Friday, September 24, 2010

Antivirus 8 Removal GuideAntivirus 8 Removal Guide

Antivirus 8 is a fake antivirus program that disguises itself as a legitimate antivirus which cannot protect computers at all. When Antivirus 8 installs in the computer, it will start automatically when Windows boot. Antivirus 8 will scan the computer and state that the computer is infected by malwares. In fact, Antivirus 8 cannot detect any malware in the computer. Antivirus 8 will continue to alert the user to remove the malware by asking the user to purchase the full version of Antivirus 8 in order to remove the malware and to have full time protection.

Antivirus 8 claims that it can provide protection against malicious software. It provide fake features like Anti-Virus, Anti-Spyware, Resident Shield and Scan PC. None of the these feature really function well. Be sure you don't purchase it.

Antivirus 8 should be removed immediately!

Antivirus 8 Removal Guide
Kill Process
(How to kill a process effectively?)
av8.exe

Delete Registry
HKEY_CURRENT_USER\Software\A88246
HKEY_CURRENT_USER\Software\WinFD
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\explorer.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "AV8"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform "WinNT-A8I 23.09.2010"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\explorer.exe "Debugger" = "C:\Program Files\AV8\av8.exe -d"

Remove Folders and Files
%ALLUSERSPROFILE%\Start Menu\AV8
%ProgramFiles%\AV8
%UserProfile%\Desktop\Antivirus8.lnk
Friday, September 17, 2010

IronDefense Removal GuideIronDefense Removal Guide

IronDefense is a fake antivirus program that cannot protect the computer, but make the computer into trouble. IronDefense installs itself into the computer and then will start automatically when Windows boot. After that, IronDefense will create several harmless files in the computer. Then IronDefense will scan the computer and detects the files created earlier as malwares which is harmless to scare the user. IronDefense cannot remove the malwares but ask the user to register the program by purchasing the full version of IronDefense. IronDefense cannot detect any malware nor remove any malware. Thus, don't purchase it.

IronDefense claims that it can help protect your PC. It provide fake features such as Full Scan, System Scan, Scan Basic Locations, Scan Removable Media, Scan Folder, Quarantine and even Realtime protection. However, all of these features really do not function at all.

IronDefense should be removed immediately!

IronDefense Removal Guide
Kill Process
(How to kill a process effectively?)
F0E84.exe
[random].exe

Delete Registry
HKEY_CURRENT_USER\Software\IronDefense
HKEY_LOCAL_MACHINE\SOFTWARE\IronDefense
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IronDefense
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "F0E84.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "[random].exe"

Remove Folders and Files
%ProgramFiles%\FDFCA
%windir%\[random].exe
%windir%\[random].bin
%windir%\[random].dll
%windir%\[random].cpl
%windir%\system32\[random].exe
%windir%\system32\[random].bin
%windir%\system32\[random].dll
%windir%\system32\[random].cpl
%AllUsersProfile%\Start Menu\Programs\IronDefense.lnk
%UserProfile%\Desktop\hash
%UserProfile%\Desktop\IronDefense.lnk
%UserProfile%\Local Settings\Temp\[random].exe

RegistryClever Removal GuideRegistryClever Removal Guide

RegistryClever is a fake registry cleaner program that cannot fix any registry entry. RegistryClever will start automatically when the user login into Windows once it installed in the computer. RegistryClever will scan the Windows Registry and will surely state that there are many registry entries need to be repaired. Do not trust of the report as all of the registry entries detected is useful or harmless to the windows. If the user use RegistryClever to fix the registry entries, it may crash the system. However, the user can only fix them after purchasing the full version of RegistryClever.

RegistryClever claims that it is a smart registry repair which in fact cannot repair any registry entry. It provide fake features like Scan Registry, Fix registry entries and Backup registry. All of these features do not function at all.

RegistryClever should be removed immediately!

