Antivirus GT
Antivirus GT or sometimes called as AntivirusGT is a fake anti-malware program that will disguise as anti-virus and anti-spyware for Windows operating system. It originated from the same group who spearheaded the spread of Antivirus 7. This type of software is being distributed through the Internet using different channels. A malicious web site pretending to be an online virus scanner can download Antivirus GT automatically on visitors computer via drive-by-download method. File-sharing networks, instant messaging programs and spam email messages can also contribute to the propagation of this unwanted application. With this mentioned, make sure that all cautions when clicking on link, opening email attachments and installing executable files are being taken with cautious.
If Antivirus GT is installed, a modification will be made to the system registry and make it start automatically with Windows operating system. A virus scan is performed and displays a very fast scan results detecting dozens of threats. Fake warning alerts will continuously pop-up on the screen stating that computer is infected. One sample alert will have this message:
AntivirusGT Resident Shield: Virus Detected
Warning! Active virus detected!
Threat Detected: Trojan.Injector.BZ
Infected File: C:\Windows\System32\rundll32.exe
It will prompt user to get rid of these viruses by getting the full version of Antivirus GT. Following this advise will just scam users and no protection or virus removal will be made. After all, this rogue program has no capability to perform as an antivirus program because it is lack of necessary application and database to do so. The only way to remove Antivirus GT is by using an updated version of anti-malware and anti-virus application.
Antivirus GT Screen Shot:
Alias: AntivirusGT, AV GT
Damage Level: Medium
Systems Affected: Windows 9x, 2000, XP, Vista, Windows 7
Antivirus GT Removal Procedures
Manual Removal:
1. Stop Antivirus GT process by pressing Ctrl+Alt+Del. Windows Task Manager will open. Look for the following process:
antivirus GT.exe
avgt.exe
2. Update your installed anti-virus program.
3. Run a full system scan and clean/delete all detected infected file(s). A manual removal of virus-related files should also be performed.
4. Edit Windows registry and delete Antivirus GT entries.
5. Exit registry editor.
6. Remove Antivirus GT start-up entry by going to Start > Run, type msconfig on the “Open” dialog box. System Configuration Utility will open. Go to Startup tab and uncheck the following Start-up item(s):
antivirus GT.exe
avgt.exe
7. Click Apply and restart Windows.
Antivirus GT Removal Tool:
In order to completely remove the threat, it is best to download and run Malwarebytes Anti-Malware. Sometimes, Trojans will block the downloading and installation of MBAM. If this happens, download it from a clean computer and rename the executable file before executing on the infected machine.
Technical Details and Additional Information:
While Antivirus GT still resides on the system, a continuous pop-up alert messages will be displayed to scare computer users and hope that they will be able to purchase the licensed version. Some of this alerts may contain these statement:
Resident Shield: New virus detected
Warning! New virus detected
Please click “Remove All” button to heal all infected files and protect your PC
Internet Shield: Identity theft attempt detected
112.58.55.78
Warning! Identity theft attempt detected
Please click “Prevent attack” button to heal all infected files and protect your PC
Security advisor: Important updates available
Attention! New important updates available
Always install latest updates to enhance your computer security and performance
Malicious Files Added by Antivirus GT:
c:\Documents and Settings\All Users\Start Menu\AVGT
c:\Documents and Settings\All Users\Start Menu\AVG\Antivirus GT.lnk
c:\Documents and Settings\All Users\Start Menu\AVG\Uninstall.lnk
c:\Program Files\AVGT
c:\Program Files\AVGT\Antivirus GT.exe
c:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb
c:\WINDOWS\system32\UpdateExplorer.dll
%UserProfile%\Desktop\Antivirus GT.lnk
Antivirus GT Registry Entries:
HKEY_CURRENT_USER\Software\EVA246
HKEY_CLASSES_ROOT\CLSID\{E2BFE352-A303-4EA8-88FE-CE35361D7E8B}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E2BFE352-A303-4EA8-88FE-CE35361D7E8B}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “AVGT”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform “WinNT-EVI 12.03.2010″
Steve Dyer
Jul 17, 2010 @ 19:37:00
I need help now. I have a big problem and I do NOT want to buy your product antivirus gt.
