02-09-2010 04:56 PM
A demo antivirus called "Antivirus Soft" have taken over my computer.
They are constantly popping up warnings of viruses and other problems.
When I run a scan using Trend Micro - no virus or problems show up.
I have tried to remove them, but have failed.
I can no longer access internet explorer - since they have taken over my computer.
02-12-2010 05:56 AM
Did you get anywhere with removing Antivirus Soft? Trend Micro does not find it. I tried a program called Malwarebytes, but did not have any luck. Several on the net have, so you may want to try it. Right now I am looking at a re-install of XP. I may try a HijackThis log if I can get it to run. The virus now shuts down every application I try to open.
02-20-2010 07:36 AM
Trend Micro did protect my laptop computer from av-protect.com and softmetalgroup.com when I tried to access them directly. They are clearly the source of this virus/malware. Unfortunately, I didn't have a copy of TrendMicro on my desktop and my son clicked on a website that downloaded this malware onto my family home desktop. It is a particularly pernacious malware that doesn't allow you to download HiJackThis or any antivirus software.
I haven't tried rebooting in safe mode yet, which I'll do after reading your post, Richard. This does appear to be a fairly recent malware out there. TrendMicro, you should work on developing a solution. You probably will be getting more inquiries.
02-20-2010 01:19 PM
Well, 5 hours of work later on this problem, I was able to reboot my computer in safe mode and download TrendMicro Antivirus Software on my desktop and run both a quick scan and a full scan. Unfortunately, it didn't eliminate the malware. Very frustrating. Eventually, after running HiJackThis and Rkill among other fixes (including trying to load the anti-malware program that Richard used to no effect (it wouldn't initiate after downloading), I was able to load and run PC Tools Spyware Doctor with Antivirus. After using its scan and elimination process it found an additional 16 threats and 464 infections in my desktop (that was after TrendMicro's full scan and quarantine of 14 threats). It also finally eliminated the Antivirus Soft malware. What an ordeal. I'm not sure how you all at TrendMicro would explain all that, but PC Tools now has my business.
TrendMicro, you need to get up to date on these viruses and malware problems or you are going to lose more business.
02-20-2010 04:37 PM
This has been a total headache for me too. I''ve paid for and used Trend for many years now. I Tried Calling Trend for help on this ANTIVIRUS SOFT issue since I couldn't access any website and found out they are only open for support Mon-Fri. I'm starting to rethink using Trend for my Antivirus Program. I used to love Trend and I recommended it to all my family and Friends. Not any longer!!
02-20-2010 09:22 PM
It's my understanding that this virus cripples Internet Explorer, but neglects other browsers. If you have a copy of Firefox you might have better luck downloading a solution - and IMO your chances would be even better with Google Chrome.
03-01-2010 12:43 PM
Yes, this virus installs a proxy server on IE. Firebox and Chrome both work. The site bleepingcomputer.com has a very nice step by step fix for these pesky viruses. The most important step is running the rkill exe to shut down all of the malware processes. There are other variants of this virus running rampant, Security Antivirus and Antivirus Live (the latter being the hardest to remove).
I am an IT consultant and my two biggest customers, who have changed to Trend on my recommendation, have had an recent outbreak of all three of these. Needless to say, Trend is not doing anything to prevent these infections. Our TM is fully up to date. Trend really needs to get on top of this, as from the posts and my experience this is getting to be one annoying group of scareware. Get on the ball guys.
03-03-2010 05:59 AM
Trend isnt the only paid-protection that's not catching this fake/rogue antivirus. Both of the other major ones are missing it, too.
As soon as you see it on your screen try to close windows/turn off your computer. I couldnt do anything so I just unplugged it. Not a great solution but it can stop some of the damage. This rogue thing can disable your paid-for protection, block access to the internet, and load your computer down with popups. You can reboot to safe mode with internet access (f8 asap at startup) and try to download Malwarebytes (mbam) to your desktop (so you can find it). Once you get it you may have to rename it to something like iexplorer.exe because this rogue thing is smart enough to know mbam will kill it, so it wont let you run it. Malwarebytes will kill it. Rkill will kill it also, maybe get both of them. If you cannot update the mbam, just run it, then reboot to normal and get the updates and run it again.
Read these first: