AntivirusGT or Antivirus GT is a fake secutity application from the same family of “rogue antispyware” tools as Antivirus7. The program only looks like a normal antivirus program, but unlike it, can not remove viruses, worms and trojans, as well as protect your computer from possible infections. AntivirusGT (Antivirus GT) is created with one purpose, to force you to buy its full version. Like other rogue antispyware programs, it is promoted and distributed through trojans, that once started will download and install the rogue onto your computer.
When this fake antivirus is started, it first step registers itself in the Windows registry to run automatically when you logon in to Windows. Further, the rogue will simulate a system scan and label legitimate Windows files and not existing files as infections that will not be fixed unless you first purchase the program. However, all of these reported infections, as well as self scanning, is nothing but a scam. You can safely ignore the fake scan results.
While Antivirus GT is running, it will flood your computer with nag screens, fake security alerts and notifications from your Windows taskbar. Some of the alerts:
VirtuMonde activity tracked
Virtumonde is an adware program that tends to monitor
your Internet browsing and may display targeted
…
Trojan:W32/Inject Activity Detected
Trojan:W32/Inject is a large family of malware that secretly
makes changes to the Windows Registry. Variants in the
family make also makes changes to other running processes.
Attention! Threats found!
Attention! 55 threats found!
Internet Shield; identity theft attempt detected
Warning! Identity theft attempt detected
AntivirusGT Resident Shield: Virus detected
Warning! Active virus detected
What is more, AntivirusGT can block the Windows Task Manager and legitimate Windows programs, so that when you will try to run an application, your computer will display a fake security warning that stats “Warning! Active virus detected”.
Last but not least, Antivirus GT will also install a malicious add-on (UpdateCheck.dll) to Internet Explorer. The add-on will hijack Internet Explorer so that it will randomly show a warning page that stats “Attention! Your web page request has been cancelled.”
However, all of these alerts, warnings and notifications are fake and like false scan results supposed to scare you into purchasing so-called “full” version of the fake security program. You should ignore all of them!
As you can see AntivirusGT is very dangerous and can lead to a complete paralysis of your computer, as well as leakage of your personal data in the hands of the authors of the malicious program. Need as quickly as possible to check your computer and remove all found components of this fake antivirus program. Use the removal guide below to remove Antivirus GT from your computer for free.
More screen shoots of AntivirusGT
Use the following instructions to remove AntivirusGT or Antivirus GT (Uninstall instructions)
Step 1. Disable malicious add-on.
Run Internet Explorer. Click Tools -> Manage Add-ons. Select UpdateCheck.dll addon and you will see an image similar below.
Manage Add-ons
Click disable, click OK and click OK to close Manage Add-ons window. Close Internet Explorer and run it once again.
Step 2. Stop AntivirusGT process.
You need stop a core process of AntivirusGT, after that, you will be able to remove this malicious program and any associated malware without any problem.
Right click to Windows task bar, select Task manager. Task Manager window opens. In the list of processes select the AntivirusGT.exe and you will see a screen similar to the one below.
Task Manager
Click End process button and click Yes for confirm. Close Task Manager.
If Task Manager is blocked, then go to My computer, open your system disk (disk C by defaults), then open System32 folder. Copy file taskmgr to your desktop. Right click to taskmgr icon on your desktop and select Rename. Type explorer and press Enter. Then repeat the step 2 once again.
Step 3. Remove AntivirusGT.
Download MalwareBytes Anti-malware (MBAM). Close all programs and Windows on your computer.
Double Click mbam-setup.exe to install the application. When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing, make sure a checkmark is placed next to Update Malwarebytes’ Anti-Malware and Launch Malwarebytes’ Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded you will see window similar to the one below.
Malwarebytes Anti-Malware Window
Select Perform Quick Scan, then click Scan, it will start scanning your computer for AntivirusGT infection. This procedure can take some time, so please be patient.
When the scan is complete, click OK, then Show Results to view the results. You will see a list of infected items similar as shown below. Note: list of infected items may be different than what is shown in the image below.
Malwarebytes Anti-malware, list of infected items
Make sure that everything is checked, and click Remove Selected for start removal process. When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.
Note 1: if you can not download, install, run or update Malwarebytes Anti-malware, then follow the steps: Malwarebytes won`t install, run or update – How to fix it.
Note 2: if you need help with the instructions, then post your questions in our Spyware Removal forum.
Note 3: your current antispyware and antivirus software let the infection through ? Then you may want to consider purchasing the FULL version of MalwareBytes Anti-malware to protect your computer in the future.
AntivirusGT creates the following files and folders
C:\Program Files\AVGT
%Temp%\MICROS~1.DLL
C:\Program Files\AVGT\antivirusGT.exe
AntivirusGT creates the following registry keys and values
HKEY_CLASSES_ROOT\CLSID\{3304F17F-732C-4AC6-BF67-DBDC8B88C11F}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3304F17F-732C-4AC6-BF67-DBDC8B88C11F}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AVGT
thank you very much for your help this page has been a life saver and very helpful.
I am very excited about how your system and will give my oppionion once Ive tried it out
This was the only site that mentioned to remove that IE add-on. I had everything cleaned up but my browser was still being re-directed. Thanks so much for this.