Expert Virus Removal Services and Technical advice.

We are Providing Computer users with Expert Virus Removal Services and Technical Advice.

Threats and their Removal.

Do you need a quick solution to a technical problem? With our live remote-assistance tool, a member of our support team can view your desktop and share control of your mouse and keyboard to get you on your way to a solution.

Spywares and their Removal.

Are you worried that your computer might be nfected with Spywares? Then this is were you can find Support.

Advices for Protecting the Computer.

Expert Advices for Protecting your computer from attacks from all threats

Different Anti Virus Software and Tools.

Familiarizing different Anti Virus Software and removal Tools.

February 28, 2011

Internet Security Essentials


Internet Security Essentials, also known as InternetSecurityEssentials, is a new fake antivirus program. Antivirus programs are used to remove viruses; however, since Internet Security Essentials is a fake antivirus program, it will not remove viruses. Internet Security Essentials is generally installed without user permission through the use of a trojan horse, which is downloaded through the internet. The trojan horse is generally downloaded when visiting specific websites. Internet Security Essentials was released first on the web in February 2011. However, Internet Security Essentials comes from the same family of viruses such as My Security Shield, Internet Antivirus 2011, and Smart Securty. Internet Security Essentials claims to provide firewall and antivirus protection. Some of the viruses which it claims to find include Trojan.BAT.AnitV.a and Trojan-PSW.VBS.Half.


Internet Security Essentials will generally modify the internet connection settings to not allow the user to access the web. The settings will be modified so that the user can only visit specific websites. In order to fix the issue, go to your internet explorer browser and click on Tools, Internet Options, Connections tab, and LAN settings. Next, uncheck the box by “Use a proxy server for your LAN (These settings will not apply to dail-up or VPN connections).”


It is recommended to use safe mode when removing the virus because Internet Security Essentials will generally not be able to load in safe mode. To enter safe mode, restart the computer and press F8 multiple times before the Windows screen to bring up the boot options.


Manual Internet Security Essentials Removal

In order to manually remove Internet Security Essentials, the processes associated with Internet Security Essentials must be stopped, the files associated with the processes must be removed, and the registry entries must be corrected to the previous state before Internet Security Essentials entered the computer.
Important: Before attempting to manually remove Internet Security Essentials, we recommend that the user read through comments posted by other users on how they removed specific fake antivirus programs since many fake antivirus programs are similar. These comments can be found by clicking here. These comments may provide additional information which may be useful in removing Internet Security Essentials. However, please use discretion since these specific comments pertain to other fake antivirus programs.

Stop Internet Security Essentials Processes

[random].exe

Remove Internet Security Essentials Files

C:\Documents and Settings\All Users\Application Data\[random]\[random].exe

Remove Internet Security Essentials Registry Keys

HKEY_CURRENT_USER\Software\Internet Security Essentials
HKEY_LOCAL_MACHINE\SOFTWARE\Internet Security Essentials
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Security Essentials

Auto Dialer.

Some time ago, the phone companies came up with a feature that allowed merchants to reach a broader range of customers by allowing consumers to make payments via your phone bill. If you did not have a credit card, you just dialed a 900 number, connected by voice or modem (for Internet sites). Every minute you used the service, you were charged a fee ranging from $1 to $5 or more per minute. At months end, the charge appeared on the phone bill. Many services were legit Consumers called weather, horoscope and gambling services offering this feature. But many merchants sold expensive phone or online adult content.

 

February 26, 2011

Wini Guard

Wini Guard, also known as WiniGuard, is new counterfeit anti-spyware software that created to invade your privacy and ruin the Internet community. Just like most fake antispywares, Wini Guard issues misleading and exaggerated results.


Windows System Security Internet Attack



System Security is a fake anti-virus program that attacks the Windows operating system. This program is actually a spyware that infects computers via the Internet and generates fake and misleading pop-ups that show viruses on the hard drive. 

The alerts urge you to pay for and install System Security to get rid of the parasites. However, System Security does not have a virus detection and removal engine. It's a scam targeted at inexperienced users. You need to remove System Security from your computer to stop its attacks against your Windows operating system.

Instructions
  1. Press the "Ctrl," "Shift" and "Esc" keys at the same time to start the Task Manager.
     
