4 Replies Latest reply on Feb 3, 2010 7:41 AM by Dinz

    AntiVirsus Program Taken Over

      My computer has been taken over by an AntiVirus Program. I have McAfee Antivirus Plus 2010 installed but does not detect anything wrong after three complete scans. I can't open any files or programs after startup and no internet connection unless I purchase this Antivirus program.  This antivirus takes over in Demo form and mandates a purchase.  It states"this AntiVirus Demo version live, please note the removal is disabled in demo form mode.  To be able to remove please purchase mimium three months $59.95".  I can not find this program in any file including cookies nor can I remove or delete the program. I am running windors XP on a Dell Vostra.  ANY SUGGESTIONS?

        • 1. Re: AntiVirsus Program Taken Over

          Try starting windows in safe mode you might be able to remove it then, you could also try to restore back to before you got the program.

          • 2. Re: AntiVirsus Program Taken Over

            If you do a CTRL-ALT-DEL when you boot the system you can stop the culprit processes. Under Task Manager-Processes end any processes named xxxsysguard.exe.

             

            Do a search on 'AntiVirus Live scam' and you will find several sites, such as SoftSailor.com that list solutions. The free Malware bytes Anti-Malware software will totally get rid of the virus. 

            • 3. Re: AntiVirsus Program Taken Over
              jfrasier

              I find it very upsetting that McAfee didn't prevent this from installing on the computer in the first place. I work in an IT dept with about 600 computers and in the last week we have had a handful of computers with this. My techs tell me it is called 'antivirus soft'. Anyway, running virusscan catches NOTHING wrong. Malwarebytes catches it and removes it but what will prevent its return?

               

              Jane

              • 4. Re: AntiVirsus Program Taken Over
                Dinz

                Hi,

                Infections can sometimes occur silently, by visiting a website containing malicious code.  Other times, unknowingly a user can allow an infection by installing a program or plug-in, hiding malware within its code.  These programs are often disguised as free search utilities, screensavers or are even labeled as 'critical software updates'.  Even a protected PC can be made vulnerable under these circumstances.Hence the constantly-changing nature of viruses and their different variants makes 100% security impossibility, with any anti-virus software. I would recommend scanning using the stinger utility from http://vil.nai.com/vil/stinger/ as it has database of various infections.

                 

                 

                 

                 

                 

                 

                Regards,

                Dinesh K