conchgeek
asked on
How to remove antivirus soft (green Shield)
This virus looks like antivirus 2008 or 2009, but comes up "Antivirus Soft" Green shield in tool bar,
green CGI with regular false positive type scans, settings , etc.
green CGI with regular false positive type scans, settings , etc.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
The GUI might be different, but I tink you are infected with this one:
http://deletemalware.blogspot.com/2010/01/how-to-remove-antivirus-soft-fake.html
http://deletemalware.blogspot.com/2010/01/how-to-remove-antivirus-soft-fake.html
I'm fighting the same thing at one of my client computers. Oddly Malwarebytes wasn't able to detect it (I say it's odd because usually that's my favorite). The MS one that jrvzoom mentioned looks like it caught it.
This is an XP Pro domain member machine so I'm also rebuilding the user's profile as it looks like the bug is hanging out in the cache/temp files of the old profile.
Ben
This is an XP Pro domain member machine so I'm also rebuilding the user's profile as it looks like the bug is hanging out in the cache/temp files of the old profile.
Ben
jrvzoom's suggestion worked for me as well!! Thank you.
Your welcome, make sure you do a second scan to find any leftovers just in case. I've had a computer that seemed free of viruses, come back and I had to wipe the hardrive.
Malwarebytes newest updates worked for me!!
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.
I have recommended this question be closed as follows:
Delete with no refund
If you feel this question should be closed differently, post an objection and a moderator will read all objections and then close it as they feel fit. If no one objects, this question will be closed automatically the way described above.
younghv
Experts-Exchange Cleanup Volunteer
I have recommended this question be closed as follows:
Delete with no refund
If you feel this question should be closed differently, post an objection and a moderator will read all objections and then close it as they feel fit. If no one objects, this question will be closed automatically the way described above.
younghv
Experts-Exchange Cleanup Volunteer
I'm not sure what "deleted with no refund" means but the solution jrvzoom provided fixed my issue. If the question is deleted no one will be able to find the resolution to this issue. Thank you.
thanks rosen55401
Try MBAM and ComboFix and show us the log.
Download Malwarebytes' Anti-Malware to your desktop, check for the tool's Updates before running a scan.
http://www.malwarebytes.org/mbam.php
Please download ComboFix by sUBs:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
You must download it to and run it from your Desktop
Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe & follow the prompts.
When finished, it will produce a log. Please save that log and attach it in your next reply by pasting it in the "Code Snippet" or "Attach File" window.
Re-enable all the programs that were disabled during the running of ComboFix..
Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.
CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
If needed, here's the Combofix tutorial which includes the installation of the Recovery Console:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix