Beware of new computer infection Windows Active Defender that rotates on the web. The application should be treated as a rogue security program that is not able to render any security services for your system. Instead of cleaning your computer, this fraudware seriously contaminates and it inevitably leads to the distortion of PC function. So, do not skip reading this entry to timely identify and remove this hoax. The neglect of this virus removal maybe dangerous since it may bring other, more serious viruses to your computer.
Windows Active Defender squeezes to your computer through the security vulnerabilities available on your workstation. Sometimes the available anti-viruses cannot protect you against threats, and in some cases users prefer not to have any anti-viruses at all. Nevertheless, Windows Active Defender attempts to mimic the features of some powerful antivirus. It runs its many fake scans of your computer and tells that your system is seriously infected. Showing tons of pop-ups and falsified scanning results it step by step brings you to the point where you will be asked by the virus to buy its fake licensed version (so-called ultimate protection). Please be advised enough not to jump at the bait of the cyber crooks and not make such a serious mistake. Remove this parasite as described in the removal guide stipulated below.
Windows Active Defender malware remover:
%AppData%\NPSWF32.dll
%AppData%\Protector-[rnd].exe
%AppData%\result.db
Delete Windows Active Defender registry entries:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Inspector %AppData%\Protector-[rnd].exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnHTTPSToHTTPRedirect 0
HKCU\Software\Microsoft\Windows\CurrentVersion\Settings\ID 4
HKCU\Software\Microsoft\Windows\CurrentVersion\Settings\UID [rnd]
HKCU\Software\Microsoft\Windows\CurrentVersion\Settings\net [date of installation]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ConsentPromptBehaviorAdmin 0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ConsentPromptBehaviorUser 0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\EnableLUA 0
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exe\Debugger svchost.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCare.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCare.exe\Debugger svchost.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVENGINE.EXE
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVENGINE.EXE\Debugger svchost.exe
No comments:
Post a Comment