Go Back   TechArena Community > ARENA > Guides & Tutorials
Become a Member!
Forgot your username/password?
Tags Active Topics RSS Search Mark Forums Read

Reply
 
Thread Tools Search this Thread
  #1  
Old 14-07-2010
Member
 
Join Date: Apr 2010
Posts: 206
How to remove Antivirus Soft

Viruses spread but through email attachments and other illegal files downloaded via the web. Trojans, worms ... this may restrict avoided with a little common sense, attention, and especially with a good firewall and a secure network. For 80% of Internet users (pure speculation!) life on the web comes down to a few visits on official websites practices so virtually safe (banks, online shopping, online mail). Never download any sort of dubious information, do not install programs unexpected, verify the file size as well as the extensions, here are lifesaving. Once a virus gets incorporated in your system then its more than enough to get your system and all your data destroyed within few moments. Hence i am making a guide for removing the Antivirus Soft or the Antispyware Soft . Which infected my system and destroyed my data in such a way that i never recovered. Hope this will be useful to you all.


Antivirus software is a rogue software. It flutters in front of you that the computer is infected. In reality, however, the computer is infected by the software itself. It is also known as the Soft Antispyware which is actually a fake antivirus program. It is a duplicate copy of Soft Antivirus and Antivirus Suite. The Antispyware or the antivirus soft generally use Trojan to get installed. All the applications are blocked except the iexplore.exe . When this Trojan is launched then it will automatically download and install the fake Antivirus soft antivirus application on your system which will be configured automatically whenever you run windows or restart your system. When Antivirus Soft is started, it will emulate a system scan and detect a lot of different infections that will not be fixed unless you first purchase the program. Good to know, all these reported infections are false and not really exist on your PC so you can ignore the results of virus scan gives you soft.

Even though the Antivirus application will appear to run in your system some of the applications like the Notepad and etc will be blocked eventually. You will see some error message like the once which i have mentioned below;

Although Antivirus Soft is running, it will block the ability to run all programs as a way to scare you into thinking that your computer is infected with malware. The following warning appears when you try run Notepad "Application can not be executed. The Notepad.exe file is infected. Would you turn your antivirus software now".


Moreover, the rogue will flood your computer with false warnings and security alerts. Some of the alerts:

Windows Security Alert
  • Windows reports that the computer is infected. Antivirus software
  • helps protect your computer against viruses and other
  • security threats. Click here to scan your computer. Your
  • system could be in danger now.
Some more Windows Security Alert
  • Application can not be executed. Rundll32.exe file is infected.
  • Want to activate your software antvirus now.
Last but not least, Antivirus Soft turn away from Internet Explorer so that it will randomly show a warning page with the "Internet Explorer Warning - visiting this web site may harm your computer!" Header. Of course, all the above warnings and alerts, but nothing more as a scam and false analysis results should be ignored!
Reply With Quote
  #2  
Old 14-07-2010
Member
 
Join Date: Apr 2010
Posts: 206
Re: How to remove Antivirus Soft

As you can see, Antivirus Soft is a scam designed with one goal to make you buy what is called the full version of the program. Do not get caught in such scams this is just fooling you so that you will have to buy the fulll version. Simply follow the instructions mentioned in the below guide to remove the Antivirus software and any associated malware from your computer for free.

Symptoms in a HijackThis log

O4 - HKLM \ .. \ Run: [RANDOM]% UserProfile% \ Local Settings \ Application Data \ [RANDOM] \ [RANDOM] lsd.exe
O4 - HKLM \ .. \ Run: [RANDOM]% UserProfile% \ Local Settings \ Application Data \ [RANDOM] \ [RANDOM] lsd.exe
O4 - HKLM \ .. \ Run: [RANDOM]% UserProfile% \ Local Settings \ Application Data \ [RANDOM] \ [RANDOM] ftav.exe
O4 - HKLM \ .. \ Run: [RANDOM]% UserProfile% \ Local Settings \ Application Data \ [RANDOM] \ [RANDOM] ftav.exe


Use the following instructions to remove Antivirus Soft (uninstall instructions)

Step 1:

Download the HijackThis application from the following link HijackThis. Remember to Rename the HijackThis application to iexplore.exe before saving it on your desktop , by default the name will be HJTInstall.exe. Refer the image below:


If you are not allowed to download the application your internet explorer's proxy settings must be repaired.

