OK. If you’re reading this you’re probably pretty frustrated already so let me offer my condolences and say that you’re probably really close to being out of the woods now that you’re here. I just successfully removed this little bugger from an Windows XP machine, and it only took about 15 minutes.
I found several sites explaining how to manually remove this malware by editing the windows registry but I intend to make the instructions a little more clear so you can do this with a little more confidence.
And keep in mind, if you’re not dealing with XP, my instructions might not work exactly. But you can probably apply my clarification to the popular instructions to whatever iteration of those instructions you need to work with.
Here are the popular instructions (in this case from removeit.info), but please keep reading before trying to follow them.
Remove AntiMalware GO files and folders:
Remove AntiMalware GO registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PhishingFilter “Enabled” = “0?
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “ProxyOverride” = “”
Clarifications and Precautions:
- You can screw things up by making a mistake editing your registry, but you can minimize the risk by making a backup of the registry first. Google it. Sorry, I can’t make a tutorial on this, partly because I’m writing this on a Mac.
- There are no files that actually say “[random]”. What they say is something like “vhrdtmn1d” …In other words, in each of these steps, you’re looking for a registry entry or file that has a random string of characters.