Showing posts with label Removal Tool. Show all posts
Showing posts with label Removal Tool. Show all posts
Tuesday, April 29, 2014

Remove Fake Antivirus 1.99Remove Fake Antivirus 1.99

Remove Fake Antivirus is used to remove the most popular fake antiviruses. What is fake antivirus? This is a type of virus/malwares which disguises itself to be an antivirus. It infects your computer when you accidentally click a link in a website which will download the malware into your computer and run automatically when your windows boot. It scan the infected computer and produces fake alert warnings. It convinces you that your computer is in danger and urge you to purchase a useless copy of the fake antivirus. These fake antiviruses must be removed immediately.


Remove Fake Antivirus 1.99 is used to remove:
  1. Windows Prime Shield
  2. AntiVirus Plus 2014
  3. Security Cleaner Pro
  4. Sinergia Cleaner
  5. Titan Antivirus 2013
  6. Antivirus Security Pro
  7. Attentive Antivirus
  8. Antivirus System File
  9. iON Internet Security
  10. Smart Security
  11. PC Defender Plus
  12. Windows Proprietary Advisor
  13. Windows Smart Warden
  14. Home Malware Cleaner
  15. Strong Malware Defender
  16. AV Security 2012
  17. Data Recovery
  18. Wolfram Antivirus
  19. Security Protection
  20. Windows Antivirus 2011
  21. Mega Antivirus 2012
  22. AVG Antivirus 2011
  23. PC Security 2011
  24. ThinkPoint
  25. ThinkSmart
  26. Antivirus 8
  27. Security Tool
  28. My Security Shield
  29. Antivirus 7
  30. Antivirus GT
  31. Defense Center
  32. Protection Center
  33. Sysinternals Antivirus
  34. Security Master AV
  35. CleanUp Antivirus
  36. Security Toolbar
  37. Digital Protection
  38. XP Smart Security 2010
  39. Antivirus Suite
  40. Vista Security Tool 2010
  41. Total XP Security
  42. Security Central
  43. Security Antivirus
  44. Total PC Defender 2010
  45. Vista Antivirus Pro 2010
  46. Your PC Protector
  47. Vista Internet Security 2010
  48. XP Guardian
  49. Vista Guardian 2010
  50. Antivirus Soft
  51. XP Internet Security 2010
  52. Antivir 2010
  53. Live PC Care
  54. Malware Defense
  55. Internet Security 2010
  56. Desktop Defender 2010
  57. Antivirus Live
  58. Personal Security
  59. Cyber Security
  60. Alpha Antivirus
  61. Windows Enterprise Suite
  62. Security Center
  63. Control Center
  64. Braviax
  65. Windows Police Pro
  66. Antivirus Pro 2010
  67. PC Antispyware 2010
  68. FraudTool.MalwareProtector.d
  69. Winshield2009.com
  70. Green AV
  71. Windows Protection Suite
  72. Total Security 2009
  73. Windows System Suite
  74. Antivirus BEST
  75. System Security
  76. Personal Antivirus
  77. System Security 2009
  78. Malware Doctor
  79. Antivirus System Pro
  80. WinPC Defender
  81. Anti-Virus-1
  82. Spyware Guard 2008
  83. System Guard 2009
  84. Antivirus 2009
  85. Antivirus 2010
  86. Antivirus Pro 2009
  87. Antivirus 360
  88. MS Antispyware 2009
  89. IGuardPC or I Guard PC
  90. Additional Guard


(all of them are fake antivirus which are
viruses or trojans) and other fake antivirus from your computer.

Remove Fake Antivirus is used to remove
fake antivirus which are viruses or trojans.

CLICK HERE TO DOWNLOAD
Latest updated :
Link I Link II
md5: cd4ad05b8d35029372278825ab46adf1
Pad File 1: rfa.xml
Pad File 2: rfa.xml

Recent Posts
Posted by Olzen at 7:30 PM 65 comments
Labels:
Tuesday, March 15, 2011

Emsisoft Emergency Kit 1.0Emsisoft Emergency Kit 1.0

Emsisoft Emergency KitEmsisoft Emergency Kit is a very good malwares removal tool which can be used to remove almost any malware in the infected computer. Emsisoft Emergency Kit 1.0 is your emergency kit for infected PCs! Emsisoft Emergency Kit 1.0 can detects and removes malwares. Emsisoft Emergency Kit 1.0 has more than 4 million known dangers which make it to kill almost any malwares. Emsisoft Emergency Kit 1.0 is 100% portable - perfect for USB sticks. Emsisoft Emergency Kit 1.0 also includes HiJackFree and BlitzBlank.

