Yet another blog about Monkeys and IT
Remove XP Security 2010, Vista Security 2010
XP Security (or Vista Security) is a rogue antispyware program. It is also known as:
- XP Internet Security 2010
- Vista Security Tool 2010
- XP AntiSpyware 2010
- XP Antimalware 2010
- Antivirus XP 2010
- XP Smart security 2010
- XP Antivirus Pro
- XP Guardian
- Total XP Security
- XP Defender Pro
- Vista Smart Security 2010
- Total Vista Security
- XP Security Tool 2010
- Vista Defender Pro
- Vista Antimalware 2010
All the above are pretty the same program with different names and graphics interfaces’ typically not harmful (in term of data lose, yet in term of your pocket it is harmful) however, it may lead to paralysis your system.
This kind of fake antispyware reports false infections and fake alerts, and once it’s installed it will imitate a scan in the infected computer and state that there are numerous infections on it and whenever the user tries to run an application a security window pops up asking the user to BUY (activate or register) the software to clean the system,… Surely you are too smart to buy this cheap method, aren’t you!! : )
How do I know they are false alerts?!!
Well.. Try it yourself: disconnect your internet connection for a while and you will still get alerts about some kind of internet intrusion. To make things more realistic the software provides you with an IP address of the (None existent) attacker. So DO NOT BUY the bloody software and DO NOT FALL INTO THEIR TRAP. Simply ignore all the security risk alerts and do the following to get rid of it:
1. Try to make a restore point in Windows before you commence the procedure mentioned in this post.
2. Remember The Golden Rule “Always Backup”.
3. Stop the following process through windows task manager ave.exe or av.exe
4. Open a text editor or a script editor (Notepad dose the job).
5. Copy and paste the following strings:
Windows Registry Editor Version 5.00 [-HKEY_CURRENT_USER\Software\Classes\secfile] [-HKEY_CLASSES_ROOT\secfile] [-HKEY_CLASSES_ROOT\.exe\shell\open\command] [HKEY_CLASSES_ROOT\exefile\shell\open\command] @="\"%1\" %*" [HKEY_CLASSES_ROOT\.exe] @="exefile" "Content Type"="application/x-msdownload"
6. Save this file as fixReg.reg by selecting Save as file type: All files in the text editor or Notepad. The icon of the file should be something like image to the right.
7. Execute the file by double click fixReg.reg, click YES to confirm.
8. Reboot the system.
At this stage you will stop the software from running, yet to completely delete it from your system you have to download a piece of handy free software called Malwarebytes’ Anti-Malware.
Download Malwarebytes’ Anti-Malware.
9. Install the software. Make sure you stopped ave.exe in case it run again (refer to step 3)
10. Run the software and perform quick scan.
11. Once the scan is finished click OK on the message box then click “Show Results”.
12. Tick all the entries then click “Remove Selected” button to remove the software.
Tip:
- If you are unable to access Internet or download the software trough the infected machine download the software via another computer then move it to infected computer using a portable storage media (USB flash memory, flash memory, CD/DVD, network share, portable hard drive, thumb stick.. etc).
- Sometimes the mailware software prevent the system to install the Malwarebytes, in this case try to change the Malwarebytes name then run it, alternatively download it with a random executable name via this link.
If you are interested to know more about Rogue Programs, Malwares and Trojan associated with these kind of software ask uncle google.
No related posts.
| Print article | This entry was posted by Nathan on 25/04/2010 at 2:37 am, and is filed under Microsoft, Security. Follow any responses to this post through RSS 2.0. You can leave a response or trackback from your own site. |
