Red Cross antivirus is a malware antivirus that installs itself illegally. This malware is installed through a fake Microsoft Essentials alert that runs a false complete scan of your computer and displays an alert that your computer system is seriously affected with viruses. It also displays a long list of files that are infected with viruses.In fact, the listed files are totally harmless and some do not even exist. It asks you to immediately clean the infected files; however, when you ask the Red Cross antivirus to clean the files it will ask you to pay some money first.

You should fall into the trap, as the program is a bogus one. Instead, you should focus on manually removing the Red Cross Antivirus program by performing the following suggested actions:

Remove Red Cross Antivirus processes

  1. To remove the Red Cross antivirus processes, you will need to open the Windows task manager.
  2. Click on Start button.
  3. Select the option Run.
  4. Type taskmgr and press Ok.
  5. Click on the tab named‘Processes’ from the top of the windows task manager.
  6. From the list of all the active processes, find out the red cross antivirus processes, which are:

antispy.exe

defender.exe

tmp.exe

hotfix.exe

  1. Now right click on these processes and click on the option End process.

Remove Red Cross Antivirus registry key values

  1. Press the key with windows label on it along with the key ‘R’.
  2. This will quickly open the Run.Now, type ‘regedit’ and click Ok.
  3. The registry editor will open.It is necessary to remove the Red Cross antivirus registry key.
  4. It will have two sections.Go to the left section and click on Edit, and then,click ‘Find’.
  5. Enter the registry values in the given space and press enter.
  6. Now right click on the values and select the option Delete.
  7. The Red Cross antivirus registry files you need to locate are:

HKEY_CURRENT_USER\Software\PAV

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “WarnonBadCertRecving” = “0?

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “WarnOnPostRedirect” = “0?

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “tmp”

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce “SelfdelNT”

HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon “Shell” = “%UserProfile%\Application Data\antispy.exe”

HKEY_CURRENT_USER\Software\PAV

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings | “WarnonBadCertRecving” = “0″

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings | “WarnOnPostRedirect” = “0″

HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon | “Shell” = “%UserProfile%\Application Data\antispy.exe”

HKEY_CURRENT_USER\Software\PAV

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “WarnonBadCertRecving” = “0″

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “WarnOnPostRedirect” = “0″

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “tmp”

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce “SelfdelNT”

HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon “Shell” = “%UserProfile%\Application Data\antispy.exe”

Remove Red Cross Antivirus DLL files

  1. Go to start and then click on Search.
  2. Now a list of multiple options will appear.Select the option ‘For files and folders’ and press Ok.
  3. Now type the Red Cross antivirus DLL file name which is jl27script.dlland select the option ‘My computer’ or ‘Local Hard drives’ to get quick and fast results.
  4. When the required file is shown, right click on it and select the option Delete from the menu to remove the file permanently.

Remove Red Cross Antivirus other files

  1. Go to Start and click on Search.
  2. Select the option ‘For files and folders’.
  3. Enter the Red Cross antivirus other file name one by one and press enter.
  4. You can also select ‘My computer’ if you want to get rapid results.
  5. When you get the result, right click on the file and press Delete to remove the file.
  6. The Red Cross antivirus file names you need to find are:

%UserProfile%\Application Data\PAV\

%UserProfile%\Application Data\antispy.exe

%UserProfile%\Application Data\tmp.exe

%UserProfile%\Application Data\defender.exe

%UserProfile%\Application Data\tmp.exe

%UserProfile%\Application Data\hotfix.exe

%UserProfile%\Local Settings\Temp\kjkkklklj.bat

For Vista/7:

%UserProfile%\AppData\Local\antispy.exe

%UserProfile%\AppData\Local\defender.exe

%UserProfile%\AppData\Local\tmp.exe

%UserProfile%\AppData\Local\hotfix.exe

 

 

How to remove Red Cross Antivirus?
Tagged on:                     

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>