www.tech-ava-soft.org – fraudulent site related to AVASoft Professional Antivirus

This is the warning for all active online surfers. Hackers never sleep, and as days go by they develop new ways of stealing money by means of deceiving and tricking users. AVASoft Professional Antivirus is one of their latest fake anti-spyware applications, being rightfully considered a rogue security application. This hoax has been previously described by us in this article already. We know that this program is not a real antivirus. And, quite logical, it is far away from being a professional one. The trick is that this hoax is linked to a real site called www.tech-ava-soft.org, which is used for payment processing when deceived users are prompted into buying the rogue called AVA Soft Antivirus Professional.

Note! The malware removal steps are in details described in our primary guide on AVA Soft Professional Antivirus removal – http://trojan-killer.net/remove-avasoft-antivirus-professional-virus/

The peculiarity of www.tech-ava-soft.org is that this site has the download link for a totally different program called Antivirus Security 2013. This one doesn’t display any false positives, so it seems that it is not a rogue security program. Still, we strongly doubt its capabilities to be a real security software when comparing it to security software giants. It is obvious that this site leads users to the payment processing page of two opposite applications by their nature. One is a rogue whereas the other doesn’t seem to be a fake AV in a full sense of this word. Probably this was done as a way to convince some banks to arrange processing for the program called AVASoft Professional Antivirus (even though these banks might not even know they’re rendering services for rogue software makers). Here is how this fraudulent site looks like:

www.tech-ava-soft.org

We don’t know the complete story about how hackers get their funds via www.tech-ava-soft.org payment interface and which banks stand behind this way of collecting payments. We’re not hackers and we don’t know their tricks. What we know is that this site is dangerous, because it is directly used as a way of stealing funds from users who mistakenly buy AVASoft Professional Antivirus scam. We also know that instead of buying this hoax you need to immediately remove this scam from your computer. And, of course, if you mistakenly purchased this hoax, please immediately dispute the charges via your good bank, telling the bank officers that the program you actually purchased is a rogue anti-malware tool.

Screen shot of AVASoft Professional Antivirus:

AVASoft Professional Antivirus

Examples of bogus security alerts, warnings and notifications expressed by AVA Soft Antivirus:

Warning!
Application cannot be executed. The file taskkill.exe infected.
Please activate your antivirus software.

Security Monitor: Warning!
Attention! System detected a potential hazard (TrojanSPM/LX) on your computer that may infect executable files. Your private information and PC safety is at risk. To get rid of unwanted spyware and keep your computer safe your need to update your current security software.
Click Yes to download official intrusion detection system (IDS software).

Spyware.IEMonster activity detected. This is spyware that attempts to steal passwords from Internet Explorer, Mozilla Firefox, Outlook and other programs.
Click here to remove it immediately with AVASoft Professional Antivirus.

AVASoft Professional Antivirus Firewall Alert
AVASoft Professional Antivirus Firewall has blocked a program from accessing the Internet.
Internet Explorer Internet Browser is infected with worm SVCHOST.Stealth.Keyloger. This worm is trying to send your credit card details using Internet Explorer Internet Browser to connect to remote host.

AVASoft Professional Antivirus Warning
Some critical system files of your computer were modified by malicious program. It may cause system instability and data loss.
Click here to block unauthorized modification by removing threats (Recommended)

AVASoft Professional Antivirus Warning
Your PC is still infected with dangerous viruses. Activate antivirus protection to prevent data loss and avoid the theft of your credit card details.

Warning: Your computer is infected
Detected spyware infection!
Click this message to install the last update of security software…

AVASoft Professional Antivirus Warning
Intercepting programs that may compromise your privacy and harm your system have been detected on your PC.
Click here to remove them immediately with AVASoft Professional Antivirus.

Two important steps of deleting Avasoft Antivirus:

  • Terminating (stopping) the malicious process of fake AV.
  • Running security tool (anti-virus) to delete all remnants associated with this hoax.

Instructions on how to terminate the process of AVA Soft Professional Antivirus scam using taskkill.exe command:

  1. Enable the display of extensions.
  2. Run Explorer by clicking Win+E.
  3. Go to the folder –> C:Windowssystem32
  4. Copy two files –> cmd.exe and taskkill.exe and transfer them to your desktop.
  5. Rename those files on the desktop –> cmd.exe into explorer.exe and taskkill.exe into iexplore.exe.
  6. Run from the desktop renamed file cmd.exe (now explorer.exe).
  7. In the opened window type iexplore /FI “WINDOWTITLE eq Avasoft Professional Antivirus” /IM * /F
  8. Press “Enter“.
  9. Download Trojan Killer to remove AVASoft Antivirus Professional scam completely!

Alternative way to kill AVA Soft Professional Antivirus

  • Use “Win + E” hotkey command on your keyboard. This will open Windows Explorer.
  • In the address field insert the following link: http://gridinsoft.com/downloads/KillProc.zip
  • Save this KillProc.zip file onto your Desktop.
  • Hold “Shift” key on your keyboard and right-click KillProc.zip
  • Select “Open with…
  • Open with...

  • In the windows that comes up select “Browse
  • Browse

  • Find the program called Windows Explorer as the one that will open this KillProc.zip archive. The location for this program is C:WINDOWSexplorer.exe
  • explorer.exe

  • Click “Open“.
  • In the “Open with…” window select “Windows Explorer” and click “OK“.
  • Windows Explorer

  • Open KillProc archive and copy 2 files onto your Desktop – autoscan.dat and iExPlOrE.exe
  • KillProc folder contents

  • Run iExPlOrE.exe
  • Click “Automatic Scan
  • Automatic scan

  • The following message should come up, you need to click “Yes“.
  • Kill AVASoft Antivirus

  • The process of AVASoft Professional Antivirus should be killed.
  • Now it’s time to download and run GridinSoft Trojan Killer to remove AVASoft Professional Antivirus malware.
  • AVASoft Antivirus Professional virus manual removal:

    AVASoft Antivirus Professional files to be removed:

    %Desktopdir%AVASoft Antivirus Professional.lnk
    %Programs%AVASoft Antivirus ProfessionalAVASoft Antivirus Professional.lnk
    %AppData%[random][random].exe

    AVASoft Antivirus Professional virus registry entries to be removed:

    HKCUSoftwareMicrosoftWindowsCurrentVersionRunOnce[random] %AppData%[random][random].exe
    HKCUSoftwareMicrosoftWindowsCurrentVersionUninstallAVASoft Antivirus Professional
    HKCUSoftwareMicrosoftWindowsCurrentVersionUninstallAVASoft Antivirus ProfessionalDisplayIcon %AppData%[random][random].exe,0
    HKCUSoftwareMicrosoftWindowsCurrentVersionUninstallAVASoft Antivirus ProfessionalDisplayName AVASoft Antivirus Professional
    HKCUSoftwareMicrosoftWindowsCurrentVersionUninstallAVASoft Antivirus ProfessionalShortcutPath "%AppData%[random][random].exe" -u
    HKCUSoftwareMicrosoftWindowsCurrentVersionUninstallAVASoft Antivirus ProfessionalUninstallString "%AppData%[random][random].exe" -u

    You may also like...

    Leave a Reply