  2. Click the "Processes" tab in the Task Manager's window.
     
  3. Select "1632575944.exe" from the list of the current processes and click "End Process."
     
  4. Close the Task Manager.
     
  5. Remove Registry Entries
    Go to the "Start" menu, type "regedit" in the "Start Search" box and press "Enter" to start the Registry Editor.

    Browse to and delete the following registry entry:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "1632575944"

    Close the Registry Editor.

     
  6. Find and Delete Files
     
  7. Go to the "Start" menu, type "1632575944.exe" in the "Start Search" box and press "Enter." Delete all search results.
     
  8. Repeat Step 1 for "config.udb," "init.udb," "English.lng," "German.lng," "Spanish.lng," "System Security.lnk," "538654387" and "System Security."
Restart your computer. The malware will be gone.

Tips & Warnings
  1. Back up the system registry before removing the registry entries. Delete only the listed registry entries to avoid damage to the operating system.

February 25, 2011

How to manually remove Total Security


To remove Total Security spyware you must block Total Security sites, stop and remove processes, unregister DLL files, search and delete all other Total Security files and registry utility. Follow the Total Security detection and removal instructions below.
The most typical software removal method is to remove Total Security by using "Add or Remove Programs" service. However there may be hidden Total Security files, running processes and registries in your computer, so Total Security may recreate all other files after reboot.



Pop-ups loaded by Total Security are identical to security alerts displayed by ESET NOD32 antivirus. Be careful and don’t mistake Total Security for a real security program. Here are some examples of Total Security alerts:
“Privacy Violation alert!
WARNING Total Security Alert! Privacy Violation alert! Total Security detected a Privacy Violation. A program is secretly sending your private data to an untrusted internet host. Click here to block this activity by removing the threat.”
“System files modification alert!
WARNING Total Security Alert! System files modification alert! Some critical system files of your computer were modified by malicious program. It may cause sytem instability and data loss. Click here to block unauthorized modification by removing threats.”


“Internet Explorer Warning – visiting this web site may harm your computer.
Most likely causes: The website contains exploits that can launch a malicious code on your computer; suspicious network activity detected; there might be an active spyware running on your computer.”
“WARNING! 41 threats found!!!
Harmful software (malware) or racking cookies have been detected during the last scan. It is highly recommended to remove it from your computer.
x Lost Documents and Settings
x Permanent Data Loss
x System not starting up
x System Slowdown and Crashes
x Loss of Internet Connection
x Infecting other computers on your network


New database update is available
WARNING Total Security Alert! Automatic updating is necessary to get you system protected in real time against new and emerging viruses, worms, and troyans. Regular updating is needed to prevent your PC from latest virus threats that can lead to system slowdown, freezes, crashes, and data loss.



Total Security manual removal instructions

Block Total Security sites:

powerfullantivirusproduct.com
antivirusonlineproscan.com
remove-all-malware.com
worldsbestantivirscan.com
yourbrowserprotection.com
explorersecuritysuite.com

Stop and remove Total Security processes:

tsc.exe
Sc2C21UvvM.exe

Locate and delete Total Security registry entries:

Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D263FA6D-84CC-48A8-9AF6-C664362B7A5B}
HKEY_CURRENT_USER\Software\1FD92E3F7C34799BFB075C41DA05D1FE
HKEY_CLASSES_ROOT\CLSID\{D263FA6D-84CC-48A8-9AF6-C664362B7A5B}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D263FA6D-84CC-48A8-9AF6-C664362B7A5B}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "1FD92E3F7C34799BFB075C41DA05D1FE"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "AntiVirusOverride" = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "FirewallOverride" = "1"
Search and unregister Total Security DLL libraries:
winsource.dll

Detect and delete other Total Security files:

winsource.dll
tsc.exe
Sc2C21UvvM.exe
TSC.lnk
Help.lnk
Registration.lnk
Uninstall TSC.lnk
C:\Documents and Settings\All Users\Application Data\[random numbers]\[random numbers].exe

Virus Doctor.

Virus Doctor is an spyware program that displays fake alerts, false online advertising, and uses scare tactics to make you think you are infected.




AVG Antivirus 2011.

AVG Antivirus 2011 is a rogue anti-spyware program from the same family as AVG 8.
 

