Sysinternals Antivirus is a rogue program from the same family as Your PC Protector scareware.
It tries to trick you into purchasing the program by making you think that your PC is infected with malware. Malware poses to be a program from Sysinternals troubleshooting utilities suite. Usually, Sysinternals Antivirus is installed through the use of Trojans that display fake security alerts and pop-ups on the computer. While running, Sysinternals Antivirus will scan your computer it detect harmless of Windows system files as malware but will not allow you to remove them until you purchase the program. What is more, this fake program will block legitimate anti-virus and anti-spyware programs or in some cases it may block nearly all legitimate software on your computer and disable certain system tools such as Task Manager and Registry editor.
While Sysinternals Antivirus is active, you will be constantly shown fake security alerts and pop-ups on your computer. Those alerts will state that there is some type of security risk on your computer and then prompt you to purchase Sysinternals Antivirus. The rogue program will also display a window that impersonates the legitimate Windows Security Center.
Just like the false scan results, these security alerts are just another trick being used to make you pay for bogus software. You shouldn't purchase Sysinternals Antivirus.
As you can see, Sysinternals Antivirus is nothing more but a scam. If you have already purchased Sysinternals Antivirus, then we suggest that you contact your credit card company and dispute the charges. Then you should remove Sysinternals Antivirus on your computer as soon as possible following the removal guide below. We strongly recommend you to scan your PC with at least one legitimate and reliable anti-spyware program.
Removal:
Kill malicious Processes from Task Manager:
- alggui.exe
Location of the infection:
- c:\Program Files\alggui.exe
Registry Entries to be removed. (Take a backup of registry, before editing it)
- HKEY_CURRENT_USER\Software\Sysinternals Antivirus
- HKEY_CLASSES_ROOT\CLSID\{149256D5-E103-4523-BB43-2CFB066839D6}
- HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ServicesAdbUpd
Although it is possible to manually remove Sysinternals Antivirus, such activity can permanently damage your system if any mistakes are made in the process, as advanced spyware parasites are able to automatically repair themselves if not completely removed. Thus, manual spyware removal is recommended for experienced users only, such as IT specialists or highly qualified system administrators. For other users, we recommend malware and spyware removal applications.
After removing all these files, restart your computer and the issue will be fixed. And don’t forget to do update your Security Software, check the Firewall Settings and the Operating System and finally do a full system scan with the Security Software.
0 comments:
Post a Comment