RegistryClever Removal Guide
Kill Process
(How to kill a process effectively?)
RegistryClever.exe
RegistryCleverTray.exe

Delete Registry
HKEY_CURRENT_USER\Software\RegistryClever
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegistryClever
HKEY_LOCAL_MACHINE\SOFTWARE\RegistryClever
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "TrayScan"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "RegistryClever"
Remove Folders and Files
%ProgramFiles%\RegistryClever Software
%AllUsersProfile%\Application Data\RegistryClever
%AllUsersProfile%\Desktop\RegistryClever.lnk
%AllUsersProfile%\Start Menu\Programs\RegistryClever
Monday, September 13, 2010

IronDefender Removal GuideIronDefender Removal Guide

IronDefender Removal Guide
IronDefender is a fake antivirus program that disguises itself a legitimate antivirus program. IronDefender cannot detect any malware and also remove any malware from the computer. After IronDefender installs itself into the computer, it will start automatically when Windows boot. Then, IronDefender will scan the computer and scares the user that the computer is infected by malwares. IronDefender will ask the user to register IronDefender by purchasing the full version of IronDefender to eliminate the malwares. Don't believe all of them as it is a lie.

IronDefender produce fake features like "Full Scan", "System Scan", "Scan Basic Locations", "Scan Removable Media", "Scan Folder", "Realtime protection" and "Tools". All of the features do not really protect the computer but just show the fake functions only.

IronDefender should be removed immediately!

IronDefender Removal Guide
Kill Process
(How to kill a process effectively?)
F0E84.exe
vur4.exe
[random].exe

Delete Registry
HKEY_CURRENT_USER\Software\IronDefender
HKEY_LOCAL_MACHINE\SOFTWARE\IronDefender
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IronDefender
HKEY_CURRENT_USER\Software "Install_Dir" = "C:\Program Files\FDFCA"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "vur4.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "F0E84.exe"

Remove Folders and Files
%ALLUSERSPROFILE%\Start Menu\Programs\IronDefender.lnk
%ProgramFiles%\FDFCA\
%ProgramFiles%\FDFCA\F0E84.exe
%ProgramFiles%\FDFCA\Uninstall.exe
%SystemRoot%\[random].exe
%SystemRoot%\[random].bin
%SystemRoot%\[random].dll
%SystemRoot%\[random].cpl
%SystemRoot%\system32\[random].exe
%SystemRoot%\system32\[random].bin
%SystemRoot%\system32\[random].dll
%SystemRoot%\system32\[random].cpl
%UserProfile%\Desktop\hash
%UserProfile%\Desktop\IronDefender.lnk
%UserProfile%\Local Settings\Temp\[random].exe
Wednesday, September 8, 2010

Malware Destructor 2011Malware Destructor 2011

Malware Destructor 2011 is a fake antivirus program that try to pretend to be a real antivirus which can remove malware. However, Malware Destructor 2011 does not kill any malware from any computer. Malware Destructor 2011 infects the computer by installing KB1883574.exe into the computer which will try to disguise itself like a Windows update entitled System Security Pack Update. After installation complete, Malware Destructor 2011 will scan the computer and will surely state that the computer is infected by malwares and urge the user to buy the full version of Malware Destructor 2011.

Malware Destructor 2011 provide fake features like Firewall protection, Antivirus protection, Spyware protection, Automatic updates, Scheduled scans and RAM protections. None of these features really work! It states that the computer is running insecure state, several vulnerabilities are detected. Do not believe what is stated. All of them is a lie.

Malware Destructor 2011 should be removed immediately!

