Av-guru malware removal help needed

[deflower]

Hi there,

My computer has been hijacked by malware called av-guru.net. In the lower right of my task bar, there is a green shield icon with white check mark (so it looks legitimate however it's not my Norton virus software) where I keep getting a "Windows Security alert" message and if I click on it I am directed to hxx://av-guru.net/purchase?r=57.15 to purchase a virus protection software.

I've read the FAQs about what I need to do before requesting any assistance. However, my machine is paralyzed at the moment so I even though I can download files like ERUNT and HiJackThis via the web, I can't run any .exe or click on any desktop icons. I'm hoping someone can help and provide assistance.

Thanks,

- Carol

 

[peku006]

Hello and :welcome: to Safer Networking

My name is peku006 and I will be helping you to remove any infection(s) that you may have.
I will be giving you a series of instructions that need to be followed in the order in which I give them to you.

Please observe these rules while we work:

• If you don't know or understand something please don't hesitate to ask
• Please DO NOT run any other tools or scans whilst I am helping you.
• It is important that you reply to this thread. Do not start a new topic.
• Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
• Absence of symptoms does not mean that everything is clear.

Download and Run DDS

Please disable any anti-malware program that will block scripts from running before running DDS.

Please download DDS from one of the links below and save it to your desktop:

Download DDS and save it to your desktop from Link1
Link2
Link3
Disable any script blocker, and then double click dds.scr to run the tool.

• When done, DDS will open two (2) logs:
  1. DDS.txt
  2. Attach.txt
• Save both reports to your desktop.

In your next reply, please post:

• DDS.txt
• Attach.txt

 

[deflower]

Remove link from orginal post

Hi peku006 - thanks for responding.

I made the mistake of putting the malware link in my original post. Since I can't edit the post, can you remove the link? I don't want other people accidentally clicking on it and then of course getting their computer infected with the malware.

I will be trying your suggestions and will post the results as soon as I can.

Thanks,

Carol

 

[peku006]

Due to a lack of response, this topic is now closed

If you still require help, please open a new thread in the Malware Removal forum, include a
fresh HijackThis log, and wait for a new helper.

Your donation helps improving Spybot-S&D!