Showing posts with label Guard. Show all posts
Showing posts with label Guard. Show all posts

Thursday, October 6, 2011

Guard Online - Fake AV - removal guide - how to delete


AV Guard Online - it is fake antivirus. Only money ransom.












Files are created:

C:\Documents and Settings\<UserName>\Application Data\F33rfbIK2AV Guard Online.ico (it's random name)
C:\Documents and Settings\<UserName>\Application Data\ldr.ini
C:\Documents and Settings\<UserName>\Desktop\AV Guard Online.lnk
C:\Documents and Settings\<UserName>\Local Settings\Temp\1.tmp
C:\Documents and Settings\<UserName>\Start Menu\Programs\AV Guard Online\AV Guard Online.lnk
C:\WINDOWS\system32\vzRRFB8lEV.exe (it's random name)


Registry edit:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TiikWSV7kWCuQ5h8234A" = "C:\WINDOWS\system32\vzRRFB8lEV.exe"
(Random key and file names)



To remove this rogue go to the website www.Trojan-Killer.net and download Trojan-Killer.


Run and install it.






Upon completion of installation, select Launch GridinSoft Trojan Killer and click Finish.






When the Trojan Killer will look on your computer you will see a full list of detected malware.
Press the Remove Selected to remove them.



Good Luck :)
Author: на No comments:
Keywords: , , , , , , , , ,

Wednesday, September 28, 2011

Zentom System Guard - about this Fake AV


Zentom System Guard fake Anti-Virus which requires money for registration. Otherwise it will bother you constant false messages.




Created files:
C:\Documents and Settings\<UserName>\Application Data\<RandomSymbols>\enemies-names.txt
C:\Documents and Settings\<UserName>\Application Data\<RandomSymbols>\finc70dkk.exe (or senrmodk70.exe)
C:\Documents and Settings\<UserName>\Application Data\<RandomSymbols>\hookdll.dll
C:\Documents and Settings\<UserName>\Application Data\<RandomSymbols>\local.ini
C:\Documents and Settings\<UserName>\Application Data\Microsoft\Internet Explorer\Quick Launch\Zentom System Guard.lnk
C:\Documents and Settings\<UserName>\Desktop\Zentom System Guard.lnk
C:\Documents and Settings\<UserName>\Start Menu\Programs\Startup\Zentom System Guard.lnk
C:\Documents and Settings\<UserName>\Start Menu\Programs\Zentom System Guard
C:\Documents and Settings\<UserName>\Start Menu\Programs\Zentom System Guard\Uninstall.lnk
C:\Documents and Settings\<UserName>\Start Menu\Programs\Zentom System Guard\Zentom System Guard.lnk
C:\Documents and Settings\<UserName>\Start Menu\Zentom System Guard.lnk

Register changes:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run "finc70dkk.exe" (or senrmodk70.exe)
HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Zentom System Guard
HKCU\Software\Zentom System Guard Inc\Zentom System Guard





To remove this rogue go to the website www.Trojan-Killer.net and download Trojan-Killer.


Run and install it.




Upon completion of installation, select Launch GridinSoft Trojan Killer and click Finish.




When the Trojan Killer will look up your computer you will see a full list of detected malware.
Press the Remove Selected to remove them.




Author: на No comments:
Keywords: , , , , ,
Subscribe to: Posts (Atom)