Malware Destructor 2011 Removal Guide
Kill Process
(How to kill a process effectively?)
KB1883574.exe

Delete Registry
HKEY_CURRENT_USER\Software\Malware Destructor Inc
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Malware Destructor
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "KB1883574.exe"

Remove Folders and Files
%UserProfile%\Application Data\\
%UserProfile%\Application Data\\enemies-names.txt
%UserProfile%\Application Data\\KB1883574.exe
%UserProfile%\Application Data\\local.ini
%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Malware Destructor.lnk
%UserProfile%\Desktop\Malware Destructor.lnk
%UserProfile%\Start Menu\Malware Destructor.lnk
%UserProfile%\Start Menu\Programs\Malware Destructor\
%UserProfile%\Start Menu\Programs\Malware Destructor\Malware Destructor.lnk
%UserProfile%\Start Menu\Programs\Malware Destructor\Uninstall.lnk
%UserProfile%\Start Menu\Programs\Startup\Malware Destructor.lnk

%UserProfile% refers to the current user's profile folder. By default, this is C:\Documents and Settings\ for Windows 2000/XP, C:\Users\ for Windows Vista/7, and c:\winnt\profiles\ for Windows NT.

Sunday, September 5, 2010

Defence Center Removal GuideDefence Center Removal Guide

Defence Center Removal Guide
Defence Center is a fake antivirus program that produce fake scan result to cheat the user to purchase the full version of Defence Center which cannot remove any malware from the computer. Defence Center installs in the computer and start itself automatically when Windows boot. Then, it will scan the computer and state that there are many files infected by malware and ask the user to remove the malware by purchasing the full version of Defence Center. Do not believe what is shown by Defence Center as all of them is a lie.

Defence Center provide fake feature like "System Scan", "Security Settings" and "Privacy Settings". All these features do not really function.

Defence Center should be removed immediately!

Defence Center Removal Guide
Kill Process
(How to kill a process effectively?)
DefenceCenter.exe
smmservice.exe

Delete Registry
HKEY_USERS\.DEFAULT\Software\DefenceCenter
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\smmservice
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Defence Center"
Remove Folders and Files
c:\protocol.log
c:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\smmservice.exe
c:\Documents and Settings\All Users\Application Data\mswd
c:\Documents and Settings\All Users\Desktop\Defence Center.lnk
c:\Documents and Settings\All Users\Start Menu\Programs\Defence Center
Saturday, September 4, 2010

Win7 AV Removal GuideWin7 AV Removal Guide

Win7 AV Removal Guide
Win7 AV is a fake antivirus program that is mainly created to urge the user to buy the full version of Win7 AV by producing fake scan result. Win7 AV installs in the computer and will start automatically when windows boot. Then, Win7 AV will scan the computer and produce fake result that the computer is infected by malwares. Do not ever believe the result, all of them is a lie. Do not activate Win7 AV as it is not a real antivirus, but just want to cheat your money only.

Win7 AV provide fake feature like "Scan Now" and "Security Rules". Win7 AV claims itself as new approach to Windows protection. Win7 AV produce fake result. Do not click the "Remove all threads" button as it will not clean any malware.

Win7 AV should be removed immediately!

Win7 AV Removal Guide
Kill Process
(How to kill a process effectively?)
Win7 AV.exe
Win7Browser.exe

Unregister DLL files
%ProgramFiles%\Win7 AV\sbhostcl.dll
%ProgramFiles%\Win7 AV\svhostesl.dll
%ProgramFiles%\Win7 AV\svhostqt.dll
%ProgramFiles%\Win7 AV\VmDetectLibrary.dll

%ProgramFiles% - Program Files folder. By default, this is C:\Program Files.

Delete Registry
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = "%UserProfile%\Local Settings\Application Data\av.exe" /START "C:\Program Files\Internet Explorer\iexplore.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "AntiVirusOverride" = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "FirewallOverride" = "1"

Remove Folders and Files
%ProgramFiles%\Win7 AV
%ProgramFiles%\Win7 AV\sbhostcl.dll
%ProgramFiles%\Win7 AV\svhostesl.dll
%ProgramFiles%\Win7 AV\svhostqt.dll
%ProgramFiles%\Win7 AV\VmDetectLibrary.dll
%ProgramFiles%\Win7 AV\Win7 AV.exe
%ProgramFiles%\Win7 AV\Win7Browser.exe
%ProgramFiles%\Win7 AV\Win7Common.dll