The Emsisoft Emergency Kit contains a collection of programs that can be used without a software installation to scan and clean infected computers for malware:

Emsisoft Emergency Kit Scanner

With the Emsisoft Emergency Kit Scanner you have got the powerful Emsisoft Scanner including graphical user interface. Search the infected PC for Viruses, Trojans, Spyware, Adware, Worms, Dialers, Keyloggers and other malign programs.

Run the Emsisoft Emergency Kit Scanner with a double click on a2emergencykit.exe. Found Malware can be moved to quarantine or finally deleted.

Emsisoft Commandline Scanner

This scanner contains the same functionality as the Emergency Kit Scanner but without a graphical user interface. The commandline tool is made for professional users and can be used perfectly for batch jobs.

To run the Emsisoft Commandline Scanner, do the following actions:

- Open a command prompt window (Run: cmd.exe)
- Switch to the drive of the USB Stick (e.g.: f:) and then to the folder of the executable files (e.g.: cd run)
- Run the scanner by typing: a2cmd.exe

Next you will see a help page describing all available parameters.

Next is an example to scan drive c:\ with enabled Memory, Traces (Registry) and Cookie scan with active Heuristic module and archive support. Found Malware is moved to quarantine.

a2cmd.exe /f="c:\" /m /t /c /h /a /q="c:\quarantine\"


Emsisoft HiJackFree

HiJackFree helps advanced users to detect and remove Malware manually. With HiJackFree you can manage all active processes, services, drivers, autoruns, open ports, hosts file entries and many more. For your full control over your system.

Emsisoft BlitzBlank

BlitzBlank is a tool for experienced users and all those who must deal with Malware on a daily basis. Malware infections are not always easy to clean up. These days the software pests use clever techniques to protect themselves from being deleted. In more and more cases it is almost impossible to delete a Malware file while Windows is running. BlitzBlank deletes files, Registry entries and drivers at boot time before Windows and all other programs are loaded.

Self made Emergency USB stick

Expand the content of the Emsisoft Emergency Kit to an USB stick and make your own universal tool to scan and clean infected PCs.

Download

Download the Emsisoft Emergency Kit at the Download page.
Posted by Olzen at 5:47 PM 0 comments
Labels:
Friday, January 29, 2010

Malware Defense Removal GuideMalware Defense Removal Guide

Malware Defense Removal Guide
Malware Defense is a rogue anti-spyware program created to deceive computer users and steal their money. Malware Defense gets onto your system and it starts constantly scanning your PC. Then it starts detecting files which are created in advance and recognized as malicious. All of the tactics leads to urging the computer user purchase Malware Defense. Do not fall for this trickery and terminate Malware Defense immediately.

Removal Tool: Remove Fake Antivirus. (Download it here.)

Removal Guide
Kill Process
(How to kill a process effectively?)
mdefense.exe

Unregister DLL files
mdext.dll

Delete Registry
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\SimpleShlExt
HKEY_CLASSES_ROOT\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}
HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\SimpleShlExt
HKEY_LOCAL_MACHINE\SOFTWARE\Malware Defense
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Malware Defense"

Remove Folders and Files
$PROGRAMFILES\Malware Defense
$PROFILE\Start Menu\Programs\Malware Defense

Read more:
Constants in manual removal guide
Posted by Olzen at 7:11 PM 0 comments
Labels: ,

Internet Security 2010 Removal GuideInternet Security 2010 Removal Guide

Internet Security 2010 Removal Guide
Internet Security 2010 is a deceiving application that attempts to scare computer users into purchasing a full version of the Internet Security 2010 program. Internet Security 2010 is related to other rogue anti-spyware programs such as Advanced Virus Remover in the way that it uses misleading popup notifications and bogus system scan results to make computer users believe that they need this security program to remove detected threats.

Removal Tool: Remove Fake Antivirus. (Download it here.)

Removal Guide
Kill Process
(How to kill a process effectively?)
IS2010.exe
SetupIS2010.exe

Delete Registry
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "IS2010.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Internet Security 2010
HKEY_CURRENT_USER\Software\Internet Security 2010

Remove Folders and Files
$PROGRAMFILES\InternetSecurity2010
$STARTMENU\Internet Security 2010.lnk
$DESKTOP\SetupIS2010.exe
$DESKTOP\Internet Security 2010.lnk
$APPDATA\Microsoft\Internet Explorer\Quick Launch\Internet Security 2010.lnk

Read more:
Constants in manual removal guide
Posted by Olzen at 7:05 PM 0 comments
Labels: ,
Wednesday, January 6, 2010

Kaspersky Virus Removal ToolKaspersky Virus Removal Tool

Kaspersky Virus Removal Tool
The Kaspersky Virus Removal Tool application was designed to be another virus scanner and detection software from Kaspersky. The produst will scan the specified locations for any virus threats and remove them or send to Quarantine folder.

If you want to kill the virus of the infected computer, give it a try and you will see its tremendous result!
Kaspersky Virus Removal Tool
Posted by Olzen at 9:04 PM 0 comments
Labels:
Tuesday, December 15, 2009

Additional Guard Removal GuideAdditional Guard Removal Guide

Additional Guard Removal Guide
Additional Guard is a fake anti-spyware application. Additional Guard is known to use several extortion methods to basically take money from an unsuspecting computer user in return for a bogus security program. Additional Guard can perform system scans only to return falsified parasite results. Additional Guard is not able to detect actual computer parasites but instead, displays several misleading alert messages attempting to warn a computer user of detected threats. Additional Guard does all of these actions in hopes that the user will eventually break down to purchase a full version of Additional Guard. Additional Guard is not and effective security program in the free or full version. It is recommended that Additional Guard be deleted to prevent further confusion.

Removal Tool: Remove Fake Antivirus. (Download it here.)

Removal Guide
Kill Process
(How to kill a process effectively?)
FS.exe
eb.exe
WI339.exe
ppal.exe
exec.exe
cb.exe
AG345d.exe

Unregister DLL files
cid.dll
FS.dll
energy.dll
ddv.dll
sqlite3.dll
mozcrt19.dll

Delete Registry
HKCR "xp_7a9be.DocHostUIHandler"
HKCR "CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}"
HKLM "SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "Additional Guard"

Remove Folders and Files
$APPDATA\Additional Guard
$APPDATA\2565da61
$RECENT\PE.sys
$RECENT\kernel32.drv
$RECENT\FS.exe
$RECENT\FS.drv
$RECENT\exec.tmp
$RECENT\eb.exe
$RECENT\eb.drv
$RECENT\cid.dll
$RECENT\ANTIGEN.tmp
$RECENT\ANTIGEN.drv
$PROGRAMFILES\Mozilla Firefox\searchplugins\search.xml
$STARTMENU\Programs\Additional Guard.lnk
$STARTMENU\Additional Guard.lnk
$RECENT\tjd.sys
$RECENT\SICKBOY.tmp
$RECENT\ppal.exe
$RECENT\PE.drv
$RECENT\FS.dll
$RECENT\fan.drv
$RECENT\exec.exe
$RECENT\energy.sys
$RECENT\energy.dll
$RECENT\dudl.drv
$RECENT\ddv.dll
$RECENT\CLSV.tmp
$RECENT\cb.exe
$APPDATA\Microsoft\Internet Explorer\Quick Launch\Additional Guard.lnk
$DESKTOP\Additional Guard.lnk
$APPDATA\WINAGSys
$APPDATA\117fc
$PROGRAMFILES\Mozilla Firefox\searchplugins\search.xml
$RECENT\tjd.sys
$RECENT\SICKBOY.tmp
$RECENT\ppal.exe
$RECENT\PE.drv
$RECENT\FS.dll
$RECENT\fan.drv
$RECENT\exec.exe
$RECENT\energy.sys
$RECENT\energy.dll
$RECENT\dudl.drv
$RECENT\ddv.dll
$RECENT\CLSV.tmp
$RECENT\cb.exe
$APPDATA\Microsoft\Internet Explorer\Quick Launch\Additional Guard.lnk
$DESKTOP\Additional Guard.lnk
Posted by Olzen at 1:07 PM 1 comments
Labels: ,

IGuardPc or I Guard PC Removal GuideIGuardPc or I Guard PC Removal Guide

IGuardPc or I Guard PC Removal Guide
IGuardPc or I Guard PC, is a fake anti-spyware application which comes from the malicious group of hackers that created other fake security programs. IGuardPc, just like its predecessors, does not have the ability to detect and remove parasites from a PC. IGuardPc may claim to have the ability to clean your system of spyware but do not trust that.

Removal Tool: Remove Fake Antivirus. (Download it here.)

Removal Guide
Kill Process
(How to kill a process effectively?)
IGuardPc.exe
uninstall.exe

Delete Registry
HKLM "SOFTWARE\IGuardPc"
HKLM "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IGuardPc"
HKCU "Software\IGuardPc"
HKCU "Software\Microsoft\Windows\CurrentVersion\Run" "IGuardPc.exe"

Remove Folders and Files
$PROGRAMFILES\IGuardPc Software
$SMPROGRAMS\IGuardPc
$DESKTOP\IGuardPc.lnk
$PROGRAMFILES\IGuardPc Software
$SMPROGRAMS\IGuardPc
$DESKTOP\IGuardPc.lnk
Posted by Olzen at 12:59 PM 0 comments
Labels: ,
Thursday, December 10, 2009

Security Tool Removal GuideSecurity Tool Removal Guide

Security Tool Removal Guide
Security Tool is a rogue anti-spyware program that uses fake security alerts and system scan results to make computer users believe that they must purchase the Security Tool program to remove the found threats. Security Tool comes from the same group of attackers that made the fake security programs System Security and Total Security 2009.

Removal Tool 1: Security Tool Removal Tool. (Download it here.)
Removal Tool 2: Remove Fake Antivirus. (Download it here.)

Removal Guide
Kill Process
(How to kill a process effectively?)
SecurityTool.exe
4946550101.exe
[random>=8digits].exe (95750127.exe, 14507623.exe, 9048246710.exe etc)

Delete Registry
HKLM "SOFTWARE\SecurityTool"
HKLM "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SecurityTool"
HKCU "Software\Vista Antivirus 2010"
HKCU "Software\Microsoft\Windows\CurrentVersion\Run " "SecurityTool"
HKCU "Software\Security Tool"
HKLM "SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "4946550101"

Remove Folders and Files
$PROGRAMFILES\SecurityTool
$APPDATA\4946550101
$DESKTOP\Security Tool.lnk
$STARTMENU\Programs\Security Tool.lnk
Posted by Olzen at 9:42 PM 0 comments
Labels: ,
Wednesday, December 9, 2009

Antivirus Live Removal GuideAntivirus Live Removal Guide

Antivirus Live Removal Guide
Antivirus Live (also known as AntivirusLive) is the latest Rogue Anti-Spyware creation from the notorious Magic Software stable. Antivirus Live uses malicious cutting-edge techniques, including the use of backdoor Trojans. Once active, Antivirus Live disables the computer's security options, making it extremely difficult to uninstall through the Control Panel or via Safe Mode. Antivirus Live then starts spewing annoying popup ads and runs a security scan which reports the fake detection of numerous viruses and threats. Antivirus Live will recommend buying its licensed copy to solve the alleged spyware problems. Do not fall for Antivirus Live's trickery. This hazardous parasite should be terminated from the system immediately

Removal Tool: Remove Fake Antivirus. (Download it here.)

Removal Guide
Kill Process
(How to kill a process effectively?)
[random]sysguard.exe

Unregister DLL files
iehelper.dll

Delete Registry
HKLM "SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BAD4551D-9B24-42cb-9BCD-818CA2DA7B63}"
HKCU "Software\AvScan"
HKCR "CLSID\{BAD4551D-9B24-42cb-9BCD-818CA2DA7B63}"
HKCU "Software\Microsoft\Internet Explorer\Download" "RunInvalidSignatures"
HKCU "Software\Microsoft\Windows\CurrentVersion\Internet Settings" "ProxyOverride"
HKCU "Software\Microsoft\Windows\CurrentVersion\Internet Settings" "ProxyServer"
HKCU "Software\Microsoft\Windows\CurrentVersion\Policies\Associations" "LowRiskFileTypes"
HKCU "Software\Microsoft\Windows\CurrentVersion\Policies\Attachments" "SaveZoneInformation"

Remove Folders and Files
$WINDIR\[random]sysguard.exe
$SYSDIR\iehelper.dll

Read more:
Constants in manual removal guide
Posted by Olzen at 10:36 AM 0 comments
Labels: ,
Tuesday, December 8, 2009

Personal Security Removal GuidePersonal Security Removal Guide

Personal Security Removal Guide
Personal Security is a clone of the rogue security software, Cyber Security. Personal Security also known as PersonalSecurity, typically spreads via sneaky Trojans or false advertisements. Personal Security will conduct a fake system scan once it has entered a system, and then produce alarming results of several parasite infections on the system. This is done to scare the user into purchasing the full version of Personal Security in order to remove all the purportedly detected parasites. Personal Security may also display numerous pop-ups and warning messages to scare the user even more. Personal Security is not a legitimate security program and should be removed immediately.

Removal Tool: Remove Fake Antivirus. (Download it here.)

