By Marianne Layador - PC Tools Malware Research Team
Antivirus GT is another fake antivirus program originated from the same group of products as Personal Antivirus, Alpha Antivirus and Live Enterprise Suite, Live Security Suite. Like any other rogue, Antivirus GT could get onto a system after being unknowingly downloaded from a malicious site and installed without the user’s consent. It could also be manually installed by a user who mistakenly believed that the product was a legitimate program.
Once a system is infected, Antivirus GT automatically scans, gives reports about infections and recommends getting full-time protection by purchasing the product. However, the reportedly “infected” files are actually just files randomly tagged as threats in the user’s system.
Fake Malware Warnings
This memory resident rogue is persistent in convincing the user to buy their product by showing tons of pop-up fake warning alerts. It will even notify the user that the executed normal file is a virus!
From time to time, it will bring up the different types of fake threats running in a user’s system.
Some pop-ups alerts contain the following messages. You may have noticed some misspelled words.
Resident Shield: New virus detected
Warning! New virus detected
Please click “Remove All” button to heal all infected files and protect your PC
Internet Shield: Identity theft attampt detected
Warning! Identity theft attempt detected
Please click “Prevent attack” button to heal all infected files and protect your PC
Security advisor: Important updates available
Attention! New important updates available
Always install latest updates to enhance your computer secutity and performance
Samples of actual pop-up warnings:
Clicking on the “Get full time protection”, “Remove All”, “Prevent attack” or “Update Now” buttons takes the user into a website offering several licensing options for the fake antivirus software. These unsuspecting users are lured into entering their credit card details in exchange for complete protection and removal of viruses.
PC Tools advises against entering any credit card information on these forms. Victims of this attack are strongly advised to immediately contact their credit card companies to dispute the anomalous transactions and ensure that there will be no future unauthorized charges.
Manual Removal Guide
My Security Shield drops the following files:
and creates the folders:
My Security Shield creates these registry keys and entries:
Note: <#> = random numbers
To cleanup Antivirus GT, the above files / folders and registry entries would have to be removed.
What is Rogue Antispyware?
Rogue antispyware is a type of misleading application, which employs deceitful and disruptive tactics to try to persuade people to supply payment information. At best these programs are simply annoying. At worst they are intrusive and damaging. Some programs try to scare people by claiming their PC is infected with spyware or viruses, when it isn’t. Others will use registration reminder pop-ups, hoping people will think they intended to download and purchase the product, and then enter payment details. There are also rogue antispyware programs which will display pornographic material on PCs or prevent people from accessing their files, then claim that purchasing the application is the solution.
Whenever choosing an antispyware or antivirus program, we recommend that you choose one which is proven, and has genuine awards from at least one well-respected research authority, such as PC Magazine, PC World, CNET, PC Pro Magazine, PC Authority, or PC Answers. Do not use ratings from unknown review websites, as these are oftentimes designed to mislead you into purchasing affiliated, inferior, or even rogue products.
How did it get on my PC?
Creators of rogue antispyware programs use many avenues to reach your PC. They may directly mislead you into downloading the program by setting up a website with fake reviews claiming the product is useful, and then ensuring that website is viewed by as many people as possible. They also use indirect methods, such as infecting a link or a file so that the program is installed on your machine without your knowledge. If a person isn’t already using a legitimate antispyware program, their PC is vulnerable to these infected files as they surf the web or read emails.
How can I remove Antivirus GT?
First, download and install Spyware Doctor. Then, use it to scan your PC. If your PC is infected with Antivirus GT or any other malware, the name of the infection will be listed. The infections can be removed by purchasing Spyware Doctor.
For Spyware Doctor non-beta users:
Ensure you have the latest version of our signature database using SmartUpdate. This will protect you from the latest threats in the wild including Antivirus GT.
Spyware Doctor is a legitimate, multiple award-winning antispyware program offering free customer support and a 100% Money Back Guarantee during the course of your subscription.
Spyware Doctor Detects and Removes Rogue Antispyware
Spyware Doctor uses the most advanced anti-malware technology to detect and block any suspicious activity on your PC. Spyware is becoming more sophisticated, constantly evolving its method of attack. The results range from damaged files, to slow computer speed, to stolen logins and identity theft. We’ve built in real-time behavioural analysis to automatically recognize and respond to any style of malware attack, even never seen before, “zero-day” threats. Use Spyware Doctor and you can be confident that your PC is secure.
Spyware Doctor continues to receive awards from leading PC authorities such as PC World, PC Magazine, PC Pro, PC Plus, PC Authority, PC Utilities, PC Advisor, PC Choice, Microdatorn and Computer Bild. PC Answers Magazine commended us with a “Best of the Year” award 2 years in a row.
Tests show that Spyware Doctor prevents, detects and removes more spyware, adware and other common threats than any other leading security software.
Purchase Spyware Doctor by PC Tools today to instantly protect you from new threats and remove the current ones on your PC.
• Total Anti-Spyware and Anti-Malware solution
• Zero-Day threat protection
• Frequent, free updates
• Fast scanning and removal
• Won’t slow your PC down
• Easy to use with Intelliguard technology
• Customizable settings with password protection
• FREE customer support
• 100% Money Back Guarantee
• And more…