ProtectPcs is another released of the rogue variants coming from the Wini family of fake security applications. ProtectPcs Trojan is spread by utilizing a fake security websites and a fake multimedia websites. On fake security websites, ProtectPcs can be downloaded by its counterfeit online virus scanners while on the other, ProtectPcs will pretend as a needed program for a multimedia file. When installed on the computer, ProtectPcs Trojan will alter the registry to make sure that the program will run when Windows is started. With this, ProtectPcs can be able to end anti-virus programs, redirect Internet browsers and disable various functionalities of Windows including Safe Mode, Registry Editor and Folder Options. To be able to remove ProtectPcs, a manual removal or a combination of different security programs is recommended.
Robert La Nguyen
Remove Malware Defense
Malware Defense is another computer security program that one must be avoided completely. Malware Defense Trojan is so harmful that it can make devastating modifications on computer, making it unstable and sometime entirely unusable. Malware Defense is circulated over the Internet and a number of its own fake security website was also observed. Malware Defense websites is armed with a malicious scripts that will download and install this rogue program on visitors computer without a notice. A couple of taskbar alerts and warning messages will pop-up coming from Malware Defense reminding you that computer is infected with various kind of security risks. A prompt to buy the program will be returned when users tried to clean threats on computer using Malware Defense. Remember, to be able to remove rogue programs from computer like Malware Defense, you must use only legitimate and trusted security applications.
Remove PWS-Zbot.gen.v
When installed on the computer, PWS-Zbot.gen.v will also perform the following: It will modify Windows Registry and add the following entry: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon] “Userinit” = “C:\WINDOWS\system32\userinit.exe, C:\WINDOWS\system32\sdra64.exe” The threat will drop the following malicious files: %SysDir%\lowsec\local.ds %SysDir%\lowsec\user.ds %SysDir%\lowsec\user.ds.lll %SysDir%\sdra64.exe
Remove W32/Sdbot.worm!fn
W32/Sdbot.worm!fn is a virus that provides a remote attacker full access on the victim’s computer. It uses an IRC (Internet Relay Chat) protocol to establish a connection. W32/Sdbot.worm!fn can spread via spam email messages, network shared drives or downloaded by another on to the computer.
Remove GuardPcs
GuardPcs is another fake security program that is advertised on various websites and disguise as an online virus scanner. GuardPcs virus will also pretend as video codec or Macromedia Flash components that are needed to be able to view online video. When installed on the computer, GuardPcs immediately alter the system configuration that allows the fake program to run and perform fake virus scan. The results will display dozens of detected threats that are just fake and fabricated to delude user and force them to obtain the registered version of the program. An excessive pop-up alerts and security messages will be displayed on computer for the same purpose.
W32.SillyFDC.BDG
When W32.SillyFDC.BDG is present on the computer, it will perform the following tasks: It will modify Windows Registry and add the following entries: HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Run\”Windows Media Player” = “%ProgramFiles%\Windows Media Player\wmplayerc.exe” HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\”FirewallDisableNotify” = “1” HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\”FirewallOverride” = “1” HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\”UpdatesDisableNotify” = “1” HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\”AntiVirusDisableNotify” = “1” HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\”AntiVirusOverride” = “1” HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\”EnableLUA” = “0” HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows … Read more
Remove IGuardPc
Originating from a group of rogue developer is the latest variant called IGuardPc. Just like other members of the family like SiteAdware, AntiTroy and AntiAdd,this new one shares the graphical user interface and method of propagation. It usually download by visiting a website that pretends to be an online virus scanner like “IGuardPc – Online Protection.” This malicious website is capable of installing IGuardPc on visitors computer either with or without users consent. Initially, IGuardPc will alter system setting and setup to run itself when Windows is started. It also tries to adjust security settings and disabling antivirus program.
Remove Internet Security 2010
Internet Security 2010 is indeed one useless security program that spreads through the Internet. This malware has more or less infected millions of computer users by means of shady script execution when harmful web site is visited. The malware implants on to the system unknown to victims.
Remove Defence Lab
Defence Lab, also known as DefenceLab virus is a fake security tool that commonly obtained by downloading an executable file from unknown source. Fake multimedia codec hosted on malicious websites can also drop a copy of this malware onto computer without user’s knowledge.