To Repair the proxy settings of the Internet Explorer Follow the steps which are mentioned below:
  1. Double click the Internet Explorer browser icon.
  2. Then click Tools and select Internet options.
  3. Go to the Connections tab and click LAN setting button.
  4. Uncheck the "Use a proxy server" box.
  5. Click OK -> Click Apply -> Click OK.
Run HijackThis on your desktop by double clicking iexplore.exe icon on your desktop. After the installation finishes. HijackThis main menu will appear.

Click the "Do a system scan only button"

R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Internet Settings, ProxyServer = http = 127.0.0.1:5555
O4 - HKLM \ .. \ Run: [arlsknkv] C: \ Documents and Settings \ username \ Local Settings \ Application Data \ lqtwnu \ wqcmsysguard.exe
O4 - HKLM \ .. \ Run: [arlsknkv] C: \ Documents and Settings \ username \ Local Settings \ Application Data \ lqtwnu \ wqcmsysguard.exe
O4 - HKLM \ .. \ Run: [wcspymsu] "C: \ Users \ Owner \ AppData \ Local \ bbenmt \ badwsftav.exe"
O4 - HKLM \ .. \ Run: [ydcqinji] "C: \ Users \ Owner \ AppData \ Local \ rhjimj \ bogjsftav.exe"


Note: list of infected items may be different, but all have "string" lsd.exe in part right and "M4" in the left side.

Select all of the items listed by checking all of them and make it sure that no programs are running in the background. Then hit the "fix checked" button. Finally Exit this application.
Reply With Quote
  #3  
Old 14-07-2010
Member
 
Join Date: Apr 2010
Posts: 206
Re: How to remove Antivirus Soft

Step 2:

Download Malwarebytes Anti-Malware (MBAM) on your desktop. Then Close all the programs that may be running on your system.

Install the Malwarebytes Anti-Malware (MBAM) by double clicking the setup.exe file on your desktop. Follow the instructions to install so that the installation process get completed successfully. Install the application with the default settings do not try to alter the default settings. Ensure that there is a check mark next to update Malwarebytes Anti-Malware. After that click the Finish button. So that if an update is available it gets downloaded.

Now a new window will appear on your screen as the one below:


Click on the radio button "perform a Quick scan" and finally click the scan button. So that all your hard drive data will be scanned for the antivirus soft infection. Click the OK button as soon as the scanning task is completed.


Then click on the show results button. Then a list of found threats will appear in the applications window similar to the image below.


Note: list of infected items may be different from what is shown in image below.

Ensure that all the listed items are checked by checking in the adjacent checkboxes. Then click Remove selected to start the Antivirus Soft cleaning process. A new connection will open in the notepad and you may be asked to restart the system as soon as the disinfection is completed. Hope your system and data have been saved successfully.

Some of the files created by the Antivirus are listed below:

% UserProfile% \ Local Settings \ Application Data \ [RANDOM]
% UserProfile% \ Local Settings \ Application Data \ [RANDOM] \ [RANDOM] lsd.exe
Antivirus Soft creates registry keys and values following

HKEY_CURRENT_USER \ Software \ avscan
HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Run \ [RANDOM]
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run \ [RANDOM]
Reply With Quote
Reply

  TechArena Community > ARENA > Guides & Tutorials
Tags: , , , ,



Thread Tools Search this Thread
Search this Thread:

Advanced Search


Similar Threads for: "How to remove Antivirus Soft"
Thread Thread Starter Forum Replies Last Post
How I can remove Platinum Soft antivirus? Jeevan Das Networking & Security 6 14-07-2010 09:30 AM
Unable to remove Antivirus Soft Knowle Networking & Security 4 12-07-2010 05:47 PM
Did not got an Antivirus Soft Platinum Delgado Networking & Security 3 12-07-2010 05:10 PM
Antivirus Soft Malware Popoye Networking & Security 4 30-03-2010 10:27 PM
How to remove Soft Malware Antivirus Custidio Networking & Security 5 30-03-2010 03:28 AM


All times are GMT +5.5. The time now is 06:48 PM.