Adware Spyware Rimozione Programmi: November 2010

Sunday, November 28, 2010

Come rimuovere il disco rigido controllo malware

Avete popup o il computer infettato da Troia o spyware? Imparare a chiedere a noi per un aiuto, clicca qui!

HDD Control è un programma dannoso che finge di essere una deframmentazione di computer e il programma di ottimizzazione. Esso assume il controllo del PC, blocchi Windows legittimo applicazioni in esecuzione, presenta vari errori critici falsi avvisi che il disco rigido è danneggiato a spaventare è nell'acquisto di questa applicazione inutile.E un nuovo malware da famiglia di malware defragger come controllo disco, scansione disco, Ultra Defragger, HDD defragger, ecc.

Il metodo principale per la distribuzione del disco rigido controllo è da Trojan.Quando viene avviato il trojan, installerà il programma nella cartella TEMP sotto diversi nomi casuali. Successivamente, essa verrà configurato per eseguire automaticamente all'avvio di Windows.

Come altri programmi di utilità di deframmentazione falso, lo fa una falsa scansione del computer, poi ti dice che ha trovato numerosi errori critici tali "tempo di lettura del disco rigido cluster inferiore a 500 ms", "il 32% di spazio su disco è illeggibile", "Bad settori sul disco rigido o la tabella di allocazione file danneggiato", etc. Disco rigido controllo è necessario pagare il software falso prima che esso "Ripara" la macchina dei problemi.Naturalmente, tutti questi errori sono un falso. L'applicazione ingannevole imita solo funzioni di software di deframmentazione per computer e incapace di rilevare eventuali problemi. Più importante, non pagare per il programma fasullo e semplicemente ignorare i risultati di scansione false.

Disco rigido controllo anche sarà impedire l'utilizzo di altri programmi o internet chiudendo programmi ogni volta che vengono aperte. Inoltre, questo malware invaderanno il computer con schermi di nag e falsi allarmi.Alcuni degli avvisi sono:

Ripristino configurazione di sistema
Il sistema è stato ripristinato dopo un errore critico.L'integrità dei dati e la verifica dell'integrità del disco rigido richiesto.

Windows – nessun disco
Eccezione di elaborazione di messaggi: 0 × 0000013

Errore critico
Ha un errore critico durante l'indicizzazione dei dati memorizzati sul disco rigido.Riavvio del sistema obbligatorio.

Naturalmente, come sopra risultati di scansione false, tutti questi avvisi sono solo un falso.Questo è un tentativo di fare pensare il tuo computer in pericolo. Come risultati di scansione false è possibile ignorarli tranquillamente.

Se il vostro PC è stato infettato con disco rigido controllo malware, seguire le istruzioni di rimozione qui sotto per rimuovere HDD controllo e qualsiasi malware associato gratuitamente dal tuo computer.

Passo 1.Riavviare il computer in modalità provvisoria con rete

Riavviare il computer.

Dopo aver sentito il bip di computer una volta durante l'avvio, avvia premendo il tasto F8 sulla tastiera. Su un computer configurato per l'avvio di più sistemi operativi, è possibile premere il tasto F8 quando viene visualizzato il menu di avvio.

Invece di Windows di carico come normale, il menu Opzioni avanzate di Windows apparirà simile a quella riportata di seguito.

Menu Opzioni avanzate di Windows

Quando viene visualizzato il menu Opzioni avanzate di Windows, selezionare modalità provvisoria con rete e quindi premere INVIO.

Passaggio 2.Cartella temp pulito

Disco rigido controllo memorizza i file in Windows foder temp.E necessario pulire.

Scaricate ATF Cleaner da Atribune da qui, salvarlo sul desktop. Esso viene utilizzato per i file temporanei di cleanout & temp aree utilizzate dai browser di internet.

ATF-Cleaner.exe per eseguire il programma di avvio.Sotto principale scegliere: Seleziona tutto e fare clic sul pulsante Svuota selezionati.

Passaggio 3.Rimuovere il disco rigido controllo e malware associati

Scarica MalwareBytes Anti-malware (MBAM).Chiudere tutti i programmi e di Windows sul tuo computer.

Fare doppio clic sul file mbam-setup.exe per installare l'applicazione. Quando inizia l'installazione, seguire le istruzioni visualizzate per continuare con il processo di installazione.Non apportare modifiche alle impostazioni predefinite e quando il programma ha terminato l'installazione, verificare che un segno di spunta viene posizionato accanto all'anti-malware aggiornamento Malwarebytes' e anti-malware avvio Malwarebytes', quindi fare clic su fine.

Se viene trovato un aggiornamento, esso verrà scaricare e installare la versione più recente.

Una volta che il programma ha caricato vedrete una finestra simile a quella riportata di seguito.

Finestra Malwarebytes Anti-Malware

Selezionare Esegui analisi rapida, quindi fare clic su Scan, si avvia la scansione del computer per l'infezione da disco rigido controllo.Questa procedura pu? richiedere molto tempo, quindi vi preghiamo di essere pazienti.

Una volta completata la scansione, fare clic su OK, quindi Mostra risultati per visualizzare i risultati.Vedrete un elenco di elementi infetti simili come mostrato di seguito.Nota: l'elenco di oggetti infetti potrebbe essere diverso da quello mostrato nell'immagine sottostante.

Malwarebytes Anti-malware, elenco di oggetti infetti

Assicurarsi che tutte le voci sono un segno di spunta alla loro estrema sinistra e fare clic sul pulsante "Rimuovi selezionati" per rimuovere il disco rigido controllo.MalwareBytes Anti-malware sarà ora in grado di rimuovere tutti i file del disco rigido controllo associati e chiavi di registro e aggiungerli alla quarantena i programmi.Quando MalwareBytes Anti-malware ha finito di rimuovere l'infezione, un registro verrà aperto nel blocco note e potrebbe essere richiesto di riavvio.

Nota 1: se non è possibile scaricare, installare, eseguire o aggiornare Malwarebytes Anti-malware, quindi seguire le istruzioni: Malwarebytes non installare, eseguire o aggiornare – procedura risolvere il problema.

Nota 2: se hai bisogno di aiuto con le istruzioni, poi postare le vostre domande nel nostro forum di rimozione di Spyware.

Nota 3: tua antispyware corrente e il software antivirus, lasciate che l'infezione?Quindi è possibile considerare l'acquisto della versione completa di MalwareBytes Anti-malware per proteggere il computer in futuro.

%UserProfile%\Desktop\HDD volume.lnk
%UserProfile%\Start Menu\Programs\HDD Control\HDD volume.lnk
%UserProfile%\Start Menu\Programs\HDD Control\Uninstall HDD volume.lnk
%Temp%\{RANDOM}.exe
% Temp%\{RANDOM}
%Temp%\{RANDOM}.dat

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run |{CASUALE}

25 Novembre 2010 su 6: 22 am |Di Malware, rimozione di Malware |Nessun commento |

View the original article here

Come rimuovere Windows HDD (Disinstalla istruzioni)

Avete popup o il computer infettato da Troia o spyware? Imparare a chiedere a noi per un aiuto, clicca qui!

Win HDD è un software di ottimizzazione di falsi computer che rileva numerosi falsi problemi e Visualizza le varie segnalazioni di errori critici sul computer. Il programma di canaglia stessa famiglia malware Cotrol HDD, deframmentazione del disco rigido, etc. Esso viene promosso e sé installato sul tuo computer senza la vostra autorizzazione e la conoscenza attraverso l'uso di Trojan o altri software dannosi. Inoltre, i truffatori possono anche distribuire Win HDD su My Space, Twitter, Facebook e altre reti sociali.Per favore, prestare attenzione quando aprire gli allegati e il download di file o altrimenti si pu? finire con un programma di "canaglia" sul vostro PC.

Quando è installato Win HDD, esso sarà stato che il computer ha alcuni problemi critici. Esso sarà imitare i dischi rigidi di una scansione del computer, la memoria del Registro di sistema e del computer Windows per gli errori. La canaglia riferirà che "il tempo di lettura del disco rigido cluster inferiore a 500 ms", "il 32% di spazio su disco è illeggibile", "Bad settori sul disco rigido o la tabella di allocazione file danneggiato", etc. Successivamente, Win HDD vi chiederà di acquistare la versione completa del programma per correggere apparentemente trovato errori di sistema.Naturalmente, tutti questi errori sono un falso. Più importante, non pagare per il programma fasullo e semplicemente ignorare i risultati di scansione false.

Win bloccherà legittimi applcations Windows sul tuo computer e non ti permettono di scaricare nulla da Internet.Ultimo, ma non meno importante, la canaglia visualizzerà numerosi falsi avvisi e schermi del nag. Alcuni degli avvisi sono:

Ripristino configurazione di sistema
Il sistema è stato ripristinato dopo un errore critico. L'integrità dei dati e la verifica dell'integrità del disco rigido richiesto.

Windows – nessun disco
Eccezione di elaborazione di messaggi: 0 × 0000013

Errore critico
Ha un errore critico durante l'indicizzazione dei dati memorizzati sul disco rigido.Riavvio del sistema obbligatorio.

Naturalmente, come sopra risultati di scansione false, tutti questi avvisi sono un falso.Questo è un tentativo di fare pensare il tuo computer in pericolo!

Come potete vedere, Win HDD è una truffa totalmente, che ha creato con uno scopo si spaventano i cosiddetta "piena" versione del programma di acquisto.Più importanti non acquistarlo! Si prega di utilizzare la Guida di rimozione sotto al fine di rimuovere Windows HDD e qualsiasi malware associato dal computer gratuitamente.Se si hanno già acquistare il programma, contattare la società di carta di credito e dire loro ci? che è accaduto.

Passo 1. Riavviare il computer in modalità provvisoria con rete

Riavviare il computer.

Dopo aver sentito il bip di computer una volta durante l'avvio, avvia premendo il tasto F8 sulla tastiera.Su un computer configurato per l'avvio di più sistemi operativi, è possibile premere il tasto F8 quando viene visualizzato il menu di avvio.

Invece di Windows di carico come normale, il menu Opzioni avanzate di Windows apparirà simile a quella riportata di seguito.

Menu Opzioni avanzate di Windows

Quando viene visualizzato il menu Opzioni avanzate di Windows, selezionare modalità provvisoria con rete e quindi premere INVIO.

Passaggio 2. Cartella temp pulito

Win HDD memorizza i file in Windows foder temp. E necessario pulire.

Scaricate ATF Cleaner da Atribune da qui, salvarlo sul desktop. Esso viene utilizzato per i file temporanei di cleanout & temp aree utilizzate dai browser di internet.

ATF-Cleaner.exe per eseguire il programma di avvio.Sotto principale scegliere: Seleziona tutto e fare clic sul pulsante Svuota selezionati.

Passaggio 3.Rimuovere Windows HDD associati malware

Scarica MalwareBytes Anti-malware (MBAM).Chiudere tutti i programmi e di Windows sul tuo computer.

Fare doppio clic sul file mbam-setup.exe per installare l'applicazione.Quando inizia l'installazione, seguire le istruzioni visualizzate per continuare con il processo di installazione. Non apportare modifiche alle impostazioni predefinite e quando il programma ha terminato l'installazione, verificare che un segno di spunta viene posizionato accanto all'anti-malware aggiornamento Malwarebytes' e anti-malware avvio Malwarebytes', quindi fare clic su fine.

Se viene trovato un aggiornamento, esso verrà scaricare e installare la versione più recente.

Una volta che il programma ha caricato vedrete una finestra simile a quella riportata di seguito.

Finestra Malwarebytes Anti-Malware

Selezionare Esegui analisi rapida, quindi fare clic su Scan, si avvia la scansione del computer per l'infezione da Win HDD.Questa procedura pu? richiedere molto tempo, quindi vi preghiamo di essere pazienti.

Malwarebytes Anti-malware, elenco di oggetti infetti

Assicurarsi che tutte le voci sono un segno di spunta alla loro estrema sinistra e fare clic sul pulsante "Rimuovi selezionati" per rimuovere Windows HDD.MalwareBytes Anti-malware sarà ora in grado di rimuovere tutti i file associati di Win HDD e chiavi di registro e aggiungerli alla quarantena i programmi.Quando MalwareBytes Anti-malware ha finito di rimuovere l'infezione, un registro verrà aperto nel blocco note e potrebbe essere richiesto di riavvio.

Nota 2: se hai bisogno di aiuto con le istruzioni, poi postare le vostre domande nel nostro forum di rimozione di Spyware.

%UserProfile%\Desktop\Win HDD.lnk
%UserProfile%\Start Menu\Programs\Win HDD\Win HDD.lnk
%UserProfile%\Start Menu\Programs\Win HDD\Uninstall Win HDD.lnk
%Temp%\{RANDOM}.exe
% Temp%\{RANDOM}
%Temp%\{RANDOM}.dat

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run |{CASUALE}

27 Novembre 2010 su 6: 48 am |Di Malware, rimozione di Malware |Nessun commento |

View the original article here

Friday, November 26, 2010

Come rimuovere malware vz.exe

Error in deserializing body of reply message for operation 'Translate'. The maximum string content length quota (8192) has been exceeded while reading XML data. This quota may be increased by changing the MaxStringContentLength property on the XmlDictionaryReaderQuotas object used when creating the XML reader. Line 1, position 9142.

Do you have pop-ups or your computer infected with trojan or spyware ? Learn how to ask us for help, click here!

Vz.exe is the main executable file of each program of the following list: XP Antispyware 2011, Vista Antispyware 2011, Win 7 Antispyware 2011, XP Security 2011, Vista Security 2011, Win 7 Security 2011, XP Internet Security 2011, Vista Internet Security 2011, Win 7 Internet Security 2011, XP Antimalware 2011, Vista Antimalware 2011, Win 7 Antimalware 2011, XP Guard Vista Guard, Win 7 Guard. All of these programs are rogue antispyware, that uses misleading methods such false scan results and fake security warnings in order to trick you into purchasing their full version.

Vz.exe is installed onto your computer without your permission and knowledge with the help of trojans. Once the trojan is started, it will install vz.exe and configure it to run automatically when you start an application (files with “exe” extension). This malware also uses this method of running to block the ability to run any programs, including legitimate antivirus and antispyware applications.

When vz.exe is started, it will imitate a system scan. Once finished, this malware will state that your computer is infected with trojans, adware or malware and that you should purchase the full version of the program to remove these infections. Important to know, the malicious program is unable to detect any infections, as will not protect you from possible infection in the future. So, do not trust the scan results, simply ignore them.

While vz.exe is running, it will flood your computer with nag screens, fake security alerts and notifications from your Windows taskbar. A few examples:

Tracking software found!
Your PC activity is being monitored. Possible spyware
infection. Your data security may be compromised. Sensitive
data can be stolen. Prevent damage now by completing a
security scan.

Stealth intrusion!
Infection detected in the background. Your computer is now
attacked by spyware and rogue software. Eliminate the
infection safety, perform a security scan and deletion now.

However, all of these alerts, warnings and notifications are fake and like false scan results supposed to scare you into purchasing so-called “full” version of the malicious program. You should ignore all of them!

As you can see vz.exe is very dangerous and can lead to a complete paralysis of your computer. Need as quickly as possible to check your computer and remove all found components of this malware. Use the removal guide below to remove vz.exe and any associated malware from your computer for free.

Step 1. Fix “.exe” file associations.

Method 1

Windows Vista/7
Click Start. Type in Search field command and press Enter.

Windows XP/2000
Click Start, Run. Type in Open field command and press Enter.

It will open the command prompt. Type into it notepad and press Enter. It will open Notepad. Copy all the text below into Notepad.

Windows Registry Editor Version 5.00

[-HKEY_CURRENT_USER\Software\Classes\.exe]
[-HKEY_CURRENT_USER\Software\Classes\pezfile]
[-HKEY_CLASSES_ROOT\.exe\shell\open\command]

[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"

[HKEY_CLASSES_ROOT\.exe]
@="exefile"
"Content Type"="application/x-msdownload"

Save this as fix.reg to your Desktop (remember to select Save as file type: All files in Notepad.)
Double Click fix.reg and click YES for confirm.
Reboot your computer.

Method 2

Windows Vista/7
Click Start. Type in Search field command and press Enter.

Windows XP/2000
Click Start, Run. Type in Open field command and press Enter.

It will open the command prompt. Type into it notepad and press Enter. It will open Notepad. Copy all the text below into Notepad.

[Version]
Signature="$Chicago$"
Provider=www.myantispyware.com

[DefaultInstall]
DelReg=regsec
AddReg=regsec1

[regsec]
HKCU, Software\Classes\.exe
HKCU, Software\Classes\pezfile
HKCR, .exe\shell\open\command

[regsec1]
HKCR, exefile\shell\open\command,,,"""%1"" %*"
HKCR, .exe,,,"exefile"
HKCR, .exe,"Content Type",,"application/x-msdownload"

Save this as fix.inf to your Desktop (remember to select Save as file type: All files in Notepad.)
Right click to fix.inf and select Install. Reboot your computer.

Note: if Vista returns error message “Installation failed”, then you need disable UAC control. Click Start, Control Panel, User accounting, Click “Turn User Account Control on or off”. Uncheck “Use User Account Control (UAC)” and click OK. Now try install fix.inf once again.

Step 2. Remove vz.exe associated malware.

Download MalwareBytes Anti-malware (MBAM). Once downloaded, close all programs and windows on your computer.

Double-click on the icon on your desktop named mbam-setup.exe. This will start the installation of MalwareBytes Anti-malware onto your computer. When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing, make sure a checkmark is placed next to “Update Malwarebytes’ Anti-Malware” and Launch “Malwarebytes’ Anti-Malware”. Then click Finish.

MalwareBytes Anti-malware will now automatically start and you will see a message stating that you should update the program before performing a scan. If an update is found, it will download and install the latest version.

As MalwareBytes Anti-malware will automatically update itself after the install, you can press the OK button to close that box and you will now be at the main menu. You will see window similar to the one below.

Malwarebytes Anti-Malware Window

Make sure the “Perform quick scan” option is selected and then click on the Scan button to start scanning your computer for vz.exe infection. This procedure can take some time, so please be patient.

When the scan is finished a message box will appear that it has completed scanning successfully. Click OK. Now click “Show Results”. You will see a list of infected items similar as shown below.
Note: list of infected items may be different than what is shown in the image below.

Malwarebytes Anti-malware, list of infected items

Make sure all entries have a checkmark at their far left and click “Remove Selected” button to remove vz.exe. MalwareBytes Anti-malware will now remove all of associated vz.exe files and registry keys and add them to the programs’ quarantine. When MalwareBytes Anti-malware has finished removing the infection, a log will open in Notepad and you may be prompted to Restart.

Note 1: if you can not download, install, run or update Malwarebytes Anti-malware, then follow the steps: Malwarebytes won`t install, run or update – How to fix it.

Note 2: if you need help with the instructions, then post your questions in our Spyware Removal forum.

Note 3: your current antispyware and antivirus software let the infection through ? Then you may want to consider purchasing the FULL version of MalwareBytes Anti-malware to protect your computer in the future.

%AppData%\vz.exe
%AppData%\{RANDOM}

HKEY_CURRENT_USER\Software\Classes\.exe
HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon
HKEY_CURRENT_USER\Software\Classes\.exe\shell
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command
HKEY_CURRENT_USER\Software\Classes\.exe\shell\start
HKEY_CURRENT_USER\Software\Classes\.exe\shell\start\command
HKEY_CURRENT_USER\Software\Classes\pezfile
HKEY_CURRENT_USER\Software\Classes\pezfile\DefaultIcon
HKEY_CURRENT_USER\Software\Classes\pezfile\shell
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\open
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\open\command
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\runas
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\runas\command
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\start
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\start\command
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command | @ = “”%AppData%\vz.exe” /START “%1? %*”
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command | IsolatedCommand = “”%1? %*”
HKEY_CURRENT_USER\Software\Classes\.exe | @ = “pezfile”
HKEY_CURRENT_USER\Software\Classes\.exe | Content Type = “application/x-msdownload”
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\open\command | @ = “”%AppData%\vz.exe” /START “%1? %*”
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\open\command | IsolatedCommand = “”%1? %*”

November 22, 2010 on 3:15 pm | In Malware, Malware removal | 6 Comments |

View the original article here

Come rimuovere il controllo disco e CheckDisk (Disinstalla istruzioni)

Do you have pop-ups or your computer infected with trojan or spyware ? Learn how to ask us for help, click here!

Check Disk or CheckDisk is a malicious program that pretends to be a computer defragmenter tool, but in reality it is a scam. The program displays fake alerts and detects a lot of critical errors in order to scare you into thinking your computer have numerous problems. However, it won’t fix these problems unless you purchase its full version. Important to note, Check Disk is unable to detect or fix any problems. So, if you have found that your computer is infected with this malware, then ignore all that it shows you! Read below what you’ll want to know though is what does the program do and how to remove CheckDisk for free.

Check Disk is installed on your computer without your permission and knowledge with the help of trojans. Immediately after launch, it will configure itself to run automatically when your computer loads. Next, this malware will simulate a scan of your computer`s hard disks, memory, etc and detect numerous critical system errors such “Read time of hard drive clusters less than 500 ms”, “32% of HDD space is unreadable”, “Bad sectors on hard drive or damaged file allocation table”, etc. Of course, all of these errors are a fake. The misleading application only imitates functions of computer defragmenter software and unable to detect any problems. CheckDisk hopes to trick you into purchasing its full version. Most important, don`t pay for the bogus program and just ignore the false scan results.

While Check Disk is running, it will block all legitimate Windows applications from running. The following warning will be shown when you try to run a program:

Windows detected a hard drive problem.
A hard drive error occurred while starting the application.

Moreover, CheckDisk will flood your computer with nag screens and fake alerts. Some of the alerts are:

Windows – No Disk
Exception Processing Message 0×0000013

Critical Error
A critical error has occurred while indexing data stored on hard drive. System restart required.

System Restore
The system has been restored after a critical error. Data integrity and hard drive integrity verification required.

Of course, like false scan results above, all of these alerts are just a fake. This is an attempt to make you think your computer in danger. Like false scan results you can safely ignore them.

As you can see, CheckDisk is a scam. Most importantly, do not purchase it! Instead of doing so, follow the removal instructions below in order to remove Check Disk and any associated malware from your computer for free.

Step 1. Reboot your computer in Safe mode with networking

Restart your computer.

After hearing your computer beep once during startup, start pressing the F8 key on your keyboard. On a computer that is configured for booting to multiple operating systems, you can press the F8 key when the Boot Menu appears.

Instead of Windows loading as normal, Windows Advanced Options menu appears similar to the one below.

Windows Advanced Options menu

When the Windows Advanced Options menu appears, select Safe mode with networking and then press ENTER.

Step 2. Clean temp folder

Check Disk stores its files in Windows temp foder. You need to clean it.

Please download ATF Cleaner by Atribune from here, saving it to your desktop. It is used to cleanout temporary files & temp areas used by internet browsers.

Start ATF-Cleaner.exe to run the program. Under Main choose: Select All and click the Empty Selected button.

Step 3. Remove CheckDisk and associated malware

Download MalwareBytes Anti-malware (MBAM). Close all programs and Windows on your computer.

Double Click mbam-setup.exe to install the application. When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing, make sure a checkmark is placed next to Update Malwarebytes’ Anti-Malware and Launch Malwarebytes’ Anti-Malware, then click Finish.

If an update is found, it will download and install the latest version.

Once the program has loaded you will see window similar to the one below.

Malwarebytes Anti-Malware Window

Select Perform Quick Scan, then click Scan, it will start scanning your computer for Check Disk infection. This procedure can take some time, so please be patient.

When the scan is complete, click OK, then Show Results to view the results. You will see a list of infected items similar as shown below. Note: list of infected items may be different than what is shown in the image below.

Malwarebytes Anti-malware, list of infected items

Make sure all entries have a checkmark at their far left and click “Remove Selected” button to remove Check Disk. MalwareBytes Anti-malware will now remove all of associated CheckDisk files and registry keys and add them to the programs’ quarantine. When MalwareBytes Anti-malware has finished removing the infection, a log will open in Notepad and you may be prompted to Restart.

Note 1: if you can not download, install, run or update Malwarebytes Anti-malware, then follow the steps: Malwarebytes won`t install, run or update – How to fix it.

Note 2: if you need help with the instructions, then post your questions in our Spyware Removal forum.

%UserProfile%\Desktop\Check Disk.lnk
%UserProfile%\Start Menu\Programs\Check Disk\Check Disk.lnk
%UserProfile%\Start Menu\Programs\Check Disk\Uninstall Check Disk.lnk
%Temp%\{RANDOM}.exe
%Temp%\{RANDOM}
%Temp%\{RANDOM}.dat

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | {RANDOM}

November 21, 2010 on 10:01 am | In Malware removal, Rogue Anti Spyware | No Comments |

View the original article here

Come rimuovere Defragger Ultra (Disinstalla istruzioni)

Do you have pop-ups or your computer infected with trojan or spyware ? Learn how to ask us for help, click here!

Ultra Defragger is fake computer optimization tool from the same family of malware as Quick Defragmenter, HDD Defragmenter, Smart Defragmenter and System Defragmenter. This program classified as misleading application because it detects a lot of false problems, displays various fake system alerts and nag screen. However, it won’t fix these problems unless you purchase its so-called full version. Important to note, Ultra Defragger is a scam, so do not purchase its paid version. If your PC is already infected you should ignore all that it shows you. Read below what you’ll want to know though is how to remove Ultra Defragger.

When Ultra Defragger is installed, it will configure itself to run automatically when Windows starts. Once started, the program will imitate a scan of computer`s hard disks, memory, etc and detect a lot of errors.

Of course, all of these reported errors are a fake. The misleading application only simulates functions of computer optimization tool and unable to detect any problems. It performs only one – displays a lot of various misleading messages to scare you into thinking your computer in danger. Ultra Defragger hopes that you will then to purchase its full version to fix what its found. Most important, don`t pay for the bogus program and just ignore all this malware gives you.

While Ultra Defragger is running, it will block all legitimate Windows applications from running. The following warning will be shown when you try to run a program:

Windows detected a hard drive problem.
A hard drive error occurred while starting the application.

Moreover, Ultra Defragger will display numerous fake warnings and nag screens that states:

Windows – No Disk
Exception Processing Message 0×0000013

Critical Error
A critical error has occurred while indexing data stored on hard drive. System restart required.

System Restore
The system has been restored after a critical error. Data integrity and hard drive integrity verification required.

However, all of these warnings are fake and supposed to scare you into thinking your computer is in danger. You should ignore all of them!

If you find that your system is infected with this malware, then most importantly, do not purchase it. Use the removal guide below to remove Ultra Defragger from your computer for free.

Step 1. Reboot your computer in Safe mode with networking

Restart your computer.

Instead of Windows loading as normal, Windows Advanced Options menu appears similar to the one below.

Windows Advanced Options menu

When the Windows Advanced Options menu appears, select Safe mode with networking and then press ENTER.

Step 2. Clean temp folder

Ultra Defragger stores its files in Windows temp foder. You need to clean it.

Please download ATF Cleaner by Atribune from here, saving it to your desktop. It is used to cleanout temporary files & temp areas used by internet browsers.

Start ATF-Cleaner.exe to run the program. Under Main choose: Select All and click the Empty Selected button.

Step 3. Remove Ultra Defragger and associated malware

Download MalwareBytes Anti-malware (MBAM). Close all programs and Windows on your computer.

If an update is found, it will download and install the latest version.

Once the program has loaded you will see window similar to the one below.

Malwarebytes Anti-Malware Window

Select Perform Quick Scan, then click Scan, it will start scanning your computer for Ultra Defragger infection. This procedure can take some time, so please be patient.

Malwarebytes Anti-malware, list of infected items

Make sure all entries have a checkmark at their far left and click “Remove Selected” button to remove Ultra Defragger. MalwareBytes Anti-malware will now remove all of associated Ultra Defragger files and registry keys and add them to the programs’ quarantine. When MalwareBytes Anti-malware has finished removing the infection, a log will open in Notepad and you may be prompted to Restart.

Note 1: if you can not download, install, run or update Malwarebytes Anti-malware, then follow the steps: Malwarebytes won`t install, run or update – How to fix it.

Note 2: if you need help with the instructions, then post your questions in our Spyware Removal forum.

%UserProfile%\Desktop\Ultra Defragger.lnk
%Temp%\{RANDOM}.exe
%Temp%\{RANDOM}
%Temp%\{RANDOM}.dat
%UserProfile%\Start Menu\Programs\Ultra Defragger\Ultra Defragger.lnk
%UserProfile%\Start Menu\Programs\Ultra Defragger\Uninstall Ultra Defragger.lnk

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | {RANDOM}

November 14, 2010 on 7:48 am | In Malware removal, Rogue Anti Spyware | No Comments |

View the original article here

Come rimuovere il virus/malware di Vista Antimalware 2011

Do you have pop-ups or your computer infected with trojan or spyware ? Learn how to ask us for help, click here!

Vista Antimalware 2011 is a rogue antispyware program, clone of Vista Antimalware 2010. The program reports false infections, displays numerous fake security alerts and blocks legitimate Windows applications from running in order to trick you into purchasing its full version. So, do not trust anything that this malware will display you and remove Vista Antimalware 2011 from your system as soon as possible. Read below what you’ll want to know though is what does this malware do and how to remove the rogue from your computer for free.

Like other rogues, Vista Antimalware 2011 is installed via trojans without your permission and knowledge. Immediately after launch, it will register itself in the Windows registry to run automatically every time when you start an application (files with “exe” extension). The rogue also uses this method of running to block the ability to run any programs, including legitimate antivirus and antispyware applications.

Once running, Vista Antimalware 2011 will perform a system scan and detect a lot of infections. Then it will ask you to pay for a full version of the program to remove these infections. Of course, all of these infections are a fake. This malware want to scare you into thinking that your computer is infected with malicious software. Thus do not trust the scan results, simply ignore them!

While Vista Antimalware 2011 is running, it will display numerous fake security alerts. Some of the alerts are:

System danger!
Your system is in danger. Privacy threats detected.
Spyware, keyloggers or Trojans may be working in the
background right now. Perform an in-depth scan and removal
now, click here.

Attention: DANGER!
ALERT! System scan for spyware, adware, trojans and viruses is complete.
Vista Antimalware 2011 detected 35 critical system objects.

Last but not least, Vista Antimalware 2011 will hijack Internet Explorer and Firefox, so it will display a fake warning page instead a site that you want to visit. The fake warning is:

Vista Antimalware 2011 ALERT
Internet Explorer alert. Visiting this site may pose a security threat to your system

Of course, all of these messages, warnings and alerts are a fake and supposed to scare you into thinking your computer in danger! Just like false scan results, ignore all of them!

As you can see, Vista Antimalware 2011 is a scam which created with one purpose to scare you into thinking that your computer in danger as method to trick you into purchasing the full version of the program. If your computer is infected with this malware, then most importantly, do not purchase it! Uninstall the rogue from your PC as soon as possible. Use the removal guide below to remove Vista Antimalware 2011 and any associated malware from your computer for free.

Step 1. Repair “running of .exe files”.

Method 1

Click Start. Type in Search field command and press Enter. It will open the command prompt. Type into it notepad and press Enter.
Notepad opens. Copy all the text below into Notepad.

Windows Registry Editor Version 5.00

[-HKEY_CURRENT_USER\Software\Classes\.exe]
[-HKEY_CURRENT_USER\Software\Classes\pezfile]
[-HKEY_CLASSES_ROOT\.exe\shell\open\command]

[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"

[HKEY_CLASSES_ROOT\.exe]
@="exefile"
"Content Type"="application/x-msdownload"

Save this as fix.reg to your Desktop (remember to select Save as file type: All files in Notepad.)
Double Click fix.reg and click YES for confirm.
Reboot your computer.

Method 2

Click Start. Type in Search field command and press Enter. It will open the command prompt. Type into it notepad and press Enter.
Notepad opens. Copy all the text below into Notepad.

[Version]
Signature="$Chicago$"
Provider=www.myantispyware.com

[DefaultInstall]
DelReg=regsec
AddReg=regsec1

[regsec]
HKCU, Software\Classes\.exe
HKCU, Software\Classes\pezfile
HKCR, .exe\shell\open\command

[regsec1]
HKCR, exefile\shell\open\command,,,"""%1"" %*"
HKCR, .exe,,,"exefile"
HKCR, .exe,"Content Type",,"application/x-msdownload"

Save this as fix.inf to your Desktop (remember to select Save as file type: All files in Notepad.)
Right click to fix.inf and select Install. Reboot your computer.
Note: if Vista returns error message “Installation failed”, then you need disable UAC control. Click Start, Control Panel, User accounting, Click “Turn User Account Control on or off”. Uncheck “Use User Account Control (UAC)” and click OK. Now try install fix.inf once again.

Step 2. Remove Vista Antimalware 2011 associated malware.

Download MalwareBytes Anti-malware (MBAM). Once downloaded, close all programs and windows on your computer.

Malwarebytes Anti-Malware Window

Make sure the “Perform quick scan” option is selected and then click on the Scan button to start scanning your computer for Vista Antimalware 2011 infection. This procedure can take some time, so please be patient.

Malwarebytes Anti-malware, list of infected items

Make sure all entries have a checkmark at their far left and click “Remove Selected” button to remove Vista Antimalware 2011. MalwareBytes Anti-malware will now remove all of associated Vista Antimalware 2011 files and registry keys and add them to the programs’ quarantine. When MalwareBytes Anti-malware has finished removing the infection, a log will open in Notepad and you may be prompted to Restart.

Note: if you need help with the instructions, then post your questions in our Spyware Removal forum.

%AppData%\pw.exe

HKEY_CURRENT_USER\Software\Classes\.exe
HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon
HKEY_CURRENT_USER\Software\Classes\.exe\shell
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command
HKEY_CURRENT_USER\Software\Classes\.exe\shell\start
HKEY_CURRENT_USER\Software\Classes\.exe\shell\start\command
HKEY_CURRENT_USER\Software\Classes\pezfile
HKEY_CURRENT_USER\Software\Classes\pezfile\DefaultIcon
HKEY_CURRENT_USER\Software\Classes\pezfile\shell
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\open
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\open\command
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\runas
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\runas\command
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\start
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\start\command
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command | @ = “”%AppData%\pw.exe” /START “%1? %*”
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command | IsolatedCommand = “”%1? %*”
HKEY_CURRENT_USER\Software\Classes\.exe | @ = “pezfile”
HKEY_CURRENT_USER\Software\Classes\.exe | Content Type = “application/x-msdownload”
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\open\command | @ = “”%AppData%\pw.exe” /START “%1? %*”
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\open\command | IsolatedCommand = “”%1? %*”

November 22, 2010 on 2:46 pm | In Malware removal, Rogue Anti Spyware | No Comments |

View the original article here

Thursday, November 25, 2010

Come rimuovere XP Antimalware 2011

Do you have pop-ups or your computer infected with trojan or spyware ? Learn how to ask us for help, click here!

XP Antimalware 2011 is a rogue antispyware program from the same family of malware as XP Antimalwate, XP Antimalwate 2010, etc. The program is installed via trojans without your permission and knowledge and uses misleading methods such false scan results and fake security warnings in order to trick you into purchasing its paid version. Thus, do not trust anything that this malware will display you and remove XP Antimalware 2011 from your system as soon as possible. Read below what you’ll want to know though is what does this malware do and how to remove it from your PC for free.

During installation, XP Antimalware 2011 registers its main file named pw.exe in the Windows registry so, it will run automatically every time when you start an application (files with “exe” extension). The rogue also uses this method of running to block the ability to run any programs, including legitimate antivirus and antispyware tools.

Once installed, XP Antimalware 2011 will imitate a system scan and report a large amount of infections.

XP Antimalware 2011 perform a fake scan

It hopes that you will then purchase its full version. Important to know, all of these infections found are fake, so you can safely ignore them!

While the rogue is running, it will display various nag screens and fake security warnings. Some of the alerts are:

Attention: DANGER!
ALERT! System scan for spyware, adware, trojans and viruses is complete.
XP Antimalware 2011 detected 29 critical system objects.

Security breach!
Beware! Spyware infection was found. Your system security is
at risk. Private information may get stolen, and your PC
activity may get monitored. Click for an anti-spyware scan.

System danger!
Your system is in danger. Privacy threats detected.
Spyware, keyloggers or Trojans may be working in the
background right now. Perform an in-depth scan and removal
now, click here.

Moreover, XP Antimalware 2011 will hijack your browser, so it will show a fake warning page instead a site that you want to visit. The fake warning state:

XP Antimalware 2011 ALERT
Internet Explorer alert. Visiting this site may pose a security threat to your system

Of course, all of these messages, warnings and alerts are a fake and supposed to scare you into thinking your computer in danger! Just like false scan results, ignore all of them!

As you can see, XP Antimalware 2011 is a scam which created with one purpose to scare you into thinking that your computer in danger as method to trick you into purchasing the full version of the program. If your computer is infected with this malware, then most importantly, do not purchase it! Uninstall the rogue from your PC as soon as possible. Use the removal guide below to remove XP Antimalware 2011 and any associated malware from your computer for free.

Step 1. Repair “running of .exe files”.

Method 1

Click Start, Run. Type command and press Enter. Type notepad and press Enter.
Notepad opens. Copy all the text below into Notepad.

Windows Registry Editor Version 5.00

[-HKEY_CURRENT_USER\Software\Classes\.exe]
[-HKEY_CURRENT_USER\Software\Classes\pezfile]
[-HKEY_CLASSES_ROOT\.exe\shell\open\command]

[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"

[HKEY_CLASSES_ROOT\.exe]
@="exefile"
"Content Type"="application/x-msdownload"

Save this as fix.reg to your Desktop (remember to select Save as file type: All files in Notepad.)
Double Click fix.reg and click YES for confirm.
Reboot your computer.

Method 2

Click Start, Run. Type command and press Enter. Type notepad and press Enter.
Notepad opens. Copy all the text below into Notepad.

[Version]
Signature="$Chicago$"
Provider=www.myantispyware.com

[DefaultInstall]
DelReg=regsec
AddReg=regsec1

[regsec]
HKCU, Software\Classes\.exe
HKCU, Software\Classes\pezfile
HKCR, .exe\shell\open\command

[regsec1]
HKCR, exefile\shell\open\command,,,"""%1"" %*"
HKCR, .exe,,,"exefile"
HKCR, .exe,"Content Type",,"application/x-msdownload"

Save this as fix.inf to your Desktop (remember to select Save as file type: All files in Notepad.)
Right click to fix.inf and select Install. Reboot your computer.

Step 2. Remove XP Antimalware 2011 associated malware.

Download MalwareBytes Anti-malware (MBAM). Once downloaded, close all programs and windows on your computer.

Malwarebytes Anti-Malware Window

Make sure the “Perform quick scan” option is selected and then click on the Scan button to start scanning your computer for XP Antimalware 2011 infection. This procedure can take some time, so please be patient.

Malwarebytes Anti-malware, list of infected items

Make sure all entries have a checkmark at their far left and click “Remove Selected” button to remove XP Antimalware 2011. MalwareBytes Anti-malware will now remove all of associated XP Antimalware 2011 files and registry keys and add them to the programs’ quarantine. When MalwareBytes Anti-malware has finished removing the infection, a log will open in Notepad and you may be prompted to Restart.

Note: if you need help with the instructions, then post your questions in our Spyware Removal forum.

%AppData%\pw.exe

HKEY_CURRENT_USER\Software\Classes\.exe
HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon
HKEY_CURRENT_USER\Software\Classes\.exe\shell
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command
HKEY_CURRENT_USER\Software\Classes\.exe\shell\start
HKEY_CURRENT_USER\Software\Classes\.exe\shell\start\command
HKEY_CURRENT_USER\Software\Classes\pezfile
HKEY_CURRENT_USER\Software\Classes\pezfile\DefaultIcon
HKEY_CURRENT_USER\Software\Classes\pezfile\shell
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\open
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\open\command
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\runas
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\runas\command
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\start
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\start\command
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command | @ = “”%AppData%\pw.exe” /START “%1? %*”
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command | IsolatedCommand = “”%1? %*”
HKEY_CURRENT_USER\Software\Classes\.exe | @ = “pezfile”
HKEY_CURRENT_USER\Software\Classes\.exe | Content Type = “application/x-msdownload”
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\open\command | @ = “”%AppData%\pw.exe” /START “%1? %*”
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\open\command | IsolatedCommand = “”%1? %*”

November 12, 2010 on 6:57 am | In Malware removal, Rogue Anti Spyware | 3 Comments |

View the original article here

Come rimuovere malware pw.exe

Do you have pop-ups or your computer infected with trojan or spyware ? Learn how to ask us for help, click here!

Pw.exe is the main file of each program from malware family, that includes the following programs: XP Antispyware 2011, Vista Antispyware 2011, Win 7 Antispyware 2011, XP Security 2011, Vista Security 2011, Win 7 Security 2011, XP Internet Security 2011, Vista Internet Security 2011, Win 7 Internet Security 2011, XP Antimalware 2011, Vista Antimalware 2011, Win 7 Antimalware 2011, XP Guard Vista Guard, Win 7 Guard. All of these programs are rogue antispyware. that uses misleading methods such false scan results and fake security warnings in order to trick you into purchasing their full version.

Pw.exe is installed onto your computer without your permission and knowledge with the help of trojans. Once the trojan is started, it will install pw.exe and configure it to run automatically when you start an application (files with “exe” extension). This malware also uses this method of running to block the ability to run any programs, including legitimate antivirus and antispyware applications.

When pw.exe is started, it will imitate a system scan. Once finished, this malware will state that your computer is infected with trojans, adware or malware and that you should purchase the full version of the program to remove these infections. Important to know, the malicious program is unable to detect any infections, as will not protect you from possible infection in the future. So, do not trust the scan results, simply ignore them.

While pw.exe is running, it will flood your computer with nag screens, fake security alerts and notifications from your Windows taskbar. A few examples:

Tracking software found!
Your PC activity is being monitored. Possible spyware
infection. Your data security may be compromised. Sensitive
data can be stolen. Prevent damage now by completing a
security scan.

Stealth intrusion!
Infection detected in the background. Your computer is now
attacked by spyware and rogue software. Eliminate the
infection safety, perform a security scan and deletion now.

As you can see pw.exe is very dangerous and can lead to a complete paralysis of your computer. Need as quickly as possible to check your computer and remove all found components of this malware. Use the removal guide below to remove pw.exe and any associated malware from your computer for free.

Step 1. Fix “.exe” file associations.

Method 1

Windows Vista/7
Click Start. Type in Search field command and press Enter.

Windows XP/2000
Click Start, Run. Type in Open field command and press Enter.

It will open the command prompt. Type into it notepad and press Enter. It will open Notepad. Copy all the text below into Notepad.

Windows Registry Editor Version 5.00

[-HKEY_CURRENT_USER\Software\Classes\.exe]
[-HKEY_CURRENT_USER\Software\Classes\pezfile]
[-HKEY_CLASSES_ROOT\.exe\shell\open\command]

[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"

[HKEY_CLASSES_ROOT\.exe]
@="exefile"
"Content Type"="application/x-msdownload"

Save this as fix.reg to your Desktop (remember to select Save as file type: All files in Notepad.)
Double Click fix.reg and click YES for confirm.
Reboot your computer.

Method 2

Windows Vista/7
Click Start. Type in Search field command and press Enter.

Windows XP/2000
Click Start, Run. Type in Open field command and press Enter.

It will open the command prompt. Type into it notepad and press Enter. It will open Notepad. Copy all the text below into Notepad.

[Version]
Signature="$Chicago$"
Provider=www.myantispyware.com

[DefaultInstall]
DelReg=regsec
AddReg=regsec1

[regsec]
HKCU, Software\Classes\.exe
HKCU, Software\Classes\pezfile
HKCR, .exe\shell\open\command

[regsec1]
HKCR, exefile\shell\open\command,,,"""%1"" %*"
HKCR, .exe,,,"exefile"
HKCR, .exe,"Content Type",,"application/x-msdownload"

Save this as fix.inf to your Desktop (remember to select Save as file type: All files in Notepad.)
Right click to fix.inf and select Install. Reboot your computer.

Step 2. Remove pw.exe associated malware.

Download MalwareBytes Anti-malware (MBAM). Once downloaded, close all programs and windows on your computer.

Malwarebytes Anti-Malware Window

Make sure the “Perform quick scan” option is selected and then click on the Scan button to start scanning your computer for pw.exe infection. This procedure can take some time, so please be patient.

Malwarebytes Anti-malware, list of infected items

Make sure all entries have a checkmark at their far left and click “Remove Selected” button to remove pw.exe. MalwareBytes Anti-malware will now remove all of associated pw.exe files and registry keys and add them to the programs’ quarantine. When MalwareBytes Anti-malware has finished removing the infection, a log will open in Notepad and you may be prompted to Restart.

Note 1: if you can not download, install, run or update Malwarebytes Anti-malware, then follow the steps: Malwarebytes won`t install, run or update – How to fix it.

Note 2: if you need help with the instructions, then post your questions in our Spyware Removal forum.

%AppData%\pw.exe

HKEY_CURRENT_USER\Software\Classes\.exe
HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon
HKEY_CURRENT_USER\Software\Classes\.exe\shell
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command
HKEY_CURRENT_USER\Software\Classes\.exe\shell\start
HKEY_CURRENT_USER\Software\Classes\.exe\shell\start\command
HKEY_CURRENT_USER\Software\Classes\pezfile
HKEY_CURRENT_USER\Software\Classes\pezfile\DefaultIcon
HKEY_CURRENT_USER\Software\Classes\pezfile\shell
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\open
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\open\command
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\runas
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\runas\command
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\start
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\start\command
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command | @ = “”%AppData%\pw.exe” /START “%1? %*”
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command | IsolatedCommand = “”%1? %*”
HKEY_CURRENT_USER\Software\Classes\.exe | @ = “pezfile”
HKEY_CURRENT_USER\Software\Classes\.exe | Content Type = “application/x-msdownload”
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\open\command | @ = “”%AppData%\pw.exe” /START “%1? %*”
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\open\command | IsolatedCommand = “”%1? %*”

November 18, 2010 on 8:40 pm | In Malware, Malware removal | No Comments |

View the original article here

Come rimuovere ScanDisk e Scan Disk (Disinstalla istruzioni)

Do you have pop-ups or your computer infected with trojan or spyware ? Learn how to ask us for help, click here!

Scan Disk or ScanDisk is a malicious program that pretends to be a computer defragmenter software, but in reality it uses various misleading methods such fake critical error alerts and false scan results in order to scare you into thinking your computer have a lot of problems. However, it won’t fix these problems unless you purchase its full version. Important to note, Scan Disk is a scam, which is unable to detect or fix any problems. So, if you have found that your computer is infected with this malware, then ignore all that it shows you! Read below what you’ll want to know though is what does the program do and how to remove ScanDisk for free.

Scan Disk is installed on your computer without your permission and knowledge through trojans. During installation, this malware configures itself to run automatically when your computer loads. Once started, it will simulate a scan of your computer`s hard disks, memory, etc and detect numerous critical system errors such “Read time of hard drive clusters less than 500 ms”, “32% of HDD space is unreadable”, “Bad sectors on hard drive or damaged file allocation table”, etc. Of course, all of these errors are a fake. The misleading application only imitates functions of computer defragmenter software and unable to detect any problems. ScanDisk hopes to trick you into purchasing its full version. Most important, don`t pay for the bogus program and just ignore the false scan results.

While Scan Disk is running, it will block all legitimate Windows applications from running. The following warning will be shown when you try to run a program:

Windows detected a hard drive problem.
A hard drive error occurred while starting the application.

Moreover, ScanDisk will flood your computer with nag screens and fake alerts. Some of the alerts are:

Windows – No Disk
Exception Processing Message 0×0000013

Critical Error
A critical error has occurred while indexing data stored on hard drive. System restart required.

System Restore
The system has been restored after a critical error. Data integrity and hard drive integrity verification required.

Of course, like false scan results above, all of these alerts are just a fake. This is an attempt to make you think your computer in danger. Like false scan results you can safely ignore them.

As you can see, ScanDisk is a scam. Most importantly, do not purchase it! Instead of doing so, follow the removal instructions below in order to remove Scan Disk and any associated malware from your computer for free.

Step 1. Reboot your computer in Safe mode with networking

Restart your computer.

Instead of Windows loading as normal, Windows Advanced Options menu appears similar to the one below.

Windows Advanced Options menu

When the Windows Advanced Options menu appears, select Safe mode with networking and then press ENTER.

Step 2. Clean temp folder

Scan Disk stores its files in Windows temp foder. You need to clean it.

Please download ATF Cleaner by Atribune from here, saving it to your desktop. It is used to cleanout temporary files & temp areas used by internet browsers.

Start ATF-Cleaner.exe to run the program. Under Main choose: Select All and click the Empty Selected button.

Step 3. Remove ScanDisk and associated malware

Download MalwareBytes Anti-malware (MBAM). Close all programs and Windows on your computer.

If an update is found, it will download and install the latest version.

Once the program has loaded you will see window similar to the one below.

Malwarebytes Anti-Malware Window

Select Perform Quick Scan, then click Scan, it will start scanning your computer for Scan Disk infection. This procedure can take some time, so please be patient.