Removal Guide
Kill Process
(How to kill a process effectively?)
psecurity.exe
Inst_2013[1].exe

Unregister DLL files
win32extension.dll

Delete Registry
HKLM "SOFTWARE\Personal Security"
HKCU "Software\Microsoft\Windows\CurrentVersion\Run" "PSecurity"
HKCR "CLSID\{35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC}"
HKLM "SOFTWARE\5FFB10D58FFCF482208906E6A889FD56"
HKLM "SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\post platform" "WinTSI 01.12.2009"

Remove Folders and Files
$SMPROGRAMS\Personal Security
$SMPROGRAMS\PSecurity
$PROGRAMFILES\Personal Security
$PROGRAMFILES\PSecurity
$APPDATA\Personal Security
$APPDATA\PSecurity
$PROGRAMFILES\Common Files\PSecurityUninstall
$APPDATA\Microsoft\Internet Explorer\Quick Launch\PSecurity.lnk
$SYSDIR\win32extension.dll

Read more:
Constants in manual removal guide
Posted by Olzen at 1:04 AM 0 comments
Labels: ,
Sunday, November 22, 2009

Control Center Removal GuideControl Center Removal Guide

Control Center Removal Guide
Control Center is a Rogue Anti-Virus application that has the same characteristics as the notorious Privacy Center malware program. To avoid Control Center, Internet users must be aware of websites they visit and the files downloaded onto the computer. Control Center spreads via the Internet so browsing must be exercised with extreme caution. The Control Center virus can also come from a fake security website or fake multi-media websites that ask users to download a fake code needed to view a video online. If detected, Control Center must immediately be terminated.

Removal Tool: Remove Fake Antivirus. (Download it here.)

Control Center Removal Guide
Kill Process
(How to kill a process effectively?)
agent.exe
cc.exe
uninstall.exe

Delete Registry
HKEY_CURRENT_USER\Software\Control Center
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Control Center"
HKEY_LOCAL_MACHINE\SOFTWARE\Control Center
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\Uninstall\Control Center

Remove Folders and Files
%Documents and Settings%\All Users\Start Menu\Programs\Control Center
%Program Files%\Control Center
%Documents and Settings%\All Users\Application Data\Control Center
Posted by Olzen at 5:29 PM 0 comments
Labels: ,

Security Center Removal GuideSecurity Center Removal Guide

Security Center Removal Guide
Security Center is a replica of Privacy Components and Secret Service, which are dangerous rogue anti-spyware applications. Security Center, through a Trojan infection such as Vundo, is able to be installed without permission from the computer user or system administrator. After installed, Security Center is able to display fake system alerts in the form of an annoying popup and conduct system scans that return falsified results.

Removal Tool: Remove Fake Antivirus. (Download it here.)

Security Center Removal Guide
Kill Process
(How to kill a process effectively?)
SecurityCenter.exe

Delete Registry
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "SecurityCenter"

Remove Folders and Files
%UserProfile%\Start Menu\SecurityCenter.lnk
%UserProfile%\Start Menu\Programs\SecurityCenter
C:\Program Files\SecurityCenter
Posted by Olzen at 5:27 PM 0 comments
Labels: ,

Windows Enterprise Suite Removal GuideWindows Enterprise Suite Removal Guide

Windows Enterprise Suite Removal Guide
Windows Enterprise Suite is a rogue anti-spyware program. It is considered to be part of the family of rogues which goes together with Volcano Security Suite. Research has proven how each of the above mentioned rogue program tends to make use of similar confusing ways so as to entice trustful computer users to purchase the full version of this deceitful security program.

Removal Tool: Remove Fake Antivirus. (Download it here.)

Windows Enterprise Suite Removal Guide
Kill Process
(How to kill a process effectively?)
uninstall.exe
Windows Enterprise Suite.exe

Delete Registry
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Windows Enterprise Suite"

Remove Folders and Files
%UserProfile%\Desktop\Windows Enterprise Suite.lnk
%UserProfile%\Application Data\Windows Enterprise Suite
%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Enterprise Suite.lnk
Posted by Olzen at 5:23 PM 0 comments
Labels: ,
Friday, August 28, 2009

Windows Protection Suite Removal GuideWindows Protection Suite Removal Guide

Windows Protection Suite Removal Guide
Windows Protection Suite is a fake antivirus which act as spyware remover that displays fake system scanners and malware detection reports that claim your computer is infected. Windows Protection Suite uses this scare tactic to persuade you to purchase the fully licensed version of Windows Protection Suite in order to protect your system from harm. Do not be fooled, and remove Windows Protection Suite as soon as possible.

Removal Tool: Remove Fake Antivirus. (Download it here.)

Windows Protection Suite Removal Guide
Kill Process
(How to kill a process effectively?)
WI345d.exe
WindowsProtectionSuite.exe
std.exe
snl2w.exe
CLSV.exe
ppal.exe

Unregister DLL files
sqlite3.dll
mozcrt19.dll
SM.dll
runddl.dll
PE.dll
tempdoc.dll
kernel32.dll
grid.dll
energy.dll

Delete Registry
HKCU "Software\Microsoft\Windows\CurrentVersion\Run" "WindowsProtectionSuite"

Remove Folders and Files
$APPDATA\345d567
$APPDATA\WINSSSys
$APPDATA\Windows Protection Suite 2009
$STARTMENU\Programs\WindowsProtectionSuite
$PROGRAMFILES\WindowsProtectionSuite
$APPDATA\Windows Protection Suite
$STARTMENU\Programs\Windows Protection Suite.lnk
$DESKTOP\Windows Protection Suite 2009.lnk
$APPDATA\Microsoft\Internet Explorer\Quick Launch\Windows Protection Suite 2009.lnk
$STARTMENU\Programs\Windows Protection Suite 2009.lnk
$STARTMENU\Windows Protection Suite 2009.lnk
$DESKTOP\WindowsProtectionSuite.exe
$STARTMENU\WindowsProtectionSuite.lnk
$PROGRAMFILES\Mozilla Firefox\searchplugins\search.xml
$RECENT\std.exe
$RECENT\snl2w.exe
$RECENT\SM.dll
$RECENT\runddl.dll
$RECENT\PE.tmp
$RECENT\PE.dll
$RECENT\tempdoc.dll
$RECENT\kernel32.dll
$RECENT\grid.sys
$RECENT\grid.dll
$RECENT\energy.dll
$RECENT\dudl.sys
$RECENT\DBOLE.drv
$RECENT\CLSV.exe
$RECENT\ANTIGEN.drv
$DESKTOP\Windows Protection Suite.lnk
$APPDATA\Microsoft\Internet Explorer\Quick Launch\Windows Protection Suite.lnk

Read more:
Constants in manual removal guide
Posted by Olzen at 11:00 PM 0 comments
Labels: ,
Tuesday, August 25, 2009

Total Security 2009 Removal GuideTotal Security 2009 Removal Guide

Total Security 2009 Removal Guide
Total Security 2009 is a fake antivirus. It is an updated version of the fake spyware removers called Total Security and System Security. Total Security 2009 injects affiliated trojans into your PC that, once active, begin displaying misleading security alerts and launching fake system scanners that state your computer is infected. You are then prompted to purchase and download the commercial version of Total Security 2009 in order to combat these fictitious threats.

Removal Tool: Remove Fake Antivirus. (Download it here.)

Windows System Suite Removal Guide
Kill Process
(How to kill a process effectively?)
Sc2C21UvvM.exe
tsc.exe

Unregister DLL files
winsource.dll

Delete Registry
DeleteRegKey HKLM "SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D263FA6D-84CC-48A8-9AF6-C664362B7A5B}"
HKCU "Software\1FD92E3F7C34799BFB075C41DA05D1FE"
HKCR "CLSID\{D263FA6D-84CC-48A8-9AF6-C664362B7A5B}"
HKLM "SOFTWARE\Microsoft\Security Center" "FirewallOverride"
HKLM "SOFTWARE\Microsoft\Security Center" "AntiVirusOverride"
HKCU "Software\Microsoft\Windows\CurrentVersion\Run" "1FD92E3F7C34799BFB075C41DA05D1FE"

Remove Folders and Files
$STARTMENU\TSC
$PROGRAMFILES\TSC
$PROGRAMFILES\Common Files\System\Uninstall
$PROGRAMFILES\Common Files\System\Uninstall\Uninstall TSC.lnk
$DESKTOP\TSC.lnk
$APPDATA\Microsoft\Internet Explorer\Quick Launch\TSC.lnk
$SYSDIR\winsource.dll

Read more:
Constants in manual removal guide
Posted by Olzen at 10:11 AM 0 comments
Labels: ,

Windows System Suite Removal GuideWindows System Suite Removal Guide

Windows System Suite Removal Guide
Windows System Suite is a fake antivirus and is a clone of Windows Security Suite and Antivirus System Pro. Windows System Suite uses many deceiving methods for persuading purchase of the full licensed version of Windows System Suite. Once installed, Windows System Suite display many false Windows security center alerts and performs system scans that displays fake results.

Removal Tool: Remove Fake Antivirus. (Download it here.)

