Antimalware Doctor virus is also a rogue antispyware familly member like Antivirus Doctor.
Snapshot of Antimalware doctor virus
[Read more...]
Anti Malware doctor virus removal
November 15, 2010 By
[Read more...]
XP Antivirus 2009 2008 removal
November 10, 2010 By
XP Antivirus Protection
XPAntivirus 2009 or 2010 is fake antivirus software program. This program is typically known to infect a computer just after performing an install of specific video codec. This corrupted video codec is usually distributed with a Trojan, Malware and Virus. It is crucial to remove all the components of XP Antivirus and all malware and trojans such as zlob.trojan, trojan.vundo and trojan.downloader that may have been installed along with it. The following tutorial explains how to remove this XP Antivirus Protection.
Simply, It’s a virus designed to extort money from you by demanding you pay for the “full version”. to remove the viruses that it has “detected”.
How to remove XP Antivirus Protection:
Step 1 : Use Windows File Search Tool to Find Antivirus 2009 Path [Read more...]
Fake Antivirus system pro removal
November 10, 2010 By
Antivirus System Pro is classified as a rogue anti-spyware application because it uses misleading methods in order to scare you into purchasing this program. Usually, the rogue uses false scan results and fake security warnings. It states that your computer is infected with Trojans, adware or malware and that you should purchase Antivirus System Pro to remove these infections. Of course, these infections are all fake and don’t actually exist on your computer.
[Read more...]
Security Tool virus
November 9, 2010 By
Security Tool is typical fake anti-spyware application. It’s a copy of the notorious Total Security scam. It detects and reports numerous computer infections and it requires buying the full version of the program for deleting the threats. Here’s what wrong with this: SecurityTool reports imaginary infections and urges to pay for nonexistent full version.
“Security Tool Warning
Spyware.IEMonster activity detected. This is spyware that attempts to steal passwords from Internet Explorer, Mozilla Firefox, Outlook and other programs. Click here to remove it immediately with SecurityTool.”
Don’t trust SecurityTool and avoid installing this app. The fabricated alerts are not the worst part of this fraud; Security Tool also hijacks web browser and slows machines performance down.
How to manually remove Security Tool
Stop and remove SecurityTool processes:
Security Tool.exe
uninstall.exe
Locate and delete SecurityTool registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “SecurityTool”
HKEY_CURRENT_USER\Software\Vista Antivirus 2010
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\
Uninstall\SecurityTool
HKEY_LOCAL_MACHINE\SOFTWARE\SecurityTool
Detect and delete other SecurityTool files:
%System Root%\Samples
%User Profile%\Local Settings\Temp
%Program Files%\SecurityTool
%Documents and Settings%\All Users\Start Menu\Programs\SecurityTool
%Documents and Settings%\All Users\Application Data\SecurityTool
Security Tool.exe
uninstall.exe
Auto Removal:
To remove this virus Automatically, We Suggest the following removal tools:
Download Super Anti Spyware
Fake Antivirus GT removal instructions
November 9, 2010 By
Antivirus GT
(AntivirusGT) is another variation of Antivirus 7 and it pops up pretty similar or exactly the same alerts as Antivirus 7. Remove Antivirus GT for the program is quite adverse for your computer system even if you do not consider its alerts too much annoying to get rid of Antivirus GT. Antivirus GT is thus true to the infamous tactics of AV Security Tool marketing based on causing real harm to the computer system and then blaming dummy names for that
Here are some examples of AntivirusGT counterfeit alerts:
AntivirusGT Resident Shield: Virus Detected
Warning! Active virus detected!
Threat Detected: Trojan.Injector.BZ
Infected File: C:\Windows\System32\rundll32.exe
Security advisor: Important updates available
New important updates available:
Virus and spyware database is out of date.
New Important updates:
- antivirus database definitions update
- anti-spyware database definitions update
- critical system vulnerabilities fix
Optional Updates
- resident shield update
- Internet Explorer potential vulnerabilities fix
VirtuMonde activity tracked
Virtumonde is an adware program that tends to monitor
your Internet browsing and may display targeted
Trojan:W32/Inject Activity Detected
Trojan:W32/Inject is a large family of malware that secretly
makes changes to the Windows Registry. Variants in the
family make also makes changes to other running processes
How to manually remove AntivirusGT
To remove AntivirusGT spyware you must block AntivirusGT sites, stop and remove processes, unregister DLL files, search and delete all other AntivirusGT files and registry utility. Follow the AntivirusGT detection and removal instructions below.
Stop AntivirusGT processes:
antivirusGT.exe
Remove AntivirusGT registry values:
HKEY_CURRENT_USER\Software\EVA246
HKEY_CURRENT_USER\Software\WinFD
HKEY_CLASSES_ROOT\CLSID\{3304F17F-732C-4AC6-BF67-DBDC8B88C11F}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3304F17F-732C-4AC6-BF67-DBDC8B88C11F}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “AVGT”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform “WinNT-EVI 05.07.2010″
Delete AntivirusGT files:
c:\Documents and Settings\All Users\Start Menu\AVGT\AntivirusGT.lnk
c:\Documents and Settings\All Users\Start Menu\AVGT\Uninstall.lnk
c:\Program Files\AVGT\antivirusGT.exe
%UserProfile%\Desktop\AntivirusGT.lnk
Get rid of AntivirusGT folders:
c:\Documents and Settings\All Users\Start Menu\AVGT\
c:\Program Files\AVGT\
Note: In any AntivirusGT files I mention above, “%UserProfile%” is a variable referring to your current user’s profile folder. If you’re using Windows NT/2000/XP, by default this is “C:\Documents and Settings\[CURRENT USER]” (e.g., “C:\Documents and Settings\JoeSmith”).
If you have any questions about manual AntivirusGT removal, go ahead and leave a comment.
Auto Removal:
To remove this virus Automatically, We Suggest the following removal tools:
Download Super Anti Spyware
My Security Shield virus removal
November 9, 2010 By
My Security Shield
It is a rogue antispyware program which very dangerous and can lead to a complete paralysis of your computer. It created only for one – to trick you into buying the so-called full version of the software.
My Security Shield presents itself as a computer protection tool. It won’t shield a PC from viruses because MySecurityShield is a hoax. Do not install this program if you have a choice! My Security Shield is usually installed secretly by trojans. My Security Shield puts a bunch of harmless files during installation process and it later reports the same files as they were infections. The victim is then prompted to pay for deleting the fake threats.
MySecurityShield is also able to imitate various security notifications. Do not trust My Security Shield and the warnings it loads. Here are some examples of the counterfeit alerts:
Warning! Access conflict detected!
An unidentified program is trying to access system process address space.
Process Name: AllowedForm
Location: C:\Windows\…\notepad.exe
As you can see, My Security Shield uses misleading methods to scare you into purhcasing the program. The removal guide below will walk you through removing the My Security Shield and any associated malware that may have been installed with it. You can remove this virus manually, but we strongly recommend you to use an automatic removal tool. Finally, if you have already purchased the bogus program then contact your credit card company and dispute the charges.
How to manually remove My Security Shield
To remove My Security Shield spyware you must block My Security Shield sites, stop and remove processes, unregister DLL files, search and delete all other My Security Shield files and registry utility. Follow the My Security Shield detection and removal instructions below.
My Security Shield manual removal:
Kill processes:
MS345d_2129.exe
Delete registry values:
HKEY_CURRENT_USER\Software\3
HKEY_CLASSES_ROOT\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}
HKEY_CLASSES_ROOT\MS345d_2129.DocHostUIHandler
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes “URL” = “http://findgala.com/?&uid=2129&q={searchTerms}”
HKEY_CURRENT_USER\Software\Classes\Software\Microsoft\Internet Explorer\SearchScopes “URL” = “http://findgala.com/?&uid=2129&q={searchTerms}”
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer “PRS” = “http://127.0.0.1:27777/?inj=%ORIGINAL%”
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “RunInvalidSignatures” = “1″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform “control/7.02129″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “My Security Shield”
HKEY_CLASSES_ROOT\Software\Microsoft\Internet Explorer\SearchScopes “URL” = “http://findgala.com/?&uid=2129&q={searchTerms}”
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “CheckExeSignatures” = “no”
Unregister DLLs:
mozcrt19.dll
sqlite3.dll
Delete files:
4475.mof mozcrt19.dll MS345d_2129.exe MSS.ico sqlite3.dll vd952342.bd MSJYQMS.cfg My Security Shield.lnk cookies.sqlite Instructions.ini cid.drv CLSV.tmp DBOLE.exe delfile.sys fan.dll grid.sys kernel32.exe kernel32.sys PE.dll PE.tmp runddlkey.drv SICKBOY.drv std.dll tempdoc.tmp tjd.sys
Delete directories:
c:\Documents and Settings\All Users\Application Data\345d567\
c:\Documents and Settings\All Users\Application Data\MSHBXRCOBWS\
%UserProfile%\Application Data\My Security Shield\
Auto Removal:
To remove this virus Automatically, We Suggest the following removal tools:
Download Super Anti Spyware
