Antivirus GT is a rogue anti-virus program. Graffiti-Blogger.com is the site that promotes Antivirus GT program. This security risk can be downloaded by clicking on certain Internet advertisements, but it must be manually installed. When a user downloads Antivirus GT and runs a scan, the program reports false scan alerts. The user is then prompted to pay for a full license of the application in order to remove the threats.

Type: Misleading Application
Name: Antivirus GT
Website: Graffiti-Blogger.com
Risk Impact: Medium
Systems Affected: Windows 2000, Windows Server 2003, Windows Vista, Windows XP
Behavior: Antivirus GT is a misleading application that may give exaggerated reports of threats on the computer.

How to remove Antivirus GT

How to Remove Antivirus GT

Download a free copy of Malwarebytes’ Anti-Malware to remove this software.

Antivirus GT Manual Removal:

Note: The manual removal of files and registries should be performed by experienced users.

Antivirus GT registry values:

HKEY_CURRENT_USER\Software\EVA246
HKEY_CLASSES_ROOT\CLSID\{E2BFE352-A303-4EA8-88FE-CE35361D7E8B}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E2BFE352-A303-4EA8-88FE-CE35361D7E8B}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “AVGT”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform “WinNT-EVI 12.03.2010″

Antivirus GT DLLs:

UpdateExplorer.dll

Other malicious Antivirus GT files:

c:\Documents and Settings\All Users\Start Menu\AVGT
c:\Documents and Settings\All Users\Start Menu\AVG\Antivirus GT.lnk
c:\Documents and Settings\All Users\Start Menu\AVG\Uninstall.lnk
c:\Program Files\AVGT
c:\Program Files\AVGT\Antivirus GT.exe
c:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb
c:\WINDOWS\system32\UpdateExplorer.dll
%UserProfile%\Desktop\Antivirus GT.lnk

See more rogue software removal instructions here.

If you have the WOT add-on installed for Firefox or IE, you will now get a warning for this malicious website.

Related Articles
How to Remove MedicCop Rogue AntiSpyware
How to Remove Antivir Solution Pro
Beware of this Fake Antivirus Program AV Security Suite