General Antivirus - Misleading Application
- Type: Spyware
- Category: Rogue Programs
- Discovered: 27 January 2010
- Removal tools: Malwarebytes' Anti-Malware, Spyware Doctor
1. Introduction
General Antivirus is a corrupt anti-virus program, because of its inability to deal with computer viruses and malicious objects that may be posing serious risks. General Antivirus is also known as a scareware, because of its deceitful computer scanner, which results in false virus detections, thus making user believe that the computer system is infected. General Antivirus is very similar to rogue programs Internet Antivirus Pro and Live Enterprise Suite.
General Antivirus is configured so that the scanner starts each time computer is started and Windows OS is booted. During the scan process a number of virus-like titles will appear in the report, thus warning user that threats have been found on the computer. This is an effective way to persuade user that the machine is at risk, at the same time suggesting General Antivirus as anti-virus tool to solve computer security problems, which were allegedly found by the program itself. But the program will not do anything until user purchased licensed version of General Antivirus.
User should not trust General Antivirus as anti-virus software, because the program is unable to clean computer from viruses and other threats, even if the license has been purchased. Do not make any payments, as to do so will cause personal data disclosure to third parties.
General Antivirus can be identified by System alerts displayed in the taskbar area next to program icon stating that:
General Antivirus is configured so that the scanner starts each time computer is started and Windows OS is booted. During the scan process a number of virus-like titles will appear in the report, thus warning user that threats have been found on the computer. This is an effective way to persuade user that the machine is at risk, at the same time suggesting General Antivirus as anti-virus tool to solve computer security problems, which were allegedly found by the program itself. But the program will not do anything until user purchased licensed version of General Antivirus.
User should not trust General Antivirus as anti-virus software, because the program is unable to clean computer from viruses and other threats, even if the license has been purchased. Do not make any payments, as to do so will cause personal data disclosure to third parties.
General Antivirus can be identified by System alerts displayed in the taskbar area next to program icon stating that:
- Your PC is still infected with dangerous viruses. It is strongly recommended to activate antivirus protection to prevent data loss and to avoid the theft of your credit card details. Click here to activate protection.
- General Antivirus Tray Agent. General Antivirus has detected harmful software in your system. We strongly recommended you to register General Antivirus to remove these threats immediately.
- While running Windows in normal mode, malicious processes won't let to download any files. Safe Mode is required to download removal tool:
- Restart the computer;
- As soon as white letters on a black background appear, start tapping F8 key on your keyboard;
- After Windows Advanced Options Menu appeared, select an option "Safe Mode with Networking";
- Log in as a user;
- Act Yes on Desktop warning;
- Download General Antivirus removal tool to Desktop, but do not install yet;
- Restart and boot the computer as usual;
- Follow these installation instructions.
2. General Antivirus removal tools:
- Malwarebytes' Anti-Malware (for the installation guide click here)
- Spyware Doctor (for the installation guide click here)
3. Screenshot:
4. General Antivirus files:
C:\program files\General Antivirus\GenAvir.exec:\program files\General Antivirus\uninstall.exe
5. Hijackthis entries:
O4 - HKCU\..\Run: [Microsoft Windows logon process] C:\Documents and Settings\user\Application Data\Microsoft\Windows\winlogon.exe
O4 - HKCU\..\Policies\Explorer\Run: [General Antivirus] "c:\program files\General Antivirus\GenAvir.exe" /s
O4 - HKCU\..\Policies\Explorer\Run: [inor] "C:\WINDOWS\system32\mui\041D\inor.exe"
O23 - Service: Guard Service (HTGrdEngine) - Unknown owner - C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Windows\services.exe
O4 - HKCU\..\Policies\Explorer\Run: [General Antivirus] "c:\program files\General Antivirus\GenAvir.exe" /s
O4 - HKCU\..\Policies\Explorer\Run: [inor] "C:\WINDOWS\system32\mui\041D\inor.exe"
O23 - Service: Guard Service (HTGrdEngine) - Unknown owner - C:\Documents and Settings\user\Local Settings\Application Data\Microsoft\Windows\services.exe