How to Remove Firm-av.com Hijacker?
Firm-av.com Hijacker Information:
Firm-av.com is a website pushing Antivirus Suite rogue anti-spyware program. You may stumble upon Firm-av.microsoft.com which is a counterfeit warning script that notifies you about the websites you want to use will harm to your computer. Forcible browser navigation to Firm-av.com is only one symptom caused by Antivirus Suite. In fact, Antivirus Suite controls your system in many ways. Your system will forcibly run its executables each time it boots up and you are likely visiting Firm-av.com without your control. Then Antivirus Suite produces false results claiming the computer is infected and pushes you to Firm-av.com to purchase Antivirus Suite. Please do not fall for this blatant scam and have all threats related to Antivirus Suite removed immediately.
Firm-av.com Hijacker Screenshot:
Manual Removal
Note: If you are not proficient with computer, it’s suggested that you backup your registry before manually removing Firm-av.com virus. And double check the entries that you are going to delete, or your computer can’t work for missing some files.
Delete the following files:
%Documents and Settings%\[UserName]\Local Settings\Application Data\[random string]\[random string]sysguard.exe
%Documents and Settings%\[UserName]\Local Settings\Application Data\[random string]\[random string]ftav.exe
%Documents and Settings%\[UserName]\Local Settings\Application Data\[random string]\[random string]tssd.exe
Delete the following registry entries:
HKEY_LOCAL_MACHINE\SOFTWARE\avsuite
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “RunInvalidSignatures” = “1″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “ProxyOverride” = “”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “ProxyServer” = “http=127.0.0.1:5555″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations “LowRiskFileTypes” = “.exe”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments “SaveZoneInformation” = “1″
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “CheckExeSignatures” = “no”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “ProxyEnable” = “1″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\”[random string].exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\”[random string].exe”
Please, be aware that manual removal of Firm-av.com virus is a cumbersome task and can not always ensure complete removal of the malware, due to the fact that some files might be hidden or may get reanimated automatically afterwards. Moreover, manual interference of this kind may cause damage to the system. That’s why it’s strongly recommended automatic removal of Firm-av.com virus, which will save your time and enable avoiding any system malfunctions and guarantee the needed result.
Automatic Firm-av.com virus Removal:
1. Restart your computer and keep pressing F8 Key before Windows launches. Use the arrow keys to select the “Safe Mode with Networking” option, and then hit ENTER Key to continue.
2. Download Spyware Cease (Spyware Cease review), install it and update its database to the latest. After that, restart your computer so as to make Spyware Cease fully functional. Repeat Step 1 into Safe Mode and run an Online Scan of your computer so that Spyware Cease can detect all potential malware in your system.
NOTE: If you have problem installing Spyware Cease, you can download this correction script, unzip it and then double click to run it. It will correct your registry settings that the virus has modified. Then double click the program and finish the installation.
3. After the Online Scan finishes, click “Details” for the malware detected to make sure that your important data are not infected and removed. Ignore or select the scan result and click “Remove” to remove the threats. Reboot your computer and let Spyware Cease delete all detected virus.
4. Click to repair your corrupted registry
Why should you need to repair the registry?
As we all know, virus and Trojans modify and destroy system registry and make the computer malfunction so that the computer will not perform normally. Even if the virus and Trojans are removed, the registry is still destroyed or modified, so the computer still has problems. That’s the very reason why you need to repair the registry. At the meanwhile, some virus and Trojans leave some DLL files in the registry and this will cause strange DLL errors and affect the computer performance.
To make your computer run as perfectly as before or much faster than before:
1. Download and install Multi-Awarded Registry Tool.
2. Run a full scan of your registry.
3. Click “Repair Problems” and repair all errors detected.
After these 3 easy steps, your computer will run much faster than before within minutes!
Related posts: