Results 1 to 3 of 3

Thread: Good fix for Antivirus Soft Malware

  1. #1
    Friendly Neighborhood Super Moderator phishhead's Avatar
    Join Date
    Apr 2002
    Location
    San Diego, Ca.
    Posts
    3,409

    Good fix for Antivirus Soft Malware

    I had a user that got this virus and it is a pain to remove. It will not allow you to get online to download any tools. You can not open any or your normal admin tools (CMD, Services.msc, MSconfig). After some surfing on the internets I came across this great walk thru that got my user cleaned up in no time. So I thought I would pass this along.

    http://www.geekpolice.net/malware-re...ide-t18839.htm



  2. #2
    Old and Cranky Super Moderator rik's Avatar
    Join Date
    Aug 2003
    Location
    Watching Your every move...
    Posts
    4,303
    Awesome!

  3. #3
    Super Moderator Super Moderator Big Booger's Avatar
    Join Date
    Apr 2002
    Location
    JAPAN
    Posts
    10,201

    Just To Mirror that site

    This guide will give you easy instructions on how to uninstall or get rid Antivirus Soft for free.


    What is Antivirus Soft? (Information)

    Antivirus Soft is a fake security software which uses fraudulent strategies by displaying false or exaggerated security issues on your computer rather than any legitimate ones to coerce you into purchasing their software.

    Antivirus Soft is a new malicious specimen from the same group of fake antivirus software as Antivirus System Pro and Antivirus Live. It may be sometimes referred to as "Antivirus Soft Demo".

    When it installs, it causes inevitable system mutation and annoying insecure activity of ransomware. It will then will trigger a large number of its obsessive and misleading notices such as fake infections and alerts like bankerfox.a and win32 nuqel.e. to trick you to believe of exposing multiple infections on the compromised computer. Upon completion of this disinformation attack, it will suggest that you buy a full version of it's product. Please do not fall of this scam and follow our removal guide to get rid of it completely.


    Antivirus Soft Screenshot


    Enlarge this imageReduce this image
    Antivirus Soft Screenshot


    HijackThis Lines Present:

    O4 - HKCU\..\Run: [[random file name]] "C:\Documents and Settings\user\Local Settings\Application Data\[random file name]\[random file name]sguard.exe


    Antivirus Soft items:

    C:\Documents and Settings\GeekPolice VM\Local Settings\Application Data\[random file name]\[random file name]sysguard.exe
    HKEY_CURRENT_USER\Software\AvScan
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = "1"
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyOverride" = ""
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = "http=127.0.0.1:5555"
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[random file name]"
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "[random file name]"




    Follow these instructions to continue:

    You have to start computer in Safe Mode by doing the following:

    * Restart your computer
    * After hearing your computer beep once during startup, but before the Windows icon appears, keep tapping F8.
    * Instead of Windows loading as normal, a menu should appear
    * Select the first option, to run Windows in Safe Mode with Networking.



    Please start Internet Explorer, and when the program is open, click on the Tools menu and then select Internet Options.

    * Now click on the Connections tab and then the Lan Settings button
    * Under the Proxy Server section, please uncheck the checkbox labeled Use a proxy server for your LAN.
    * Click the OK button to close this screen. Then press the Apply button and then the OK button to close the Internet Options screen. Now that you have disabled the proxy server you will be able to browse the web again with Internet Explorer.




    1. Please download this removal tool: Malwarebytes' Anti-Malware.




    2. Install Malwarebytes' Anti-Malware by double clicking on mbam-setup




    3. Follow the prompts. Make sure that Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware are checked. Then click finish.




    4. Malwarebytes' Anti-Malware will automatically update itself after the installation, click the OK button to close that box and you will now be at the main program Window as shown below.

    If you are having problems with the updater, you can use this link to manually update Malwarebytes' Anti-Malware with the latest database. Make sure that Malwarebytes' Anti-Malware is closed before installing the update.


    5. Close All opened Windows, Programs, File or Folders.


    6. Make sure you are on the Scanner tab. Select Perform quick scan then click the Scan button as shown below.


    Enlarge this imageReduce this image



    7. Malwarebytes' Anti-Malware will now start scanning your computer for infected files as shown below.


    Enlarge this imageReduce this image



    8. When the scan is finished a message box will appear, click OK to continue.




    9. Click Show Results.


    Enlarge this imageReduce this image



    10. You will now be presented with a screen showing you the malware infections like shown below. Yours may look different depending on the infection you have.


    11. Click on Remove selected.


    Enlarge this imageReduce this image



    12. When removing the files, Malwarebytes' Anti-Malware may require you to restart the computer in order to do a complete removal. If it displays a message stating that it needs to restart, click Yes.




    13. After that you can close the Malwarebytes' Anti-Malware window, your computer is now cleaned from the malware infection.


    To protect and prevent your computer from experiencing future threats like this, you may want to consider purchasing the FULL version of Malwarebytes' Anti-Malware with real-time protection from this link.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •