AntiMalwareGuard

Posted by Emma Adrian in Blog Tutorials on February 19th, 2009 | Leave a comment
TAGS: , , ,

What is AntiMalwareGuard?
AntiMalwareGuard is a rogue anti-spyware program infiltrating the system through Trojans, such as Zlob, which disguise themselves as Video ActiveX Codecs. Once inside, these Trojans flood the user with popups and fake system notifications, falsely informing the user of an infection on the system, in order to mislead the user to buy AntiMalwareGuard’s “licensed version”. AntiMalwareGuard can steal users’ personal data by using security backdoors; it can seriously damage user computer system.

Do you have AntiMalwareGuard?
If you have enough time and expertise, you can search your computer for AntiMalwareGuard manually. However, it might take hours to find out all files of AntiMalwareGuard, and it is possible that AntiMalwareGuard will appear after rebooting, for its hidden files may still be there.

Download automatic scanner for AntiMalwareGuard
Spyware Cease – the technology-oriented security protection that provides a risk-free computing environment for your home and office – with detection, removal and guard in one intuitive and straight-forward interface. Only Spyware Cease gives you individual fix against the most dangerous spyware problems.

Manual AntiMalwareGuard removal instructions
WARNING: The manually removal method is for advanced users. AntiMalwareGuard manually removal can be difficult and time-consuming. There is no guarantee that AntiMalwareGuard can be completely removed, for there are hundreds of files generated when AntiMalwareGuard installed on your system. Make sure to back up your computer in case that you make any mistakes and your system does not work.

Follow the instruction below for AntiMalwareGuard removal manually:

Navigate and stop AntiMalwareGuard processes:
AntieMalwareGF[1].exe
AntieMalwareGF.exe
smamg.exe
AntiMalwareGuard_Free.exe
AntiMalwareGuard_Free[2].exe
AntiMalwareGuard_Free[1].exe

Navigate and Unregister AntiMalwareGuard DLL Files:
N/A

Navigate and Remove AntiMalwareGuard registry values:
HKEY_CURRENT_USER\software\antimalwareguard
HKEY_CURRENT_USER\software\antimalwareguard activationcode
HKEY_CURRENT_USER\software\antimalwareguard cookieparams
HKEY_CURRENT_USER\software\antimalwareguard infectioncount
HKEY_CURRENT_USER\software\antimalwareguard installdate
HKEY_CURRENT_USER\software\antimalwareguard lastdetecttime
HKEY_CURRENT_USER\software\antimalwareguard lastscantime
HKEY_CURRENT_USER\software\antimalwareguard tid
HKEY_CURRENT_USER\software\antimalwareguard totalscancount
HKEY_CURRENT_USER\software\antimalwareguard version
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\5.0\user agent\post platform 3p_uamg 1.0.20.0
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run antimalwareguard
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run antimalwareguard

Navigate and Delete AntiMalwareGuard files:
%CommonProgramFiles%\Antimalwareguard
%UserProfile%\Local Settings\Temp\tmpamg
%AppData%\AntiMalwareGuard
%AllUsersProfile%\Start Menu\Programs\AntiMalwareGuard
%ProgramFiles%\AntiMalwareGuard

What are the symptoms of AntiMalwareGuard?

  • AntiMalwareGuard may infiltrate the system through Trojans
  • AntiMalwareGuard may display false alerts
  • AntiMalwareGuard may mislead users to buy its licensed version
  • AntiMalwareGuard may cause the leaking of personal information
  • AntiMalwareGuard may decrease the system performance

How do I keep away from AntiMalwareGuard?
Once you have cleaned up AntiMalwareGuard, the most important point to prevent AntiMalwareGuard and future malicious programs from reverting is to stay suspicious of spam E-mail attachment and unknown websites. Here are several ways in which you can help protect your computer against AntiMalwareGuard and other malware:

  • Use a computer firewall
  • Confirm that you have downloaded all the latest critical security updates
  • Adjust Internet Explorer web browser’s security settings
  • Download and install anti-spyware protection, such as, Spyware Cease
  • Surf sites and download programs from the web sites you trust

What is Rogue Anti-spyware Program?
AntiMalwareGuard is a type of Rogue Anti-spyware Program.

