FrEn

E-mail Print

Free malware removal tool to remove Antivirus Soft
Written by Administrator  |  Tuesday, 02 February 2010 17:50
AddThis Social Bookmark Button

Antivirus Soft is another rogue Antispyware, a scareware, that tries to get money from users by prompting them to register and buy their fake products. Some old malwares often return to the front of the stage and Antivirus Soft is replacing Antivirus Live. Remove Antivirus Soft immediately from your system.

Antivirus Soft

To remove Antivirus Soft (Uninstall Antivirus Soft)

  • Download this free removal tool for Antivirus Soft
  • Extract it
  • Launch
  • Click on the delete button

Antivirus Soft will be removed from your system in 10s. Restart your computer when it’s finished.

Processes :

  • [random]sysguard.exe
  • [random]sftav.exe

Files :

  • %AppData%\[random]\[random]sftav.exe
  • %AppData%\[random]\[random]sysguard.exe
  • %AppData%\[random]

Registry

Registry keys created

  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments
  • HKEY_CURRENT_USER\Software\Microsoft\Windows Script
  • HKEY_CURRENT_USER\Software\Microsoft\Windows Script\Settings
  • HKEY_CURRENT_USER\Software\avsoft

Registry values created

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    • evbogtwv = "%AppData%\agolui\ceycsftav.exe"
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download
    • RunInvalidSignatures = 0x00000001
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations
    • LowRiskFileTypes = ".exe"
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments
    • SaveZoneInformation = 0x00000001
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
    • evbogtwv = "%AppData%\agolui\ceycsftav.exe"
  • HKEY_CURRENT_USER\Software\Microsoft\Windows Script\Settings
    • JITDebug = 0x00000001
  • HKEY_CURRENT_USER\Software\avsoft
    • knkd = 0x00000001

Registry value deleted

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
    • AppInit_DLLs = ""

Registry value modified

  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download
    • CheckExeSignatures = ""/ Original value =" yes"

Download

 
 

Comments  

 
0 #3 2011-10-01 03:02
Quote
 
 
0 #2 2010-05-06 19:46
namcrontssd.exe

hidden files and folders should be 2 files of this virus in
c/documents and settings/user.eg john/local settings/application data/vuiahfidy

or just search namcrontssd.exe and be sure to search hidden files and folders then simply deleate!!!
Quote
 
 
-1 #1 2010-02-04 03:36
SYSTEM RESTORE WILL FIX THIS. IF YOU CAN GO BACK 2-3 DAYS BEFORE THE VIRUS FIRST APPEARED.
Quote
 

Add comment


Security code
Refresh

Related articles
Latest posts

  • Free malware removal tool for Guard Online

    Written by %s admin 10/10/2011
    Guard Online is a another rogue Antispyware from the OpenCloud and AV Guard Online familly, it's a malware that pretends to be an Antivirus. Guard Online conducts a fake scan of your system; you are…
    Read more...

  • Free malware removal tool to remove AV Guard Online

    Written by %s admin 05/10/2011
    AV Guard Online is a another rogue Antispyware from the OpenCloud familly, it's a malware that pretends to be an Antivirus. AV Guard Online conducts a fake scan of your system; you are warned by a…
    Read more...

  • Free removal tool to remove Security Guard 2012

    Written by %s admin 05/10/2011
    Security Guard 2012 is a another rogue Antispyware from the OpenCloud familly, it's a malware that pretends to be an Antivirus. Security Guard 2012 conducts a fake scan of your system; you are warned…
    Read more...

  • Free removal tool for Advanced PC Shield 2012

    Written by %s admin 01/10/2011
    Advanced PC Shield 2012 is a another rogue Antispyware, it's a malware that pretends to be an Antivirus. Advanced PC Shield 2012 conducts a fake scan of your system; you are warned by a fake alarm…
    Read more...

  • Security Sphere 2012 Free Removal Tool

    Written by %s admin 01/10/2011
    Security Sphere 2012 is another spyware from the Security Tool family. Security Sphere 2012 is not a legit program; it's a fake, a counterfeit. Security Sphere 2012 claims to fix your system, but…
    Read more...
.
Information | Contact

© All Rights Reserved. net-studio.org 2009