Sunday, August 23, 2009

It Fixed it for me - Personal Aantivirus Removal

I cant take credit for creating this fix but I fugured I would post about it as this seems to be a new spam/spyware program.

I recently had a client come to me with an infection of a fake antivirus software. It would display a small pop up in the bottom right corner of the screen with alerts that the pc is infected with a number of trojans and other viruses.

The software apparently did not install in a way that would allow you to remove it from the control panel "Add/remove programs" applet and the un-install icon in the start menu would not work at all.

I came accross this method of uninstalling the software that appears to work.

                                              -Open My computer or windows explorer and , open the  C: drive; -Find the folder Program Files\Common Files\Uninstal\PAV\Uninstall.exe; -Run (double click) the file Uninstall.exe
A small popup should come up stating that the removal was successfull.

After running this I also ran a Spybot Search and Destroy scan and a Malwarebytes Antimalware scan to be sure that the infection was gone.

As usual this may not be the only way to remove the software but "It Fixed It for me"

For more ItFixed It for Me articles please click here.





Monday, August 17, 2009

It Fixed it for me - Manually Remove Spyware Doctor

I came accross a pc that had Spyware Doctor installed and needed to remove it manually as the uninstaller would not work.

In serching for the best way to do that I came across the following steps to manually remove Spyware Doctor from a pc.

  • Ensure that you have fully exited the application. To fully exit from Spyware Doctor please right click on the Spyware Doctor icon in the notification area (next to the clock on the Windows taskbar) and select Shutdown from the menu that appears. Please also close any instances of Internet Explorer or other browsers.
  • Perform an uninstall of Spyware Doctor from: Start > Programs > Spyware Doctor > Uninstall Spyware Doctor
  • Make sure that the Spyware Doctor folder (which by default would be under 'C:\Program Files') no longer exists. If the 'Spyware Doctor' folder still exists, delete the folder.
  • Select Start>Run then type regedit and click OK
  • Delete the following keys
HKEY_CURRENT_USER\Software\PCTools\Spyware Doctor
HKEY_LOCAL_MACHINE\SOFTWARE\PCTools\Spyware Doctor
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Spyware Doctor

After the above procedure I could not longer find any trace of Spyware Doctor.
As usual this may not be the only way to remove the software but "It Fixed It for me"

For more ItFixed It for Me articles please click here.

Monday, August 3, 2009

Malwarebytes Anti-Malware fixed another laptop for me.

I had a new client come to me this past week with a laptop that was infected with many different kinds of malware. It had the usual popups, fake alerts, bad cookies etc...

I first decided to try what is quickly becoming my "go to" application to clean infected pcs. I installed Malwarebytes Anti-Malware 1.39 (downloaded from filehippo.com). After the install I ran the programs update feature and installed the latest definitions. After running a system scan it found a very large list of items. After reviewing the items I then opted to have the program clean up everything. It ran for a few minutes and then gave me a log of what it did and then alerted me that there were a few items that it could not fix them until after a restart. I restarted the laptop and found that it no longer exibited any of the symptoms that it was brought to me for.

I wanted to make sure it was clean so I then ran the scan again. This time Malwarebytes Anti-Malware did not detect any further infections. To double and triple check the pc I ran Microsoft Windows Defender scan and Spybot Search and Destroy scans. Both did not detect any further malicious items.

If you need to clean your laptop or pc I highly recommend Malwarebytes Anti-Malware. Just make sure you download the latest version and perform the programs update feature before running.