Rogue Anti-spyware Software is the software that uses malware to advise or install itself through other malicious viruses or security hole without your permission. Rogue software usually pops up fake system message such as “Warning, your computer is infected! Click here to scan your computer now!” Most of the time, when clicking the “OK” button on the dialog tab, users will be directed to an unknown website that may download more spyware threats. Sometimes, even clicking the close button on the top right may lead to the installation of the rogue software, for the button is actually a link.

With the purpose to trick innocent users into the action of paying, rogue software usually counterfeits exaggerated and fake system scanning results and scare users to pay for the removal of the never-existed spyware infections. In fact, the threat is the rogue software itself. Most of them come with a bundle of very harmful spyware programs that hidden in the files themselves.

VirusRemover2008

Posted by elise in Blog Dialer, Latest Parasite Threats, Recent Articles, Top Parasite Threats, Tutorials on December 16th, 2008 | Leave a comment
TAGS: , ,

What is VirusRemover2008?
VirusRemover2008 is a rogue anti-spyware program that delivers false system messages and scan results, in order to scare innocent users into purchasing the software. After installing, VirusRemover2008 will automatically scan your computer and list a lot of non-existent infections found on your system. If you select to remove these infections, a link will direct you to its purchase page.

VirusRemover2008 usually downloaded and installed itself onto your PC without your knowledge, through Vundo Trojan, Virus or fake software. Since VirusRemover2008 itself is the infection, it is advisable not to buy it and use the removal instructions below.

Do you have VirusRemover2008?
If you have enough time and expertise, you can search your computer for VirusRemover2008 manually. However, it might take hours to find out all files of VirusRemover2008, and it is possible that VirusRemover2008 will appear after rebooting, for its hidden files may still be there.

Download automatic scanner for VirusRemover2008
Spyware Cease – the technology-oriented security protection that provides a risk-free computing environment for your home and office – with detection, removal and guard in one intuitive and straight-forward interface. Only Spyware Cease gives you individual fix against the most dangerous spyware problems.

Manual VirusRemover2008 removal instructions
WARNING: The manually removal method is for advanced users. VirusRemover2008 manually removal can be difficult and time-consuming. There is no guarantee that VirusRemover2008 can be completely removed, for there are hundreds of files generated when VirusRemover2008 installed on your system. Make sure to back up your computer in case that you make any mistakes and your system does not work.

Follow the instructions below for VirusRemover2008 removal manually:

Navigate and stop the VirusRemover2008 processes:
VirusRemover2008_Setup_Free_en.exe
VRM2008.exe

Navigate and delete VirusRemover2008 files:
C:\Documents and Settings\aaron\Application Data\Microsoft\Internet Explorer\Quick Launch\VirusRemover2008.lnk
C:\Documents and Settings\aaron\Desktop\VirusRemover2008.lnk
C:\Documents and Settings\aaron\Local Settings\Temp\5459.dll
C:\Documents and Settings\aaron\Local Settings\Temp\pft1~tmp\40comupd.exe
C:\Documents and Settings\aaron\Local Settings\Temp\pft1~tmp\DATA.TAG
C:\Documents and Settings\aaron\Local Settings\Temp\pft1~tmp\Psapi.dll
C:\Documents and Settings\aaron\Local Settings\Temp\pft1~tmp\SETUP.EXE
C:\Documents and Settings\aaron\Local Settings\Temp\pft1~tmp\_INST32I.EXE
C:\Documents and Settings\aaron\Local Settings\Temp\pft1~tmp\_ISDEL.EXE
C:\Documents and Settings\aaron\Local Settings\Temp\pft1~tmp\_SETUP.DLL
C:\Documents and Settings\aaron\Local Settings\Temp\VMwareDnD\00000849
C:\Documents and Settings\All Users\Start Menu\Programs\VirusRemover2008
C:\Documents and Settings\All Users\Start Menu\Programs\VirusRemover2008\VirusRemover2008.lnk C:\Program Files\VirusRemover2008
C:\Program Files\VirusRemover2008\Viruses.bdt
C:\Program Files\VirusRemover2008\VRM2008.exe
C:\WINDOWS\Prefetch\MMX9961.EXE-08E1135F.pf
C:\WINDOWS\Prefetch\VRM2008.EXE-02ADDD85.pf
C:\WINDOWS\system32\mmx9105.exe
C:\WINDOWS\system32\wtx9105.dll

Navigate and remove VirusRemover2008 registry keys:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\VirusRemover2008
HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache C:\WINDOWS\system32\mmx9961.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache C:\Program Files\VirusRemover2008\VRM2008.exe
HKEY_LOCAL_MACHINE\SOFTWARE\VirusRemover2008 TotalScanCount
HKEY_LOCAL_MACHINE\SOFTWARE\VirusRemover2008 LastDetectTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run VirusRemover2008 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VirusRemover2008 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VirusRemover2008 DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VirusRemover2008 UninstallString
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VirusRemover2008 NoModify
HKEY_LOCAL_MACHINE\SOFTWARE\VirusRemover2008 LicenseAccepted HKEY_LOCAL_MACHINE\SOFTWARE\VirusRemover2008 InstallDate
HKEY_LOCAL_MACHINE\SOFTWARE\VirusRemover2008 ActivationCode
HKEY_LOCAL_MACHINE\SOFTWARE\VirusRemover2008 UpdateEnabled
HKEY_LOCAL_MACHINE\SOFTWARE\VirusRemover2008 InfectionCount
HKEY_LOCAL_MACHINE\SOFTWARE\VirusRemover2008 LastScanTime
HKEY_USERS\S-1-5-21-1708537768-688789844-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\VirusRemover2008
HKEY_USERS\S-1-5-21-1708537768-688789844-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\VirusRemover2008

What are the symptoms of VirusRemover2008?

  • VirusRemover2008 may pop up unsolicited ads
  • VirusRemover2008 may report false and exaggerated system security threats
  • VirusRemover2008 may affect computer performance

How do I keep away from VirusRemover2008?
Once you have cleaned up VirusRemover2008, the most important point to prevent VirusRemover2008 and future malicious programs from reverting is to stay suspicious of spam E-mail attachment and unknown websites. Here are several ways in which you can help protect your computer against VirusRemover2008 and other malware:

  • Use a computer firewall
  • Confirm that you have downloaded all the latest critical security updates
  • Adjust Internet Explorer web browser’s security settings
  • Download and install anti-spyware protection, such as, Spyware Cease
  • Surf sites and download programs from the web sites you trust

What is Rogue AntiSpyware Program?

VirusRemover2008 is a type of Rogue AntiSpyware Program.

Rogue Anti-spyware Software is the software that uses malware to advise or install itself through other malicious viruses or security hole without your permission. Rogue software usually pops up fake system message such as “Warning, your computer is infected! Click here to scan your computer now!” Most of the time, when clicking the “OK” button on the dialog tab, users will be directed to an unknown website that may download more spyware threats. Sometimes, even clicking the close button on the top right may lead to the installation of the rogue software, for the button is actually a link.

With the purpose to trick innocent users into the action of paying, rogue software usually counterfeits exaggerated and fake system scanning results and scare users to pay for the removal of the never-existed spyware infections. In fact, the threat is the rogue software itself. Most of them come with a bundle of very harmful spyware programs that hidden in the files themselves.

Antivirus 2009

Posted by Emma Adrian in Blog Latest Parasite Threats, Recent Articles, Top Parasite Threats, Tutorials on December 3rd, 2008 | Leave a comment
TAGS: , ,

What is Antivirus 2009?
Antivirus 2009 is a fake anti-spyware program that pops up false system alerts and errors to lure you into purchasing its license. Antivirus 2009 may have downloaded and installed itself onto your computer when downloading unknown freeware & shareware or clicking on an adult website link. It usually comes bundled with Trojan, malware and virus and launches when Windows starts up.

Actually, Antivirus 2009 is a clone of XP-Antivirus 2009. Once installed onto your system, Antivirus 2009 will mislead Windows system to generate numerous exaggerated pup-ups, telling that your system is infected and asking for money to pay for Antivirus 2009. If you click the links on the pop-ups, your system security may be more dangerous, for the links may lead to more installations of threats, such as zlob.trojan, Trojan.undo and Trojan.Downloader.

Therefore, it is very important to remove all components of Antivirus 2009 and all the malware and virus that it comes along with.

Do you have Antivirus 2009?
If you have enough time and expertise, you can search your computer for Antivirus 2009 manually. However, it might take hours to find out all files of Antivirus 2009, and it is possible that Antivirus 2009 will appear after rebooting, for its hidden files may still be there.

Download automatic scanner for Antivirus 2009
Spyware Cease – the technology-oriented security protection that provides a risk-free computing environment for your home and office – with detection, removal and guard in one intuitive and straight-forward interface. Only Spyware Cease gives you individual fix against the most dangerous spyware problems.

Manual Antivirus 2009 removal instructions
WARNING: The manually removal method is for advanced users. Antivirus 2009 manually removal can be difficult and time-consuming. There is no guarantee that Antivirus 2009 can be completely removed, for there are hundreds of files generated when Antivirus 2009 installed on your system. Make sure to back up your computer in case that you make any mistakes and your system does not work.

Follow the instructions below for Antivirus 2009 removal manually:

Navigate and stop Antivirus 2009 processes:
av2009.exe
av2009install.exe
av2009install_0011.exe
av2009 [1].exe
ieupdates.exe
%program_files%\XP Antivirus 2009\av2009.exe
ieupdates.exe
av2009install_0011.exe
av2009install.exe

Navigate and delete Antivirus 2009 files:
av2009.exe
av2009install.exe
av2009install_0011.exe
av2009[1].exe
Antivirus 2009.exe
ieupdates.exe
scui.cpl
%program_files%\\antivirus 2009\\av2009.exe
%startmenu%\\antivirus 2009\\antivirus 2009.lnk
%startmenu%\\antivirus 2009\\uninstall antivirus 2009.lnk
winsrc.dll
%desktopdirectory%\\antivirus 2009.lnk winsrc.dll
ieupdates.exe
av2009install_0011.exe
av2009install.exe
%program_files%\\antivirus 2009\\av2009.exe

Navigate and remove Antivirus 2009 registry keys:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\ CurrentVersion\Run\15358943642955870504508370025739
HKEY_LOCAL_MACHINE\SOFTWARE\Antivirus
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\”Antivirus” = “%ProgramFiles% \Antivirus 2009\Antvrs.exe”
HKEY_CURRENT_USER\Software\Antivirus

What are the symptoms of Antivirus 2009?

  • Antivirus 2009 may pop up unsolicited ads
  • Antivirus 2009 may report false and exaggerated system security threats
  • Antivirus 2009 may affect computer performance

How do I keep away from Antivirus 2009?
Once you have cleaned up Antivirus 2009, the most important point to prevent Antivirus 2009 and future malicious programs from reverting is to stay suspicious of spam E-mail attachment and unknown websites. Here are several ways in which you can help protect your computer against Antivirus 2009 and other malware:

  • Use a computer firewall
  • Confirm that you have downloaded all the latest critical security updates
  • Adjust Internet Explorer web browser’s security settings
  • Download and install anti-spyware protection, such as, Spyware Cease
  • Surf sites and download programs from the web sites you trust

What is Rogue AntiSpyware Program?

Antivirus 2009 is a type of Rogue AntiSpyware Program.

Rogue Anti-spyware Software is the software that uses malware to advise or install itself through other malicious viruses or security hole without your permission. Rogue software usually pops up fake system message such as “Warning, your computer is infected! Click here to scan your computer now!” Most of the time, when clicking the “OK” button on the dialog tab, users will be directed to an unknown website that may download more spyware threats. Sometimes, even clicking the close button on the top right may lead to the installation of the rogue software, for the button is actually a link.

With the purpose to trick innocent users into the action of paying, rogue software usually counterfeits exaggerated and fake system scanning results and scare users to pay for the removal of the never-existed spyware infections. In fact, the threat is the rogue software itself. Most of them come with a bundle of very harmful spyware programs that hidden in the files themselves.