How to remove ExpertAntivirus (Removal Instructions)
- FixEA.reg (Only needed for manual fix)
Symptoms in a HijackThis Log:
O4 - HKLM\..\Run: [ExpertAntivirus] C:\Program Files\ExpertAntivirus\ExpertAntivirus.exe /s
Fake infection files, folders, and Registry keys that are created (these may change over time):
c:\Documents and Settings\
Add/Remove Programs control panel entry:
Guide Updates: 05/01/07 - Initial guide creation.
Manual Removal Instructions for ExpertAntivirus:
These steps may appear to be long and daunting. They are, though, quite easy to do and consist of so many steps only because I have written them in an extremely detailed manner.
- Print out these instructions as we will need to close every window that
is open later in the fix.
- Click on the Start Menu button.
- Click on the Control Panel option.
- Double-click on the Add or Remove Programs icon.
- Find the entry for ExpertAntivirus v4.1
and double-click on it to uninstall the program. Follow the prompts to uninstall
the program, but do not allow it to reboot the computer if it asks.
- When it has completed uninstalling you can close Add or Remove Programs
screen and your Control Panel.
- Download FixEA.reg
to your desktop by right clicking on the following link and then selecting
Save Link As or Save File as,
depending on your browser.
FixEA.reg Download Link
Confirm that the file FixEA.reg now resides on your desktop as we will need it later.
- Go to your desktop and double click on the FixEA.reg file
that you downloaded earlier. When it asks if you would like to merge the information,
press the Yes button and then the OK button.
- Click on the Start button and then select the Run
- Delete the following files and folders (Do
not be concerned if a folder does not exist):
c:\Documents and Settings\
- Close all open Windows.
- We next perform an online scan with Panda to find any possible inactive
remnants from this infection: Panda
- Once you are on the Panda site click the Scan your PC
- A new window will open and you should click the Check Now
- Enter your Country
- Enter your State/Province
- Enter your e-mail address and click send
- Select either Home User or Company
- Click the big Scan Now button
- If it wants to install an ActiveX component allow it
- It will start downloading the files it requires for the scan (Note:
It may take a few minutes)
- When download is complete, click on Local Disks to
start the scan
- Once you are on the Panda site click the Scan your PC button
- When the online scan has been completed, let it remove what it finds, and then you can close Internet Explorer.
Preparation Guide For Use Before Posting A Hijackthis Log
This is a self-help guide. Use at your own risk.
BleepingComputer.com can not be held responsible for problems that may occur by using this information. If you would like help with any of these fixes, you can post a HijackThis log in our HijackThis Logs and Analysis forum.
If you have any questions about this self-help guide then please post those questions in our AntiVirus, Firewall and Privacy Products and Protection Methods forum and someone will help you.