Contact me

Do comment in the comment section on how useful were the removal methods.

This will encourage me to post more removal methods.

Sunday, July 27, 2008

Remove PC Privacy Cleaner (PCPrivacyCleaner)

A rogue antivirus which is often accompanied by other similar antivirus. Well if you have it in your system remove it as soon as possible as it will download so many similar programs that it will become a impossible to work on your computer. Some of the screenshots of PC Privacy Cleaner
NEVER CLICK YES A WARNING LIKE THIS ONE

Manual Removal Steps

1.
Open task manager (Ctrl+Alt+Del) and kill the process pcpc.exe
If you also having a process named PCPC_Setup_Free.exe running, end that too.
If you get a message like task manager has been disabled..., download a tool from here to open task manager.

2. Now go to C:\Program Files (assuming you ha
ve your windows in C drive) and delete the folder named PCPrivacyCleaner.

3. Next remove shortcuts of PC Privacy Cleaner from desktop, start menu and quick launch.

4. Empty Recycle Bin

Now we need to do some registry e
diting. Be care ful as wrongly doing this can lead to system instability

5. Go Start->Run-> type regedit and press enter

6. Navigate to
HKEY_CURRENT_USER\Software\{65DE966D-11D1-4bb1-BF7E-B8A273514DAF}
and del the key
{65DE966D-11D1-4bb1-BF7E-B8A273514DAF}
(See the pic after next step to know how to do it)

7. Now navigate to
HKEY_CURRENT_USER\Software\PCPrivacyCleaner

and delete the key PCPrivacyCleaner.

8. Now navigate to
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
locate and delete the string named PCPrivacyCleaner

9. Again navigate to
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCPrivacyCleaner
And delete the key PCPrivacyCleaner


Your system is free from this rogue antivirus.
Because this usually is accompanied by other similar antiviruses be sure to check your pc.

Wednesday, July 16, 2008

Remove Antivirus 2009

Antivirus 2009 is the newer version of the Antivirus 2008 and is there to scam you. Also just like its older version, its makes your system slow, brings unwanted popups and can also make your system infected with some serious trojans. So its advisable to remove it as soon as you get infected.
The following pics reveal how convincing this scam is that the user in major cases believe it to be a true antivirus.

The new antivirus is out with an added professional look


Its make a fake security center named 'Windows Security Center', the windows one being the Security Center

REMOVAL STEPS
1. Open task manager(Ctrl+Alt+Del). Locate and end the process av2009.exe using right click and selecting 'end process' option.

2. Now go to C:\Program Files(Assuming that you have windows installed in C drive) and delete the entire folder named Antivirus 2009.
3. As seen in the second picture, Antivirus 2009 makes a fake Windows security center. So we need to remove that. So go to C:\windows\system32 and delete the file scui.cpl

4. Now delete all the shortcuts on desktop and start menu made by Antivirus 2009

5. Empty recycle bin

Now we need to do some registry editing. Please complete the following steps carefully as improper registry editing could lead to system instability.

6. Go to Start Menu->Run-> Type regedit and press enter

7. Navigate to
HKEY_CURRENT_USER\Software\39148080807332159842981568027496
Delete the key ( i.e. the key with a long number which may differ in your pc but will be very long)

8. Now Navigate to
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
and delete name(long nos.) with data as C:\Program Files\Antivirus 2009\av2009.exe

9. Navigate to
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Antivirus 2009
Delete this key i.e. Antivirus 2009


10 Now if your themes, appearance and settings are missing you can download small tool from here

Your pc is clean

Please post your comments in the comments section or click the CONTACT ME PIC ABOVE.

Remove Antivirus 2008 Pro Fake Antivirus

Antivirus2008Pro is another fake antivirus scam that wants your $50. It displays fake virus reports, hogs ups system memory and makes you frustrated. Though it is categorised as dangerous by many websites, it is quite simple to remove. You just need to follow the following to simple steps to remove it.

REMOVAL STEPS

1. Open task manager(Ctrl+Alt+Del). Locate and kill the process Antivirus2008PRO.exe using right click.

2. Now go to C:\program files(Assuming that your windows are installed in C drive).
Locate and delete the folder Antivirus 2008 PRO

3. Now delete the shortcuts made by it on desktop and in start menu.

4. Empty recycle bin

Now we need to do some registry editing. This need to be done carefully, otherwise it can lead to system instability

5. Open registry editing. Start Menu->Run-> Type regedit and press enter

6. Navigate to
HKEY_CURRENT_USER\Software\Antivirus 2008 PRO
and delete the key Antivirus 2008 PRO

7. Now Navigate to
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
Locate string antivirus-2008pro.exe on right side and delete it using the right click.
DONOT DELETE THE RUN KEY
8. Now Navigate to
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Antivirus 2008 PRO
and delete the key Antivirus 2008 PRO


9 Now if your themes, appearance and settings are missing you can download small tool from here

Now your system is free from this virus

Please post your comments in the comments section or click the CONTACT ME BUTTON

Tuesday, July 15, 2008

Remove Nhatquanglan i.e. New Folder.exe Virus

New Folder.exe Virus also known as Nhatquanglan is a very common virus with high multiply rate. This virus hides itself as scvhsot.exe though the actual actaul windows process is Scvhost.exe. The virus drops a copy of itself everytime you attach a removable media to your computer. Besides this it disables registry, task manager and removes the option of task manager.

SOFTWARES REQUIRED
As your task manager, registry editor and folder options are disabled we will need a couple of tiny but very helpful softwares.
Click on them to download
Security Task Manager
RRT

ATTACH YOUR INFECTED FLASH DRIVE(if any) TO YOUR COMPUTER AND MAKE A BACKUP OF DATA ON IT

REMOVAL STEPS
1. Install security task manager and start it. You will see one,two or more processes named Nhatquanglan. Select all of them by pressing Ctrl key and remove them
(right click->remove ->end process-> yes)

2. Next run the RRT software and remove all the restrictions. Now you will be able to open task manager and registry editor. It will say you need a system restart but you dont need it.

3. Go to Control panel->scheduled task and delete the At1 task

4. Next C:\windows\system32 folder and click tools->folder options->view tab
Find the Hide protected operating system.... and untick it.
Click YES on the a warning-> click Apply and OK.

FORMAT YOU REMOVABLE DISK WITHOUT OPENING IT OTHERWISE YOU WILL HAVE TO REPEAT ALL THE STEPS

5. Next we need to delete some files.
Also you need to be a bit careful as if you double click any of these files you will have to start all over again from step 1

In the C:\windows\system32 folder delete the following files.
(The last two files will have the icon of a folder as in the picture)
setting.ini
autorun.ini
SCVHSOT.exe (225792 bytes)
blastclnnn.exe (225792 bytes)

In the C:\windows folder delete the following files.
(The files will have icon of a folder)
SVCHSOT.exe (225792 bytes)
hinhem.scr (225792 bytes)

6. Empty Recycle bin

Now we need to do some registry editing
Please follow these steps very carefully as improper registry editing could lead to system crash.


7. Go to start->run->type regedit and press enter

8. Navigate to
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
and delete the string Yahoo Messengger with data pointing to SCVHSOT.exe

9. Navigate to
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Find the string named shell on the right side with data as Explorer.exe SCVHSOT.exe
Double click it and Change its value to Explorer.exe
You dont have to delete anything here


10 Now if your themes, appearance and settings are missing you can download small tool from here

Now your pc is clean from this nasty virus.

WORD OF CAUTION
Well as a word of caution, whenever you see a file with an icon of a folder, BE CAREFUL. In 99.99% cases it will be a virus ready to infect as soon as you double click it.

For any comments, suggestions or queries please use the comments section or click the contact me picture above.

Sunday, July 13, 2008

Remove Antivirus XP 2008

Antivirus XP 2008 has been scamming many people off late. It installs on your pc shows false scanning showing that you have plenty of viruses and to remove them you will have to purchase the Antivirus XP 2008. Seeing this many people have already shelled out there hard earned money for this fake software. Besides this it also slows down your pc making it impossible to work. Well following are some of shots of this virus.



Well if you have downloaded it from some website, here is the screen shot its website.


Browser Hijack by Antivirus XP 2008



REMOVAL PROCEDURE


1. Open task manager(Ctrl+Alt+Del) & kill the following processes by using right click in the following order(the exact names of the files will differ but they will be 12 character long. Also note the names of the files before deleting as at all places the variation of name will be there accordingly. Because of variation I will be using Virus1 for the first one and Virus2 for the second one)

  • rhc1cdj0e12r.exe
  • pphc5cdj0e12r.exe

2. Now open C:\windows\system32(Assuming you have windows installed in C drive) and trace Virus2 and delete it.


3. Next open c:\program files and find the folder named Virus1. Delete the entire folder.


4. Next delete all traces of Antivirus XP 2008 from desktop and start menu(shortcuts)

5. Empty recycle bin

The following steps require registry editing so follow them carefully. Improper editing could lead to system crash.

6. Go start menu->run-> type 'regedit' and press enter. Regsitry Editor will open up.

7. Navigate to
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion
Locate and delete virus1 using right click

8. Next Navigate to
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Locate & delete SMvirus1 using right click

9. Now go to
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\rhc1cdj0e12r
del key Virus1 using right click

10. Now
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform
Locate 'AntivirXP08' on right side and delete it.

Now there is only one step left which can be performed only when you log in to windows next time.

11.Navigate to
HKEY_LOCAL_MACHINE\SOFTWARE\rhc1cdj0e12r
del key Virus1

12 Navigate to
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Antivirus XP 2008
And delete the key Antivirus XP 2008

13 Now if your themes, appearance and settings are missing you can download small tool from here

Now your system is clean from this fake antivirus.

For any comments, questions or suggestions, please do comment in the comment section or click the contact me button above.

Saturday, July 12, 2008

Remove Vista Antivirus 2008

Vista Antivirus is a new rogue antivirus which tries to rob your money. Besides that it slows down your pc and with unwanted popups, it makes your working on the computer impossible. The following is a screenshot of Vista Antivirus 2008 and its warning

Also if you downloaded it from its website, here is the screenshot of the website
Though it may be very harmful, it is very easy to clean. Just follow these easy steps accompanied by pictures to clean your pc from this false vista antivirus.

1. First of all open task manager(Ctrl+Alt+Del) and go to process tab. Now search the process vav.exe. Kill process vav.exe by right clicking on it and selecting end process.

2. Now go to C:\windows\system32 folder(assuming that you have windows in your C drive).
Locate and delete file vav.cpl

3. Now go to C:\program files
Locate a folder named vav. It will be having four files(vav0.dat, vav1.dat, vav.cpl, vav.exe) in most cases. Delete the entire folder

4. Vista Antivirus 2008 also makes a shortcut on your desktop. Delete that also

5. Empty recycle bin

Now we will be doing some registry editing which is to be done very carefully. If not done with care it can lead to system instability

6. Go to start->run->type 'regedit' and press enter

7. Now navigate to the following key and del the string named antivirus as shown in the picture.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run

8. Now navigate to the following key and del the key as shown in the picture.
HKEY_CURRENT_USER\Software\VAV

9. Now navigate to the following key and del the string named antivirus as shown in the picture.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run


10 Now if your themes, appearance and settings are missing you can download small tool from here

Now your system is clean from this Scam Antivirus.
If you have any queries post it in the comments section or click the contact me pic above

Tuesday, July 8, 2008

Remove IE Antivirus Spyware

This is one of the common spywares infecting systems around the world. When people reach these websites, they are made to believe that there systems are full of viruses, trojans & spywares and therefore they need to delete these viruses. Reading this people download and install the fake SPYWARE antivirus program and are thus infected with this spyware.
Remember its a SCAM and the spyware will ask you to buy the software online and take you to a website (Like this one)
Am I Infected
If a window like this troubles you each time you start windows and while you are working, with title IE Antivirus, then you are infected with this spyware and need to remove it as soon as possible.
Removal Steps
Follow the following steps to remove it

1. Open windows task manager(Ctrl+Alt+Del). Go to Processes Tab. Find the image name antivir.exe and highlight it. Next kill the process by clicking end process. Click yes on task manager warning.


2. Next go to control panel and Open Add remove programs. Find IE Antivirus and remove it. It will say the program looks to be already uninstalled but its not so.
3. Now go to C:\Program Files(assuming that you have windows in C drive) and delete the folder named IEAntiVirus.


You have deleted the spyware except that its to be removed from registry.
(Registry editing is dangerous and improper editing could lead to system crash) Please follow the following instructions very carefully otherwise can lead to system instability.
4. Go start menu-> Run-> type 'regedit' without commas-> press enter

5.Now in the left menu go to the following key
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
On the right side spot antispy and delete it

6. Now go to
HKEY_CURRENT_USER\Software\IEAntiVirus
And delete the key 'IEAntivirus' by right clicking on it and selecting delete.


You have cleaned the Spyware from your system.