pcindanger.com SPYWARE REMOVAL AND PROTECTION | HOME
Spyware!

AntiVirGear. Removal Help

What is AntiVirGear?
AntiVirGear is installed on the computer through Trojan.Zlob without user permission or notice. Trojan existence can be identified by Windows system security alerts. Warnings appear in the taskbar area saying: system has detected a number of active spyware applications that may impact the performance of your computer. Click the icon to get rid of unwanted spyware by downloading an up-to-date antispyware solution. After clicking on alert, user is taken to payment page. AntiVirGear should be removed as soon as it has been detected to avoid further PC failure.
Also known as AntiVirGear 3.7, AntiVirGear 3.8.

Related threats: VirusHeat, VirusRay, SpywareQuake, VirusProtect

Fake security alert:

Screenshot:

AntiVirGear
How to remove AntiVirGear
Tip. Manual spyware removal is a complicated and unadvisable procedure for inexperienced user. Pcindanger is suggesting automated and secure AntiVirGear removal:

1. Download "Spyware Doctor".

2. Install program on your computer (how to install Spyware Doctor?).

3. To perform computer scan press Start Scan button. Wait till scan is over and report is generated.

4. Proceed by pressing Fix Checked button to delete AntiVirGear.

5. Need Spyware + Virus protection? Download Spyware Doctor with AntiVirus.
AntiVirGear Entries
The following dll files are created: beahahl.dll, bqrcr.dll, bubbj.dll, clbrcek.dll, ddllup.dll, eulbn.dll, fifzqip.dll, flirek.dll, fnczfh.dll, fqgwiw.dll, fwzozx.dll, gaaplp.dll, gdrtul.dll, hteogat.dll, hymww.dll, ieffse32.dll, iheuv.dll, ijftc.dll, itdtjjf.dll, jrpkmgh.dll, lgaac.dll, mxhfjy.dll, nczupfw.dll, pluwue.dll, rmtdvc.dll, rnxwph.dll, rrtrit.dll, siiyal.dll, sttwrd.dll, swqzdtj.dll, tkosvv.dll, txxkb.dll, ugbtna.dll, veptlh.dll, vmlwp.dll, vtewupi.dll, vusxqm.dll, vzfhprk.dll, wqzdtjg.dll, xovdzz.dll, yneid.dll, zdhgsp.dll.
The following exe files are created: AntiVirGear 3.7.exe, AntiVirGear 3.8.exe.
Hijackthis Entries:
O2 Entries
O2 - BHO: ieffse32.msdn_hlp - {C1C6426B-FB16-4123-ACBE-74D94FB0E663} - C:\WINDOWS\system32\ieffse32.dll

O4 Entries
O4 - HKLM\..\Run: [AntiVirGear 3.7] "C:\Program Files\AntiVirGear 3.7\AntiVirGear 3.7.exe" /h
O4 - HKLM\..\Run: [AntiVirGear 3.8] "C:\Program Files\AntiVirGear 3.8\AntiVirGear 3.8.exe" /h

