http://www.sabresjunkie.com/forum/ |
|
| Antispysoft Removal Tool http://www.sabresjunkie.com/forum/viewtopic.php?f=8&t=3441 |
Page 1 of 1 |
| Author: | HelloMyKneeGrows [ Wed Jun 02, 2010 8:26 am ] |
| Post subject: | Antispysoft Removal Tool |
Antispysoft Removal Tool: Has anyone fixed or know how to fix a fake antivirus program with this title. A friend of mine got it and has asked me to fix it for her. It will not allow any spyware or AV software to run and will not allow internet access at all. Im assuming somewhere it has modified some registry key that will not allow access to these programs and was just wondering if anyone knows of a safe place to download a removal tool for this virus? Thanks |
|
| Author: | NYIntensity [ Wed Jun 02, 2010 8:33 am ] |
| Post subject: | Re: Antispysoft Removal Tool |
Best bet is to put a few tools on a usb drive and boot into safe mode. If there's no usb drive available, you can *try* safe mode with networking. As far as antivirus scanners, use Malwarebytes and I'm preferential to AVG's boot-time scanner when removing viruses (I think Avast offers better active protection, but I like that AVG scans the machine pre-boot). You might be hard pressed to find downloadable update definitions, though. |
|
| Author: | Squanto [ Wed Jun 02, 2010 9:08 am ] |
| Post subject: | Re: Antispysoft Removal Tool |
Malwarebytes is the only program that I've used that has consistently been able to get rid of those fake AV variants. |
|
| Author: | HelloMyKneeGrows [ Wed Jun 02, 2010 9:09 am ] |
| Post subject: | Re: Antispysoft Removal Tool |
Well, Ive read in some places to try and and open msconfig before anything can boot, remove all startup processes and go from there.... I was hoping for someone on here to work in IT and be able to give me a little bit more in depth instructions or help on how to get this bugger gone, because it very well could help my ability to "get in" if you know what Im getting at.... |
|
| Author: | NYIntensity [ Wed Jun 02, 2010 9:13 am ] |
| Post subject: | Re: Antispysoft Removal Tool |
msconfig ain't gonna help you - safe mode is. |
|
| Author: | NYIntensity [ Wed Jun 02, 2010 9:14 am ] |
| Post subject: | Re: Antispysoft Removal Tool |
hehe. "Safe mode" is your way to "get in". |
|
| Author: | HelloMyKneeGrows [ Wed Jun 02, 2010 9:18 am ] |
| Post subject: | Re: Antispysoft Removal Tool |
I was just hoping Microsoft, or a reputable AV company (I work for Trend Micro) SOMEBODY has a removal tool for this I can run from a USB and just make it go away.... |
|
| Author: | NYIntensity [ Wed Jun 02, 2010 9:25 am ] |
| Post subject: | Re: Antispysoft Removal Tool |
HelloMyKneeGrows wrote: I was just hoping Microsoft, or a reputable AV company (I work for Trend Micro) SOMEBODY has a removal tool for this I can run from a USB and just make it go away.... Um, working for Trend Micro, shouldn't you just be like "uh..psst! Guys? Sorta got a problem here, and we could probably benefit from creating AN ANTIVIRUS SOLUTION FOR IT THAT WORKS!" That being said, 1. Boot into safe mode. 2. As soon as Windows loads, be fast and click ‘Start’ in the left-hand bottom part of your desktop; 3. Click ‘Run’ and type in ‘msconfig’ (without quotes); 4. In the popup window that opens up, hit ‘Startup’ tab and locate the process that ends in ‘tssd’. Untick this process immediately; 5. Click ‘Apply’ and ‘Ok’; 6. Reboot your computer. Now that you have restarted your PC, Antivirus Soft will not load. BUT it’s not gone yet. It’s still on your computer so you need to remove all of its files. So please visit our website and follow our instructions listed below. In case you can’t surf the Internet, open Internet Explorer, go to ‘Tools’, choose ‘Internet options’ and hit ‘Connections’ tab. Click ‘LAN settings’ and untick the following option ‘Use a proxy server for your LAN’. Save all these changes. The files to be deleted are listed below: %Documents and Settings%\[UserName]\Local Settings\Application Data\[random