Microsoft Anti Spyware

J

jwm

I have the anti spyware loaded and recieved the newest
update the other day. My computor is infected with
spyware from "AntiVirus Gold.com. It has hijacked my
desktop. I have run three anti spyware programs including
Microsoft with out clearing the problem. Any help will be
appreciated. Thanks. jwm
 
E

Engel

Hello jwm

You are in good hands with Andy advacie.

From: "AndyManchesta" Sent: 7/6/2005 9:50:22 AM

This isnt easy to remove,theres a few different
variants ,some can be stopped just by removing the entry
from add/remove screen others will change your registry to
display the annoying desktop background and may seem to
uninstall but will come back when you reboot, there are
also some reports of this appearing by means of a dodgy
codec install. This codec apparently originates from a
number of 'adult' sites, so any users should think twice
before indulging in some Bridget the Midget action ;)

I think the site ez-finder is a front for Antivirus gold
and other malware files but i cannot get the site to show
all the contents,the sites either not working correctly or
my protection is blocking the site.I did find
SecurityiGuard on there which is sometimes linked to
Antivirus gold but I still cannot be sure where the
Antivirus Gold download is located.

You might be best downloading Hijack this to see how bad
it is but heres afew links you might find usefull:

http://securityresponse.symantec.com/avcenter/venc/data/adw
are.topantispyware.html

http://www.bleepingcomputer.com/forums/How_to_remove_Antivi
rus_Gold_or_AVGold-t22397.html

AV Gold solved Hijack Logs
--------------------------

http://forum.tweakxp.com/forum/Topic165668-29-1.aspx?
DisplayMode=1&#bm165668


http://forums.designtechnica.com/showthread.php?
threadid=8473


http://forums.spywareinfo.com/index.php?showtopic=49849


http://www.techsupportforum.com/printthread.php?t=55743

Good Luck

Andy
 
A

AndyManchesta

Hi jwm

Heres a new fix for AVgold


Download SmitRem

http://castlecops.com/zx/flrman1/smitRem.zip

download smitRem.zip. Save the file to your desktop.
Unzip smitRem.zip to extract the two files it contains.
Do not do anything with it yet. You will run the
RunThis.bat file later in safe mode.



Download Ccleaner and install to remove temp and unused
files

http://download.ccleaner.com/download121bino.asp


Download the trial version of Ewido Security Suite here

http://www.ewido.net/en/download/

Install ewido.
During the installation, under "Additional Options"
uncheck "Install background guard" and "Install scan via
context menu".
Launch ewido
It will prompt you to update click the OK button and it
will go to the main screen
On the left side of the main screen click update
Click on Start and let it update.
DO NOT run a scan yet. You will do that later in safe
mode.



Now copy these instructions to notepad and save them to
your desktop. You will need them to refer to in safe mode.


Once you have all the above downloads then boot into safe
mode (Reboot and keep tapping F8 then choose safe mode
from the list)


Run Ewido:

Click on scanner
Choose Complete Scan
Click the Start Scan button to start the scan.
During the scan it will prompt you to clean files, click
OK
When the scan is finished, look at the bottom of the
screen and click the Save report button.
Save the report to your desktop



Open the smitRem folder, then double click the
RunThis.bat file to start the tool. Follow the prompts on
screen.
Wait for the tool to complete and disk cleanup to finish.



Start Ccleaner and click Run Cleaner also use the issues
button and fix and faults detected


* Go to Control Panel > Internet Options. Click on the
Programs tab then click the "Reset Web Settings" button.
Click Apply then OK.


* Next go to Control Panel > Display. Click on
the "Desktop" tab then click the "Customize Desktop"
button. Click on the "Web" tab. Under "Web Pages" you
should see an entry checked called something
like "Security info" or similar. If it is there, select
that entry and click the "Delete" button. Click OK then
Apply and OK.


Restart back into Windows normally now.


Run A online virus scan here

http://www.pandasoftware.com/activescan/


When the scan is finished, anything that it cannot clean
have it delete it. Make a note of the file location of
anything that cannot be deleted so you can delete it
yourself.
- Save the results from the scan


If you have problems then the next stage is hijack this
to show all the malware files but try this fix and see
how it goes


Regards

Andy
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Anti-Rookits 4
A couple basic questions re. MSFT Live OneCare 6
Upgrade to WD Leaves Remnants of Microsoft Anti-Spyware. 5
MS Spyware vs. Symantec Antivirus 3
Yahoo anti spyware 1
Microsoft Anti-Spyware and Windows Defender 3
Yahoo 1
Enterprise/Coporate Anti-spyware Managment 3

Top