Thursday, August 5, 2010

WireShark Antivirus Removal GuideWireShark Antivirus Removal Guide

WireShark Antivirus Removal Guide
WireShark Antivirus is a fake antivirus program same as Sysinternals Antivirus. WireShark Antivirus is not made by WireShark but by other people who try to confuse the user that the antivirus is legitimate and is able to remove malwares and even provide many antivirus features. WireShark Antivirus is created to earn a profit from the user who are cheated by them. WireShark Antivirus infect the computer and then scan the computer. WireShark Antivirus produce fake warnings that the computer is infected by many malwares and urge the user to purchase the full version of WireShark Antivirus in order to remove the malwares. Don't be cheated by the fake warnings.

WireShark Antivirus produce fake features like Firewall, System Scan, Update etc. It claims to help protect your PC and scares the user that "Windows is in danger". WireShark Antivirus also produce fake detection such as showing that the files are infected by Trojan.VBS.Qhost, Trojan-Downloader.JS.Remora and other malwares. It shows the computer status: "At Risk" and ask the user to Activate Protection by buying full version of WireShark Antivirus.

WireShark Antivirus should be removed immediately.

WireShark Antivirus Removal Guide
Kill Process
(How to kill a process effectively?)
%UserProfile%\Application Data\Microsoft\Internet Explorer\ccsrr.exe
%UserProfile%\Application Data\Microsoft\Internet Explorer\ccsmn.exe
%Program Files%\Sysinternals Antivirus\Sysinternals Antivirus.exe
%Program Files%\scdata\dbsinit.exe
%Program Files%\svchost.exe
%Program Files%\alggui.exe
%Program Files%\Wireshark Antivirus\Wireshark Antivirus.exe
%Program Files%\wpp.exe

Unregister DLL files
%Program Files%\adc_w32.dll

Delete Registry
HKEY_CURRENT_USER\Software\Wireshark Antivirus
HKEY_CLASSES_ROOT\CLSID\{149256D5-E103-4523-BB43-2CFB066839D6}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{149256D5-E103-4523-BB43-2CFB066839D6}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AdbUpd

Remove Folders and Files
%Program Files%\adc_w32.dll
%Program Files%\alggui.exe
%Program Files%\nuar.old
%Program Files%\skynet.dat
%Program Files%\svchost.exe
%Program Files%\wp3.dat
%Program Files%\wp4.dat
%Program Files%\wpp.exe
%Program Files%\Wireshark Antivirus
Posted by Olzen at 11:06 PM
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)