Malwarebytes Anti-malware, list of infected items

Make sure all entries have a checkmark at their far left and click “Remove Selected” button to remove Scan Disk. MalwareBytes Anti-malware will now remove all of associated ScanDisk files and registry keys and add them to the programs’ quarantine. When MalwareBytes Anti-malware has finished removing the infection, a log will open in Notepad and you may be prompted to Restart.

Note 1: if you can not download, install, run or update Malwarebytes Anti-malware, then follow the steps: Malwarebytes won`t install, run or update – How to fix it.

Note 2: if you need help with the instructions, then post your questions in our Spyware Removal forum.

%UserProfile%\Desktop\Scan Disk.lnk
%UserProfile%\Start Menu\Programs\Scan Disk\Scan Disk.lnk
%UserProfile%\Start Menu\Programs\Scan Disk\Uninstall Scan Disk.lnk
%Temp%\{RANDOM}.exe
%Temp%\{RANDOM}
%Temp%\{RANDOM}.dat

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | {RANDOM}

November 17, 2010 on 9:48 am | In Malware removal, Rogue Anti Spyware | No Comments |

View the original article here

Come rimuovere il virus/malware di Vista Antispyware 2011

Do you have pop-ups or your computer infected with trojan or spyware ? Learn how to ask us for help, click here!

Vista Antispyware 2011 is a rogue antispyware program, clone of Vista Antispyware 2010. The program reports false infections, displays numerous fake security alerts and blocks legitimate Windows applications from running in order to scare you into thinking your computer in danger. It hopes that you will next purchase its full version. So, do not trust anything that this malware will display you and remove Vista Antispyware 2011 from your system as soon as possible. Read below what you’ll want to know though is what does this malware do and how to remove the rogue from your computer for free.

Like other rogues, Vista Antispyware 2011 is installed via trojans without your permission and knowledge. During installation, the program will register itself in the Windows registry to run automatically every time when you start an application (files with “exe” extension). The rogue also uses this method of running to block the ability to run any programs, including security applications.

Once running, Vista Antispyware 2011 will perform a system scan and detect a lot of infections. Then it will ask you to pay for a full version of the program to remove these infections. Of course, all of these infections are a fake. This malware want to scare you into thinking that your computer is infected with malicious software. Thus do not trust the scan results, simply ignore them!

While Vista Antispyware 2011 is running, it will display numerous fake security alerts. Some of the alerts are:

System danger!
Your system is in danger. Privacy threats detected.
Spyware, keyloggers or Trojans may be working in the
background right now. Perform an in-depth scan and removal
now, click here.

Attention: DANGER!
ALERT! System scan for spyware, adware, trojans and viruses is complete.
Vista Antispyware 2011 detected 29 critical system objects.

Last but not least, Vista Antispyware 2011 will hijack Internet Explorer and Firefox, so it will display a fake warning page instead a site that you want to visit. The fake warning is:

Vista Antispyware 2011 ALERT
Internet Explorer alert. Visiting this site may pose a security threat to your system

Of course, all of these messages, warnings and alerts are a fake and supposed to scare you into thinking your computer in danger! Just like false scan results, ignore all of them!

As you can see, Vista Antispyware 2011 is a scam which created with one purpose to scare you into thinking that your computer in danger as method to trick you into purchasing the full version of the program. If your computer is infected with this malware, then most importantly, do not purchase it! Uninstall the rogue from your PC as soon as possible. Use the removal guide below to remove Vista Antispyware 2011 and any associated malware from your computer for free.

Step 1. Repair “running of .exe files”.

Method 1

Click Start. Type in Search field command and press Enter. It will open the command prompt. Type into it notepad and press Enter.
Notepad opens. Copy all the text below into Notepad.

Windows Registry Editor Version 5.00

[-HKEY_CURRENT_USER\Software\Classes\.exe]
[-HKEY_CURRENT_USER\Software\Classes\pezfile]
[-HKEY_CLASSES_ROOT\.exe\shell\open\command]

[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"

[HKEY_CLASSES_ROOT\.exe]
@="exefile"
"Content Type"="application/x-msdownload"

Save this as fix.reg to your Desktop (remember to select Save as file type: All files in Notepad.)
Double Click fix.reg and click YES for confirm.
Reboot your computer.

Method 2

Click Start. Type in Search field command and press Enter. It will open the command prompt. Type into it notepad and press Enter.
Notepad opens. Copy all the text below into Notepad.

[Version]
Signature="$Chicago$"
Provider=www.myantispyware.com

[DefaultInstall]
DelReg=regsec
AddReg=regsec1

[regsec]
HKCU, Software\Classes\.exe
HKCU, Software\Classes\pezfile
HKCR, .exe\shell\open\command

[regsec1]
HKCR, exefile\shell\open\command,,,"""%1"" %*"
HKCR, .exe,,,"exefile"
HKCR, .exe,"Content Type",,"application/x-msdownload"

Step 2. Remove Vista Antispyware 2011 associated malware.

Download MalwareBytes Anti-malware (MBAM). Once downloaded, close all programs and windows on your computer.

Malwarebytes Anti-Malware Window

Make sure the “Perform quick scan” option is selected and then click on the Scan button to start scanning your computer for Vista Antispyware 2011 infection. This procedure can take some time, so please be patient.

Malwarebytes Anti-malware, list of infected items

Make sure all entries have a checkmark at their far left and click “Remove Selected” button to remove Vista Antispyware 2011. MalwareBytes Anti-malware will now remove all of associated Vista Antispyware 2011 files and registry keys and add them to the programs’ quarantine. When MalwareBytes Anti-malware has finished removing the infection, a log will open in Notepad and you may be prompted to Restart.

Note: if you need help with the instructions, then post your questions in our Spyware Removal forum.

%AppData%\pw.exe

HKEY_CURRENT_USER\Software\Classes\.exe
HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon
HKEY_CURRENT_USER\Software\Classes\.exe\shell
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command
HKEY_CURRENT_USER\Software\Classes\.exe\shell\start
HKEY_CURRENT_USER\Software\Classes\.exe\shell\start\command
HKEY_CURRENT_USER\Software\Classes\pezfile
HKEY_CURRENT_USER\Software\Classes\pezfile\DefaultIcon
HKEY_CURRENT_USER\Software\Classes\pezfile\shell
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\open
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\open\command
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\runas
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\runas\command
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\start
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\start\command
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command | @ = “”%AppData%\pw.exe” /START “%1? %*”
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command | IsolatedCommand = “”%1? %*”
HKEY_CURRENT_USER\Software\Classes\.exe | @ = “pezfile”
HKEY_CURRENT_USER\Software\Classes\.exe | Content Type = “application/x-msdownload”
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\open\command | @ = “”%AppData%\pw.exe” /START “%1? %*”
HKEY_CURRENT_USER\Software\Classes\pezfile\shell\open\command | IsolatedCommand = “”%1? %*”

November 17, 2010 on 2:06 pm | In Malware removal, Rogue Anti Spyware | 1 Comment |

View the original article here

Esperti credere Facebook nuovo sistema di messaggistica sarà un obiettivo primo per hacker

Facebook ha cambiato il loro sistema di messaggistica integrato, dove ora rollup messaggi istantanei, e-mail, messaggi di Facebook e SMS tutto in un unico sistema di facile utilizzo. La nuova impostazione consentirà agli utenti di Facebook configurare il proprio indirizzo di email Facebook.com. E stato stimato che vengono inviati messaggi di 4 miliardi di euro ogni giorno su Facebook e più di 350 milioni di persone utilizzano Facebook ai loro membri di famiglia e amico del messaggio. Conoscendo vasto come l'infrastruttura di Facebook è solo sarebbe vantaggioso per gli hacker attaccare la nuova impostazione potenzialmente raggiungere più persone che mai.

Letteralmente potremmo avere una nuova epidemia di diffusione di malware, truffe e furti di identità nelle nostre mani se gli hacker sono in grado di attaccare con successo il nuovo sistema di 'messaggi' di Facebook. Non solo si pregiudica gli utenti di Facebook, ma chi è il destinatario di messaggi di posta elettronica da un account di posta elettronica Facebook.com.Basta pensare le infinite possibilità di questo tipo di piattaforma pu? dare hacker che sono in grado di sconfiggere il mettere in atto misure di sicurezza.