You are stopping me logging on to web sites.
Attention! Your web page request has been cancelled.
This web site refused your connection as it was reported as a malicious request. This can be caused by Viruses, Trojans or Malware found on your computer.
In order to resend your request to the website, press Resend request (please note, this action may cause a permanent block of your computer by the requested website)
In order to activate your security software, please press Fix Now (recommended)
You keep saying I have viruses. I did but am free now but your pop up still says I have them.
I’m getting pop ups like this…
Access violation at address 00542df1 in module ‘antivirus gt .exe’ read of address 00000010
Please help me remove this.
I’m getting pop ups from you saying
Antivirus gt special offer only 1000 annual licenses antivirus gt for only $19:95 remaining licenses o875 buy now.
I do NOT want your product but I would like you to remove it please
Please please please help me remove your antivirus gt from my computer because you have infected me!
Kid
Jul 20, 2010 @ 13:28:04
Try to use their 888 318 00 62 support centre. Besides I have this service and satisfied with it completely. But if for some reason you’re having problems with Antivirus GT, there’s no other way but to contact them and ask for help.
BlackHeat
Aug 12, 2010 @ 17:57:55
It´s all Fake!!
RB
Aug 13, 2010 @ 18:20:04
It’s EXTORTION!! They should be taken out and shot.
Bad Old Dog
Aug 24, 2010 @ 00:44:41
many of these posts look like they are from the virus writer.
use malware Bytes. AntivirusGT is simply a fake. it is a virus…
You may also want to save your money. if you fall for this you will need to pay competent help to clean your computer. It also will keep happening to you. Sorry for the bad news but that is the way it is
adam the computer guy
Sep 02, 2010 @ 01:04:38
Antivirus GT is Malware!!! Do not click on any links it recommends.
Jack
Sep 05, 2010 @ 02:18:48
I saw one of Antivirus GT in the temporal file folder of my laptop and it can’t be removed and can’t be deleted, I moved it into other file folder, after that I used system recovery. While it is starting system recovery for only a few seconds, my laptop is dead. It can’t start it any more. If you have such experience to recovery your laptop, please adverse.
Thanks,
Jack
Kate
Sep 06, 2010 @ 17:17:35
please help ive lost everything and cant seem to manually remove this what do i do???
Viet-Hai Phung
Sep 21, 2010 @ 12:48:38
Hi,
I have removed anti-virus GT from my program files and documents and settings folders. I also unchecked AVGT by using msconfig while carrying out a virus scan using McAfee. The msconfig function said that I had to re-start the machine, which happened when I was carrying out the virus scan. Now, when I log in, I just get the background but no applications on screen. Can you tell me why this is happening and what I can do about it please?
Thanks.
Mr Viet-Hai Phung
JERRY
Feb 26, 2011 @ 06:42:10
HIT CONTROL-ALT-DELETE TO GET TO TASK MANAGER THEN HIT THE NEW TASK BUTTON AND BROWSE TO TOUF FOLDERS CAN COPY TO A FLASH DRIVE. YOU CAN SCAN THE FLASH DRIVE LATER BEFORE REINSTALLING AFTER YOU FIX THE PROBLEM WITH THE VIRUS AVGT. WELL IF YOU HAVE THE BLANK SCREEN YOU CAN DO ALOT FROM TASK MANAGER. HOPE IT HELPS. COLLEGE OF LAKE COUNTY ILLINOIS COMPUTER STUDENT.
JERRY
Feb 26, 2011 @ 06:46:40
BROWSE TO YOUR FOLDERS AND COPY FILE YOU WANT TO KEEP TO A FLASH DRIVE
sudarison
Mar 12, 2011 @ 13:32:41
macfee 2007 key