AntiVirGear
AntiVirGear Description
AntiVirGear is a rogue anti-spyware application designed to scare you into purchasing AntiVirGear’s full version by showing misleading warning messages on your Taskbar. AntiVirGear is usually downloaded and installed via ZLOB/MediaAccess Codec installer from an adult site. AntiVirGear scans your computer and uses false positives in order to frighten you into buying the full program.
Aliases
AntiVirGear [Symantec]AntiVirGear:Spyware-a [Prevx1]Application.Win32.Adware.VirusProtectPro [VBA32]FraudTool.AntiVirGear.a (Not a Virus) [CAT-QuickHeal]Potentially harmful program Fake_AntiSpyware.DF [AVG]Riskware.Fake.VirusProte [Webwasher-Gateway]Virus.Win32.Spycrush [Ikarus]W32/HackTool.CPJ [F-Prot]
AntiVirGear Automatic Detection Tool (Recommended)
Is your PC infected with AntiVirGear? To safely & quickly detect AntiVirGear, we highly recommend you run the malware scanner listed below.
Download SpyHunter's* Malware Scanner to detect AntiVirGear
What happens if AntiVirGear does not let you open SpyHunter or blocks the Internet?
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read
the tutorials on how to find malware,
kill unwanted processes,
remove malicious DLLs and
delete other harmful files. Always be
sure to back up your PC before making any changes.
- The following files were created in the system:
# File Name Detection Count 1 xovdzz.dll 665 2 ugbtna.dll 555 3 tkosvv.dll 548 4 eulbn.dll 293 5 AntiVirGear 3.8.exe 293 6 nieyn.dll 255 7 aghmao.dll 241 8 hteogat.dll 176 9 bqrcr.dll 145 10 AntiVirGear 3.9.exe 28
More files
Registry Modifications
Tutorial: To edit and delete registry entries manually, read the tutorial on
how to remove malicious registry entries.
Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
- The following newly produced Registry Values are:
HKEY..\..\{Value}Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, value: {b02c6db1-a1ea-470f-8100-b1391463ba92}Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, value: {adf64b1b-c68c-4ce8-bb55-258b7b8b0f81}Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, value: {d6ef030a-a235-41ba-9ead-89b6ff542f00}Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, value: {cc25189b-1b13-4abe-900e-65e08bd961af}Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, value: {8a96d76c-97fc-42c8-8e68-5613bacef854}Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, value: {a47e7ce0-263d-40aa-86bc-27c1f6433143}Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, value: {f0c5ef8b-f4bb-4612-9ea8-361fff3da3d5}Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, value: {e0e6e3da-f3af-4fb4-9411-2cf92fdeefc2}Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, value: {23ED2206-856D-461A-BBCF-1C2466AC5AE3}Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, value: {34ec76b6-53c4-4686-822f-910c790683fb}Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, value: {e1adb94e-0dc6-487c-b274-981bee6301a1}SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, value: {837d024d-e0fb-44e8-acb1-24ec2309c487}SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, value: {75a65a53-15c9-4a0c-bb40-a7ca8b24f544}Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, value: {c74f7434-a6e7-46c3-bf60-62a005074fe5}Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, value: {ee6bd1ad-1992-4f2c-8ea2-edc6eee4548b}SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, value: {2dcea392-ea10-4e6d-aba4-329ac377119c}SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, value: {daecb1b9-9f49-40f3-873d-5db0fdb14d7d}SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, value: {41591d7f-9e25-4bd0-af53-9908fcf3a738}SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, value: {06e3d089-46cb-4aff-a45d-f0dc7efa1577}SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, value: {1977ce08-a38f-43db-a856-f4aa6122131b}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}AntiVirGear 3.7AntiVirGear 3.8AntiVirGear 3.9HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}AntiVirGear 3.7AntiVirGear 3.8AntiVirGear 3.9 - The following CLSID's were detected:
