Is Earth AV A Rogue AntiMalware?

in Earth

Yes, it absolutely is! Related to the notorious rogue anti-malware Green AV, Earth AV is a rogue program that attempts to rip off users under the pretext of selling them the full version of a piece of software. Earth AV reaches user systems via Trojans that get downloaded from websites that claim to contain Flash player downloads. Once the Trojan is downloaded and installed on the computer, it downloads and installs the program by exploiting security vulnerabilities in the system. Once installed, it then proceeds to perform fake antivirus scans on the system through which it creates false results and warnings about viruses that don't exist on the computer. It also creates a large number of fake warning pop-ups from the Windows Taskbar which are totally irrelevant. This is to try and induce the user to purchase the license to the 'full' version of the fake software, by making them feel that the currently installed 'trial' version is incapable of saving the system from sure destruction. However, do not make any hasty decisions as Earth AV is a fake application that should not be trusted under any circumstances.

The first thing you should do as soon as you find a copy of this malware on your computer is initiate Earth AV removal. In order to delete it, it is important to stop processes, unregister DLLs, delete files and folders and remove registry entries.

File Removal Procedures

The first step you need to take in order to remove it is to stop the following processes:

* ergui.exe
* ErV_paid.exe
* eav.exe
* msdl.exe
* vec.exe

Next, it is necessary to unregister the following DLL files:

* ergui.exe
* ErV_paid.exe
* eav.exe
* msdl.exe
* vec.exe

The next step in removal is to delete the following files and folders:

Windows XP:

* %Documents and Settings%All UsersStart MenuProgramsEarth AV
* %Documents and Settings%All UsersDesktopEarth AV.lnk
* %Documents and Settings%All UsersApplication DataEarth AV
* c:Documents and SettingsAll UsersApplication Dataeav
* c:Documents and SettingsAll UsersApplication DataeavBase.dat
* c:Documents and SettingsAll UsersApplication Dataeavmsdl.exe
* c:Documents and SettingsAll UsersApplication Dataeavmsll.exe
* c:Documents and SettingsAll UsersApplication Dataeavvec.exe
* c:Documents and SettingsAll UsersApplication DataMicrosoftMachine
* c:Documents and SettingsAll UsersApplication DataMicrosoftMachineWStech.dll
* c:Documents and SettingsAll UsersStart MenuPrograms Earth AV
* c:Documents and SettingsAll UsersDesktop Earth AV.lnk
* %APPDATA%mozillafirefoxprofilesgsl.dll
* ergui.exe
* ErV_paid.exe

Windows Vista/Windows 7:

* %Documents and Settings%All UsersStart MenuProgramsEarth AV
* %Documents and Settings%All UsersDesktopEarth AV.lnk
* %Documents and Settings%All UsersApplication DataEarth AV
* %USER%AppDataeav
* %USER%AppDataeavBase.dat
* %USER%AppDataeavmsdl.exe
* %USER%AppDatamsll.exe
* %USER%AppDataavvec.exe
* %USER%AppDataMicrosoftMachine
* %USER%AppDataMicrosoftMachineWStech.dll
* %USER%AppDataStart MenuPrograms Earth AV
* c:Documents and SettingsAll UsersDesktop Earth AV.lnk
* %APPDATA%mozillafirefoxprofilesgsl.dll
* ergui.exe
* ErV_paid.exe

After the above steps have been completed, Earth AV no longer resides on your hard disk. Even if this is true in most cases, due to the complex nature of this threat it is still recommended to run a full system scan of the entire PC using genuine antivirus software.

Author Box
JaysonC has 1 articles online
http://spywareremovalguides.com/earth-av-removal.html
Add New Comment

Is Earth AV A Rogue AntiMalware?

Log in or Create Account to post a comment.
     
*
*
Security Code: Captcha Image Change Image
This article was published on 2010/12/16