Windows System Suite Removal Guide
Kill Process
(How to kill a process effectively?)
WI345d.exe
WindowsSystemSuite.exe
std.exe
snl2w.exe
CLSV.exe
WS83b.exe
ppal.exe
cb.exe
eb.exe

Unregister DLL files
sqlite3.dll
mozcrt19.dll
energy.dll
PE.dll
SM.dll
runddl.dll
grid.dll
tempdoc.dll
kernel32.dll
cid.dll
ddv.dll

Delete Registry
HKCR "ReleaseXP.DocHostUIHandler"
HKCU "Software\Microsoft\Windows\CurrentVersion\Run" "WindowsSystemSuite"
HKCU "Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform " "986707143803"

Remove Folders and Files
$APPDATA\345d567
$APPDATA\WINSSSys
$PROGRAMFILES\WindowsSystemSuite
$APPDATA\Windows System Suite
$APPDATA\Windows System Suite 2009
$STARTMENU\Programs\WindowsSystemSuite
$DESKTOP\Windows System Suite.lnk
$APPDATA\Microsoft\Internet Explorer\Quick Launch\Windows System Suite.lnk
$APPDATA\Microsoft\Internet Explorer\Quick Launch\Windows System Suite 2009.lnk
$DESKTOP\WindowsSystemSuite.exe
$DESKTOP\Windows System Suite 2009.lnk
$STARTMENU\Windows System Suite 2009.lnk
$STARTMENU\Windows System Suite.lnk
$STARTMENU\Programs\Windows System Suite.lnk
$STARTMENU\Programs\Windows System Suite 2009.lnk
$RECENT\std.exe
$RECENT\snl2w.exe
$RECENT\energy.dll
$RECENT\PE.tmp
$RECENT\PE.dll
$RECENT\SM.dll
$RECENT\runddl.dll
$RECENT\grid.dll
$RECENT\dudl.sys
$RECENT\DBOLE.drv
$RECENT\CLSV.exe
$RECENT\tempdoc.dll
$RECENT\kernel32.dll
$RECENT\grid.sys
$RECENT\ANTIGEN.drv

Read more:
Constants in manual removal guide
Posted by Olzen at 10:00 AM 0 comments
Labels: ,
Friday, June 19, 2009

Remove Malware Doctor, Malware Doc, MalwareDocRemove Malware Doctor, Malware Doc, MalwareDoc

Remove Malware Doctor
Malware Doctor, also known as Malware Doc or MalwareDoc, is a rogue system optimization program usually promoted as an online scanner. It is known to trick you into believing your computer is infested with spyware and then lure you into purchasing MalwareDoctor full version to remove the imaginary threats. It may run its fake system scanner every time you boot your computer and generate a list of spyware infections as a result.

Removal Tool: Remove Fake Antivirus. (Download it here.)

Malware Doctor manual removal guide
Kill Process
(How to kill a process effectively?)
Malware Doctor.exe
MDsetup.exe
[randomnumbers].exe

Unregister DLL
Validation.dll
htmlayout.dll

Delete Registry
HKEY_USERS\Software\Microsoft\Windows\CurrentVersion\Uninstall\Malware Doctor
HKEY_USERS\Software\Microsoft\Windows\Explorer\MenuOrder\Start Menu2\Programs\Malware Doctor
HKEY_CURRENT_USER\Software\Malware Doctor
HKEY_CURRENT_USER\Software\Malware Doctor\AntiSpy Knight
HKEY_LOCAL_MACHINE\SOFTWARE\Malware Doctor
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Malware Doctor_is1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Alcmtr"

Remove Folders
$PROGRAMFILES\Malware Doctor
$SMPROGRAMS\Malware Doctor

Read more:
Constants in manual removal guide

Read also:
Posted by Olzen at 8:35 AM 0 comments
Labels: ,
Thursday, April 16, 2009

Personal Antivirus Removal ToolPersonal Antivirus Removal Tool

Personal Antivirus Removal Tool









License: Freeware
File size: 58 KB
Personal Antivirus is a rogue anti-spyware program come out from the company called Innovagest 2000. It is installed by a trojan called Zlob, which trys to trick you into buying the alleged rogue anti-spyware program. Once you're infected with Zlob, a fake security message similar to a Windows notification pops up saying your PC is infected with malware. This Personal Antivirus message is used to lure you into purchasing, downloading and installing their program to remove the imaginary spyware. Remove Personal Antivirus is used to remove this fake antivirus from your computer.

Removal Tool:
Remove Fake Antivirus. (Download it here.)

