SecureDefense

Posted by elise in Blog Tutorials on October 11th, 2010 | Leave a comment
TAGS: , ,

SecureDefense or Secure Defense is a typical rogue anti-spyware program which always comes onto your computer via malicious Trojans or other malwares. Once installed on the infected computer, SecureDefense will constantly display fake and urgent system scan reports claiming that the system in infected with harmful threats and the only way to remove the detected threats is to order the full-version of SecureDefense. Actually, this is a waste of money for all the detected items are non-existent or your legitimate necessary system files. So it is necessary for you to detect and remove SecureDefense from your computer right now!

Free detect your PC for SecureDefense now!

To ensure a clean removal, SecureDefense should be removed in safe mode with network. However, to protect your computer and your personal information, it is highly advised that you should download and run a professional anti-spyware program like Instant Spyware Remover, which is designed to specifically scan and delete kinds of spyware programs from the PC instantly. However, if you are sure that you have a full knowledge to manually remove SecureDefense, you can try the steps below to manually remove this fake anti-spyware program from your computer.

Method one: How to remove SecureDefense manually?

1. Quit the below SecureDefense processes:

c:\WINDOWS\system32\[random].exe
c:\Documents and Settings\[user]\Local Settings\Temp\[random].exe

2. Search and remove the following SecureDefense files:

c:\Program Files\[Random]
c:\Documents and Settings\All Users\Start Menu\Programs\SecureDefense.lnk
%UserDir%\Desktop\SecureDefense.lnk
%UserDir%\Local Settings\Temp\.exe
c:\WINDOWS\[Random].dll
c:\WINDOWS\[Random].bin
c:\WINDOWS\[Random].cpl
c:\WINDOWS\system32\[Random].cpl
c:\WINDOWS\system32\[Random].exe
c:\WINDOWS\system32\[Random].bin

3. Go to Start and then open your Registry Editor; delete the below registry entries:

HKEY_LOCAL_MACHINE\SOFTWARE\SecureDefense
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SecureDefense
HKEY_CURRENT_USER\Software\SecureDefense
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “[random].exe”

Important note: Though it is possible to remove SecureDefense manually, it is not recommended for those who do not have a full knowledge on how SecureDefense works. If it is not fully removed, such activity will bring in permanent damage to your system such as slow PC performance, frequent program lock-ups, random system crashes. So to protect your computer and your important personal information, do not hesitate to follow the below steps to automatically remove SecureDefense from your PC.

Method Two: How to remove SecureDefense automatically?

As what you have seen from the above discussion that it will be complicated to remove SecureDefense manually for the computer, especially for those are not professional on computer. To thoroughly remove the annoying fake program from your computer, the best choice is to download and run a professional anti-spyware program.

1. Click to download Instant Spyware Remover and save the “InstantSpywareRemover_Setup.exe” file on your desktop.
2. Double click on the setup.exe file and install Instant Spyware Removal on your computer by following the installation wizard.
3. Launch it and click “Scan” to thoroughly scan your computer for any potential threats.
4. Click “Remove” when the scan finishes.

AntiVirusTrigger

Posted by Emma Adrian in Blog Latest Parasite Threats on December 15th, 2008 | 97 Comments
TAGS: ,

What is AntiVirusTrigger?
AntivirusTrigger is a rogue anti-spyware program that is an exact copy of an earlier rogue called VirusTrigger. AntivirusTrigger installs itself under deceptive pretences, infiltrating the user’s PC without their approval or knowledge. AntivirusTrigger is capable of loading fabricated system scan results full of infections and displaying fake security alerts which actually bring you to the AntivirusTrigger home page where it prompts you to purchase the software.

Once installed, AntivirusTrigger can automatically start with your computer booting up, scan your computer and list a variety of malware that cannot be removed unless you first purchase the program. However, the malware found, in most cases, are legitimate programs being misreported by AntivirusTrigger.

Do you have AntiVirusTrigger?
If you have enough time and expertise, you can search your computer for AntiVirusTrigger manually. However, it might take hours to find out all files of AntiVirusTrigger, and it is possible that AntiVirusTrigger will appear after rebooting, for its hidden files may still be there.

Download automatic scanner for AntiVirusTrigger
Spyware Cease – the technology-oriented security protection that provides a risk-free computing environment for your home and office – with detection, removal and guard in one intuitive and straight-forward interface. Only Spyware Cease gives you individual fix against the most dangerous spyware problems.

Manual AntiVirusTrigger removal instructions
WARNING: The manually removal method is for advanced users. AntiVirusTrigger manually removal can be difficult and time-consuming. There is no guarantee that AntiVirusTrigger can be completely removed, for there are hundreds of files generated when AntiVirusTrigger installed on your system. Make sure to back up your computer in case that you make any mistakes and your system does not work.

Follow the instructions below for AntiVirusTrigger removal manually:

Navigate and stop AntiVirusTrigger process:
AnvTrgr.exe

Navigate and delete AntiVirusTrigger files:
C:WINDOWSPrefetchANTIVIRUSTRIGGER.EXE-2BE670E5.pf
C:Documents and SettingsAll UsersApplication DataTEMP
C:Documents and SettingsweitaoLocal SettingsTempPerflib_Perfdata_6e4.dat
C:Documents and SettingsweitaoStart MenuAntivirusTrigger 2.1.lnk
C:Documents and SettingsweitaoStart MenuProgramsAntivirusTrigger 2.1
C:Documents and SettingsweitaoStart MenuProgramsAntivirusTrigger 2.1AntivirusTrigger 2.1.lnk
C:Documents and SettingsweitaoDesktopAntivirusTrigger 2.1.lnk
C:Documents and SettingsweitaoApplication DataMicrosoftInternet ExplorerQuick LaunchAntivirusTrigger 2.1.lnk
C:Program FilesAnvTrgrsoftware
C:Program FilesAnvTrgrsoftwareAnvTrgr.exe
C:Program FilesAnvTrgrsoftwareAnvTrgrWarning.dll
C:Program FilesAnvTrgrsoftwareuninst.exe

Navigate and Remove AntiVirusTrigger registry values:
HKEY_CLASSES_ROOTAnvTrgrWarning.WarningBHO
HKEY_CLASSES_ROOTAnvTrgrWarning.WarningBHO.1
HKEY_CURRENT_USERSoftwareAnvTrgrsoft
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun AnvTrgr
HKEY_LOCAL_MACHINESOFTWAREClassesAnvTrgrWarning.WarningBHO
HKEY_LOCAL_MACHINESOFTWAREClassesAnvTrgrWarning.WarningBHO.1
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionApp PathsAnvTrgrsoft
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallAnvTrgrsoft
HKEY_USERSS-1-5-21-73586283-515967899-682003330-1003SoftwareAnvTrgrsoft
HKEY_USERSS-1-5-21-73586283-515967899-682003330-1003SoftwareMicrosoftWind

What are the symptoms of AntiVirusTrigger?

  • AntivirusTrigger may install itself under deceptive pretences
  • AntivirusTrigger may load fabricated system scan results and fake security alerts
  • AntivirusTrigger may automatically start as computer boots up
  • AntivirusTrigger may redirect users to its home page to purchase its program
  • AntivirusTrigger may decrease the system performance

How do I keep away from AntiVirusTrigger?
Once you have cleaned up AntiVirusTrigger, the most important point to prevent AntiVirusTrigger and future malicious programs from reverting is to stay suspicious of spam E-mail attachment and unknown websites. Here are several ways in which you can help protect your computer against AntiVirusTrigger and other malware:

  • Use a computer firewall
  • Confirm that you have downloaded all the latest critical security updates
  • Adjust Internet Explorer web browser’s security settings
  • Download and install anti-spyware protection, such as, Spyware Cease
  • Surf sites and download programs from the web sites you trust

What is Rogue AntiSpyware Program?
AntiVirusTrigger is a type of Rogue AntiSpyware Program.

Rogue Anti-spyware Software is the software that uses malware to advise or install itself through other malicious viruses or security hole without your permission. Rogue software usually pops up fake system message such as “Warning, your computer is infected! Click here to scan your computer now!” Most of the time, when clicking the “OK” button on the dialog tab, users will be directed to an unknown website that may download more spyware threats. Sometimes, even clicking the close button on the top right may lead to the installation of the rogue software, for the button is actually a link.

With the purpose to trick innocent users into the action of paying, rogue software usually counterfeits exaggerated and fake system scanning results and scare users to pay for the removal of the never-existed spyware infections. In fact, the threat is the rogue software itself. Most of them come with a bundle of very harmful spyware programs that hidden in the files themselves.

XP Antispyware 2009

Posted by elise in Blog Latest Parasite Threats, Recent Articles, Top Parasite Threats, Tutorials on December 11th, 2008 | Leave a comment
TAGS: , ,

What is XP Antispyware 2009?
XP Antispyware 2009, also known as Antispyware XP 2009, is one of the latest and hottest counterfeit antispyware programs that devastate the Internet community. In fact, XP Antispyware 2009 is a useless application and usually comes with Trojan, malware, virus and other threats. After installing onto computer system, it will generate fake and misleading system error messages to trick the end-users into purchasing its full version. It is believed that XP Antispyware 2009 is simply a clone of Antispyware 2008 XP.

Antispyware XP 2009 will write this key into registry without your consent, and automatically run when PC starts up : HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run xp antispyware 2009.

Do you have XP Antispyware 2009?
If you have enough time and expertise, you can search your computer for XP Antispyware 2009 manually. However, it might take hours to find out all files of XP Antispyware 2009, and it is possible that XP Antispyware 2009 will appear after rebooting, for its hidden files may still be there.

Download automatic scanner for XP Antispyware 2009
Spyware Cease – the technology-oriented security protection that provides a risk-free computing environment for your home and office – with detection, removal and guard in one intuitive and straight-forward interface. Only Spyware Cease gives you individual fix against the most dangerous spyware problems.

Manual XP Antispyware 2009 removal instructions
WARNING: The manually removal method is for advanced users. XP Antispyware 2009 manually removal can be difficult and time-consuming. There is no guarantee that XP Antispyware 2009 can be completely removed, for there are hundreds of files generated when XP Antispyware 2009 installed on your system. Make sure to back up your computer in case that you make any mistakes and your system does not work.

Follow the instructions below for XP Antispyware 2009 removal manually:

Navigate and stop the XP Antispyware 2009 processes:
XP_AntiSpyware.exe
setup_100527_3_.exe
setup.exe as2008xp.exe
antispyware-2009.exe
XPAntispyware2009.exe

Navigate and delete XP Antispyware 2009 files:
%program_files%\xp_antispyware\pthreadvc2.dll
%program_files%\xp_antispyware\microsoft.vc80.crt\msvcr80.dll
%program_files%\xp_antispyware\microsoft.vc80.crt\msvcp80.dll
%program_files%\xp_antispyware\microsoft.vc80.crt\msvcm80.dll
%program_files%\xp_antispyware\htmlayout.dll
%program_files%\xp_antispyware\avengn.dll

Navigate and remove XP Antispyware 2009 registry keys:
HKEY_CURRENT_USER\control panel\don’t load scui.cpl
HKEY_CURRENT_USER\control panel\don’t load wscui.cpl
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run xp antispyware 2009 HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\xp_antispyware HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\xp_antispyware displayname HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\xp_antispyware uninstallstring HKEY_LOCAL_MACHINE\software\xp_antispyware
HKEY_LOCAL_MACHINE\software\xp_antispyware info
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run xp

What are the symptoms of XP Antispyware 2009?

  • XP Antispyware 2009 may pop up false system alert messages
  • XP Antispyware 2009 may scare users into purchasing its full version

How do I keep away from XP Antispyware 2009?
Once you have cleaned up XP Antispyware 2009, the most important point to prevent XP Antispyware 2009 and future malicious programs from reverting is to stay suspicious of spam E-mail attachment and unknown websites. Here are several ways in which you can help protect your computer against XP Antispyware 2009 and other malware:

  • Use a computer firewall
  • Confirm that you have downloaded all the latest critical security updates
  • Adjust Internet Explorer web browser’s security settings
  • Download and install anti-spyware protection, such as, Spyware Cease
  • Surf sites and download programs from the web sites you trust

What is Rogue AntiSpyware Program?
XP Antispyware 2009 is a type of Rogue AntiSpyware Program.

Rogue Anti-spyware Software is the software that uses malware to advise or install itself through other malicious viruses or security hole without your permission. Rogue software usually pops up fake system message such as “Warning, your computer is infected! Click here to scan your computer now!” Most of the time, when clicking the “OK” button on the dialog tab, users will be directed to an unknown website that may download more spyware threats. Sometimes, even clicking the close button on the top right may lead to the installation of the rogue software, for the button is actually a link.

With the purpose to trick innocent users into the action of paying, rogue software usually counterfeits exaggerated and fake system scanning results and scare users to pay for the removal of the never-existed spyware infections. In fact, the threat is the rogue software itself. Most of them come with a bundle of very harmful spyware programs that hidden in the files themselves.

Antivirus 2008

Posted by Emma Adrian in Blog Latest Parasite Threats, Recent Articles, Top Parasite Threats on December 9th, 2008 | Leave a comment
TAGS: , ,

What is Antivirus 2008?
Antivirus 2008 has been proved to be a rogue application that displays false results and requires you to first purchase the software before you can remove anything. Antivirus 2008 may come bundled with shareware or other downloadable software. It may also install itself by tricking you to click on its deceptive pop-up ads. Antivirus 2008 installs on your computer through a trojan and may infect your system without your knowledge or consent.

Once it intrudes into your PC, Antivirus 2008 will not only annoy you with constant pop-ups drawing you off your activity, but also change your computer’s desktop, hijack your browser, monitor your Internet browsing activities, change system files, and can do this without your knowledge or permission. Probably, the worst of them is stealing of credit card details, although this might be rare to happen. Antivirus 2008 will also be very undesirable for it is capable to make your system collapse, intentionally or unintentionally.

Do you have Antivirus 2008?
If you have enough time and expertise, you can search your computer for Antivirus 2008 manually. However, it might take hours to find out all files of Antivirus 2008, and it is possible that Antivirus 2008 will appear after rebooting, for its hidden files may still be there.

Download automatic scanner for Antivirus 2008
Spyware Cease – the technology-oriented security protection that provides a risk-free computing environment for your home and office – with detection, removal and guard in one intuitive and straight-forward interface. Only Spyware Cease gives you individual fix against the most dangerous spyware problems.

Manual Antivirus 2008 removal instructions
WARNING: The manually removal method is for advanced users. Antivirus 2008 manually removal can be difficult and time-consuming. There is no guarantee that Antivirus 2008 can be completely removed, for there are hundreds of files generated when Antivirus 2008 installed on your system. Make sure to back up your computer in case that you make any mistakes and your system does not work.

Follow the instructions below for Antivirus 2008 removal manually:

Navigate and stop Antivirus 2008 processes:
ntvrs.exe
AntvrsInstall.exe
AntvrsInstall[1].exe
Win Antivirus 2008.exe
av2008xp.exe
Antivirus-2008.exe
xpa_2008.exe
lwpwer.exe

Navigate and Remove Antivirus 2008 registry values:
HKEY_CURRENT_USER\Software\Antivirus
HKEY_LOCAL_MACHINE\SOFTWARE\Antivirus
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Antivirus”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce “3P_UDEC”
Software\Microsoft\Windows\CurrentVersion\RunOnce\3P_UDEC
Microsoft\Code Store Database\Distribution Units\3BA4271E-5C1E-48E2-B432-D8BF420DD31D
Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Antivirus2008y
SoftLand Ltd\Antivirus 2008 XP

Navigate and delete Antivirus 2008 files:
AntiVirus 2008.lnk
AntiVirus 2008.lic
%ProgramFiles%\ANTIVIRUS 2008
Uninstall Antivirus.lnk
Antivirus Pro 2008
%ProgramFiles%\Antivirus2008y
Uninstall Antivirus 2008.lnk
%AppData%\Antivirus2008y
%ProgramFiles%\Win Antivirus 2008
s9201
%UserProfile%\Start Menu\Antivirus2008y
%ProgramFiles%\Antivirus 2008 XP
%AllUsersProfile%\Application Data\SoftLand Ltd\Antivirus 2008 XP

What are the symptoms of Antivirus 2008?

  • Antivirus 2008 may display false results and require you to first purchase the software
  • Antivirus 2008 may come bundled with shareware or other downloadable software
  • Antivirus 2008 may cause constant pop-ups
  • Antivirus 2008 may monitor Internet browsing activities and change system files
  • Antivirus 2008 may cause system collapse

How do I keep away from Antivirus 2008?
Once you have cleaned up Antivirus 2008, the most important point to prevent Antivirus 2008 and future malicious programs from reverting is to stay suspicious of spam E-mail attachment and unknown websites. Here are several ways in which you can help protect your computer against Antivirus 2008 and other malware:

  • Use a computer firewall
  • Confirm that you have downloaded all the latest critical security updates
  • Adjust Internet Explorer web browser’ s security settings
  • Download and install anti-spyware protection, such as, Spyware Cease
  • Surf sites and download programs from the web sites you trust

What is Rogue AntiSpyware Program?

Antivirus 2008 is a type of Rogue AntiSpyware Program.

Rogue Anti-spyware Software is the software that uses malware to advise or install itself through other malicious viruses or security hole without your permission. Rogue software usually pops up fake system message such as “Warning, your computer is infected! Click here to scan your computer now!” Most of the time, when clicking the “OK” button on the dialog tab, users will be directed to an unknown website that may download more spyware threats. Sometimes, even clicking the close button on the top right may lead to the installation of the rogue software, for the button is actually a link.

With the purpose to trick innocent users into the action of paying, rogue software usually counterfeits exaggerated and fake system scanning results and scare users to pay for the removal of the never-existed spyware infections. In fact, the threat is the rogue software itself. Most of them come with a bundle of very harmful spyware programs that hidden in the files themselves.

Rapid Antivirus

Posted by elise in Blog Latest Parasite Threats, Recent Articles, Top Parasite Threats on December 6th, 2008 | Leave a comment
TAGS: , ,

What is Rapid Antivirus?
Rapid Antivirus is a rogue anti-spyware program that uses deceptive means for installation and promoting purpose. Once installed on computer system, Rapid Antivirus will scare users that their systems have been infected with spyware or malware. Rapid Antivirus will then ask for money to remove the none-existant threats.

Rapid Antivirus can be bundled with a Trojan infection or a malicious website. It is a clone of Power Antivirus 2009, Antivirus 2009, Vista Antivirus 2009 and Antivir64. Rapid Antivirus can be the reason of problems on your computer, such as homepage hijacked, system slowdown and even limited Internet connection.

Do you have Rapid Antivirus?
If you have enough time and expertise, you can search your computer for Rapid Antivirus manually. However, it might take hours to find out all files of Rapid Antivirus, and it is possible that Rapid Antivirus will appear after rebooting, for its hidden files may still be there.

Download automatic scanner for Rapid Antivirus
Spyware Cease – the technology-oriented security protection that provides a risk-free computing environment for your home and office – with detection, removal and guard in one intuitive and straight-forward interface. Only Spyware Cease gives you individual fix against the most dangerous spyware problems.

Manual Rapid Antivirus removal instructions
WARNING: The manually removal method is for advanced users. Rapid Antiviruss manually removal can be difficult and time-consuming. There is no guarantee that Rapid Antivirus can be completely removed, for there are hundreds of files generated when Rapid Antivirus installed on your system. Make sure to back up your computer in case that you make any mistakes and your system does not work.

Follow the instructions below for Rapid Antivirus removal manually:

Navigate and stop Rapid Antivirus processes:
%PROGRAMFILES%\Rapid Antivirus\Rapid Antivirus.exe
Rapid Antivirus.exe

Navigate and delete Rapid Antivirus files:
6792879.exe
6792880.exe
6792881.exe
6792882.exe
6792883.exe
%program_files%\rapid antivirus\rapid antivirus.exe
%program_files%\rapid antivirus\uninstall.exe
%startup%\rapid antivirus.lnk install_511_mhw0mxwwfhx8fhx8fhw_.exe
%common_programs%\rapid antivirus\purchase license.lnk
%common_programs%\rapid antivirus\start rapid antivirus.lnk
%common_programs%\rapid antivirus\support page.lnk
%common_programs%\rapid antivirus\uninstall.lnk
%desktopdirectory%\rapid antivirus.lnk
%profile%\application data\install_511_mhw0mxwwfhx8fhx8fhw_\base.dat
%profile%\application data\install_511_mhw0mxwwfhx8fhx8fhw_\base2.dat
%profile%\application data\install_511_mhw0mxwwfhx8fhx8fhw_\desc.dat
%profile%\application data\install_511_mhw0mxwwfhx8fhx8fhw_\spline.dat
%profile%\application data\rapid antivirus\base.dat
%profile%\application data\rapid antivirus\base2.dat
%profile%\application data\rapid antivirus\desc.dat
%profile%\application data\rapid antivirus\rapid antivirus.ini
%profile%\application data\rapid antivirus\spline.dat
%program_files%\rapid antivirus\buy.url
%program_files%\rapid antivirus\help.url
%program_files%\rapid antivirus\howtobuy.txt
%program_files%\rapid antivirus\id.dat
%program_files%\rapid antivirus\license.txt
%program_files%\rapid antivirus\rapid antivirus.exe
%program_files%\rapid antivirus\uninstall.exe
install_511_mhw0mxwwfhx8fhx8fhw_.exe
6792883.exe
6792882.exe
6792881.exe
6792880.exe
6792879.exe

Navigate and remove Rapid Antivirus registry keys:
HKEY_CURRENT_USER\Software\Rapid Antivirus
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run ieupdate

What are the symptoms of Rapid Antivirus?

  • Rapid Antivirus may pop up unsolicited ads
  • Rapid Antivirus may report false and exaggerated system security threats
  • Rapid Antivirus may affect computer performance

How do I keep away from Rapid Antivirus?
Once you have cleaned up Rapid Antivirus, the most important point to prevent Rapid Antivirus and future malicious programs from reverting is to stay suspicious of spam E-mail attachment and unknown websites. Here are several ways in which you can help protect your computer against Rapid Antivirus and other malware:

  • Use a computer firewall
  • Confirm that you have downloaded all the latest critical security updates
  • Adjust Internet Explorer web browser’s security settings
  • Download and install anti-spyware protection, such as, Spyware Cease
  • Surf sites and download programs from the web sites you trust

What is Rogue AntiSpyware Program?

Rapid Antivirus is a type of Rogue AntiSpyware Program.

Rogue Anti-spyware Software is the software that uses malware to advise or install itself through other malicious viruses or security hole without your permission. Rogue software usually pops up fake system message such as “Warning, your computer is infected! Click here to scan your computer now!” Most of the time, when clicking the “OK” button on the dialog tab, users will be directed to an unknown website that may download more spyware threats. Sometimes, even clicking the close button on the top right may lead to the installation of the rogue software, for the button is actually a link.

With the purpose to trick innocent users into the action of paying, rogue software usually counterfeits exaggerated and fake system scanning results and scare users to pay for the removal of the never-existed spyware infections. In fact, the threat is the rogue software itself. Most of them come with a bundle of very harmful spyware programs that hidden in the files themselves.