Monday, August 23, 2010

Microsoft Security Essentials Alert Removal GuideMicrosoft Security Essentials Alert Removal Guide

Microsoft Security Essentials Alert Removal Guide
Microsoft Security Essentials Alert is a virus which try to cheat the user to install a fake antivirus into the computer. After Microsoft Security Essentials Alert infects the computer, it will scare the user by showing "Microsoft Security Essentials detected potential threats that might compromise your privacy or damage your computer. Your access to these items may be suspended until you take an action. Click 'Show Details' to learn more."

Microsoft Security Essentials Alert show that the computer is infected by "Unknown Win32/Trojan" with "Severe" alert level. When the user click to remove the detected trojan, it will tell the user that it can't remove the trojan and urge the user to perform online-scanning. If the user click "Scan Online", it will bring the user to a website which listed 35 different antivirus program where 5 of them are fake antivirus: "Red Cross Antivirus, Peak Protection 2010, Pest Detector 4.1, Major Defense Kit, AntiSpySafeguard or AntiSpy Safeguard".

If the user use one of the 5 fake antivirus to scan the computer, it will ask the user to click "Free Install" so that to scan and remove the malwares from the computer. In fact, all of them is a lie. Don't believe it!


Microsoft Security Essentials Alert should be removed immediately.

Microsoft Security Essentials Alert Removal Guide
Kill Process
(How to kill a process effectively?)
antispy.exe
defender.exe
tmp.exe

Delete Registry
HKEY_CURRENT_USER\Software\PAV
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnonBadCertRecving" = "0"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnOnPostRedirect" = "0"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "tmp"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce "SelfdelNT"
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" = "%UserProfile%\Application Data\antispy.exe"

Remove Folders and Files
%UserProfile%\Application Data\PAV
%UserProfile%\Application Data\antispy.exe
%UserProfile%\Application Data\defender.exe
%UserProfile%\Application Data\tmp.exe
%UserProfile%\Local Settings\Temp\kjkkklklj.bat

No comments:

Post a Comment