Download Remove Personal Antivirus 1.0 at Softpedia
Download Source code of Remove Personal Antivirus 1.0

Personal Antivirus manual removal guide
Kill Process
(How to kill a process effectively?)
PersonalAntivirus[1].exe
iv.exe
winlogon.exe
services.exe
unins000.exe
PerAvir.exe

Delete Registry
HKLM "SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ITGRDENGINE"
HKLM "SYSTEM\CurrentControlSet\Services\ITGrdEngine"
HKLM "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Personal Antivirus_is1"
HKCU "Software\Microsoft\Windows\CurrentVersion\Run" "Personal Antivirus"
HKCU "Software\Microsoft\Internet Explorer" "PrS"

Remove Folders
$APPDATA\Personal Antivirus
$PROGRAMFILES\Personal Antivirus
$APPDATA\AV1

Remove Files
$WINDIR\system32\log.txt
$APPDATA\Microsoft\Internet Explorer\Quick Launch\Personal Antivirus.lnk
$LOCALAPPDATA\Microsoft\Windows\services.exe
$LOCALAPPDATA\Microsoft\Windows\pguard.ini
$LOCALAPPDATA\Microsoft\Windows\log.txt
$LOCALAPPDATA\Microsoft\Internet Explorer\iPSh.png
$LOCALAPPDATA\Microsoft\Internet Explorer\iMSh.png
$LOCALAPPDATA\Microsoft\Internet Explorer\iGSh.png
$APPDATA\Microsoft\Windows\winlogon.exe
$LOCALAPPDATA\Microsoft\Internet Explorer\iv.exe
$DESKTOP\Personal Antivirus.lnk
$SMPROGRAMS\Personal Antivirus

Read more:
Constants in manual removal guide

Read also:
Posted by Olzen at 8:46 AM 0 comments
Labels: , ,
Tuesday, March 24, 2009

Tools used in removing virus manuallyTools used in removing virus manually

Tools used in removing virus manually
These are the tools used in removing virus manually:
  1. Process Explorer
    The Process Explorer display consists of two sub-windows. The top window always shows a list of the currently active processes, including the names of their owning accounts, whereas the information displayed in the bottom window depends on the mode that Process Explorer is in: if it is in handle mode you'll see the handles that the process selected in the top window has opened; if Process Explorer is in DLL mode you'll see the DLLs and memory-mapped files that the process has loaded. Process Explorer also has a powerful search capability that will quickly show you which processes have particular handles opened or DLLs loaded.

  2. a-squared HiJackFree
    a-squared HiJackFree is a detailed system analysis tool which helps advanced users to detect and remove all types of HiJackers, Spyware, Adware, Trojans and Worms.

  3. Trend Micro HijackThis
    HijackThis lists the contents of key areas of the Registry and hard drive--areas that are used by both legitimate programmers and hijackers. The program is continually updated to detect and remove new hijacks. It does not target specific programs and URLs, only the methods used by hijackers to force you onto their sites.

  4. Unlocker
    It is used to delete any file including access-denied files.

  5. Security Task Manager
    Security Task Manager shows comprehensible information about programs and processes running on the computer. For each Windows process, it improves on Windows Task Manager, providing unique security risk rating, comments from our experts and user community, free online scan with all known Antivirus engines, full directory path and file name, process description, CPU usage graph, embedded hidden functions and process type.
Posted by Olzen at 4:00 PM 0 comments
Labels:
Wednesday, March 4, 2009

Anti-Virus-1 Removal ToolAnti-Virus-1 Removal Tool

Anti-Virus-1 Removal Tool










License: Freeware
File size: 58 KB
Anti-Virus-1 is a rogue anti-spyware program similar to Antivirus2010. Anti-Virus-1 was created to trick you into believing your computer is infected with spyware to then offer Anti-Virus-1's full version to remove the supposed threats. Anti-Virus-1 may enter your computer system with the help of Trojans (such as Zlob or Vundo). Once the Trojan is installed, you'll receive numerous popups and fake system alert notifications informing you about imaginary infections. In addition, Anti-Virus-1 is able to perform a fake system scan and generate a list of spyware as a result. Anti-Virus-1 will use all its fraudulent mechanisms to finally redirect you to a malicious website that sells Anti-Virus-1 as a legitimate spyware remover.

Removal Tool:
Remove Fake Antivirus. (Download it here.)

Download Remove Anti-Virus-1 1.0 at Softpedia
Download source code of Anti-Virus-1 Removal Tool

Anti-Virus-1 manual removal guide
Kill Process
(How to kill a process effectively?)
AV1i.exe
av1.exe
wingamma.exe

Delete Registry
HKCU "Software\Microsoft\Windows\CurrentVersion\Run" "AV1"
HKLM "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AV1"
HKCU "Software\AV1"

Remove Folders
$APPDATA\AV1

Read more:
Constants in manual removal guide
Posted by Olzen at 10:23 AM 0 comments
Labels: , ,
Subscribe to: Posts (Atom)