string]\[random string]tssd.exe %Documents and Settings%\[UserName]\Local Settings\Application Data\[random string]\[random string]sftav.exe %Documents and Settings%\[UserName]\Local Settings\Application Data\[random string]\[random string]sysguard.exe The registry entries that need to be removed are as follows: HKEY_CURRENT_USER\Software\AvScan HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “RunInvalidSignatures” = “1″ HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “ProxyOverride” = “” HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “ProxyServer” = “http=127.0.0.1:5555″ HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “[random string]“ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “[random string]“ |
|
| Author: | HelloMyKneeGrows [ Wed Jun 02, 2010 9:30 am ] |
| Post subject: | Re: Antispysoft Removal Tool |
THANKS! I hope to god this works and if it does, you can rest happily knowing you probably got me laid. In response to telling someone about this. Yeah, makes sense but Im in sales, not development. Nobody listens to us, especially in the development area. They just want us to talk about how great they are even though they despise us, lol. |
|
| Author: | NYIntensity [ Wed Jun 02, 2010 9:32 am ] |
| Post subject: | Re: Antispysoft Removal Tool |
I despise Trend Micro, for what it's worth. And also, you may want to do all the deletions and registry edits in safe mode as well. Backing up a copy of her registry before making changes will definitely NOT hurt; at least back up the hives you're working in. |
|
| Author: | NYIntensity [ Wed Jun 02, 2010 9:34 am ] |
| Post subject: | Re: Antispysoft Removal Tool |
Oh, and as far as that getting you laid, it's never worked that way for me. Usually I get laid, and THEN have to work on their computer. Bitches are sneaky. |
|
| Author: | Squanto [ Wed Jun 02, 2010 9:44 am ] |
| Post subject: | Re: Antispysoft Removal Tool |
NYIntensity wrote: Oh, and as far as that getting you laid, it's never worked that way for me. Usually I get laid, and THEN have to work on their computer. Bitches are sneaky. No kidding. It's harder to say no to fixing something after you've already been 'paid'. |
|
| Author: | NYIntensity [ Wed Jun 02, 2010 9:53 am ] |
| Post subject: | Re: Antispysoft Removal Tool |
Squanto wrote: NYIntensity wrote: Oh, and as far as that getting you laid, it's never worked that way for me. Usually I get laid, and THEN have to work on their computer. Bitches are sneaky. No kidding. It's harder to say no to fixing something after you've already been 'paid'. Depends on where the deposit went, usually. 
|
|
| Author: | Sabres2Sabres [ Wed Jun 02, 2010 10:26 am ] |
| Post subject: | Re: Antispysoft Removal Tool |
I got one of those awhile back...Norton wouldn't get rid of it normally, but in safe mode, I ran a Norton scan and it worked. |
|
| Author: | CriminallyVu1gar [ Wed Jun 02, 2010 12:25 pm ] |
| Post subject: | Re: Antispysoft Removal Tool |
Spyware Doctor has worked well for me |
|
| Author: | Crosscheck [ Wed Jun 02, 2010 12:55 pm ] |
| Post subject: | Re: Antispysoft Removal Tool |
This is why I'm a unix admin.....plausible deniability. |
|
| Author: | NYIntensity [ Wed Jun 02, 2010 1:48 pm ] |
| Post subject: | Re: Antispysoft Removal Tool |
Yeah, but when something goes wrong for you.... |
|
| Author: | Squanto [ Wed Jun 02, 2010 2:04 pm ] |
| Post subject: | Re: Antispysoft Removal Tool |
NYIntensity wrote: Yeah, but when something goes wrong for you.... You do what our old systems admin did. Blame it on the networking department (mine) and fix it before I come back and tell you that nothing's wrong. |
|
| Author: | NYIntensity [ Wed Jun 02, 2010 2:17 pm ] |
| Post subject: | Re: Antispysoft Removal Tool |
Or, as I'm known to do, have really good backup schemas  It's just about mandatory if you run windows boxes |
|
| Page 1 of 1 | All times are UTC - 5 hours [ DST ] |
| Powered by phpBB® Forum Software © phpBB Group http://www.phpbb.com/ |
|