Andre Linoge
Gebruiker
- Lid geworden
- 27 mrt 2005
- Berichten
- 102
Ik was op zoek naar een reminder programmaatje toen ik het Antivirus Plus virus binnen kreeg.
Na gebruik van Avast, Malwarebytes anti-malware,Spybot, Spyware Doctor en Security Task Manager, kreeg ik meldingen dat er geen bedreigingen gevonden waren.
Na enige informatie over dit virus gelezen te hebben:
==================================================
"Antivirus Plus" files can be found in the directory path(s):
%AppData%\AntiVirus Plus
%UserProfile%\Local Settings\Application Data\AntiVirus Plus
%UserProfile%\Start Menu\Programs\AntiVirus Plus
%ProgramFiles%\Antivirus Plus
%AllUsersProfile%\Start Menu\Programs\Antivirus Plus
Step 2 : Use Windows Task Manager to Remove Antivirus Plus Processes
Remove the "Antivirus Plus" processes files:
AntivirusPlus_ba[1].exe
AntivirusPlus[1].exe
AntivirusPlus.exe
c:\WINDOWS\system\rundll32.exe
AntiVirus Plus.70350.exe
Step 3 : Use Registry Editor to Remove Antivirus Plus Registry Values
Locate and delete "Antivirus Plus" registry entries:
02034A97-AD4C-4A05-9C90-1E0187F0E090
C2B5AAB8-2183-4be7-81A6-F11493C45872
Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Antivirus Plus
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "AntivirusPlus"
Step 4 : Use Windows Command Prompt to Unregister Antivirus Plus DLL Files
Search and unregister "Antivirus Plus" DLL files:
AntiVirus Plus.70700.dll
avphl.dll
Step 5 : Detect and Delete Other Antivirus Plus Files
Remove the "Antivirus Plus" processes files:
AntiVirus Plus.70700.dll
AntiVirus Plus
AntivirusPlus_ba[1].exe
AntivirusPlus[1].exe
avphl.dll
Antivirus Plus.lnk
Uninstall Antivirus.lnk
AntivirusPlus.exe
c:\WINDOWS\system\rundll32.exe
AntiVirus Plus.70350.exe
Step 6 : View the Antivirus Plus Components with its MD5s
Remove the "Antivirus Plus" components:
File Name Size MD5
InternetExplorer.dll 441856 5130c9ab0b7bebab95fbc174557231a4
setup[1].exe 444928 f4b27d042b55cfd3283af159b2d754fe
AntivirusPlus_ba[1].exe 1432576 bf8deda696aaacbd85651d56216ff8d1
AntivirusPlus[1].exe 1439232 766c97296e74b93510042e8942d5b13b
AntivirusPlus[1].exe 1439744 4efdbac4f793a43cf5d0ecc899808639
AntiVirus Plus.70159.exe 2374656 64ba775f7677913e971b6d5649b38830
AntiVirus_Plus.70367.dll 2458624 567be587d4b5f013301c423e8d5c4770
AntiVirusPlus.70367200.dll 2461696 e2d3ec74857e88294cc8611dd3707189
rundll32.exe 1631744 7a80164146277e99c2b5d01d25407339
avphl.dll 14848 1d5c6bcb5f8b84c3af582d7febd2aa11
InternetExplorer.dll,InternetExplorer[1].dll 441856 7c1a172b45f3669c416102753009ba65
setup[1].exe 666112 03a1e599d66c64cd11eb5f20d3645767
rundll32.exe 1439232 766c97296e74b93510042e8942d5b13b
Antivirus Plus.exe 1298432 7781ab40da9596e3d6972e7b00cd0a5e
AntiVirus Plus.70159.exe 2373120 44b469c1eee505a043d6aeb55029cac0
avplus[2].dll 2458624 567be587d4b5f013301c423e8d5c4770
AntiVirus Plus.70700.dll 2433536 e6d510941426419fa5b28ffb738d5df6
rundll32.exe 1371136 9fcd867dc11848fc5d21b21445fbc7b9
AntivirusPlus.exe 1634304 53d722d9d8de0115a6afa8c544d421cc
installer_1[1].exe 419328 4e1bfe52220ef3a485ca7db7d3001b99
rundll32.exe 1435136 f0bc697765f31bd431e776387aca2c7f
InternetExplorer.dll 635392 892d3f4d513089b891fc7592ab217bce
Antivirus Plus.exe 1298432 2537dc71f01d2779331f7b39a6ef0023
zodipibe.exe 107008 8d69b34a23352a4a06480b6c609bf9b5
dplay32.dll 187904 aea0d1465ad432dfe0427e93f0fe014c
===========================================================
en nagekeken te hebben; alles bleek verdwenen te zijn, op enkele bestanden na, te weten:
rundll32.exe
kirenal.dll (onzichtbaar)
komt dit virus, na het opstarten van de PC gewoon weer terug.
Heeft iemand enig idee hoe dit virus te verwijderen is???
BVD
Andre Linoge
Na gebruik van Avast, Malwarebytes anti-malware,Spybot, Spyware Doctor en Security Task Manager, kreeg ik meldingen dat er geen bedreigingen gevonden waren.
Na enige informatie over dit virus gelezen te hebben:
==================================================
"Antivirus Plus" files can be found in the directory path(s):
%AppData%\AntiVirus Plus
%UserProfile%\Local Settings\Application Data\AntiVirus Plus
%UserProfile%\Start Menu\Programs\AntiVirus Plus
%ProgramFiles%\Antivirus Plus
%AllUsersProfile%\Start Menu\Programs\Antivirus Plus
Step 2 : Use Windows Task Manager to Remove Antivirus Plus Processes
Remove the "Antivirus Plus" processes files:
AntivirusPlus_ba[1].exe
AntivirusPlus[1].exe
AntivirusPlus.exe
c:\WINDOWS\system\rundll32.exe
AntiVirus Plus.70350.exe
Step 3 : Use Registry Editor to Remove Antivirus Plus Registry Values
Locate and delete "Antivirus Plus" registry entries:
02034A97-AD4C-4A05-9C90-1E0187F0E090
C2B5AAB8-2183-4be7-81A6-F11493C45872
Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Antivirus Plus
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "AntivirusPlus"
Step 4 : Use Windows Command Prompt to Unregister Antivirus Plus DLL Files
Search and unregister "Antivirus Plus" DLL files:
AntiVirus Plus.70700.dll
avphl.dll
Step 5 : Detect and Delete Other Antivirus Plus Files
Remove the "Antivirus Plus" processes files:
AntiVirus Plus.70700.dll
AntiVirus Plus
AntivirusPlus_ba[1].exe
AntivirusPlus[1].exe
avphl.dll
Antivirus Plus.lnk
Uninstall Antivirus.lnk
AntivirusPlus.exe
c:\WINDOWS\system\rundll32.exe
AntiVirus Plus.70350.exe
Step 6 : View the Antivirus Plus Components with its MD5s
Remove the "Antivirus Plus" components:
File Name Size MD5
InternetExplorer.dll 441856 5130c9ab0b7bebab95fbc174557231a4
setup[1].exe 444928 f4b27d042b55cfd3283af159b2d754fe
AntivirusPlus_ba[1].exe 1432576 bf8deda696aaacbd85651d56216ff8d1
AntivirusPlus[1].exe 1439232 766c97296e74b93510042e8942d5b13b
AntivirusPlus[1].exe 1439744 4efdbac4f793a43cf5d0ecc899808639
AntiVirus Plus.70159.exe 2374656 64ba775f7677913e971b6d5649b38830
AntiVirus_Plus.70367.dll 2458624 567be587d4b5f013301c423e8d5c4770
AntiVirusPlus.70367200.dll 2461696 e2d3ec74857e88294cc8611dd3707189
rundll32.exe 1631744 7a80164146277e99c2b5d01d25407339
avphl.dll 14848 1d5c6bcb5f8b84c3af582d7febd2aa11
InternetExplorer.dll,InternetExplorer[1].dll 441856 7c1a172b45f3669c416102753009ba65
setup[1].exe 666112 03a1e599d66c64cd11eb5f20d3645767
rundll32.exe 1439232 766c97296e74b93510042e8942d5b13b
Antivirus Plus.exe 1298432 7781ab40da9596e3d6972e7b00cd0a5e
AntiVirus Plus.70159.exe 2373120 44b469c1eee505a043d6aeb55029cac0
avplus[2].dll 2458624 567be587d4b5f013301c423e8d5c4770
AntiVirus Plus.70700.dll 2433536 e6d510941426419fa5b28ffb738d5df6
rundll32.exe 1371136 9fcd867dc11848fc5d21b21445fbc7b9
AntivirusPlus.exe 1634304 53d722d9d8de0115a6afa8c544d421cc
installer_1[1].exe 419328 4e1bfe52220ef3a485ca7db7d3001b99
rundll32.exe 1435136 f0bc697765f31bd431e776387aca2c7f
InternetExplorer.dll 635392 892d3f4d513089b891fc7592ab217bce
Antivirus Plus.exe 1298432 2537dc71f01d2779331f7b39a6ef0023
zodipibe.exe 107008 8d69b34a23352a4a06480b6c609bf9b5
dplay32.dll 187904 aea0d1465ad432dfe0427e93f0fe014c
===========================================================
en nagekeken te hebben; alles bleek verdwenen te zijn, op enkele bestanden na, te weten:
rundll32.exe
kirenal.dll (onzichtbaar)
komt dit virus, na het opstarten van de PC gewoon weer terug.
Heeft iemand enig idee hoe dit virus te verwijderen is???
BVD
Andre Linoge
