How to remove AntiVirus

Monday, March 29th, 2010 at 1:31 am
Home » Rogue Antispyware » AntiVirus

AntiVirus description

AntiVirus a.k.a. AntiVirus Demo a.k.a. AntiVirus (DEMO) ver. 1.00 is a poorly made fraudulent software. AntiVirus is distributed on several deceptive websites. The goal of Anti-Virus is getting your money. Since no one would pay for a useless thing AntiVirus actually is, the program is advertised as functional malware remover.

AntiVirus uses annoying tactics to gain a purchase. It blocks various programs including Notepad, Task Manager, Windows Media Player, iTunes and Internet Explorer. AntiVirus may also disable real security tools. AntiVirus claims that all those apps are infected so you need to pay $5 for fixing the computer. Paying for AntiVirus won’t change a thing since it’s AntiVirus itself that causes the problems.

AntiVirus displays numerous fabricated alerts. Here’s an example of the counterfeit messages:

THREAT DETECTED!!
An attacker at port: 898 IP: 127.83.45 has hijacked your computer is probably gathering information now such browsing history and document data. Unfortunateley, your antivirus is unregistered and cannot remove this threat.

AntiVirus is a Rogue Antispyware software

How to manually remove AntiVirus

To remove AntiVirus spyware you must block AntiVirus sites, stop and remove processes, unregister DLL files, search and delete all other AntiVirus files and registry utility. Follow the AntiVirus detection and removal instructions below.

The most typical software removal method is to remove AntiVirus by using "Add or Remove Programs" service. However there may be hidden AntiVirus files, running processes and registries in your computer, so AntiVirus may recreate all other files after reboot.

AntiVirus manual removal instructions

Block AntiVirus sites:
scanner.av2-site.info Read more how to block AntiVirus sites

Stop and remove AntiVirus processes:
78gbc8r.exe
avinstaller1.exe
000b09274b.exe
chnb8895.exe Read more how to kill AntiVirus processes

Locate and delete AntiVirus registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "avagent3974"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "avguard3876"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\freecell.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iexplore.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\itunes.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\limewire.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mbam.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mspaint.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\notepad.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rundll32.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wmplayer.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wordpad.exe Read more how to delete AntiVirus registry entries
Download RegistryBooster 2010 to scan errors caused by AntiVirus

Detect and delete other AntiVirus files:
c:\78gbc8r.exe
c:\avinstaller1.exe
c:\WINDOWS\000b09274b.exe
c:\WINDOWS\chnb8895.exe

We strongly recommend you to use spyware remover to track AntiVirus and automaticaly remove AntiVirus processes, registries and files as well as other spyware threats.

Download does not start? Try a mirror download here

Tags: , , ,

Leave a Reply

Download does not start? Try a mirror download here
«
»