O22 Entries
O22 - SharedTaskScheduler: beers - {b8ea5f37-7327-4923-9808-8fd3b6f0d529} - C:\Windows\system32\ddllup.dll
O22 - SharedTaskScheduler: gulch - {143404b0-ee92-40a7-8705-06fba9a7abf4} - C:\WINDOWS\system32\wqzdtjg.dll
O22 - SharedTaskScheduler: coexpire - {d4c4bc43-0974-4dec-a669-9f7bfcb3503d} - C:\WINDOWS\system32\vmlwp.dll
O22 - SharedTaskScheduler: andropogon - {655560a9-3ca8-4509-9632-6abbef21426b} - C:\WINDOWS\system32\lgaac.dll
O22 - SharedTaskScheduler: bund - {27882a9f-8937-4ae4-87ab-ed669c8b6d7a} - C:\WINDOWS\system32\iheuv.dll
O22 - SharedTaskScheduler: flensburg - {d6ef030a-a235-41ba-9ead-89b6ff542f00} - C:\WINDOWS\system32\pluwue.dll
O22 - SharedTaskScheduler: escalators - {cc25189b-1b13-4abe-900e-65e08bd961af} - C:\WINDOWS\system32\zdhgsp.dll
O22 - SharedTaskScheduler: haruspicy - {60dea04c-9817-4309-bfa2-f8a1766c3cd1} - C:\WINDOWS\system32\jrpkmgh.dll
O22 - SharedTaskScheduler: aldoa - {adf64b1b-c68c-4ce8-bb55-258b7b8b0f81} - C:\WINDOWS\system32\swqzdtj.dll
O22 - SharedTaskScheduler: cacomixls - {5feba593-3e6d-4606-ae6e-0680501cd29e} - C:\WINDOWS\system32\vusxqm.dll
O22 - SharedTaskScheduler: draughtsmanship - {b02c6db1-a1ea-470f-8100-b1391463ba92} - C:\WINDOWS\system32\rnxwph.dll
O22 - SharedTaskScheduler: homeridae - {95dde900-8bf3-428c-b9be-8345c9d194f7} - C:\WINDOWS\system32\vzfhprk.dll
O22 - SharedTaskScheduler: hydria - {79cdca21-5055-4cae-b609-e1685ef55cf7} - C:\WINDOWS\system32\hymww.dll
O22 - SharedTaskScheduler: endopsychic - {92050ffb-b796-4146-ae27-7e5e1d93b8a8} - C:\WINDOWS\system32\veptlh.dll
O22 - SharedTaskScheduler: comitatus - {98013eb8-258b-4979-bfd5-04ecd93f765c} - C:\WINDOWS\system32\txxkb.dll
O22 - SharedTaskScheduler: bearlike - {02e155c1-202c-43a5-a212-58bb67d4341c} - C:\WINDOWS\system32\hteogat.dll
O22 - SharedTaskScheduler: checkman - {8a96d76c-97fc-42c8-8e68-5613bacef854} - C:\WINDOWS\system32\rmtdvc.dll
O22 - SharedTaskScheduler: evangeliarium - {34ec76b6-53c4-4686-822f-910c790683fb} - C:\WINDOWS\system32\flirek.dll
O22 - SharedTaskScheduler: ataxics - {16be3225-e902-4d2a-ac98-aab162796927} - C:\WINDOWS\system32\fifzqip.dll
O22 - SharedTaskScheduler: chinned - {a47e7ce0-263d-40aa-86bc-27c1f6433143} - C:\WINDOWS\system32\gdrtul.dll
O22 - SharedTaskScheduler: eurymus - {ee6bd1ad-1992-4f2c-8ea2-edc6eee4548b} - C:\WINDOWS\system32\rrtrit.dll
O22 - SharedTaskScheduler: designers - {f0c5ef8b-f4bb-4612-9ea8-361fff3da3d5} - C:\WINDOWS\system32\sttwrd.dll
O22 - SharedTaskScheduler: armillifer - {e1adb94e-0dc6-487c-b274-981bee6301a1} - C:\WINDOWS\system32\siiyal.dll
O22 - SharedTaskScheduler: inquisitionist - {12a8c4e6-06c8-4ab3-9274-a0cde148e3da} - C:\WINDOWS\System32\clbrcek.dll
O22 - SharedTaskScheduler: forayer - {e0e6e3da-f3af-4fb4-9411-2cf92fdeefc2} - C:\WINDOWS\System32\gaaplp.dll
O22 - SharedTaskScheduler: benzaldoxime - {a6d478c6-7961-4fe9-be4b-e621dd640112} - C:\WINDOWS\System32\nczupfw.dll
O22 - SharedTaskScheduler: celtiberi - {7999c5e2-b500-4ba5-8e9a-99639eca65fc} - C:\WINDOWS\system32\mxhfjy.dll
O22 - SharedTaskScheduler: anomuran - {eb4c6870-721f-4989-9c90-8cbfa46d0298} - C:\WINDOWS\system32\beahahl.dll
O22 - SharedTaskScheduler: boardwalk - {75a65a53-15c9-4a0c-bb40-a7ca8b24f544} - C:\WINDOWS\system32\ugbtna.dll
O22 - SharedTaskScheduler: frumps - {837d024d-e0fb-44e8-acb1-24ec2309c487} - C:\WINDOWS\system32\tkosvv.dll
O22 - SharedTaskScheduler: curing - {3aea41ad-3ce4-48d9-acab-be40ad329e40} - C:\WINDOWS\system32\fqgwiw.dll
O22 - SharedTaskScheduler: barysilite - {c74f7434-a6e7-46c3-bf60-62a005074fe5} - C:\WINDOWS\system32\fwzozx.dll
O22 - SharedTaskScheduler: decompoundly - {7dfa04a9-5e60-458b-ace4-4a7613504e8d} - C:\WINDOWS\system32\itdtjjf.dll
O22 - SharedTaskScheduler: complacential - {41591d7f-9e25-4bd0-af53-9908fcf3a738} - C:\WINDOWS\system32\yneid.dll
O22 - SharedTaskScheduler: brachypyramid - {2dcea392-ea10-4e6d-aba4-329ac377119c} - C:\WINDOWS\system32\bqrcr.dll
O22 - SharedTaskScheduler: arturo - {48a7a70a-e118-4506-a373-c9d4e8a212a1} - C:\WINDOWS\system32\eulbn.dll
O22 - SharedTaskScheduler: citrinous - {a6fddce1-36ae-41c1-87d3-f49e514273d4} - C:\WINDOWS\system32\fnczfh.dll
O22 - SharedTaskScheduler: bothrops - {1977ce08-a38f-43db-a856-f4aa6122131b} - C:\WINDOWS\system32\xovdzz.dll
O22 - SharedTaskScheduler: eulalia - {831b4681-6ab9-436c-b2f1-6139158e3a91} - C:\WINDOWS\system32\vtewupi.dll
O22 - SharedTaskScheduler: exegeses - {1817ab5d-25bf-4d5e-ba90-6e5fe658fc5f} - C:\WINDOWS\system32\bubbj.dll
O22 - SharedTaskScheduler: bigfeet - {a6a36d4a-1a41-4d0e-adf2-e797f230c20a} - C:\WINDOWS\system32\ijftc.dll
Bookmark this page


Tutorial by pcindanger.com. All data on pcindanger.com copyrighted. Contact us: webmaster@pcindanger.com
© 2007