FrEn

E-mail Print PDF

Free malware removal tool to remove Antivirus Soft

Written by Administrator  |  Tuesday, 02 February 2010 17:50
AddThis Social Bookmark Button

Antivirus Soft is another rogue Antispyware, a scareware, that tries to get money from users by prompting them to register and buy their fake products. Some old malwares often return to the front of the stage and Antivirus Soft is replacing Antivirus Live. Remove Antivirus Soft immediately from your system.

Antivirus Soft

To remove Antivirus Soft (Uninstall Antivirus Soft)

  • Download this free removal tool for Antivirus Soft
  • Extract it
  • Launch
  • Click on the delete button

Antivirus Soft will be removed from your system in 10s. Restart your computer when it’s finished.

Processes :

  • [random]sysguard.exe
  • [random]sftav.exe

Files :

  • %AppData%\[random]\[random]sftav.exe
  • %AppData%\[random]\[random]sysguard.exe
  • %AppData%\[random]

Registry

Registry keys created

  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments
  • HKEY_CURRENT_USER\Software\Microsoft\Windows Script
  • HKEY_CURRENT_USER\Software\Microsoft\Windows Script\Settings
  • HKEY_CURRENT_USER\Software\avsoft

Registry values created

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    • evbogtwv = "%AppData%\agolui\ceycsftav.exe"
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download
    • RunInvalidSignatures = 0x00000001
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations
    • LowRiskFileTypes = ".exe"
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments
    • SaveZoneInformation = 0x00000001
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
    • evbogtwv = "%AppData%\agolui\ceycsftav.exe"
  • HKEY_CURRENT_USER\Software\Microsoft\Windows Script\Settings
    • JITDebug = 0x00000001
  • HKEY_CURRENT_USER\Software\avsoft
    • knkd = 0x00000001

Registry value deleted

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
    • AppInit_DLLs = ""

Registry value modified

  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download
    • CheckExeSignatures = ""/ Original value =" yes"

Download

 

 

Comments  

 
+1 #1 CASEY JANE 2010-02-04 03:36
SYSTEM RESTORE WILL FIX THIS. IF YOU CAN GO BACK 2-3 DAYS BEFORE THE VIRUS FIRST APPEARED.
Quote
 

Add comment


Security code
Refresh

Related articles
Latest posts
Free malware removal tool to remove Dr. Guard
_WRITTEN_BY Administrator 01/03/2010
Dr. Guard is a rogue Antispyware from the Paladin Antivirus Family, it's a malware that pretends to be an Antivirus. It is a wolf in sheep's clothing. It conducts a fake scan of your system; you are…Read more...
Free malware removal tool to remove Paladin Antivirus
_WRITTEN_BY Administrator 27/02/2010
Paladin Antivirus is a rogue Antispyware, a scareware, it's a malware that pretends to be an Antivirus. It is a wolf in sheep's clothing. It conducts a fake scan of your system; you are warned by a…Read more...
Free malware removal tool to remove PC Defender
_WRITTEN_BY Administrator 24/02/2010
PC Defender is a rogue Antispyware, it's a malware that pretends to be an Antivirus. It is a wolf in sheep's clothing. It conducts a fake scan of your system; you are warned by a fake alarm that…Read more...
Free malware removal tool to remove Control Manager
_WRITTEN_BY Administrator 24/02/2010

Control Manager is another fake Antivirus that install itself on your computer. Once installed, it tries to trick you into buying a full version of the program, that doesn't even exist, because…Read more...

Free virus removal tool to remove Mal.Resdro-A
_WRITTEN_BY Administrator 24/02/2010

Resdro-A is a virus that may reprensent a security risk for your system. Mal/Resdro-A shows a Adobe Flash Player Update, ignore this, this is a fake warning.

Once on your system, this fake…Read more...

.
Information | Contact

© All Rights Reserved. net-studio.org 2009