Microsoft Security Essentials Alert show that the computer is infected by "Unknown Win32/Trojan" with "Severe" alert level. When the user click to remove the detected trojan, it will tell the user that it can't remove the trojan and urge the user to perform online-scanning. If the user click "Scan Online", it will bring the user to a website which listed 35 different antivirus program where 5 of them are fake antivirus: "Red Cross Antivirus, Peak Protection 2010, Pest Detector 4.1, Major Defense Kit, AntiSpySafeguard or AntiSpy Safeguard".
If the user use one of the 5 fake antivirus to scan the computer, it will ask the user to click "Free Install" so that to scan and remove the malwares from the computer. In fact, all of them is a lie. Don't believe it!
Microsoft Security Essentials Alert should be removed immediately.
Microsoft Security Essentials Alert Removal Guide
Kill Process
(How to kill a process effectively?)
antispy.exe
defender.exe
tmp.exe
Delete Registry
HKEY_CURRENT_USER\Software\PAV
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnonBadCertRecving" = "0"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnOnPostRedirect" = "0"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "tmp"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce "SelfdelNT"
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" = "%UserProfile%\Application Data\antispy.exe"
Remove Folders and Files
%UserProfile%\Application Data\PAV
%UserProfile%\Application Data\antispy.exe
%UserProfile%\Application Data\defender.exe
%UserProfile%\Application Data\tmp.exe
%UserProfile%\Local Settings\Temp\kjkkklklj.bat
If the user use one of the 5 fake antivirus to scan the computer, it will ask the user to click "Free Install" so that to scan and remove the malwares from the computer. In fact, all of them is a lie. Don't believe it!
Microsoft Security Essentials Alert should be removed immediately.
Microsoft Security Essentials Alert Removal Guide
Kill Process
(How to kill a process effectively?)
antispy.exe
defender.exe
tmp.exe
Delete Registry
HKEY_CURRENT_USER\Software\PAV
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnonBadCertRecving" = "0"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnOnPostRedirect" = "0"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "tmp"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce "SelfdelNT"
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" = "%UserProfile%\Application Data\antispy.exe"
Remove Folders and Files
%UserProfile%\Application Data\PAV
%UserProfile%\Application Data\antispy.exe
%UserProfile%\Application Data\defender.exe
%UserProfile%\Application Data\tmp.exe
%UserProfile%\Local Settings\Temp\kjkkklklj.bat
No comments:
Post a Comment