Antivirus Soft Demo
Antivirus Soft Demo is what the Antivirus Soft rogue anti-virus is called during its initial stage. Antivirus Soft usually manifests itself as Antivirus Soft Demo on the initial stage of its activity on one's computer. Antivirus Soft Demo uses trojans to trigger false malware infiltration alerts and popup warnings of different types of fabricated viruses. Antivirus Soft Demo will then prompt its victims to buy and activate its commercial copy, Antivirus Soft. Antivirus Soft and all related threats are of no use for PC protection and should be removed with a reliable anti-spyware program immediately.
File System Modifications
- The following files were created in the system:
# File Name 1 %Documents and Settings%\[UserName]\Local Settings\Application Data\[random string]\[random]sftav.exe 2 %Documents and Settings%\[UserName]\Local Settings\Application Data\[random string]\[random]sysguard.exe 3 [random]sftav.exe 4 [random]sysguard.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\AvScanHKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = "1"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyOverride" = ""HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = "http=127.0.0.1:5555"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[random]"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "[random]"
I am unable to start Task Manager, run Spyhunter, Malwarebyte etc. or virtually anything else.
I couldn't start task manager or misconfig (in Run) but what did work was restarting and doing a system restore VERY QUICKLY as soon as windows loaded up. The demo I had was particularly vicious and blocked email / itunes / my computer etc. I could only access the internet once I went through the process of pretending that I was going to buy the antivirus programme, when I got to the 'purchase' stage I could go on to other websites but not until then. It even replaced my screensaver with a fake porn website !
Try system restore if you have Winodws XP - should work as the demo is slow to start up when the p.c. first comes on.