Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Antivirgear - After Removal


  • Please log in to reply
9 replies to this topic

#1 Forecast

Forecast

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:22 AM

Posted 15 October 2007 - 02:15 PM

Grinler's removal instructions for AntiVirGear seemed to work just fine. Many thanks! However, how do you now get rid of the "Security Toolbar 7.1" that it's apparently added to my Internet Explorer?

Thanks!

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,486 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:22 AM

Posted 15 October 2007 - 02:28 PM

The file responsible for it is normally detected/removed when using the smitfraudfix tool.

Do you still see the toolbar? Are you having any further problems, popups, browser redirects, etc?
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 Forecast

Forecast
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:22 AM

Posted 15 October 2007 - 02:30 PM

I still see the toolbar - everything else seems fine, my own homepage, no pop ups.

#4 buddy215

buddy215

  • Moderator
  • 13,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:09:22 AM

Posted 15 October 2007 - 04:13 PM

Go to Start, then Control Panel.Double-click on Internet Properties to modify internet settings.

Click on Programs tab.

Below the window click on Manage Ads-ons

Disable any entries with Security Toolbar or any suspicious add-ons. If it has ActiveX control please delete also.

Then run Super Antispyware in safe mode.
Install Super Antispyware free. Run it in safe mode. Allow it to quarantine whatever it finds.
http://www.superantispyware.com/

How to Start Windows in Safe Mode:
http://www.bleepingcomputer.com/tutorials/how-to-start-windows-in-safe-mode/
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,486 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:22 AM

Posted 15 October 2007 - 06:08 PM

The "Manage Add-ons" feature cannot be used to delete them. If an add-on is disabled, Internet Explorer adds the CLSID control to the don't load list in the registry so when launching a new instance of it, the list is checked by iexplore.exe and explorer.exe processes and never loads that control.

An easy utility to remove unwanted add-on is ToolbarCop.
  • After download, extract (unzip) the file, and save the executable to a permanent folder, not a Temp directory. This is because ToolbarCop creates the Undo (.reg) files in the same directory from where it's launched.
  • Double-click on ToolbarCop.exe to launch.
  • Scroll through the list and highlight the add on you want to remove.
  • Right-click on it and choose Delete the selected item.
ToolbarCop Usage Instructions if needed.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#6 buddy215

buddy215

  • Moderator
  • 13,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:09:22 AM

Posted 15 October 2007 - 06:50 PM

Super Antispyware should remove the toolbar. Another reason for using SAS is that other malware is usually installed along with the Smitfraud malware. SAS will take care of that, too.
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#7 dingo57

dingo57

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:22 AM

Posted 18 October 2007 - 08:28 PM

I too have had sucess removing AntiVirGear using Grinler's removal instructions and seemed to work just fine. Many thanks! However, I gave used several spyware detectors to check it has all gone. Adaware/AVG/Mcfee seem to think its all clear but Spy hunter recognises an item name Zlob Trojan the following line in the registry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion|AppManagement\ARPCache\Windows Safety Alert as a trojan. Should I be concerned about this and if so how do I remove it. Im not keen on paying for spy hunter to do it whem it may just be an artifact.

Thanks!

Edited by dingo57, 18 October 2007 - 08:49 PM.


#8 buddy215

buddy215

  • Moderator
  • 13,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:09:22 AM

Posted 18 October 2007 - 09:29 PM

Use SAS in safe mode.
Install Super Antispyware free. Run it in safe mode. Allow it to quarantine whatever it finds.
http://www.superantispyware.com/

How to Start Windows in Safe Mode:
http://www.bleepingcomputer.com/tutorials/how-to-start-windows-in-safe-mode/
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#9 dingo57

dingo57

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:22 AM

Posted 18 October 2007 - 11:56 PM

Thanks Guys,

I installed Super anti spyware updated then ran it in safe mode, It did not finsd it although spy hunter still identifies it . The fact that Adaware, Mcafee and now Super spyware cant find the supposed trojan, combined with the reccomended article about false positives makes me confortable as one can ever be . I suppose my major concern was that I had been infected by the Zlob trojan as part of the Antiviralgear thing and I wanted to make absoultly sure I had got it.

Thanks once again

#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,486 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:22 AM

Posted 19 October 2007 - 08:09 AM

Your welcome.

In the future, if you have an issue or problem you would like to discuss, please start your own topic. Doing that will help to avoid the confusion that often occurs when trying to help two or more people in the same thread with different problems. Even if your problem is similar to the original poster's problem, the solution could be different based on the kind of hardware, software, system requirements, etc. you are using. Further, posting for assistance in someone else's topic is also known as "hijacking a thread", which is not considered proper forum etiquette.

Edited by quietman7, 19 October 2007 - 08:12 AM.

.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users