Feb 12, 2010

Remove Security Antivirus - SecurityAntivirus Removal Information

One might think that Security Antivirus is antivirus program that was created in order to help people to keep their computers in safe. What you probably might not know is that Security Antivirus is a rogue antispyware application that only pretends to be working as security tool. Being promoted by Trojan horse, this badware can sneak inside your computer unnoticeably. Once you have got infected, this virus will install Security Antivirus onto your PC. After being settled down, Security Antivirus will start its fake system scan and show a list with numerous infections that are being working on your computer. Moreover, Security Antivirus will not allow users to get rid of those infected files, until purchasing the registered key that is necessary to pay for in order to activate full version of Security Antivirus. Please remember that Security Antivirus is rogue antispyware application, so it must not be trusted whatever it says you to. While running, Security Antivirus will do a lot to prevent its detection. For this reason, this nasty software will try to get over you legitimate security programs and block or even remove them. Also, Security Antivirus is going to hijack your Internet browser and control all links you follow when browsing the world web. That will give Security Antivirus a possibility to deny access to security pages that operate the sources that can detect and remove this virus from your computer. All in all, Security Antivirus is extremely unwanted application that is neither annoying, nor dangerous. But letting it stay active inside your own PC means that you will accept a risk of being infected, so it is highly recommended to get rid of Security Antivirus until it is not too late.

Type: Rogue Anti-Spyware
Malware Author: Unknown
Threat Level: Critical
Screenshot:

How to remove Security Antivirus manually:
It's possible to remove Security Antivirus manually, but you have to be very experienced in dealing with registry entries, program files and .dll files.

The files to be deleted:

%Documents and Settings%\All Users\Application Data\345d567\
%Documents and Settings%\All Users\Application Data\345d567\72.mof
%Documents and Settings%\All Users\Application Data\345d567\mozcrt19.dll
%Documents and Settings%\All Users\Application Data\345d567\SA345d.exe
%Documents and Settings%\All Users\Application Data\345d567\SAV.ico
%Documents and Settings%\All Users\Application Data\345d567\sqlite3.dll
%Documents and Settings%\All Users\Application Data\345d567\BackUp
%Documents and Settings%\All Users\Application Data\345d567\BackUp\Adobe Reader Speed Launch.lnk
%Documents and Settings%\All Users\Application Data\345d567\BackUp\Adobe Reader Synchronizer.lnk
%Documents and Settings%\All Users\Application Data\345d567\Quarantine Items\
%Documents and Settings%\All Users\Application Data\345d567\SAVSys\
%Documents and Settings%\All Users\Application Data\345d567\SAVSys\vd952342.bd
%Documents and Settings%\All Users\Application Data\SADFIOPODIV\SAAKDUPV.cfg
%Documents and Settings%\[UserName]\Application Data\Security Antivirus
%Documents and Settings%\[UserName]\Application Data\Microsoft\Internet Explorer\Quick Launch\Security Antivirus.lnk
%Documents and Settings%\[UserName]\Application Data\Security Antivirus\cookies.sqlite
%Documents and Settings%\[UserName]\Desktop\Security Antivirus.lnk
%Documents and Settings%\[UserName]\Recent\ANTIGEN.drv
%Documents and Settings%\[UserName]\Recent\ANTIGEN.exe
%Documents and Settings%\[UserName]\Recent\cid.dll
%Documents and Settings%\[UserName]\Recent\CLSV.drv
%Documents and Settings%\[UserName]\Recent\DBOLE.sys
%Documents and Settings%\[UserName]\Recent\ddv.dll
%Documents and Settings%\[UserName]\Recent\ddv.sys
%Documents and Settings%\[UserName]\Recent\energy.tmp
%Documents and Settings%\[UserName]\Recent\FS.drv
%Documents and Settings%\[UserName]\Recent\gid.drv
%Documents and Settings%\[UserName]\Recent\PE.drv
%Documents and Settings%\[UserName]\Recent\PE.exe
%Documents and Settings%\[UserName]\Recent\PE.sys
%Documents and Settings%\[UserName]\Recent\PE.tmp
%Documents and Settings%\[UserName]\Recent\runddlkey.dll
%Documents and Settings%\[UserName]\Recent\std.exe
%Documents and Settings%\[UserName]\Recent\tjd.drv
%Documents and Settings%\[UserName]\Recent\tjd.sys
%Documents and Settings%\[UserName]\Start Menu\Security Antivirus.lnk
%Documents and Settings%\[UserName]\Start Menu\Programs\Security Antivirus.lnk
%Program Files%\Mozilla Firefox\searchplugins\search.xml

Remove registry entries:

HKEY_CURRENT_USER\Software\3
HKEY_CLASSES_ROOT\SA345d.DocHostUIHandler
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes “URL” = “http://findgala.com/?&uid=195&q={searchTerms}”
HKEY_CURRENT_USER\Software\Classes\Software\Microsoft\Internet Explorer\SearchScopes “URL” = “http://findgala.com/?&uid=195&q={searchTerms}”
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer “PRS” =”http://127.0.0.1:27777/?inj=%ORIGINAL%”
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “RunInvalidSignatures” = “1″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform “App/7.00195″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Security Antivirus”

Please be careful because manual removal of Security Antivirus may seriously damage operational system and sensitive data. Also there is a big possibility of incomplete removal, because some files could be hidden and program could re-install itself after you delete files and registry entries. So we strongly recommend you to use automatical removal tool.

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)
/