Adobe Reader 9.4 Vulnerability

Adobe Reader is prone to a remote memory-corruption vulnerability. Successful exploits may allow attackers to execute arbitrary code in the context of the user running the affected application. 

Failed exploit attempts will result in a denial-of-service condition. Adobe Reader versions 9.4.0 and 8.1.7 are affected; other versions may also be vulnerable.

February 24, 2011

How To Remove Internet Defender






Internet Defender is only an imitation of a security program and is not able to provide any actual computer service. The parasite is distributed online and is usually difficult to avoid if one does not employ reputable security software.



Malware downloads itself automatically without user’s knowledge and consent. Once installed it starts to scan your computer and displays numerous fake warning messages that state your PC is at high security risk. For example:

Symptoms Internet Defender

External software tries to control variety of your system files. This may lead to breaking of some data in your system. Click here to protect remote access to your PC & delete these programs.

Internet Defender

Spyware IE Monster process is found. The virus is going to send your passwords from Internet browser (Explorer, Mozilla Firefox, Outlook & others) to the third-parties. Click here for further protection of your data with Internet Defender.



Internet Defender Firewall Alert

Suspicious activity in your registry system space was detected. Rogue malware detected in your system. Data leaks and system damage are possible. Please use a deep scan option.

Internet Defender Firewall Alert

Internet Defender has prevent a program from accessing the Internet.
“iexplore.exe” is infected with Trojan. This worm has tried to use “iexplore.exe” to connect to remove host and send your credit card information.

Internet Defender Firewall Alert

Your computer is being attacked from a remote machine!
Block Internet access to your computer to prevent system infection.
Attacker IP: <ip address>
Attack type: RCPT exploit

This is a fraud which shouldn’t be trusted. Malware gains to trick user into believing their computer is infected and need to be healed with its “registered” version. This is a scam. Ignore all notifications but use decent anti-spyware application and delete Internet Defender as soon as possible.

How to manually remove Internet Defender

To get rid of spyware such as Internet Defender you need to remove processes, search and delete registry keys, DLL and other Internet Defender related files from your computer.

Uninstall Internet Defender from Control Panel
Start > Settings > Control Panel > Add/Remove Programs. Double click to uninstall.
Unregister Internet Defender DLL files

Internet Defender.dll

To unregister DLL click Start > Run > type "regsvr32 /u PATH_TO_FILE/FILE.dll"

Delete Internet Defender registry entries:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run ""
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ""

Note :open registry editor click Start > Run > type "regedit".

Warning! Manual registry entries editing may cause damage to your system.

Search and delete these Internet Defender related files:

%AllUsersProfile%\Application Data\_.mkv
%AllUsersProfile%\Application Data\.avi
%AllUsersProfile%\Application Data\.ico
%AllUsersProfile%\Start Menu\Programs\Startup\.lnk
%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Defender.lnk
%UserProfile%\Desktop\Internet Defender.lnk
%Temp%\wrk3.tmp
%Temp%\.dll
%UserProfile%\Start Menu\Programs\Startup\.lnk
c:\Program Files\Internet Defender\
c:\Program Files\Internet Defender\Internet Defender.dll

Farmville Scams.

Farmville, one of the most reputed game in Facebook is a lot under the scanner nowadays for its scams via the game. The most important one is about earning more Farmville cash by entering surveys, quizzes and offers via Farmville.

Beware of Farmville Scams.

Trojan Brisv Infection.


Trojan Brisv is a Trojan horse that infects multimedia files. This trojan search for multimedia files with extension .asf, .mp2, .mp3, .wma, .wmv and injects additional functionality into the multimedia files it finds. While playing these infected multimedia files Windows Media Player will access a malicious link on the internet.

Remove the SVCHOST.exe Virus



In the Windows NT family of operating systems, svchost.exe is a process and its associated image (executable file) for hosting services. These services are contained within dynamically-linked libraries (DLLs).

A variety of worm malware programs spread a similarly named file--Scvhost.exe--via Yahoo! Messenger that blocks the Task Manager and Registry Editor, as well as use of the command prompt.

February 23, 2011

How to remove Mega Antivirus 2012



Rogue anti-spyware refers to anti-spyware/antivirus software of questionable value. Rogue anti-spyware may not be proven to protect your computer from spyware, may popup fake alerts or create many false positives about your PC being infected, or may use scare tactics to try to get you to purchase the application. Rogue anti-spyware software may be installed by a Trojan, come bundled with other software, or install itself through web browser security holes. While it is fairly rare, some rogue anti-spyware is created and distributed by known spyware or adware companies, and the rogue anti-spyware may install spyware or adware itself.
Often when you’re infected with rogue anti-spyware like Mega Antivirus 2012, you’ll see a false popup security alert like this:


How to delete Mega Antivirus 2012 files in Windows XP/Vista/7:

  • Click your Windows Start menu, then click “Search.”
  • A pop up will ask, “What do you want to search for?” Click “All files and folders.”
  • Type a Mega Antivirus 2012 file in the search box, and select “Local Hard Drives.”
  • Click “Search.” Once the Mega Antivirus 2012 file is found, delete it.
  • The files are 

                     %WINDIR%addonsaddon.exe
                     %WINDIR%addonsbaselicense.pwd
                     %WINDIR%addonsma2012.exe
                     %WINDIR%install.exe


How to stop Mega Antivirus 2012 processes:

  • Click the Start menu, select Run.
  • Type taskmgr.exe into the the Run command box, and click “OK.” You can also launch the Task Manager by pressing keys CTRL + Shift + ESC.
  • Click Processes tab, and find Mega Antivirus 2012 processes.
  • Once you’ve found the Mega Antivirus 2012 processes, right-click them and select “End Process” to kill Mega Antivirus 2012.
  • The process are 


                                  addon.exe
                                  ma2012.exe


How to remove Mega Antivirus 2012 registry keys:

Note:Backup your registry before you edit it. 

  • Click the Start menu, and click “Run.” An “Open” field will appear. Type “regedit” and click “OK ” to open up your Registry Editor. In Windows 7, just type “regedit” into the “Search programs and files” box in the Start menu.
  • Registry Editor opens as a two-paned window: the left side lets you select registry keys,the right side shows the values of any selected registry key.
  • To find a Mega Antivirus 2012 registry key, select “Edit,” then select “Find,” and in the search bar type any of Mega Antivirus 2012 ‘s registry keys.
  • When the Mega Antivirus 2012 registry key appears, to delete the Mega Antivirus 2012 registry key, right-click it, and select “Modify,” then select “Delete.”
  • The registry entries are

                       HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorerRun Policies = “C:WINDOWSaddonsaddon.exe”
                      HKCUSoftwareMicrosoftWindowsCurrentVersionRun HKCU = “C:WINDOWSaddonsaddon.exe”
                     HKLMSOFTWAREMicrosoftWindowsCurrentVersionRun SystemStart = “C:WINDOWSaddonsma2012.exe”
                    HKLMSOFTWAREMicrosoftWindowsCurrentVersionRun addons = “C:WINDOWSaddonsaddon.exe”
                    HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorerRun Policies = “C:WINDOWSaddonsaddon.exe”


How to delete Mega Antivirus 2012 DLLs:
  • Open the Start menu, and click “Run.” Type “cmd” in Run, and click “OK.” (In Windows 7, just type “regedit” into the “Search programs and files” box in the Start menu.)
  • To change your current directory, type “cd” in the command box, press “Space,” and enter the full directory where the Mega Antivirus 2012 DLL is located. If you’re not sure where the Mega Antivirus 2012 DLL is located, enter “dir” in the command box to display a directory’s contents. To go one directory back, type “cd ..” in the command box and press “Enter.”
  • When you’ve found a Mega Antivirus 2012 DLL, type “regsvr32 /u SampleDLLName.dll” (e.g., “regsvr32 /u jl27script.dll”) and press “Enter.”



How to restore your homepage?
  • Select Start menu > Control Panel > Internet Options > General.
  • Type your preferred home page’s URL (e.g., “http://www.homepage.com”).
  • Click “Use Default,” “Apply,” and “OK.”













Zombie Computers.

Zombie computers.

   Zombie computers are computers that have been taken over by a hacker without the knowledge of the owner.


SpyEye Trojan.


SpyEye Trojan.





SpyEye is a trojan that steals sensitive information. The trojan can send the information to a remote machine. It uses techniques common for rootkits.



What is a computer virus?

What is a computer virus?

A computer virus is a small software program that spreads from one computer to another computer and that interferes with computer operation. A computer virus may corrupt or delete data on a computer, use an e-mail program to spread the virus to other computers, or even delete everything on the hard disk.


Remove Rootkit Tncore


Rootkit Tncore, a trojan infection, can damage your computer's operating system without showing symptoms. Rootkit infections alter your registry, files and network settings.

One of the telltale signs of this infection is the process "CORE.SYS." Keep your system safe by removing the Rootkit Tncore as soon as possible.

February 22, 2011

Win 7 Internet security 2011


Win 7 Internet security 2011
 


Win 7 Internet security 2011 is classified as Rogue Anti-Spyware. After infecting a user’s system, it proceeds to scare its victim into buying the “product” by displaying fake security messages, stating that your computer is infected with spyware and only Win 7 Internet security 2011 can help you to remove it after you download the trial version. As soon as the victim downloads Win 7 Internet security 2011 trial version, it pretends to scan your computer and shows a grossly exaggerated amount of non-existent errors. Then, Win 7 Internet security 2011 offers to buy the full version to fix these false errors. If the user agrees, Win 7 Internet security 2011 does not only fix the errors, but it also takes the user’s money and may even install additional spyware into the victim’s computer.  Rogue Anti-Spyware, such Win 7 Internet security 2011, may offer users to buy it after the victim clicks on a banner or a pop-up while surfing the internet. Usually, a Trojan is installed to a victim’s computer after clicking on the advertisement. It then proceeds to download or even install  Win 7 Internet security 2011, which is another way for Rogue Anti-Spyware to spread itself.

 

Autorun Virus Remover

Autorun Virus Remover Tool


Autorun Virus Remover uses proactive technology to permanently remove autorun& autorun.inf viruses, also it can block any autorun/autorun.inf viruses trying to infect the system via USB drives(pendrive, external hard disk, iPod, etc). What you need to do is just clicking the scan button of Autorun Virus Remover.

Clean a Virus-Infected Computer

 
Computer viruses are insidious, sneaky and--like their biological counterparts--constantly mutating. If you think your computer has been infected, the only safe course of action is to use a good anti-virus program.

Here are some useful steps to remove computer virus using anti-virus programs.

February 21, 2011

Anti-Virus 2011





Anti-Virus 2011 (also known as AntiVirus 2011) is not a legitimate anti-spyware as you may think. AntiVirus 2011 is a rogue anti-spyware which is designed to fool you, trustful PC users, into taking it serious and then steal your money. Haling from a new generation of spywares, program offers for victims to use some basic its functions and then announces numerous infections detected after running a full system scan. Further, Anti-Virus 2011 will keep telling that its unregistered version can’t remove these threats from your computer and will ask purchasing “licensed” its version for fixing everything. That’s how Anti-virus 2011’s brainwashing campaign ends. Don’t feel comfortable after noticing any of its traces because only Anti-Virus 2011 is the virus which must be removed for good.




Virus Support - AntiVira Av

AntiVira Av.



 AntiVira Av is a rogue anti-spyware program and it is the modified version of the rogue anti-spyware Antivirus .NET.




 

February 19, 2011

Delete a Virus on a Hard Drive


A computer virus is a computer program that can copy itself and infect a computer. The term "virus" is also commonly but erroneously used to refer to other types of malware.

Viruses can increase their chances of spreading to other computers by infecting files on a network file system or a file system that is accessed by another computer.

February 18, 2011

Remove virus which cause reboot.


A computer virus is a software program that can get onto your computer when you download a file that contains the virus. The virus must be removed in order for your computer to run correctly.

If you've recently visited a website or downloaded a program and suddenly your computer has been rebooting itself and crashing or running very slowly, you're most likely the victim of a computer virus. This article will help you to Remove the Virus That Makes Computer Restart Automatically

Instructions
  1. Download anti-virus software if you currently do not have such software on your computer. There are several available and some of the very good ones are actually free for personal usage.
  2. Visit the Microsoft update site in order to see if your computer needs any updates. It is vital to keep your operating system up-to-date since many of the software updates that release includes security updates. Before you can begin removing the virus, the operating system needs to be fully updated.
  3. Update your anti-virus software by clicking on the menu and choosing "Setting" or "Update." It is important to always keep the definitions updated on anti-virus software since new viruses are constantly circulating. Your anti-virus software sends out updates called "definitions" for you to install.
  4. Scan your computer using your anti-virus software and choose a thorough or deep scan so that it scans the entire file system. This can take several hours depending how many files you have to scan. As the scanner detects viruses, it may pop up a question asking what to do with it. Choose "Quarantine" or "Delete."
  5. Select the setting on your anti-virus software to download new definitions automatically. This will ensure you are always up-to-date and secured from computer viruses.
Tips & Warnings
  1. When looking for anti-virus software, try to find real user reviews on the Internet. A quick Internet search for "anti-virus reviews" will find several useful reviews; this will help you in deciding which program is best for you.
  2. If the virus has corrupted your hard drive to the point your computer will not start at all, the only option is to take it to a professional and have them reinstall your operating system, which will mean that you may lose all of your data

February 17, 2011

Remove a Virus on a Frozen Computer


It is frustrating when your computer freezes while you are in the middle of a task, or anytime you just need it to work normally. If your computer or laptop freezes on a regular basis, chances are it has acquired a virus or a series of viruses. This is a common problem for PC users, but there are ways to fix it.

Computer Evaluation Certification



Computer evaluation certification is an international IT software and operating system security certification process in which software and operating systems are evaluated by private, third-party organizations to assign a computer security rating established according to "Common Criteria" guidelines for safety, stability and reliability.

Once the software or operating system has been evaluated and assigned a level, the certification must be reevaluated with each new release or system security upgrade; a new level is then assigned by the third-party evaluator.

Get Rid of E-mail Spam


E-mail spam, also known as junk e-mail, is a subset of spam that involves nearly identical messages sent to numerous recipients by e-mail.
 
Spam mail is an offensive byproduct of the Internet's success. Although there's no guarantee you can avoid all spam, there are ways to avoid looking at most of it.

Remove Antimalware Doctor Virus

 
 
Antimalware Doctor is one of many viruses that disguise themselves as legitimate antivirus programs. Antimalware Doctor performs a fake and unsolicited scan of your computer and notifies you that your computer is infected.
 
Antimalware Doctor then attempts to procure your financial information under the guise of removing the infection. In addition, Antimalware Doctor may slow your computer, change your Internet settings, create desktop shortcuts and flood your computer with popup advertisements.

February 16, 2011

Remove the iRemotePC Virus



iRemotePC, also known as Adware.Win32.iRemotePC 1.6, is a virus that can be used to gather personal information, such as credit card numbers, from your computer and communicate that information to a remote hacker.

In addition, iRemotePC may replicate itself, execute certain tasks, impair your computer performance and cause other serious damage to your computer. Consequently, iRemotePC should be removed as soon as it is discovered on your computer.

Misleading Applications


Have you ever seen a strange security message pop up like an advertisement while you're surfing the web? Have you seen an unexpected balloon message appear from an unknown program on your system, telling you that you’re infected with a new threat? These are common tactics used by a type of program called "misleading applications" and other people refer to as “Rogue Software” or “Rogue Anti-Virus”. These programs typically sneak onto their victims’ systems while they surf the web, masquerade as a normal Microsoft Windows alert, or otherwise trick people into downloading them onto their computer. Once installed, misleading applications exaggerate or make false claims about the security status or performance of your system, then promise to solve these bogus problems if you pay them.

What are misleading applications?

Misleading applications intentionally misrepresent the security status of a computer. Misleading applications attempt to convince the user that he or she must remove potentially malware or security risks from the computer. The application will hold the user hostage by refusing to allow him or her to remove or fix the phantom problems until the “required” software is purchased and installed. Misleading applications often look convincing the programs may look like legitimate security programs and often have corresponding websites with user testimonials, lists of features, etc.

How they Attack?

Why are they dangerous?

The victims of misleading applications have paid for software that does not work, handed their personal information to scammers, and are left with a false sense of security that leads them to potentially greater risks from more aggressive threats. Even if a person catches on to the ruse and does not pay the misleading application vendor, the programs can be notoriously difficult to remove without the proper security software.
What To Do?
  1. Use a legitimate Antivirus to proactively protect from spyware and other security risks
  2. Configure the firewall in Antivirus software to block unsolicited requests for outbound communication
  3. Be especially cautious when clicking on pop-up advertisements especially ads promoting system security or performance tools that look like a standard Microsoft Windows alert
  4. Do not accept or open suspicious error dialogs from within the browser
  5. Purchase security and system performance software from reputable sources
  6. Keep software and security patches up to date

February 15, 2011

Spot a Computer Virus in an Email Inbox


Computer viruses are insidious pieces of software that can cause a great deal of destruction in a short amount of time. Email is an especially popular way of transmitting computer viruses, but unfortunately when it comes to email it's not always possible to tell friend from foe. With the proper precautions, though, you can avoid an infection. Read on for some tips for recognizing a virus in your inbox.

How to remove Disk Recovery


Disk Recovery is a counterfeit application. The parasite comes along with the download and installs itself automatically. Malware is accompanied by a malicious trojan which enters the system and then creates a backdoor for Disk Recovery to sneak.
  
Once installed the parasite will set user’s mind that computer has many infections with different types of malware and viruses through its fake alert messages. Disk Recovery does not do anything to prevent or remove legitimate computer viruses, spyware or other kind of malware. It is not able to provide any actual security service. Not only Disk Recovery is incapable of detecting or removing malware it can harm your system by editing registry entries.


You have to get rid of the malware or else the rogue will show an avalanche of pop-ups that literally paralyze your computer system.

Here are few of rogue security alerts:

Critical Error!
Damaged hard drive clusters detected. Private data is at risk.

Critical Error
Hard Drive not found. Missing hard drive.

Critical Error
RAM memory usage is critically high. RAM memory failure.

Critical Error
Windows can’t find hard disk space. Hard drive error

Critical Error!
Windows was unable to save all the data for the file \System32\496A8300. The data has been lost. This error may be caused by a failure of your computer hardware.

Critical Error
A critical error has occurred while indexing data stored on hard drive. System restart required.

System Restore
The system has been restored after a critical error. Data integrity and hard drive integrity verification required.

Activation Reminder
Disk Recovery Activation
Advanced module activation required to fix detected errors and performance issues. Please purchase Advanced Module license to activate this software and enable all features.

Low Disk Space
You are running very low disk space on Local Disk (C:).

Windows – No Disk
Exception Processing Message 0×0000013

Disk Recovery Diagnostics
Windows detected a hard disk error.
A problem with the hard drive sectors has been detected. It is recommended to download the following sertified <sic> software to fix the detected hard drive problems. Do you want to download recommended software?

Fix Disk
Disk Recovery Diagnostics will scan the system to identify performance problems.
Start or Cancel

Windows detected a hard drive problem.
Scanning for hard drive errors…
Hard drive scan helps to detect and resolve hard drive problems and system performance issues.

Manual removal Steps

To get rid of spyware such as Disk Recovery you need to remove processes, search and delete registry keys, DLL and other Disk Recovery related files from your computer.

Uninstall Disk Recovery from Control Panel

Start > Settings > Control Panel > Add/Remove Programs. Double click to uninstall.

Delete Disk Recovery registry entries:

1. To open registry editor click Start > Run > type "regedit".
2. Delete the following entries
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run ".exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run ""
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = '/{hq:/s`s:/ogn:/uyu:/dyd:/c`u:/bnl:/ble:/sdf:/lrh:/iul:/iulm:/fhg:/clq:/kqf:/`wh:/lqf:/lqdf:/lnw:/lq2:/l2t:/v`w:/rbs:'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments "SaveZoneInformation" = '1'
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "CheckExeSignatures" = 'no'
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main "Use FormSuggest" = 'yes'


Note: Please take a back up of the registry before editing it.

To Search and delete the Disk Recovery related files:
%AllUsersProfile%\~
%AllUsersProfile%\~r
%AllUsersProfile%\.dll
%AllUsersProfile%\.exe
%AllUsersProfile%\
%AllUsersProfile%\.exe
%UserProfile%\Desktop\Disk Recovery.lnk
%UserProfile%\Start Menu\Programs\Disk Recovery
%UserProfile%\Start Menu\Programs\Disk Recovery\Disk Recovery.lnk
%UserProfile%\Start Menu\Programs\Disk Recovery\Uninstall Disk Recovery.lnk

Related Posts Plugin for WordPress, Blogger...

Search This Blog

Followers

Categories

There was an error in this gadget
Twitter Delicious Facebook Digg Stumbleupon Favorites More