Storia della Facebook della lotta contro la sicurezza correlati problemi ha avuto i suoi alti e bassi. Perché Facebook porti tanti membri, oltre 500 milioni, si potrebbe dire che Facebook non pu? essere preparied per gestire tale carico di nuovi messaggi inviati e indietro loro rete in caso di un attacco hacker di massa-scala.Lo spam è un contributo importante per avviare la diffusione di malware o truffe su internet. Come bene è Facebook disposti a trattare con i messaggi di spam il sistema 'messaggi' è un po' un mistero.

Facebook ha già detto che permetterà agli utenti limitare i messaggi visualizzati nella loro casella di posta agli amici soli o lasci selezionate "amici degli amici".Anche se questo suona come una soluzione a un sacco di problemi di spamming, abbiamo assistito nel passaggio di diverse occasioni dove gli hacker sono in grado di diffondere messaggi di spam o truffe tramite Facebook, anche se l'utente è configurato per ricevere comunicazioni da "solo amici". Semplicemente hack hacker in account di Facebook.Nulla di nuovo che esiste.

Cosa ne pensi di Facebook aprendo la loro rete di utente e-mail, SMS, messaggi istantanei e messaggi di Facebook?Si prenderà il vantaggio del nuovo sistema di messaggistica o sceglierà di utilizzarlo per un timore di essere violato?

Questa voce è stata pubblicata il mercoled?, 17 novembre 2010 a 2: 26 pm ed è archiviata sotto hackers.E possibile seguire tutte le risposte a questa entrata attraverso il RSS 2.0 feed.Puoi lasciare una risposta, oppure trackback dal tuo sito.

View the original article here

Wednesday, November 24, 2010

Google Chrome Vs Internet Explorer

E già iniziata la battaglia dei browser web. Con Google e Microsoft racing collo a collo per smart degli utenti di internet che vogliono bene, significativi risultati veloci, sono stati apportati miglioramenti con le nuove versioni di Google e Internet Explorer. E cos? che uno dovrebbe utilizzare?

Alcuni dei vantaggi dell'utilizzo di Google Chrome su Internet Explorer sono la sua velocità, la semplicità e la sicurezza. Senza componenti aggiuntivi o plug-in e pubblicità inutili, Google Chrome è veloce e affidabile, e a volte, si pu? anche dire che è molto impaziente. Avrete ricaricare la pagina dopo un paio di secondi perché Chrome si arrende durante il caricamento richiede troppo tempo.Diverso che è veramente veloce e ottenere i risultati desiderati in un battito cardiaco.

Google Chrome è semplice ed è ci? che lo rende facile da usare.Sembra elegante e di classe, progettato in modo tale che i fotogrammi per i risultati web ottengano più spazio.Le schede vengono posizionate comodamente con praticamente le stesse caratteristiche che si ottiene da Firefox.

Infine, non sarebbe disturbato con problemi di sicurezza con Chrome, perché promuove infatti web safe surf, facendo uso di quello che è chiamato il sandboxing che permette di fare una distinzione tra i comandi di internet e operazioni e altre applicazioni di dati del computer, in modo che gli hacker non troverebbe facile mettere in spyware nel tuo computer.

La decisione finale su se è necessario utilizzare Google Chrome o Internet Explorer dipende dalle proprie preferenze.Fondamentalmente, Internet Explorer è per la persona che viene fuori in cerca di ulteriori opzioni di personalizzazione nel suo browser web – che gli sviluppatori web e borsisti esperto di computer effettivamente sarebbero piaciuto utilizzando il tipo.D'altro canto, Google Chrome è il browser web semplice, veloce ed orientata ai risultati che gli utenti stanco da annuncio bombardato e plug-in browser dominato potrebbe mai bisogno o desidera.

View the original article here

Tuesday, November 9, 2010

Come rimuovere la protezione controllo 2010 (Disinstalla istruzioni)

Do you have pop-ups or your computer infected with trojan or spyware ? Learn how to ask us for help, click here!

Security Inspector 2010 is a rogue antispyware application from the same family of malware as AntiVirus Studio 2010, Desktop Security 2010, etc. The rogue promoted and distributed through the use of trojans. Security Inspector 2010 uses misleading methods such fake security warnings and false scan results in order to trick you into purchasing its full version. Important to note, the program cannot to detect and remove any infections. So, do not trust anything that the rogue displays you and remove Security Inspector 2010 from your computer as soon as possible.

When Security Inspector 2010 is installed, it will be configured to start automatically every time you logon into Windows. Next, this malware will imitate a system scan and list a lot of infections.

Security Inspector 2010 – imitation of system scan

Then it will prompt you to purchase a full version of the program to remove these infections. Of course, all of these infections are a fake and do not actually exist on your computer. So, you can safety ignore the false scan results.

While Security Inspector 2010 is running, it will flood your computer with fake security alerts and notifications that state that your computer in danger. It is just an attempt to make you think your computer is infected with all sorts of malicious software. Some of the alerts are:

System critical warning!
You have been infected by a proxy-relay trojan server

Warning! System Under Attack
Threat detected: Worm

Your computer might be at risk
Antivirus detects viruses, worms, and Trojan horses. They
can (and do) destroy data, format your hard disk or can
destroy the BIOS. By destroying the BIOS many times you
end up buying a new motherboard or if the bios chip is
removable then that chip would need replacing

Of course, all of these alerts nothing more but a scam and like false scan results has been displayed to trick you into purchasing so-called full version of Security Inspector 2010. You should ignore all of them!

As you can see, Security Inspector 2010 is a scam that has been created with one purpose – to scare you into thinking that your computer is infected, so you will then purchasing the program. Do not be fooled into buying the program! Instead of doing so, follow the removal guidelines below in order to remove Security Inspector 2010 and any associated malware from your computer for free.

O4 – HKCU\..\Run: [8uw5jpurcto2] %Temp%\securetystudio.exe
O4 – HKCU\..\Run: [Security Inspector 2010] “C:\Documents and Settings\user\Application Data\Security Inspector 2010\Security_Inspector_2010.exe” /STARTUP

Step 1. Reboot your computer in Safe mode with networking

Restart your computer.

Instead of Windows loading as normal, Windows Advanced Options menu appears similar to the one below.

Windows Advanced Options menu

When the Windows Advanced Options menu appears, select Safe mode with networking and then press ENTER.

Step 2. Remove Security Inspector 2010 and any associated malware

Download MalwareBytes Anti-malware (MBAM). Close all programs and Windows on your computer.

If an update is found, it will download and install the latest version.

Once the program has loaded you will see window similar to the one below.

Malwarebytes Anti-Malware Window

Select Perform Quick Scan, then click Scan, it will start scanning your computer for Security Inspector 2010 infection. This procedure can take some time, so please be patient.

Malwarebytes Anti-malware, list of infected items

Make sure all entries have a checkmark at their far left and click “Remove Selected” button to remove Security Inspector 2010. MalwareBytes Anti-malware will now remove all of associated Security Inspector 2010 files and registry keys and add them to the programs’ quarantine. When MalwareBytes Anti-malware has finished removing the infection, a log will open in Notepad and you may be prompted to Restart.

Note 1: if you can not download, install, run or update Malwarebytes Anti-malware, then follow the steps: Malwarebytes won`t install, run or update – How to fix it.

Note 2: if you need help with the instructions, then post your questions in our Spyware Removal forum.

%AppData%\Microsoft\Internet Explorer\Quick Launch\Security Inspector 2010.lnk
%AppData%\Security Inspector 2010\
%UserProfile%\Start Menu\Programs\Security Inspector 2010\
%AppData%\Security Inspector 2010\Security_Inspector_2010.exe
%AppData%\Security Inspector 2010\securitycenter.exe
%AppData%\Security Inspector 2010\securityhelper.exe
%AppData%\Security Inspector 2010\taskmgr.dll
%UserProfile%\Start Menu\Programs\Security Inspector 2010.lnk
%UserProfile%\Start Menu\Programs\Security Inspector 2010\Activate Security Inspector 2010.lnk
%UserProfile%\Start Menu\Programs\Security Inspector 2010\Help Security Inspector 2010.lnk
%UserProfile%\Start Menu\Programs\Security Inspector 2010\How to Activate Security Inspector 2010.lnk
%UserProfile%\Start Menu\Programs\Security Inspector 2010\Security Inspector 2010.lnk

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Security Inspector 2010
HKEY_CURRENT_USER\Software\Security Inspector 2010
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | {RANDOM}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | Security Inspector 2010

November 8, 2010 on 10:34 am | In Malware removal, Rogue Anti Spyware | No Comments |

View the original article here