Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Antivirgear Infection


  • Please log in to reply
8 replies to this topic

#1 jg53

jg53

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:01 PM

Posted 24 September 2007 - 05:48 PM

I have followed the link leading to this forum regarding the removal of AntiVirGear. I have followed the excellent written preparation guide to the removal of this malware - or whatever it is now called. In revieweing previous messages, I noticed that we needed to first submit our problem before submitting the hijack logs.
Here is what I have done so far:
Already ran CA Associates Virus and Spyware programs now installed on this system, but neither will remove the AntiVirGear.
Currently running TrendMicro online scan.
Ran Spybot - still not removed
Have downloaded Ad-aware - will run this next.
Submitting this request for a response - may be 30 minutes before scan is completed.

BC AdBot (Login to Remove)

 


m

#2 buddy215

buddy215

  • BC Advisor
  • 12,616 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:03:01 PM

Posted 24 September 2007 - 06:30 PM

Assuming you have run the Smitfraudfix per instructions in the link below,
http://www.bleepingcomputer.com/forums/t/108399/how-to-remove-antivirgear-removal-instructions/

There is another program that has had success removing Smitfraud infections--Super Antispyware.
Install Super Antispyware. Run it in safe mode. Allow it to quarantine whatever it finds.
http://www.superantispyware.com/


How to Start Windows in Safe Mode:
http://www.bleepingcomputer.com/tutorials/how-to-start-windows-in-safe-mode/

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#3 jg53

jg53
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:01 PM

Posted 26 September 2007 - 07:02 PM

Finally got it resolved. After doing the previous, Ran the SmitFraudFix and then your suggestion of superantispyware. That resolved all problems. Thank you very much for this suggestion. I was cautious to go to the superantispyware site as I was hoping this was a legitimate site. Downloaded and really liked this program a lot. Thank you very much for your response

#4 buddy215

buddy215

  • BC Advisor
  • 12,616 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:03:01 PM

Posted 27 September 2007 - 09:03 AM

Glad to hear that.
If you think you are malware free, there is one other task you should do. Your system restore points are infected.
If you should later need to use system restore, you COULD reinfect your computer. Suggest you flush the restore points. Instructions for how to do that, if you need them, are in the link below.
http://www.bleepingcomputer.com/tutorials/windows-xp-system-restore-guide/

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#5 jg53

jg53
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:01 PM

Posted 28 September 2007 - 04:27 PM

That is the first thing I did was disable System Restore and I actually do not like to leave it enabled due to that virus/malware reinfecting the system. I found it good reading though because I didn't know all the details that that link explained. That you very much for the additional tip. Appreciate it very much!!

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:01 PM

Posted 28 September 2007 - 05:26 PM

To protect yourself against malware and reduce the potential for re-infection, read:
"Simple and easy ways to keep your computer safe".
"How did I get infected?, With steps so it does not happen again!".
"The Ten Most Dangerous Things Users Do Online".
"PC World's: The 10 Biggest Security Risks".
"Seven ways to keep your search history private".

Safe surfing and have a malware free day.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 jg53

jg53
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:01 PM

Posted 10 October 2007 - 07:17 PM

Excellent source of information. Thank you very much. I have saved the link for constant review of this information. I appreciate you taking the time to provide these links :thumbsup:

#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,603 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:01 PM

Posted 10 October 2007 - 08:32 PM

Your welcome.

BTW, you might want to read "System Restore and malware removal - what is best practice?".
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#9 lndymn

lndymn

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:04:01 PM

Posted 19 October 2007 - 06:47 PM

I downloaded a faulty copy of activex and have been hounded since. Today I followed Smitfraudfix and in about three minutes corrected the problem.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users