Popular Reviews

Adware Removal

» Adware Removal

Rogueware Removal

» Rogueware Removal

Keylogger Removal

Fix PC Errors

Helpful Definitions

Learn More

» Learn More

Antispyware Reviews

Registry Cleaner Reviews

Firewall Reviews

Spam Filter Reviews

Antivirus-1

Kudos:

"You guys rock. Your instructions were spot on! Thank You"
- J. Powell

"I was infected by SystemTool today. Thanks for the help on the page. I have removed it completely"
- L. Lepsře

"Your web page on Regclean was extremely helpful and very, very education. Its objectivity to was nothing short of excellent. Thank you..."
- Anthony G. Muya

"I want to express my thanks for the information on removing the browser hijacker. I took the steps you suggested and the follow-on precautions to prevent future infections... Thanks again"
- Carlos


For Information and Removal of Antivirus-1

    - what is Antivirus-1
    - automatic and manual removal instructions
    - personal assistance provided online or by phone to safely remove Antivirus-1.

 

Antivirus-1

Every computer users needs a reliable antivirus system.  Because of this need, however, there is a large crop of rogue programs claiming to provide protection.  Antivirus-1, which is but one of these rogue antivirus programs, offers to remove threats from your system, but the only thing you are likely to experience is an influx of pop-ups and a slowdown in functioning.  Learn how to recognize Antivirus-1 and other rogue programs so you can really protect your computer.

What Is Antivirus-1?

The primary tool of rogue antivirus programs is the pop-up ad.  They use these, sometimes very effectively, to convince users that there are security risks in their system.  Antivirus-1 looks and acts very much like these other programs.  It simulates an antivirus scan and reports its findings to you through pop-ups.  These appear legitimate, and many users opt to purchase the full version of Antivirus-1 to fix the infected files that are found.  The infections, however, do not exist.  Antivirus-1 creates false files in order to persuade users that they have security risks.  It should be emphasized that this program does not offer real protection, nor can it fix any existing issues.  This program is associated with Antivirus 2010 and Antivirus 360. 

Is Antivirus-1 In My System?

A common technique of rogue antivirus programs is to launch themselves whenever the host computer starts a new Windows session.  You will then receive "security warnings."  A typical one appears from the Windows taskbar and reads:

Spyware activity alert!

Spyware IEMonster activity detected.  It is spyware that attempts to steal passwords from Internet Explorer, Mozilla Firefox, Outlook, and other programs, including logins and passwords from online banking sessions, eBay, PayPal.

Another one warns:

svchost.exe
Internal conflict alert.
Anti-virus-1 detected internal software conflict. Some applicztion <sic> tries to get access to system kernel (such behavior is typical to Spyware/Malware). It may cause crash of your computer.

Warnings like these are particularly effective because they play on the fears of having personal and financial information stolen.  But be aware that "IE Monster" is nonexistent.  Antivirus-1 creates a list of fake files, such as Spyware.IEMonster.d, Zlob.PornAdvertiser.ba, Spyware.IMMonitor, Infostealer.Banker.E, and Dialer.Xpehbam.biz_dialer that are designed to create the illusion of serious security threats.

Antivirus-1 is able to modify your host file so it can redirect you to its rogue websites, where you are urged to purchase the full version.  Your homepage may be hijacked, and when you enter a search topic or web address, you will be drive instead to one of these websites.  Microsoft.browser-security-center.com is one such site that promotes Antivirus-1.

Different from some other rogue antivirus programs is Antivirus-1's ability to simulate a "blue screen of death," or a crash screen.  Here, you will be warned that SPYWARE.MONSTER.FX_WILD has been found in your system, which is forcing it to reboot.  The computer will then appear to go through a rebooting process, finally displaying an alert message:

Your Anti-virus-1 copy is unregistered.  Microsoft Security recommends you to activate your antivirus protection software.

This elaborate display is just that, a display.  Really, your computer has not crashed.  The "blue screen of death" was actually a screensaver.  Your computer was never in any real danger, except from Antivirus-1 itself.  These warning messages are effective for several reasons: one, they look legitimate.  These programs mimic the design of reputable antivirus programs.  Two, they indicate that your protection level is low and that your spyware protection, virus protection, general security, and automatic updating options are turned off.  Three, they recognize that computer users want to protect their computer and are hoping people will "impulse buy" their software.  Again, though, Antivirus-1 is unable to protect your computer. 

If left in your system, Antivirus-1 will cause slow performance because it consumes so much CPU power.  This rogue antivirus program may also affect your internet connection, and ultimately cause instability in your system. As always, the presence of a rogue program in your computer indicates that other forms of malware may enter, so it is important to remove Antivirus-1 as soon as you can.

How Did Antivirus-1 Enter My Computer?

Antivirus-1 uses incessant pop-ups and dire warning messages to persuade computer users that they need the full software.  When confronted with this, many opt to do so.  This installs the full version.  Instead of resolving any issues, however, users will notice that they still receive pop-ups and warnings.  In fact, nothing is fixed or protected. 

The "trial version" is what runs the false scans.  This can enter your computer in any number of ways.  Antivirus-1 is usually installed by a trojan known as Vundo. Vundo is usually carried on spam email attachments or on "questionable" websites.  These sites usually contain gaming, warez, or adult content.  Sites or applications that feature freeware, especially videos, or file sharing functions are vulnerable to Vundo, which is also known as Virtumonde, Virtumondo, or MS Juan. Clicking on ads or banners, and sometimes just visiting the site, can allow Vundo access to your system.  It is also possible to download Antivirus-1 unintentionally when you click on the pop-up ads (even when clicking Cancel) or when you are redirected to the rogue websites.

How Do I Remove Antivirus-1?

Rogue antivirus programs can be difficult to remove entirely from your system.  Running your current virus scan program is unlikely to do it because Antivirus-1 and others like it are designed to fly under their radar.  They lie dormant in order to evade detection until they can change your computer's settings.  This is why simply deleting the program will not work effectively either.  It can leave traces of the program in your system.  You have two options, then, for completely removing the program. 

One is to use reputable antivirus software to automatically remove Antivirus-1.  Malwarebytes Anti-Malware (Malwarebytes has free malware removal) is one such programs that will detect and remove this program, leaving no trace in your system.  This option saves untold time and aggravation and is idea for those who have little technical experience.  All you have to do is download the software and follow the easy instructions.  This option also has the benefit of reassurance - you know your computer is protected. 

The other option is to remove Antivirus-1 manually.  This can be complex because you have to remove files and registry keys, each of which have names that are very similar.  It is easy to miss one or two, and it is also easy to accidentally delete a necessary program.  For this reason, only those with extensive computer knowledge attempt to manually remove Antivirus-1.  If you do, delete the following:

Delete Antivirus-1 Files:

%Documents and Settings%All UsersApplication DataAV1

%Documents and Settings%All UsersStart MenuProgramsAnti-virus-1

%Documents and Settings%All UsersApplication DataAV1AV1.cab

%Documents and Settings%All UsersApplication DataAV1av1.exe

%Documents and Settings%All UsersApplication DataAV1AV1i.exe

%Documents and Settings%All UsersApplication DataAV1AV1i2.exe

%Documents and Settings%All UsersApplication DataAV1QWProtect.dll

%Documents and Settings%All UsersApplication DataAV1svchost.exe

%Documents and Settings%All UsersDesktopAnti-virus-1.lnk

%Documents and Settings%All UsersStart MenuProgramsAnti-virus-1Anti-virus-1.lnk

%Documents and Settings%All UsersStart MenuProgramsAnti-virus-1Uninstall.lnk

Delete Antivirus-1 Registry Values:

HKEY_CURRENT_USERSoftwareAV1

HKEY_CURRENT_USERSoftwareAV1AV1{F275E931-AFEC-4f70-B0D4-CC2731B945E0}

HKEY_CLASSES_ROOTAppID{29256442-2C14-48CA-B756-3EE0F8BDC774}

HKEY_CLASSES_ROOTAppIDQWProtect.DLL

HKEY_CLASSES_ROOTCLSID{70FEAD04-A7FD-4B89-B814-8A8251C90EF7}

HKEY_CLASSES_ROOTInterface{051C9A06-FB08-486F-B09B-8B33B261637D}

HKEY_CLASSES_ROOTQWProtect.QWProtectBHO

HKEY_CLASSES_ROOTTypeLib{512E801E-2F02-4ADE-ACAA-58F08A22B2F8}

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{70FEAD04-A7FD-4B89-B814-8A8251C90EF7}

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun "Monitor calibration"



Removing Antivirus-1 Automatically/Safely

For free automatic removal we recommend using Malwarebytes Anti-Malware. This program is widely recommended by reputable third-party sites, so you can be reasonably confident of its ability to safely get rid of Antivirus-1 and any hidden Trojans. As a precaution we recommend double checking your system with SpyHunter. This program requires paid registration to enable deletions, however it has a money back guaranteed and is the top of the line in malware removal. It should catch malware that evades Malwarebytes and block anything that tries to reinstal itself.

Download SpyHunter

Remove Antivirus-1 Now:

  1. Download and install Malwarebytes Anti-Malware and SpyHunter Download  
  2. Run a scan with Malwarebytes Anti-Malware.
  3. Remove all the detected infections (free).
  4. Run a scan with SpyHunter
  5. Remove any remaining infections
  6. Reboot and rescan with SpyHunter. Your computer should now be clean.

Important note: If Malwarebytes is blocked by malware then run Chameleon (Start Menu → All Programs → MalwareBytes' Anti-Malware → Tools → Malwarebytes' Anti-Malware Chameleon). If you need further help removing Antivirus-1 please email us at info@removeadware.com.au or call for personal assistance on toll-free number 888-655-3453, within the USA and Canada.


Disclaimer: This webpage was created to provide information on Antivirus-1 and how to uninstall it. Manual removal instructions are intended for use by technical experts and should be used at your own risk. We do not own or endorse Antivirus-1.




We are affiliated with some of the legitimate programs recommended on this website. Should you choose to use the programs recommended here, we may receive a fee that will help support the site.

NEWS | ARTICLES | REVIEWS | CONTACTS | LINK TO US
All content copyright 2006-2017, RemoveAdware.com.au. Author: Wayne Davis.
All Rights Reserved. All trademarks and company brand names are acknowledged.
Privacy Policy | Terms Of Service