Free Tips and Tools

Thursday, January 26, 2012

10:33 AM Protection, remove, virus 0 comments

How to remove AV Protection 2011 virus

AV Protection 2011 is a malicious program from the same family of malware as AV Security 2012 which pretends to be an antivirus software. It may look legitimate virus and spyware removal tool, but remember, its only an imitation! In reality, the malicious software blocks legitimate Windows applications, detects fake malware and displays various fake error messages that the computer is infected in order to frighten you into purchasing this useless application. Do not pay for the bogus software! Simply ignore all that it will display you and remove AV Protection 2011 from your computer as quickly as possible!

During installation, the rogue will be configured to run automatically when you logon into Windows. When AV Protection 2011 is started, it will perform a fake system scan and detect that your computer is infected with a lot of viruses. Next, the malicious program will prompt you to purchase its full version to fix supposedly found infections. Remember, all of these reported infections are fake and don’t actually exist on your computer! So you can safely ignore the scan results.

Last but not least, while the rogue is running, it will display various security warnings. Some of the warnings are:

Windows Security Alert
Do you want to keep blocking this program?
Zeus Trojan

Security Warning
Your computer continues to be infected with harmful viruses.
In order to prevent permanent loss of your information and
credit card data theft please activate your antivirus software.
Click here to enable protection.

Just like false scan results above, all of these alerts are a fake and supposed to scare you into thinking your computer is in danger. You should ignore all of them!

As you can see, all AV Protection 2011 does is fake and you should stay away from the malicious application! If your PC has been infected with the rogue, then ignore all it gives you and follow the removal instructions below in order to remove AV Protection 2011 and any associated malware from your computer for free.

It is possible that the rogue will not allow you to run a malware removal tools, then you will need to reboot your computer in Safe mode with networking.

Restart your computer. After hearing your computer beep once during startup, start pressing the F8 key on your keyboard. On a computer that is configured for booting to multiple operating systems, you can press the F8 key when the Boot Menu appears.

Instead of Windows loading as normal, Windows Advanced Options menu appears similar to the one below.

Windows Advanced Options menu

When the Windows Advanced Options menu appears, select Safe mode with networking and then press ENTER.

AV Protection 2011 may be bundled with ZeroAccess/Sirefef/MAX++ trojan-rootkit, so you should run ZeroAccess/Sirefef/MAX++ remover to detect and remove this infection.
Download ZeroAccess/Sirefef/MAX++ removal tool from here. Run it and follow the prompts.

AV Protection 2011 may be bundled with TDSS trojan-rootkit, so you should run TDSSKiller to detect and remove this infection.

Download TDSSKiller from here and unzip to your desktop. Open TDSSKiller folder. Right click to tdsskiller and select rename. Type a new name (123myapp, for example). Press Enter. Double click the TDSSKiller icon. You will see a screen similar to the one below.

TDSSKiller

Click Start Scan button to start scanning Windows registry for TDSS trojan. If it is found, then you will see window similar to the one below.

TDSSKiller – Scan results

Click Continue button to remove TDSS trojan.

If you can`t to download or run TDSSKiller, then you need to use Combofix. Download Combofix. Close any open browsers. Double click on combofix.exe and follow the prompts. If ComboFix will not run, please rename it to myapp.exe and try again!

Now you should download Malwarebytes Anti-malware and remove all AV Protection 2011 associated malware.

Download MalwareBytes Anti-malware (MBAM). Once downloaded, close all programs and windows on your computer.

Double-click on the icon on your desktop named mbam-setup.exe. This will start the installation of MalwareBytes Anti-malware onto your computer. Once installation is complete, you will see window similar to the one below.

Malwarebytes Anti-Malware Window

Now click on the Scan button to start scanning your computer for AV Protection 2011 associated malware. This procedure can take some time, so please be patient.

When the scan is finished a message box will appear that it has completed scanning successfully. Click OK. Now click “Show Results”. Make sure all entries have a checkmark at their far left and click “Remove Selected”.

Your system should now be free of the AV Protection 2011 virus. If you need help with the instructions, then post your questions in our Spyware Removal forum.

Note 1: if you can not download, install, run or update Malwarebytes Anti-malware, then follow the steps: Malwarebytes won`t install, run or update – How to fix it.

Note 2: your current antispyware and antivirus software let the infection through ? Then you may want to consider purchasing the FULL version of MalwareBytes Anti-malware to protect your computer in the future.

November 18, 2011 on 1:12 am | In Malware removal, Rogue Anti Spyware | 1 Comment |

View the original article here

Saturday, January 21, 2012

7:27 PM Guard, remove, Security, virus 0 comments

How to remove Security Guard 2012 virus

Security Guard 2012 is a fake security application that blocks legitimate antispyware and antivirus tools, hijacks browsers, redirects you to malicious websites, displays numerous fake security alerts and nag screens in order to trick you into thinking your computer is heavy infected. The rogue hopes that you will next purchase its full (paid) version to clean the system. So, you should stay away of this application! If your computer is infected with this malware, then follow the instructions below to remove Security Guard 2012 from the system for free.

Security Guard 2012 installed itself on your computer without your permission and knowledge through the use of trojans. During installation, the rogue will be configured to run automatically when you logon into Windows. When the program is started, it will perform a fake system scan and detect that your computer is infected with a lot of viruses. Next, the malicious program will prompt you to purchase its full version to fix supposedly found infections. Remember, all of these reported infections are fake and don’t actually exist on your computer! Thus do not trust the scan results, you should ignore them!

While Security Guard 2012 is running, the rogue will display a variety of fake security warnings and alerts that attempt to make you think your computer is infected with all sorts of malicious software. However, like false scan results above, all of these fake security messages are just a fake and has been displayed to trick you into purchasing so-called full version of the fake security program.

As you can see, all Security Guard 2012 does is fake and you should stay away from the malicious application! If your PC has been infected with the rogue, then ignore all it gives you and follow the removal instructions below in order to remove Security Guard 2012 and any associated malware from your computer for free.

It is possible that the rogue will not allow you to run a malware removal tools, then you will need to reboot your computer in Safe mode with networking.

Instead of Windows loading as normal, Windows Advanced Options menu appears similar to the one below.

Windows Advanced Options menu

When the Windows Advanced Options menu appears, select Safe mode with networking and then press ENTER.

Now you should download Malwarebytes Anti-malware and remove all Security Guard 2012 associated malware.

Download MalwareBytes Anti-malware (MBAM). Once downloaded, close all programs and windows on your computer.

Double-click on the icon on your desktop named mbam-setup.exe. This will start the installation of MalwareBytes Anti-malware onto your computer. When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing, make sure a checkmark is placed next to “Update Malwarebytes’ Anti-Malware” and Launch “Malwarebytes’ Anti-Malware”. Then click Finish.

MalwareBytes Anti-malware will now automatically start and you will see a message stating that you should update the program before performing a scan. If an update is found, it will download and install the latest version.

As MalwareBytes Anti-malware will automatically update itself after the install, you can press the OK button to close that box and you will now be at the main menu. You will see window similar to the one below.

Malwarebytes Anti-Malware Window>

Make sure the “Perform quick scan” option is selected and then click on the Scan button to start scanning your computer for Security Guard 2012 associated malware. This procedure can take some time, so please be patient.

When the scan is finished a message box will appear that it has completed scanning successfully. Click OK. Now click “Show Results”. You will see a list of infected items similar as shown below.
Note: list of infected items may be different than what is shown in the image below.

Malwarebytes Anti-malware, list of infected items

Make sure all entries have a checkmark at their far left and click “Remove Selected” button to remove Security Guard 2012. MalwareBytes Anti-malware will now remove all of associated Security Guard 2012 files and registry keys and add them to the programs’ quarantine. When MalwareBytes Anti-malware has finished removing the infection, a log will open in Notepad and you may be prompted to Restart.

Security Guard 2012 may be bundled with TDSS trojan-rootkit, so you should run TDSSKiller to detect and remove this infection.

TDSSKiller

Click Start Scan button to start scanning Windows registry for TDSS trojan. If it is found, then you will see window similar to the one below.

TDSSKiller – Scan results

Click Continue button to remove TDSS trojan.

Your system should now be free of the Security Guard 2012 virus. If you need help with the instructions, then post your questions in our Spyware Removal forum.

Note 1: if you can not download, install, run or update Malwarebytes Anti-malware, then follow the steps: Malwarebytes won`t install, run or update – How to fix it.

October 5, 2011 on 5:14 am | In Malware removal, Rogue Anti Spyware | 1 Comment |

View the original article here

Tuesday, January 17, 2012

6:56 AM Cloud, remove, virus 0 comments

How to remove Cloud AV 2012 virus

Cloud AV 2012 is a new fake security application from the same family of malware as AV Protection 2011 and AV Security 2012. It blocks legitimate antispyware and antivirus tools, hijacks browsers, redirects you to malicious websites, displays numerous fake security alerts and nag screens in order to trick you into thinking your computer is heavy infected. Cloud AV 2012 will say that all you have to do in order to remove viruses, malware and trojans is purchase so-called full version of the software. Remember, the program is unable to detect and remove any malware and viruses, so do not pay for the bogus software! Simply ignore all that it will display you and remove Cloud AV 2012 from your computer as quickly as possible!

During installation, tthe rogue will be configured to run automatically when you logon into Windows. When Cloud AV 2012 is started, it will perform a fake system scan and detect that your computer is infected with a lot of viruses. Next, he malicious program will prompt you to purchase its full version to fix supposedly found infections. Remember, all of these reported infections are fake and don’t actually exist on your computer! So you can safely ignore the scan results.

Last but not least, while the rogue is running, it will display various security warnings. Some of the warnings are:

Windows Security Alert
Do you want to keep blocking this program?
Zeus Trojan

Security Warning
Your computer continues to be infected with harmful viruses.
In order to prevent permanent loss of your information and
credit card data theft please activate your antivirus software.
Click here to enable protection.

Just like false scan results above, all of these alerts are a fake and supposed to scare you into thinking your computer is in danger. You should ignore all of them!

As you can see, all Cloud AV 2012 does is fake and you should stay away from the malicious application! If your PC has been infected with the rogue, then ignore all it gives you and follow the removal instructions below in order to remove Cloud AV 2012 and any associated malware from your computer for free.

It is possible that the rogue will not allow you to run a malware removal tools, then you will need to reboot your computer in Safe mode with networking.

Instead of Windows loading as normal, Windows Advanced Options menu appears similar to the one below.

Windows Advanced Options menu

When the Windows Advanced Options menu appears, select Safe mode with networking and then press ENTER.

Cloud AV 2012 may be bundled with ZeroAccess/Sirefef/MAX++ trojan-rootkit, so you should run ZeroAccess/Sirefef/MAX++ remover to detect and remove this infection.
Download ZeroAccess/Sirefef/MAX++ removal tool from here. Run it and follow the prompts.

Cloud AV 2012 may be bundled with TDSS trojan-rootkit, so you should run TDSSKiller to detect and remove this infection.

TDSSKiller

Click Start Scan button to start scanning Windows registry for TDSS trojan. If it is found, then you will see window similar to the one below.

TDSSKiller – Scan results

Click Continue button to remove TDSS trojan.

Now you should download Malwarebytes Anti-malware and remove all Cloud AV 2012 associated malware.

Download MalwareBytes Anti-malware (MBAM). Once downloaded, close all programs and windows on your computer.

Malwarebytes Anti-Malware Window

Now click on the Scan button to start scanning your computer for Cloud AV 2012 associated malware. This procedure can take some time, so please be patient.

Your system should now be free of the Cloud AV 2012 virus. If you need help with the instructions, then post your questions in our Spyware Removal forum.

Note 1: if you can not download, install, run or update Malwarebytes Anti-malware, then follow the steps: Malwarebytes won`t install, run or update – How to fix it.

November 24, 2011 on 10:28 am | In Malware removal, Rogue Anti Spyware | No Comments |

View the original article here

Saturday, January 14, 2012

6:16 AM Guard, Online, remove, virus 0 comments

How to remove AV Guard Online virus

AV Guard Online is a malicious program from the same family of malware as Sysinternals Antivirus which pretends to be an antivirus software. In reality, the program displays false information and detects fake infections in order to trick you into thinking your computer is infected with all sorts of malware. It will say that all you have to do in order to remove viruses, malware and trojans is purchase so-called full version of the software. Remember, the program is unable to detect and remove any malware and viruses, so do not pay for the bogus software! Simply ignore all that it will display you and remove AV Guard Online from your computer as quickly as possible!

AV Guard Online installed itself onto your computer without your permission and knowledge, through the use of trojans. When the trojan is started, it will download and install the rogue onto your computer. During installation, AV Guard Online will configure itself to start automatically every time when Windows loads. Once started, it will perform a system scan and “detect” a lot of infected files, trojans, worms, and so on, that will not be fixed unless you first purchase the full version of the program. Of course, this is not necessary.

The scan results, as well as the “system scan”, is nothing but a scam. AV Guard Online cannot detect and remove any infections, as well as not be able to protect you from possible infections in the future. Thus, you can safely ignore all that the rogue antispyware will show you.

While AV Guard Online is running, it will display a fake Windows Security Center and a wide variety of alerts, reminders, security messages from Windows task. Some of the alerts:

However, like the scan results, all of these alerts, screens and pop-ups are a fake. Feel free to ignore all of them.

What is more, AV Guard Online can block the Windows Task Manager and most legitimate Windows applications, so that they will not even start. If you try to run a program, your computer will display an alert from Windows task bar stating that the program is infected and then this program will be terminated. An example of the alert:

As you can see AV Guard Online is a fraudulent program that you should to try to remove immediately after the discovery on the your computer. Do not be fooled into buying the program! Instead of doing so, follow the removal guidelines below in order to remove AV Guard Online and any associated malware from your computer for free.

It is possible that the rogue will not allow you to run a malware removal tools, then you will need to reboot your computer in Safe mode with networking.

Instead of Windows loading as normal, Windows Advanced Options menu appears similar to the one below.

Windows Advanced Options menu

When the Windows Advanced Options menu appears, select Safe mode with networking and then press ENTER.

AV Guard Online virus changes Internet Explorer proxy settings to use a malicious proxy server that will not allow you download or update security software. So, you should complete this step to fix this problem.

Run Internet Explorer, Click Tools -> Internet Options as as shown in the screen below.

Internet Explorer – Tools menu

You will see window similar to the one below.

ChangeProxyServer_InternetOptions_general

Internet Explorer – Internet options

Select Connections Tab and click to Lan Settings button. You will see an image similar as shown below.

ChangeProxyServer_InternetOptions_LanSettings

Internet Explorer – Lan settings

Uncheck “Use a proxy server” box. Click OK to close Lan Settings and Click OK to close Internet Explorer settings.

Now you should download Malwarebytes Anti-malware and remove all AV Guard Online associated malware.

Download MalwareBytes Anti-malware (MBAM). Once downloaded, close all programs and windows on your computer.

Malwarebytes Anti-Malware Window

Now click on the Scan button to start scanning your computer for AV Guard Online associated malware. This procedure can take some time, so please be patient.

AV Guard Online may be bundled with TDSS trojan-rootkit, so you should run TDSSKiller to detect and remove this infection.

TDSSKiller

Click Start Scan button to start scanning Windows registry for TDSS trojan. If it is found, then you will see window similar to the one below.

TDSSKiller – Scan results

Click Continue button to remove TDSS trojan.

Your system should now be free of the AV Guard Online virus. If you need help with the instructions, then post your questions in our Spyware Removal forum.

Note 1: if you can not download, install, run or update Malwarebytes Anti-malware, then follow the steps: Malwarebytes won`t install, run or update – How to fix it.

%UserProfile%\application data\AV Guard Online
%UserProfile%\start menu\Programs\AV Guard Online
%UserProfile%\application data\AV Guard Online\wf.conf
%UserProfile%\application data\AV Guard Online\AV Guard Online.ico
%UserProfile%\Desktop\AV Guard Online.lnk
%UserProfile%\start menu\Programs\AV Guard Online\AV Guard Online.lnk

October 7, 2011 on 5:11 am | In Malware removal, Rogue Anti Spyware | No Comments |

View the original article here

Monday, January 9, 2012

5:04 PM remove, System, virus 0 comments

How to remove System Fix virus

System Fix a fake computer optimization software that detects numerous false problems and displays various critical errors alerts on the computer. The rogue program from the same family of malware as Data Restore, Data Recovery, Master Utilities, PC Repair, System Repair, Windows XP Repair, etc. It is promoted and installed itself on your computer without your permission and knowledge through the use of trojans or other malicious software. Moreover, the scammers may also distribute System Fix on Twitter, My Space, Facebook, and other social networks. Please be careful when opening attachments and downloading files or otherwise you can end up with a rogue program on your PC.

When System Fix is installed, it will perform a fake scan of your computer then tells you it has found numerous critical errors. Next, it will prompt you to pay for the fake software before it “repairs” your machine of the problems. Of course, all of these errors are a fake. So, you can safety ignore the false scan results.

While System Fix is running, it will block legitimate Windows applcations on your computer and won’t let you download anything from the Internet. Moreover, it will display various fake critical errors alerts that the computer’s hard drive is corrupt in order to frighten you into purchasing this useless application. Some of the fake errors are:

The system has detected a problem with one or more installed IDE / SATA hard disks.
It is recommended that you restart the system.

Critical Error
A critical error has occurred while indexing data stored on hard drive. System restart required.

Critical error
Windows can`t find disk space. Hard drive error.

System Restore
The system has been restored after a critical error. Data integrity and hard drive integrity verification required.

Windows – No Disk
Exception Processing Message 0×0000013.

Of course, all of these warnings are a fake. This is an attempt to make you think your computer in danger. Like false scan results you can safely ignore them.

As you can see, obviously, System Fix is a scam, which created with only one purpose – to steal your money. Most important, don`t purchase the program! You need as quickly as possible to remove the malicious software. Follow the removal instructions below, which will remove System Fix and any other infections you may have on your computer for free.

Click Start, Type in Search field %allusersprofile% and press Enter (if you use the Windows XP, then click Start, Run and type a command in Open field). It will open a contents of “ProgramData” folder (“All Users” folder for Windows XP).

System Fix hides all files and folders, so you need to change some settings and thus be able to see your files and folders again. Click Organize, select ”Folder and search options”, open View tab (if you use Windows XP, then open Tools menu, Folder Options, View tab). Select “Show hidden files and folders” option, uncheck “Hide extensions for known file types”, uncheck “Hide protected operating files” and click OK button.

Open “Application Data” folder. This step only for Windows XP, skip it if you use Windows Vista or Windows 7.

Now you will see System Fix associated files as shown below.

Basically, there will be files named with a series of numbers or letter (e.g. 2636237623.exe or JtwSgJHkjkj.exe), right click to it and select Rename (don`t rename any folders). Type any new name (123.exe) and press Enter.
You can to rename only files with .exe extension. Its enough to stop this malware from autorunning.

Reboot your computer.

Now you can unhide all files and folders that has been hidden by System Fix. Click Start, type in Search field cmd and press Enter. Command console “black window” opens. Type cd \ and press Enter. Type attrib -h /s /d and press Enter. Close Command console.

If your Desktop is empty, then click Start, type in Search field %UserProfile%\desktop and press Enter. It will open a contents of your desktop.

Download MalwareBytes Anti-malware (MBAM). Close all programs and Windows on your computer.

Double Click mbam-setup.exe to install the application. When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing, make sure a checkmark is placed next to Update Malwarebytes’ Anti-Malware and Launch Malwarebytes’ Anti-Malware, then click Finish.

If an update is found, it will download and install the latest version.

Once the program has loaded you will see window similar to the one below.

Malwarebytes Anti-Malware Window

Select Perform Quick Scan, then click Scan, it will start scanning your computer. This procedure can take some time, so please be patient.

When the scan is complete, click OK, then Show Results to view the results. You will see a list of infected items similar as shown below. Note: list of infected items may be different than what is shown in the image below.

Malwarebytes Anti-malware, list of infected items

Make sure that everything is checked, and click Remove Selected for start System Fix removal process. When disinfection is completed, a log will open in Notepad. Reboot your computer.

System Fix may be bundled with TDSS trojan-rootkit, so you should run TDSSKiller to detect and remove this infection.

TDSSKiller

Click Start Scan button to start scanning Windows registry for TDSS trojan. If it is found, then you will see window similar to the one below.

TDSSKiller – Scan results

Click Continue button to remove TDSS trojan.

Your system should now be free of the System Fix virus. If you need help with the instructions, then post your questions in our Spyware Removal forum.

Note 1: if you can not download, install, run or update Malwarebytes Anti-malware, then follow the steps: Malwarebytes won`t install, run or update – How to fix it.

%UserProfile%\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
%CommonAppData%\[RANDOM]
%CommonAppData%\~[RANDOM]
%UserProfile%\Desktop\System Fix.lnk
%CommonAppData%\[RANDOM].exe
%Temp%\smtmp\
%Temp%\smtmp\1
%Temp%\smtmp\2
%Temp%\smtmp\3
%Temp%\smtmp\4

Note: %CommonAppData% is C:\Documents and Settings\All Users\Application Data (for Windows XP/2000) or C:\ProgramData (for Windows 7/Vista)

HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\USE FORMSUGGEST = Yes
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\CERTIFICATEREVOCATION = 0
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\WARNONBADCERTRECVING = 0
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\WARNONZONECROSSING = 0
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONES\3\1601 = 0
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\WINTRUST\TRUST PROVIDERS\SOFTWARE PUBLISHING\STATE = 146944
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet\CONTROL\SESSION MANAGER\PENDINGFILERENAMEOPERATIONS = \??\%CommonAppData%\[RANDOM].exe

System Fix is basically clone of Windows XP Repair, so you can use the video guide below to remove this malware.

November 15, 2011 on 5:48 pm | In Malware removal, Rogue Anti Spyware | 14 Comments |

View the original article here

Friday, January 6, 2012

2:35 AM Privacy, Protection, remove, virus 1 comment

How to remove Privacy Protection virus

Privacy Protection is a new rogue antispyware program that blocks legitimate antispyware and antivirus tools, hijacks browsers, redirects you to malicious websites, displays numerous fake security alerts and nag screens in order to trick you into thinking your computer is heavy infected. Like other fake security programs, it distributed by fake online malware scanners. These scanners will report that your computer is infected with a lot of infections and that you must install a software to clean your computer. This software is a trojan, which once started will download and install the rogue onto your computer without your permission and knowledge.

Privacy Protection may look legitimate malware removal tool, but remember, its only an imitation! In reality, the malicious software blocks legitimate Windows applications, detects fake infections and displays various fake error messages that your computer is infected with a lot of viruses in order to frighten you into purchasing this useless application. Do not pay for the bogus software! Simply ignore all that it will display you and remove Privacy Protection from your computer as quickly as possible!

During installation, Privacy Protection configures itself to run automatically when Windows loads. Once started, it will imitate a scan of your computer and detect numerous infections (trojans, backdoors and malware) that will not be fixed unless you first purchase the program. Important to know, all of these reported infections are fake, so you can safely ignore the scan results.

Last but not least, while the rogue is running, it will display various security warnings. Some of the warnings are:

Firewall Warning
Hidden file transfers to remote host has been detected

Security Warning
Malicious program has been detected.
Click here to protect your computer.

Just like false scan results above, all of these alerts are a fake and supposed to scare you into thinking your computer is in danger. You should ignore all of them!

As you can see, Privacy Protection is a scam and should be removed from your computer upon detection. Do not be fooled into buying the program! Instead of doing so, follow the removal guidelines below in order to remove Privacy Protection and any associated malware from your computer for free.

It is possible that the rogue will not allow you to run a malware removal tools, then you will need to reboot your computer in Safe mode with networking.

Instead of Windows loading as normal, Windows Advanced Options menu appears similar to the one below.

Windows Advanced Options menu

When the Windows Advanced Options menu appears, select Safe mode with networking and then press ENTER.

Privacy Protection may be bundled with TDSS trojan-rootkit, so you should run TDSSKiller to detect and remove this infection.

TDSSKiller

Click Start Scan button to start scanning Windows registry for TDSS trojan. If it is found, then you will see window similar to the one below.

TDSSKiller – Scan results

Click Continue button to remove TDSS trojan.

Now you should download Malwarebytes Anti-malware and remove all Privacy Protection associated malware.

Download MalwareBytes Anti-malware (MBAM). Once downloaded, close all programs and windows on your computer.

Malwarebytes Anti-Malware Window

Now click on the Scan button to start scanning your computer for Privacy Protection associated malware. This procedure can take some time, so please be patient.

Your system should now be free of the Privacy Protection virus. If you need help with the instructions, then post your questions in our Spyware Removal forum.

Note 1: if you can not download, install, run or update Malwarebytes Anti-malware, then follow the steps: Malwarebytes won`t install, run or update – How to fix it.

%AppData%\privacy.exe
%UserProfile%\Start Menu\Privacy Protection.lnk

HKEY_CURRENT_USER\SOFTWARE\{random}
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN | Privacy Protection

November 6, 2011 on 9:37 am | In Malware removal, Rogue Anti Spyware | 11 Comments |

View the original article here

Monday, January 2, 2012

12:41 PM remove, Security, virus 0 comments

How to remove AV Security 2012 virus

AV Security 2012 is a program that pretends to be a legitimate security program but in reality it is unable to detect and remove any infections! The program is a totally scam which installed with the help of trojans that distributed by fake online malware scanners.

During installation, the rogue will be configured to run automatically when you logon into Windows. When AV Security 2012 is started, it will perform a fake system scan and detect that your computer is infected with a lot of viruses. Next, the malicious program will prompt you to purchase its full version to fix supposedly found infections. Remember, all of these reported infections are fake and don’t actually exist on your computer! So you can safely ignore the scan results.

Last but not least, while the rogue is running, it will display various security warnings. Some of the warnings are:

Windows Security Alert
Do you want to keep blocking this program?
Zeus Trojan

Security Warning
Your computer continues to be infected with harmful viruses.
In order to prevent permanent loss of your information and
credit card data theft please activate your antivirus software.
Click here to enable protection.

Just like false scan results above, all of these alerts are a fake and supposed to scare you into thinking your computer is in danger. You should ignore all of them!

As you can see, all AV Security 2012 does is fake and you should stay away from the malicious application! If your PC has been infected with the rogue, then ignore all it gives you and follow the removal instructions below in order to remove AV Security 2012 and any associated malware from your computer for free.

It is possible that the rogue will not allow you to run a malware removal tools, then you will need to reboot your computer in Safe mode with networking.

Instead of Windows loading as normal, Windows Advanced Options menu appears similar to the one below.

Windows Advanced Options menu

When the Windows Advanced Options menu appears, select Safe mode with networking and then press ENTER.

AV Security 2012 may be bundled with ZeroAccess/Sirefef/MAX++ trojan-rootkit, so you should run ZeroAccess/Sirefef/MAX++ remover to detect and remove this infection.
Download ZeroAccess/Sirefef/MAX++ removal tool from here. Run it and follow the prompts.

AV Security 2012 may be bundled with TDSS trojan-rootkit, so you should run TDSSKiller to detect and remove this infection.

TDSSKiller

Click Start Scan button to start scanning Windows registry for TDSS trojan. If it is found, then you will see window similar to the one below.

TDSSKiller – Scan results

Click Continue button to remove TDSS trojan.

Now you should download Malwarebytes Anti-malware and remove all AV Security 2012 associated malware.

Download MalwareBytes Anti-malware (MBAM). Once downloaded, close all programs and windows on your computer.

Malwarebytes Anti-Malware Window

Now click on the Scan button to start scanning your computer for AV Security 2012 associated malware. This procedure can take some time, so please be patient.

Your system should now be free of the AV Security 2012 virus. If you need help with the instructions, then post your questions in our Spyware Removal forum.

Note 1: if you can not download, install, run or update Malwarebytes Anti-malware, then follow the steps: Malwarebytes won`t install, run or update – How to fix it.

November 10, 2011 on 9:41 am | In Malware removal, Rogue Anti Spyware | 2 Comments |

View the original article here

Thursday, December 29, 2011

8:52 AM hijacker, Raresearchsystemcom, remove 0 comments

How to remove Raresearchsystem.com hijacker

Raresearchsystem.com is a browser hijacker that installed by ZeroAccess/Serifef-related trojan. Once the trojan is installed and started, it will configure itself to run automatically when Windows loads. While running, it will redirect you to malicious websites, display fake security alerts and bogus ads and blocks legitimate antivirus software.

What is more, the trojan will download and install TDSS trojan that blocks the ability to run various antivirus and antispyware programs and redirects search results in Google, Yahoo and MSN to non related sites.

If your computer is infected with Raresearchsystem.com trojan, then use the removal guide below, which will remove the trojan and any other associated malware for free.

Run run ZeroAccess/Sirefef/MAX++ removal tool.

Download ZeroAccess/Sirefef/MAX++ removal tool from here. Run it and follow the prompts.

Raresearchsystem.com hijacker may be bundled with TDSS trojan-rootkit, so you should run TDSSKiller to detect and remove this infection.

TDSSKiller

Click Start Scan button to start scanning Windows registry for TDSS trojan. If it is found, then you will see window similar to the one below.

TDSSKiller – Scan results

Click Continue button to remove TDSS trojan.

Now you should download Malwarebytes Anti-malware and remove all Raresearchsystem.com hijacker associated malware.

Download MalwareBytes Anti-malware (MBAM). Once downloaded, close all programs and windows on your computer.

Malwarebytes Anti-Malware Window

Now click on the Scan button to start scanning your computer for Raresearchsystem.com hijacker associated malware. This procedure can take some time, so please be patient.

Your system should now be free of the Raresearchsystem.com trojan. If you need help with the instructions, then post your questions in our Spyware Removal forum.

October 26, 2011 on 6:50 am | In Browser Hijacking, Malware removal | No Comments |

View the original article here

Free Tips and Tools

Thursday, January 26, 2012

How to remove AV Protection 2011 virus

Saturday, January 21, 2012

How to remove Security Guard 2012 virus

Tuesday, January 17, 2012

How to remove Cloud AV 2012 virus

Saturday, January 14, 2012

How to remove AV Guard Online virus

Monday, January 9, 2012

How to remove System Fix virus

Friday, January 6, 2012

How to remove Privacy Protection virus

Monday, January 2, 2012

How to remove AV Security 2012 virus

Thursday, December 29, 2011

How to remove Raresearchsystem.com hijacker

Popular Posts

Category

Blog Archive

Footer Widget 1

Footer Widget 2

Pages

Labels