Description: Red Cross Antivirus is a malicious fake anti-malware application cloned from Red Cross Pest Detector, Peak Protection, Major Defense Kit and AntiSpy Safeguard. The main aim of Red Cross Antivirus is to try and trick users into purchasing a software license. This rogue program gets installed on user systems via Trojans that get downloaded without the user's knowledge from malicious websites by exploiting weaknesses in security. Once installed, Red Cross Antivirus will proceed to perform endless fake scans on the user's system, generating fake reports that state that the computer is dangerously infected with various malware applications. It also displays fake pop-ups from the Windows Taskbar, warning the user about malware that doesn't exist. In some instances, Red Cross Antivirus has been known to redirect the user to malicious websites whenever the user attempts to browse the internet. The most dangerous thing about Red Cross Antivirus is that it uses all these tactics to try and convince the user to purchase the software license for the 'full' version of Red Cross Antivirus, under the pretext that the currently installed 'trial' version is insufficient to remove the detected malware threats. However, all users should keep in mind that Red Cross Antivirus is a fake program that cannot perform any security functions on your computer’s operating system, therefore should never pay money for its fake license.
Red Cross Antivirus
» Download Red Cross Antivirus Removal Software
As soon as you discover that your system is infected with Red Cross Antivirus, you should initiate Red Cross Antivirus removal. In order to delete Red Cross Antivirus, it is necessary to stop its processes, delete its files and folders and remove its registry entries.
Remove Proxy Setting so You Can Connect to the Internet Again.
Red Cross Antivirus Manual Removal Procedures
The first step you need to take in order to remove Red Cross Antivirus is to stop the following processes from functioning:
- antispy.exe
- defender.exe
- tmp.exe
Delete Red Cross Antivirus Files
The next step in the process of Red Cross Antivirus removal is the deletion of the following files and folders:
- %UserProfile%\Application Data\PAV\
- %UserProfile%\Application Data\antispy.exe
- %UserProfile%\Application Data\defender.exe
- %UserProfile%\Application Data\tmp.exe
- %UserProfile%\Local Settings\Temp\kjkkklklj.bat
Now there will be no instances of Red Cross Antivirus installed on your computer any longer.
Red Cross Antivirus Registry Removal Procedures
File deletion alone is not sufficient to ensure complete Red Cross Antivirus removal. In order to remove Red Cross Antivirus completely, you should remove the following keys and settings from the Windows Registry as well:
- HKEY_CURRENT_USER\Software\PAV
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnonBadCertRecving" = "0"
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnOnPostRedirect" = "0"
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "tmp"
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce "SelfdelNT"
- HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" = "%UserProfile%\Application Data\antispy.exe"
At this point it is safe to say that you have completely removed Red Cross Antivirus from your computer. However, in order to make sure that no additional threads reside in the PC’s file or registry system it is recommended to run a full scan of all data using a genuine antivirus product such as Spyware Doctor with Antivirus.
Red Cross Antivirus Directories:
- %UserProfile%\Application Data\PAV\
We see this threat in the above folder and trace files in the Application Data folder. AKA Appdata folder for Windows 7 and Vista users.
Outside Resources:
http://spywareremovers.com/how-to-remove-red-cross-antivirus
Speak Your Mind