Home Articles Spyware Research Support Scan Now Purchase F.A.Q.

Top 25 Spyware:

1.Google Redirected
2.Vundo Trojan
4.Antispyware Soft
3.Security Tool
5.My Security Engine
6.Control Commander
7.Virus Protector
8.Total Security
9.Antivirus XP 2010
10.SmartVirusEliminator
11.System Security
12.MS Antispyware 2009
13.Personal Antivirus
14.Total PC Defender
15.I-Q Manager Scam
16.WinAntiVirus
17.Spyware Protect 2009
18.System Doctor
19.SaveDefender
20.DNS Changer
21.Virus Blast
22.Trojan.Win32.CP4000
23.onlinestability.com
24.Trojan.FakeAlert
25.Troj.SystemAlert
About Spyware
Glossary

Latest Detections
Fake Scanner Sites


Google Search Redirects

Bestclicksnow.com
Bestwebsearch.com
Cliccker.cn
Clickover.cn
Couponmountain.com
Lowpriceshopper.com
Mycustomsearch.cn
Overclick.cn
Shopica.com
Shopzilla.com
trafficposter.com
Toseeka.com
Update-browser.com
Windowsclick.com
Zetaclicks4.com
Zoombli.com

AntivirusGT

Alias: AntivirusGT, Antivirus GT

Description: Posted on: July 06, 2010 9:40am

AntivirusGT is a variant of Antivirus7. AntivirusGT is a rogue antivirus application which can sneak onto your computer by one of several methods. Once AntivirusGT infects your computer, it disables your existing antivirus and antispyware programs so that it can try to force you to buy the fill version of AntivirusGT. Some of the scare tactics used by AntivirusGT are:

  • Fake scans (similar to the picture below).

  • Fake warning messages when you start most programs, saying the program is infected.

  • If you open an Internet browser, AntivirusGT may issue a fake warning message saying "Attention! Your web page request has been cancelled" or open up the website ibmblacklist.com.

    • AntivirusGT is normally installed by means of a trojan or by visiting an infected website. Another method of AntivirusGT installations is to manually download it from one of many fraudulent Fake Scanner Sites.

    AntivirusGT displays exaggerated fake scan results similar to those shown below:

    AntivirusGT

    AntivirusGT Special Removal Instructions

    Please make sure to bookmark this page as you may need to refer back to it to complete the removal steps.

    AntivirusGT may prevent you from running programs and/or limit your Internet Access. Follow the steps below for such cases.

    If you are able to download and run SpyNoMore directly onto the infected computer, please do so and there is no need to follow the steps below (except for optional steps 4 & 5). Please note that the free version of SpyNoMore will only show you the detections but will not remove them. In order to remove the infection you need to purchase a 1-year license which costs $29 (or $39 for 3 computers). In all cases, you will be able to see AntivirusGT in the free version scan results. Note that you can purchase the activation code from a clean computer and then use that code to activate SpyNoMore on the infected computer. Otherwise:

    Step 1: Download the modified version of SpyNoMore. The installer is named iexplore.exe in order to trick AntivirusGT into not blocking it.

    Step 2: Open Internet Explorer (even if you use other browsers) and click on Tools > Internet Options > Connections > LAN Settings and uncheck the box 'Use proxy server..' if it is checked.

    Step 3: Install iexplore.exe (SpyNoMore) and scan your computer to remove AntivirusGT. If SpyNoMore is unable to download available updates, please click on SpyNoMore Settings and uncheck 'Use Internet Explorer settings'. Please note that the free version of SpyNoMore will only show you the detections but will not remove them. In order to remove the infection you need to purchase a 1-year license which costs $29 (or $39 for 3 computers). In all cases, you will be able to see AntivirusGT in the free version scan results. Note that you can purchase the activation code from a clean computer and then use that code to activate SpyNoMore on the infected computer.

    Step 4 (optional): It would be a good idea to check your computer for rootkits (which are basically hidden trojans) which may have tagged along with AntivirusGT. To do so, download and run TDSSKiller by Kaspersky Labs.

    Step 5 (optional): If TDSSKiller does find a rootkit, it will ask you to restart your computer so that it can remove the rootkit(s). After your computer restart, scan your computer once more with SpyNoMore to make sure everthing is OK.



    Threat type:

    Hijacker - A Hijacker is a software application that takes control of your browser's settings. Usually it changes your home page and redirects it to some unknown site or modifies your search settings. It prevents you from changing back your browser's settings. An infected browser usually operates much slower.

    Ransomware - Ransomware is a software application that infects a computer and asks for money to have the infection removed.

    Trojan - A Trojans or Trojan Horse is any programs that installs itself secretly, quite often with sinister intent. Once installed, the trojan author (hacker) can gain complete control of the infected PC. Trojans are usually designed to steal sensitive information and/or destroy the system. Trojans can be distributed as unsolicited email attachments, or bundled with freeware and shareware programs.


    Advice: Remove This is a very high risk threat and should be removed immediately as to prevent harm to your computer and / or to protect your privacy.

    Detection:
    SpyNoMore removes AntivirusGT: Yes

    Threat risk: Very High Risk
    Remove AntivirusGT, AntivirusGT Remover
    Extremely dangerous malware. Uses stealth installation, randomly named entries and has the capability to self update or resurrect after incomplete removal. Almost impossible to remove manually. Category mostly consists of trojans and spyware.

    Symptoms:

    AntivirusGT mysteriously appears after visiting a rogue website.

    Popup messages claiming that your computer is infected or is under attack.

    AntivirusGT is launched after system restart and stays resident in background. Right-clicking the icon does not give the option to 'exit' the program.

    If you try to run a program you may receive an error such as "Application cannot be launched".

    Visiting a website can lead to a message saying:

    Attention! Your web page request has been cancelled.

    This web site refused your connection as it was reported as a malicious request. This can be caused by Viruses, Trojans or Malware found on your computer.

    In order to resend your request to the website, press Resend request (please note, this action may cause a permanent block of your computer by the requested website)

    In order to activate your security software, please press Fix Now (recommended)



    AntivirusGT Signature Details: The following information includes some of the standard signatures associated with this spyware threat. Please do not attempt to manually remove these items from your computer; Removing these items incorrectly or partially can cause your computer to experience critical errors, prevent your computer from restarting or cause loss of Internet connectivity. Should you be infected with AntivirusGT, you can clean your computer by downloading SpyNoMore now.

    Running Process Signatures:
    N/A

    File Signatures:
    N/A

    Registered Dll (Dynamic Link Library) Signatures:
    N/A

    Folder Signatures:
    N/A

    Registry Signatures:
    N/A

    SpyNoMore Collected Residual File Signatures:
    N/A


    See Also:
    monstermarketplace.com
    findstuff.com
    traffic-incidents.com
    Green AV Security Suite
    blinkx.com
    tazinga.com
    searchwebway6.com
    searchwebway8.com
    savingwithads.com
    Antivir Solution Pro

    Spyware Removal Home | Support | F.A.Q. | Contact Us | Spyware Removal Database | Privacy Policy | Site Map
    Copyright © 2005-2008 Illysoft LLC