Windows Protection

Malware Analysis:

Red Cross Antivirus…an interesting name for a rogue security program, isn’t it? You betcha. Those cyber scammers are getting shrewd and really cunning. All for one purpose – to swindle computer users by making them waste their savings. Red Cross Antivirus is a part of the currently active scareware distribution campaign that involves a number of other very similar scareware applications having almost the same GUIs and following identical propagation patterns. The oddest thing is Red Cross Antivirus usually gets downloaded by people manually while they believe it is a good application to use for computer protection. This unbelievable effect is attained by hackers in a tricky way. They distribute a trojan virus that triggers legit-looking alerts warning people about the supposed infections detected on their systems, allegedly on behalf of Microsoft. Then, victims are suggested to pick an anti-spyware solution out of the ‘recommended’ list. Red Cross Antivirus will be one of those programs. It’s too bad Red Cross Antivirus is a fake. It will only keep doing the messy job on the infected machine. This junkware will claim to have found yet more threats on your PC and then ask you to register your copy of Red Cross Antivirus. That is not something you should do though. Red Cross Antivirus is not going to help you in any way, please keep that in mind. So it’s best to not waste your time and remove Red Cross Antivirus malware from your system completely.

Determine if your PC is infected with Red Cross Antivirus:

Download Red Cross Antivirus Malware Free Scanner with Remover

Red Cross Antivirus Screenshot:

How to remove Red Cross Antivirus manually:

To perform manual removal of Red Cross Antivirus, you should do the following:

Delete Red Cross Antivirus corrupt files:

• %UserProfile%\Application Data\PAV\
• %UserProfile%\Application Data\antispy.exe
• %UserProfile%\Application Data\defender.exe
• %UserProfile%\Application Data\tmp.exe
• %UserProfile%\Local Settings\Temp\kjkkklklj.bat

Remove the following associated registry entries:

• HKEY_CURRENT_USER\Software\PAV
• HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “WarnonBadCertRecving” = “0″
• HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “WarnOnPostRedirect” = “0″
• HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “tmp”
• HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce “SelfdelNT”
• HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon “Shell” = “%UserProfile%\Application Data\antispy.exe”

Please note that manual removal of Red Cross Antivirus is a procedure of high complexity and should be performed with extreme caution. Lack of the required skills and even the slightest deviation from the instructions may lead to irreparable system damage. To ensure trouble-free deletion, it is recommended to use the automatic removal tool below:

Download Red Cross Antivirus Removal Tool