HKEY..\..\{CLSID Path} {0F44BBC9-DB3A-4DF4-A3A4-C9B0C21965B9}{523BE6B4-E203-4355-9C9A-40F6EB2A914A}{AE67E7F7-3ADE-4AD5-85E6-DEF454C448C7}{BE5ABF82-0740-42E9-8D22-4EB662848C59}{B46326D7-B6B6-4C95-81EE-A0201D01546E}{6DA38FB4-3F20-4C0B-B31B-C005BE2AE99F}{37E9084E-2F33-40CB-AE70-08CCA7D35181}{937CEADB-C6BC-40EC-BCEB-8B1B0FF8257F}{3AD29C7B-47D1-4E62-97FB-310F14131D10}{E2A00EA6-81D9-4F5A-A123-296D42377A41}{DCC58039-1835-4449-8570-94CDE6646031}{50690FE4-0986-4B04-BEB3-09AD48B3C836}{B3737DD3-1543-43DF-8038-6AB593990F15}{EC6CF387-979F-4535-A33F-7EC77EE236B4}{1817ab5d-25bf-4d5e-ba90-6e5fe658fc5f}{1977ce08-a38f-43db-a856-f4aa6122131b}{de313bc7-422a-4344-a9aa-3e703922345c}{06e3d089-46cb-4aff-a45d-f0dc7efa1577}{a6fddce1-36ae-41c1-87d3-f49e514273d4}{48a7a70a-e118-4506-a373-c9d4e8a212a1}{41591d7f-9e25-4bd0-af53-9908fcf3a738}{daecb1b9-9f49-40f3-873d-5db0fdb14d7d}{eb4c6870-721f-4989-9c90-8cbfa46d0298}{3aea41ad-3ce4-48d9-acab-be40ad329e40}{75a65a53-15c9-4a0c-bb40-a7ca8b24f544}{12a8c4e6-06c8-4ab3-9274-a0cde148e3da}{c74f7434-a6e7-46c3-bf60-62a005074fe5}{e0e6e3da-f3af-4fb4-9411-2cf92fdeefc2}{23ED2206-856D-461A-BBCF-1C2466AC5AE3}{f0c5ef8b-f4bb-4612-9ea8-361fff3da3d5}{ee6bd1ad-1992-4f2c-8ea2-edc6eee4548b}{14F47CA3-2291-4B3E-9ED4-8C7E6AE80851}{0A0FC1A4-41D4-4793-9AC5-0B55CDC95AE9}{3D5E5AE1-5DED-4520-BDC2-B9292EA708CA}{47A93011-1004-440C-9960-BD3B0348A7C2}{38EEEF46-CA24-4ACA-A90D-540978DF7252}{409A05EF-1B48-4198-B6BF-993B8B52790C}{73D25394-992F-43D1-BF92-48494CC0D1AE}{C183B073-2D7F-45BC-8967-80147CECEE45}{F6FDBF9A-19A7-4F0A-9F46-6F015A067B44}{F90A7969-20A0-4257-B39D-9C73D64CE3B0}{DE6AE29A-EB7D-4656-9418-26D5FCC9ADF5}{02e155c1-202c-43a5-a212-58bb67d4341c}{16be3225-e902-4d2a-ac98-aab162796927}{adf64b1b-c68c-4ce8-bb55-258b7b8b0f81}{79cdca21-5055-4cae-b609-e1685ef55cf7}{418985AE-4FE4-448D-83EE-238C887D8FC2}{897F5CB6-C1C1-494E-8F17-972784193442}{64A8E3CA-AE17-4EB0-8C67-47D1103A5B6F}{AB5E9971-7086-4E6E-ADFA-BE9C685BE68B}
Additional Information
- The following cookies were detected:
antivirgear - The following URL's were detected:
antivir-my-pc-scan.comantivir-prof.comantivirgear.com
Posted: September 13, 2007 | By SpywareRemove
MoreThreat Level: 10/10
(1 votes, average: 1.00 out of 5)
Loading ...Rate this article:
Detection Count: 98
For piss sake. Trojan horse downloader, Worm downloader, virusses, zlob, How the hell can I get rid of the arses?!!! I’ve got coursework to be getting on with, and all I can see every minute is virus warnings. None of my anti virus systems seem to work. SOS! HEEEEELLLLP!
Ibrahim,
You are having Zlob Trojan. Follow Zlob manual removal instructions on http://www.spywareremove.com/removeZlob.html . If the manual removal will be too difficult for you, you have to use a reliable anti-spyware program.
I have a pop up message all the time at the buttom right corner and while scanning the computer, Bubbj.dll is there I can’t delete it or unregister it . PLease advise me on how to delete it completely
Fockem, Usually these pop ups may be caused by Zlob. Scan your computer for Zlob and remove it.
Fockem,
Usually these pop ups may be caused by Zlob. Scan your computer for Zlob and remove it.
got the same problem Did you get rid of the pop up ?
I just got the variant of this shit. "Video add on" folder in "program files" holds the virus files. Boot up in safe mode to delete them. I still get a task bar pop up that I can’t seem to get rid of. When I find these bastards I’ll have their heads!
antivigear cant download uninstalls