Windows System Optimizator

Posted by elise in Blog Fake anti-virus program on January 13th, 2011 | Leave a comment
TAGS: , ,

As a part of Fake Microsoft Security Essentials infection, Windows System Optimizator is a fake and rogue system optimization utility. Most of the time, this infection will install on your computer via Trojans and display numerous false Microsoft Security Essentials alerts showing that lots of spyware, backdoors, Trojans are detected on your computer as what you can see below:

Microsoft Security Essentials Alert
Potential Threat Details
Microsoft Security Essentials detected potential threats that might compromise your private or damage your computer. Your access to these items may be suspended until you take an action. Click ‘show details’ to learn more.

Soon after the alert, Windows System Optimizator will advise you to purchase its full version to remove all these infections. However, what needs to be removed from the computer is the Windows System Optimizator itself as it will false report the legitimate files on your computer as a threat and will steal your money as well as your personal data. To well protect your computer, you should immediately remove Windows System Optimizator from your computer right now.

(Windows System Optimizator is a potential threat to your computer and you have to immediately get rid of it from your PC. Normally, you can remove it with manual and automatic approach.)

Method one: Manual Windows System Optimizator removal steps

Before manually removing Windows System Optimizator from your computer, it is highly recommended that you can first back up your Windows registry for a future restore job. In this way, you can quickly get back your computer when something goes wrong.

1. Stop the below running process or directly boot your computer into safe mode:
%AppData%\[random].exe

2. Associated Windows System Optimizator files that should be removed:

%UserProfile%\Application Data\<random>.exe
File Location Notes:
%UserProfile% refers to the current user’s profile folder. By default, this is C:\Documents and Settings\ for Windows 2000/XP, C:\Users\ for Windows Vista/7, and c:\winnt\profiles\ for Windows NT.

3. Related Windows System Optimizator registry entries that should be delated:

HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon “Shell” = ‘%UserProfile%\Application Data\<random>.exe’

Manually removing Windows System Optimizator is a time-consuming and dangerous task for some of the infected files will hide and regenerate themselves in different directory if they are not completely removed. Hence, sometimes Windows System Optimizator can be removed completely by this approach. To save your time and protect your computer/your personal information, it is strongly recommend that you should perform the automatic Windows System Optimizator removal method.

Method two: Automatic Windows System Optimizator removal steps:

1. Download and install Instant Spyware Remover on your computer.
2. Launch it and then click “Scan” to thoroughly scan your computer for any potential threats.
3. Click “Remove” after the scan finishes.

Trojan-BNK.Win32.Keylogger.gen

Posted by elise in Blog Trojans on October 27th, 2010 | Leave a comment
TAGS: , ,

Trojan-BNK.Win32.Keylogger.gen is a very dangerous threat that comes onto your computer via XP Internet Security 2010 rogue anti-spyware program. Even though it is not a real virus, it will also bring in some unexpected results to your computer once it is infected, for example, waste up your system resource to greatly slow down your computer, collect and upload your personal information to Internet, reset your account settings as it likes. So to protect your computer and your privacy, it is highly recommended that you should run an entire system scan and remove Trojan-BNK.Win32.Keylogger.gen instantly.

How to remove Trojan-BNK.Win32.Keylogger.gen from your PC?

It is possible for you to remove Trojan-BNK.Win32.Keylogger.gen manually and automatically. However, no matter which method you select to use, it is advised that you can first back up your Windows registry so as to easily get back your computer if it crashes.

Method one: How to remove Trojan-BNK.Win32.Keylogger.gen manually?

1.Search and remove the below Trojan-BNK.Win32.Keylogger.gen files:

%Documents and Settings%\[UserName]\Application Data\av.exe
%Documents and Settings%\[UserName]\Application Data\WRblt8464P

2.Open your Windows registry to delete the following registry entries:

HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command “(Default)” = “av.exe” /START “%1? %*
HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command “(Default)” = “av.exe” /START “%1? %*
HKEY_CLASSES_ROOT\.exe\shell\open\command “(Default)” = “av.exe” /START “%1? %*
HKEY_CLASSES_ROOT\secfile\shell\open\command “(Default)” = “av.exe” /START “%1? %*
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = “av.exe” /START “firefox.exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = “av.exe” /START “firefox.exe” -safe-mode
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command “(Default)” = “av.exe” /START “iexplore.exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center “AntiVirusOverride” = “1?
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center “FirewallOverride” = “1?

Important not: You have to be careful enough when modifying Windows registry as a minor mistake in Windows registry will bring in serious problems to your computer.

Method Two: How to remove Trojan-BNK.Win32.Keylogger.gen automatically?

The easiest and safest way to remove Trojan-BNK.Win32.Keylogger.gen is to download and run a professional anti-spyware program that designed to detect and remove all PC threats instantly. To remove Trojan-BNK.Win32.Keylogger.gen, simply perform the below steps:

1. Click to download Instant Spyware Remover and save the “InstantSpywareRemover_Setup.exe” file on your desktop.
2. Double click on the setup.exe file and install Instant Spyware Remover on your computer by following the installation wizard.
3. Launch it and click “Scan” to thoroughly scan your computer for any potential threats.
4. Click “Remove” when the scan finishes.

InfoDoctor

Posted by elise in Blog Fake anti-virus program on October 25th, 2010 | Leave a comment
TAGS: , ,

InfoDoctor is classified as a fake anti-spyware program which imitates computer scan and display fake warning messages. They usually state that your computer is flooded with kinds of computer threats and the only way to get rid of these threats is to run its full version. This is a fraud and none of its warnings should be taken care of seriously.

This InfoDoctor always comes onto users’ computers via Trojans or other malicious websites. Once gets onto users’ computer, InfoDoctor will wantonly change users’ account settings, collect/steal user’s information to third-party members. Do not trust any of its notifications and immediately remove InfoDoctor from your computer.

How to remove InfoDoctor?
This InfoDoctor can be quickly removed by Instant Spyware Remover which is designed to quickly scan and remove all PC threats.

1. Click to download and install Instant Spyware Remover on your computer.
2. Launch it and then click “Scan” to thoroughly scan your computer for any potential threats.
3. Click “Remove” after the scan finishes.

Instant Spyware Remover is an award-winning anti-spyware program which can quickly detect and remove spyware, Trojans, adware and other computer threats quickly from your computer. If you computer acts slower than ever before or you got numerous pop-up ads, you should download and run Instant Spyware Remover right now.

How to manually remove InfoDoctor?
To remove InfoDoctor manually, you have to remove its related processes, program files and registry entries. But it is highly advised that you should first back up your Windows registry before making any changes. Only in this way, can you easily do a restore job when necessary in the future.

1. Go to Start, Control Panel, Add/Remove Program, locate and remove InfoDoctor here.
2. Then open your Windows registry editor, and locate/delete the following registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “InfoDoctor”

Important note: Although it is possible to manually remove InfoDoctor, such activity can permanently damage your system if any mistakes are made in the process, and some advanced spyware parasites are able to automatically repair themselves if not completely removed. Thus, manual spyware removal cannot guarantee to thoroughly remove InfoDoctor. In order to safely and quickly remove InfoDoctor, it is highly advised that you should perform the above automatic removal process.

Prevent from Spyware – You Need Real-Time Protection

Posted by Emma Adrian in Blog Knowledge Base, Recent Articles, Tutorials on June 15th, 2009 | Leave a comment
TAGS: , , , ,

Nowadays, a lot of computer users are suffering from the compromising of spyware, virus, Trojan, or other PC threats. People spend a lot of time searching themselves on the internet for some security tools, in order to get rid of the PC threats that reside in their systems. To get rid of viruses or Trojans, a security tool should contain not only effective technology in scanning out or detecting malicious threats, but also robust and complete mechanism in removing threats and infections.

However, is it enough to protect our PCs like this by always run a scan for threats only after we get infected? Or, is it OK to notice that our system is at severe risk or gets to be destroyed only after we encounter obvious problems caused by threats? Of course, no body will nod its head. We definitely need the security software to help remove the current viruses or Trojans from our computers. However, we also need a kind of protection to prevent our PC from being destroyed by malicious threats before they actually launch their attacks. Or, we may much more appreciate the real-time protection that can prevent malicious software or threats from intruding our PCs.

There are many system security software in the world, some of them contains powerful functions in removing PC threats, such as Kaspersky, AVG, McAfee, Avast, etc. On the point of real-time protection that we most concern, most famous security software, as those mentioned above, contains specific function of real-time monitoring and protection in system file. And, more specifically, a new security tool Spyware Cease contains real-time monitoring and protection in system registry. All these real-time protection can prevent system from attacking by internal or external malicious software.

My Supervisor2009

Posted by elise in Blog Latest Parasite Threats, Latest Spyware News, Latest Spyware Threats, Recent Articles, Top Parasite Threats, Top Spyware Threats on March 12th, 2009 | 1 Comment
TAGS: , , , ,

What is My Supervisor2009?
My Supervisor2009 is a rogue anti-spyware program consisting of fake privacy scanner, registry cleaner and auto-run manager. Like most anti-spyware programs, My Supervisor2009 will display a fake system scan and show up a list of various fake results, in order to scare the users to buy its full version. This program also claims to be the most effective anti-spyware remover, which is able to detect and terminate all threats from the infected machine. However, My Supervisor2009 is actually a dangerous parasite that may take up system resources and crash your PC.

After installing onto PC system, My Supervisor2009 automatically runs system scan whenever Windows system startup. Then it floods the system with fake popped up alerts and messages. Once clicking on the link on the popup windows, you may be redirected to its purchase page.

Do you have My Supervisor2009?
If you have enough time and expertise, you can search your computer for My Supervisor2009 manually. However, it might take hours to find out all files of My Supervisor2009, and it is possible that My Supervisor2009 will appear after rebooting, for its hidden files may still be there.

Download automatic scanner for My Supervisor2009
Spyware Cease – the technology-oriented security protection that provides a risk-free computing environment for your home and office – with detection, removal and guard in one intuitive and straight-forward interface. Only Spyware Cease gives you individual fix against the most dangerous spyware problems.

Manual My Supervisor2009 removal instructions
WARNING: The manually removal method is for advanced users. My Supervisor2009 manually removal can be difficult and time-consuming. There is no guarantee that My Supervisor2009 can be completely removed, for there are hundreds of files generated when My Supervisor2009 installed on your system. Make sure to back up your computer in case that you make any mistakes and your system does not work.

Follow the instructions below for My Supervisor2009 removal manually:

Navigate and stop the My Supervisor2009 processes:
unins000.exe
MSup1bf7.exe

Navigate and delete My Supervisor2009 files:
%UserProfile%\\Desktop\\ProcessManager.lnk
%UserProfile%\\Desktop\\AutorunManager.lnk
%UserProfile%\\Desktop\\ServiceManager.lnk
%UserProfile%\\Desktop\\My Supervisor.lnk
%UserProfile%\\Application Data\\My Supervisor\\Process.ico
%UserProfile%\\Application Data\\My Supervisor\\Autorun.ico
%UserProfile%\\Application Data\\My Supervisor\\Service.ico
%UserProfile%\\Application Data\\My Supervisor\\uill.ini
%UserProfile%\\Application Data\\My Supervisor\\settings.ini
%UserProfile%\\Application Data\\My Supervisor
%Documents and Settings%\\All Users\\Application Data\\Data Files\\config.cfg
%Documents and Settings%\\All Users\\Application Data\\Data Files
%Documents and Settings%\\All Users\\Application Data\\2dcb\\Data Files
%Documents and Settings%\\All Users\\Application Data\\2dcb\\unins000.dat
%Documents and Settings%\\All Users\\Application Data\\2dcb\\working.log
%Documents and Settings%\\All Users\\Application Data\\2dcb\\sqlite3.dll
%Documents and Settings%\\All Users\\Application Data\\2dcb\\mozcrt19.dll
%Documents and Settings%\\All Users\\Application Data\\2dcb\\unins000.exe
%Documents and Settings%\\All Users\\Application Data\\2dcb\\MSup1bf7.exe
%Documents and Settings%\\All Users\\Application Data\\2dcb

Navigate and remove My Supervisor2009 registry keys
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform “URWSWR[]”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\My Supervisor_is1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “My Supervisor”

What are the symptoms of My Supervisor2009?

  • My Supervisor2009 may change browser settings
  • My Supervisor2009 may show commercial adverts
  • My Supervisor2009 may connect itself to the internet
  • My Supervisor2009 may hide from the user

How do I keep away from My Supervisor2009
Once you have cleaned up My Supervisor2009, the most important point to prevent My Supervisor2009 and future malicious programs from reverting is to stay suspicious of spam E-mail attachment and unknown websites. Here are several ways in which you can help protect your computer against My Supervisor2009 and other malware:

  • Use a computer firewall
  • Confirm that you have downloaded all the latest critical security updates
  • Adjust Internet Explorer web browser’s security settings
  • Download and install anti-spyware protection, such as, Spyware Cease
  • Surf sites and download programs from the web sites you trust

What is Rogue Anti-spyware Software?
My Supervisor2009 is a type of Rogue Anti-spyware Software.

Rogue Anti-spyware Software is the software that uses malware to advise or install itself through other malicious viruses or security hole without your permission. Rogue software usually pops up fake system message such as “Warning, your computer is infected! Click here to scan your computer now!” Most of the time, when clicking the “OK” button on the dialog tab, users will be directed to an unknown website that may download more spyware threats. Sometimes, even clicking the close button on the top right may lead to the installation of the rogue software, for the button is actually a link.

With the purpose to trick innocent users into the action of paying, rogue software usually counterfeits exaggerated and fake system scanning results and scare users to pay for the removal of the never-existed spyware infections. In fact, the threat is the rogue software itself. Most of them come with a bundle of very harmful spyware programs that hidden in the files themselves.