How to remove Antivirus rogue anti-spyware

Malware Description:
The latest ‘know-how’ of cyber fraudsters is the fake anti-spyware campaign involving the program called Antivirus. These virtual crooks seem to have started applying some real intricate tactics for pushing their fake anti-spyware products. It’s quite hard to look up Antivirus removal with the help of a random search engine because the top results will include tons of other stuff that is not relevant. Actually, Antivirus originates from the same subgroup of rogue security programs as Antivirus Pro 2010 and PC Antispyware 2010. Antivirus malware spreads by non-standard means which involve the use of rootkits and trojan viruses whose mission is to help the rogue freeware get inside and modify some system processes. The first thing Antivirus rogue anti-spyware does when inside a new host OS is interfering with the system registry, i.e. it creates some registry entries of its own. This will result in inevitable system mutation and annoying insecure activity of Antivirus ransomware. Antivirus will trigger a large number of its obsessive ads (popup alerts, fake Windows Security Center windows and bogus scanners) that notify the user of exposing multiple infections on the compromised computer. Upon completion of this disinformation attack, Antivirus fake anti-spyware suggests the user to install and buy its full version which is absolutely no good for the security of any PC. Please, do not get crooked by the trickeries of the malware called Antivirus. It might sound odd but this particular Antivirus application is not actually antivirus – it’s a completely fake one. The only thing one can say about Antivirus program for sure is you need to uninstall it as soon as possible if your PC happens to be infected with its malicious code.

Malware Type: Rogue Anti-Spyware

Malware Author: Unknown

Threat Level: Critical

Advice: Immediately remove and scan for additional malware

Windows Enterprise Defender Free Scanner and Remover: Download Now

Antivirus Screenshot:


How to remove Antivirus manually:
Manual removal of Antivirus is feasible if you have sufficient expertise in working with program files, system processes, .dll files and registry entries.

The associated files to be deleted are listed below:

  • %Documents and Settings%\All Users\Desktop\Antivirus.lnk
  • %Documents and Settings%\All Users\Start Menu\Programs\Antivirus
  • %Documents and Settings%\All Users\Start Menu\Programs\Antivirus\Antivirus.lnk
  • %Documents and Settings%\All Users\Start Menu\Programs\Antivirus\Uninstall.lnk
  • %AppData%\Microsoft\Internet Explorer\Quick Launch\Antivirus.lnk
  • %Temp%\winupd64x.exe
  • %Program Files%\Antivirus
  • %Program Files%\Antivirus\Antivirus.exe
  • %Program Files%\Antivirus\AvBho.dll
  • %Program Files%\Antivirus\Uninstall.exe
  • %Program Files%\Antivirus\wscsvc32.exe

The related registry entries to be removed are as follows:

  • HKEY_CLASSES_ROOT\CLSID\{9d541c6a-573b-4888-b35e-6816e68c3620}
  • HKEY_CLASSES_ROOT\Interface\{967A494A-6AEC-4555-9CAF-FA6EB00ACF91}
  • HKEY_CLASSES_ROOT\Interface\{9692BE2F-EB8F-49D9-A11C-C24C1EF734D5}
  • HKEY_CLASSES_ROOT\TypeLib\{65DA0CE6-30D1-4144-A0B6-59BD01372E26}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9d541c6a-573b-4888-b35e-6816e68c3620}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Antivirus
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Antivirus.exe”
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “wscsvc32.exe”

Please, be aware that manual removal of Antivirus is a cumbersome procedure and does not ensure complete deletion of the malware, due to the fact that some files might be hidden or may automatically reanimate themselves afterwards. Moreover, manual interference of this kind may cause damage to the system. That’s why we strongly recommend automatic removal of Antivirus, which will save your time and enable avoiding any system malfunctions and guarantee the needed result.

Download Antivirus Automatic Remover

Like This Article? Let Others Know!

Post a Comment: