Windows Protection

Threat Description:

It’s pretty hard to give a confident unambiguous answer to the question what Backdoor.POISON.BQA is and whether it actually exists as a standalone infection. This scary-sounding trojan is currently one of the instruments with the help of which Antivirus 7 scareware’s licensed version is being promoted. We know this might sound kinda confusing so let us provide some details on this point. If you have a look at the screenshot below this article, you will see that Backdoor.POISON.BQA is described as a computer threat that (citation) “arrives as attachment to email messages spammed by another malware or malicious user” in an attempt to control your PC. The truth can be acknowledged by realizing that the above description of Backdoor.POISON.BQA is being shown on fabricated security alerts called ‘Resident Shield: New virus detected’ generated by Antivirus 7 rogue anti-spyware we have mentioned. This automatically makes Backdoor.POISON.BQA nothing but a figurant of the filthy malvertising scheme meant to push the scareware application under consideration. In other words, if Antivirus 7 rogue gets into your system, it calls forth certain changes and distortion of the PC’s functioning and makes the OS display some pre-defined and deliberately falsified popup notifications like that. It means, you should not take these Resident Shield warning messages for granted no matter how trusty they seem. As of now, Backdoor.POISON.BQA exists as a part of crimeware pushing plan. So in case you are getting spammed by Backdoor.POISON.BQA alerts, you should run a virus scan using a trustworthy tool which will detect and help you get rid of the real infection.

Determine if your system is infected with Backdoor.POISON.BQA and related threats:

Download Backdoor.POISON.BQA and Antivirus 7 Free Scanner with Remover

Backdoor.POISON.BQA Related Fake Alert Screenshot:

How to remove this threat manually:

Backdoor.POISON.BQA and associated malware manual uninstall procedure:

Get rid of the related corrupt files:

• %Documents and Settings\All Users\Start Menu\AV7
• %Documents and Settings\All Users\Start Menu\AV7\Antivirus7.lnk
• %Documents and Settings\All Users\Start Menu\AV7\Uninstall.lnk
• %Program Files\AV7
• %Program Files\AV7\antivirus7.exe
• %WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb
• %WINDOWS\system32\UpdateExplorer.dll
• %UserProfile%\Desktop\Antivirus7.lnk

Delete the associated registry entries:

• HKEY_CURRENT_USER\Software\EVA246
• HKEY_CLASSES_ROOT\CLSID\{E2BFE352-A303-4EA8-88FE-CE35361D7E8B}
• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E2BFE352-A303-4EA8-88FE-CE35361D7E8B}
• HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “AV7″
• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform “WinNT-EVI 12.03.2010″

Please note that Backdoor.POISON.BQA and affiliated rogueware manual removal is a procedure of high complexity and should be performed with extreme caution. Lack of the required skills and even the slightest deviation from the instructions may cause irreparable system damage. To ensure trouble-free deletion, it is recommended to use the automatic removal tool below:

Download Backdoor.POISON.BQA Removal Tool