Author Topic: SpyHunter4 - Fake anti virus?  (Read 17480 times)

0 Members and 1 Guest are viewing this topic.

Thundagia

  • Guest
SpyHunter4 - Fake anti virus?
« on: July 13, 2013, 05:17:08 PM »
 (long story/explanation here, if you want to get to the point, read the last few sentences) A friend of mine was using my computer recently, (EDIT: Came from yahoo) and he managed to get ad yield manager, and a delta search toolbar virus inside my computer. I went through my program files, and regedit and tried to remove them since avast wasnt helping me find them, although they were never removed. So i ran old-timers temp file remover, and the adw cleaner (recommended from you guys) but it still didnt work. So i then ran tigzy`s rogue hunter. I still had the problem. (They arent rogue files obviously) I looked up for removal tools or manual removals and i was brought to spy hunter. I did some searches, some one that was an mvp on the microsoft forums said it was safe, and avast, too, so i trusted the download. I did a scan with it, and it found many things i thought i removed manually before, so i trusted it, and bought it. (not a very smart idea) I let it run a scan, but after today i was installing the program in another computer and McAfee said it was unsafe. Later i found articles saying it was fake, and hard to remove. I ran Microsoft`s fix it tool, to remove it, but im still wondering if its there. Also, i still have ad yield manager in my computer, too even though the fake anti virus said it was removed. How might you say i remove it? Also, is spy hunter a known fake anti virus? I can post some scan logs if you want, just tell me where from. Thanks for your help!
EDIT: Requested logs attached (will be adding more)
EDIT 2: Removing all attachments from the posts, so no one can access any goody information. ;)
« Last Edit: July 14, 2013, 01:12:24 AM by Thundagia »

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: SpyHunter4 - Fake anti virus?
« Reply #1 on: July 13, 2013, 05:53:28 PM »
Please attach your logs. (AdwCleaner, MBAM, OTL and aswMBR..!!)
Instructions: http://forum.avast.com/index.php?topic=53253.0
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Thundagia

  • Guest
Re: SpyHunter4 - Fake anti virus?
« Reply #2 on: July 13, 2013, 06:51:48 PM »
Okay, i have posted the requested logs above, any extras in this post. All logs of date besides aswMBR were made before i had removed spyhunter. I couldnt find/think i didnt receive any logs from MBAM, although i can tell you that the scan didnt find any threats.
« Last Edit: July 14, 2013, 01:12:35 AM by Thundagia »

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: SpyHunter4 - Fake anti virus?
« Reply #3 on: July 13, 2013, 07:02:27 PM »
Just two bits left

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following


Code: [Select]
:Commands
[CREATERESTOREPOINT]

:OTL
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
[2013/07/12 10:38:12 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group

:Commands
[resethosts]
[emptytemp]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Thundagia

  • Guest
Re: SpyHunter4 - Fake anti virus?
« Reply #4 on: July 13, 2013, 07:22:20 PM »
Alright. Heres the log created by otl. (The enigma software - spyhunter wasnt found because i manually exterminated it with fixit myself earlier today.)
Thanks so much for all of your help so far! :)
« Last Edit: July 14, 2013, 01:13:00 AM by Thundagia »

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: SpyHunter4 - Fake anti virus?
« Reply #5 on: July 13, 2013, 07:41:15 PM »
Any further problems ?

Thundagia

  • Guest
Re: SpyHunter4 - Fake anti virus?
« Reply #6 on: July 13, 2013, 07:52:50 PM »
Yes, ad yield manager is still in my computer as from what i can find. Possibly other toolbar spyware/adverts.
I blocked the site url wXw.ad.yieldmanager.com (www. although you shouldnt visit the site if youre just passing by, or viewing the post for youre own issues as you may receive the virus also) with avast. Whenever i go onto yahoo answers I can see avast has blocked an ad in the corner directly from ad yield manager. So its still trying to create popups, meaning its still in affect somewhere.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: SpyHunter4 - Fake anti virus?
« Reply #7 on: July 13, 2013, 07:54:11 PM »
Ad yield manager and Yahoo are in cahoots so they will always appear on its pages

Please download Junkware Removal Tool to your desktop.
  • Right-mouse click JRT.exe and select "Run as Administrator" the tool will open and start scanning your system
  • please be patient as this can take a while to complete depending on your system's specifications
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • post the contents of JRT.txt into your next message.

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37509
  • Not a avast user
Re: SpyHunter4 - Fake anti virus?
« Reply #8 on: July 13, 2013, 07:54:31 PM »
Quote
I couldnt find/think i didnt receive any logs from MBAM, although i can tell you that the scan didnt find any threats.
when you open Malwarebytes there is a log tab at top.  ;)


Thundagia

  • Guest
Re: SpyHunter4 - Fake anti virus?
« Reply #9 on: July 13, 2013, 08:04:51 PM »
Heres everything that directly came from the jrt.txt document.
(Removed So the public dosent get any goody information. ;) )
Thanks very much, also that must have been where it came from. (yahoo) Who knew yahoo was all in it for money. ;)
EDIT: Oh thanks pondus, i will re install Mbam and post the log in this reply when i receive it.
Heres the log from mbam:
(Also removed)
« Last Edit: July 14, 2013, 01:14:20 AM by Thundagia »

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37509
  • Not a avast user
Re: SpyHunter4 - Fake anti virus?
« Reply #10 on: July 13, 2013, 08:17:41 PM »
Quote
EDIT: Oh thanks pondus, i will re install Mbam and post the log in this reply when i receive it.
you should not remove it.....that is a program to keep alongside your AV     ;)

also recomended if you use removable media.  www.mcshield.net


Thundagia

  • Guest
Re: SpyHunter4 - Fake anti virus?
« Reply #11 on: July 13, 2013, 08:25:28 PM »
Okay, the issue has been solved. :) Thanks for all of your help.
My last question would've been if i should keep all of these applications or if they conflict with avast, but now i know they are all to keep.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: SpyHunter4 - Fake anti virus?
« Reply #12 on: July 13, 2013, 08:53:39 PM »
Run OTL and press the cleanup button, run AdwCleaner and press uninstall then delete JRT from the desktop.  The tools should be downloaded on an as required basis

Thundagia

  • Guest
Re: SpyHunter4 - Fake anti virus?
« Reply #13 on: July 13, 2013, 09:24:06 PM »
All done, thanks! Im glad avast has such great support in their forums.
EDIT: Spyhunter was not legitimate it seems, as from just everything done in this forum made me go from about 200 fps average to 400 fps on average in applications/games.
« Last Edit: July 13, 2013, 09:35:56 PM by Thundagia »

techlike99

  • Guest
Re: SpyHunter4 - Fake anti virus?
« Reply #14 on: July 13, 2013, 09:39:27 PM »
Haters gonna hate  :) They are almost 10 years in business, A+ from BBB http://www.bbb.org/west-florida/business-reviews/computers-hardware-software-and-services/enigma-software-group-usa-in-clearwater-fl-90083408

I don't think it's a fake product. By the way, it's not an antivirus product.