How to Get Rid of Antivirus System from Your Computer

What is Antivirus System?

 

Antivirus System briefly information

Title: Antivirus System

Type: Rogue Antispyware, ransomware

Attack OS: Windows  

Severity scale: high

Antivirus System is a bogus program, also is known as malicious application, rogue anti-spyware. This virus infiltrate into the target computer without user knowledge or permission. It is usually known that this virus will drop by such means as follows. It often comes bundled with other freeware, if users install or download related software, this virus can enter into the comprised system. Another way is that this virus can be added on the ads or links, spam attachments, so that when open those things, your computer may be infected with Antivirus System virus. Once this virus sneaks into the system, it begins to show fake security warning, which tries to make the users think that their computers have infected with dangerous threats. And also deceive the users into believing that Antivirus System provides the best way to fix their machines problems. To help fix all the threats completely fromtheir computers, it claims that users should purchase its licensed version which costs $89.85.to finish this payment, it requires users to make a money transaction. So you need to input some personal information into the purchase form, in this case, your information are in high risk. For the hackers who design Antivirus System will record your purchase information, and they may use them onto the financial purpose. As a result, many visitors have paid this fine, for they have been scared by the fake message. If you face this message, please ignore it and try to get rid of this bogus program from your system. The following text is the content of the fake alerts: 

Rundll32.exe or Iexplore.exe is infected with Trojan-Downloader.JS.Agent.ftu. Private data can be stolen by third parties, including credit card details and passwords.

Potential dangers caused by Antivirus System virus

# It is a corrupt application
# It may spread via Trojans
# It asks to pay for non-functional "full version"
# This virus may display fake messages warning about computer problems
# This virus may install additional spyware to your computer
# This virus may repair its files, spread or update by itself

Step-by-step guides to uninstall Antivirus System virus manually

Instruction one:

a.Restart your computer, log on Safe mode with network option. (Press F8 at the very beginning, choose “Safe Mode with Networking” and press Enter to get in safe mode with networking.)

b.Go to Task Manager with Alt+Ctrl+Delete and stop its process.

c.Remove Antivirus System files, search the related files:

%Drive%:\Documents and Settings\Administrator\Local Settings\Temp\E_N4\cnvpe.fne

%Drive%:\Documents and Settings\Administrator\Local Settings\Temp\E_N4\dp1.fne

%Drive%:\Documents and Settings\Administrator\Local Settings\Temp\E_N4\eAPI.fne

%WinDir%\system32\8F2E3B\RegEx.fnr

%WinDir%\system32\8F2E3B\shell.fne

%WinDir%\system32\8F2E3B\spec.fne

d.Remove Antivirus System registries:

HKEY_USERS\S-1-5-21-1614895754-1637723038-725345543-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inf\OpenWithProgids  

HKEY_USERS\S-1-5-21-1614895754-1637723038-725345543-500\Software\Microsoft\Windows\CurrentVersion\Explorer\Streams\4  

HKEY_USERS\S-1-5-21-1614895754-1637723038-725345543-500\Software\Microsoft\Windows\CurrentVersion\Explorer\Streams\5   

HKEY_USERS\S-1-5-21-1614895754-1637723038-725345543-500\Software\Microsoft\Windows\CurrentVersion\Explorer\Streams\6

Instruction two: 

a.Reboot your computer，log on Safe mode with command prompt option. (Press F8 at the very beginning, choose “Safe Mode with command prompt” and press Enter to get in safe mode with command prompt)

b. Type the related prompt to access the desktop, please type “explorer’ and press Enter key

c.Create a new user account.（Click Start and click Control Panel> Click User Accounts and Family Safety>Under User Accounts, click Add or remove user accounts>Click Create a new account>Type in the account name. Select the account type: Administrator>Click Create Account.）

d.Reboot your computer and then log in with the new account which you have created.

e. The lest steps is the same with Instruction one b.c.d

Instruction three: 

Restored your system, choose the day before infecting this virus.

NOTE: all the instructions above should be done carefully, and you should need to know more computer knowledge, if you are not a good at computer, please get help from experts to remove this trickyvirus.