posted 08 February 2011 - 08:41 PM

Hi GenC and welcome to Bleeping Computer.

Antivirus .NET will also configure your computer to use a proxy server so that it hijackthis your web browser

Try this:
Start Internet Explorer, and when the program is open, click on the Tools menu and then select Internet Options
Click on the Connections tab
Click on the Lan Settings button
Under the Proxy Server section, please uncheck the checkbox labeled Use a proxy server for your LAN. Then press the OK button to close this screen
Then press the OK button to close the Internet Options screen.

Let's make sure you have the latest MBAM definitions:
Latest update was database version: 5716
Please update MBAM and run another scan:
Start MBAM
Click on the Update tab

Posted Image

Click Check for Updates

If it says that MBAM needs to close to update it... let it close and then restart.
Then click the Scan button.

Don't forget:

  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
  • Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.


Please copy/paste the latest scan report in your next reply.

Edited by Starbuck, 08 February 2011 - 08:47 PM.

BBPP6nz.png





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users