Security Master AV Descriptions:
Security Master AV is one more rogueware which has supplemented the long list of fake softwares, including Security Guard, My Security Engine and a long list of others.
One of the most possible way to get Security Master AV installed on your PC is to use the online scanner. We advise you to keep away from any computer scanners. As soon as Security Master AV is on your PC, it will start a set of planned actions, beginning from scanning your PC and ending with throwing alerts and different warnings on your screen.
Be sure not to trust any scan results or notifications. Keep in mind that Security Master AV is designed to steal your money.
Follow the removal instructions and get rid of Security Master AV or use Spyware Detection Utility to remove the rogueware automatically.
Manual Removal Instructions:
Stop These Processes:
(Learn how to do this)
std.exe
PE.exe
ANTIGEN.exe
SM8d7c.exe
Find and Delete These Files:
(Learn how to do this)
%UserProfile%\Recent\ANTIGEN.drv
%UserProfile%\Recent\ANTIGEN.exe
%UserProfile%\Recent\cid.dll
%UserProfile%\Recent\CLSV.drv
%UserProfile%\Recent\DBOLE.sys
%UserProfile%\Recent\ddv.dll
%UserProfile%\Recent\ddv.sys
%UserProfile%\Recent\energy.tmp
%UserProfile%\Recent\FS.drv
%UserProfile%\Recent\gid.drv
%UserProfile%\Recent\PE.drv
%UserProfile%\Recent\PE.exe
%UserProfile%\Recent\PE.sys
%UserProfile%\Recent\PE.tmp
%UserProfile%\Recent\std.exe
%UserProfile%\Recent\tjd.drv
%UserProfile%\Recent\tjd.sys
%UserProfile%\Recent\runddlkey.dll
c:\Documents and Settings\All Users\Application Data\345d567\
c:\Documents and Settings\All Users\Application Data\345d567\16.mof
c:\Documents and Settings\All Users\Application Data\345d567\mozcrt19.dll
c:\Documents and Settings\All Users\Application Data\345d567\SM345d.exe
c:\Documents and Settings\All Users\Application Data\345d567\SMAV.ico
c:\Documents and Settings\All Users\Application Data\345d567\sqlite3.dll
c:\Documents and Settings\All Users\Application Data\345d567\Quarantine Items\
c:\Documents and Settings\All Users\Application Data\345d567\SMAVSys\
c:\Documents and Settings\All Users\Application Data\345d567\SMAVSys\vd952342.bd
c:\Documents and Settings\All Users\Application Data\SMNPCTCAV\
c:\Documents and Settings\All Users\Application Data\SMNPCTCAV\SMMPIBBZGHAV.cfg
Remove These Registry Values:
(Learn how to do this)
HKEY_CLASSES_ROOT\SMAVSys.DocHostUIHandler
HKEY_CLASSES_ROOT\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}
HKEY_CLASSES_ROOT\Software\Microsoft\Internet Explorer\SearchScopes “URL” = “http://findgala.com/?&uid=7&q={searchTerms}”
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes “URL” = “http://findgala.com/?&uid=7&q={searchTerms}”
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “CheckExeSignatures” = “no”
HKEY_CURRENT_USER\Software\Classes\Software\Microsoft\Internet Explorer\SearchScopes “URL” = “http://findgala.com/?&uid=7&q={searchTerms}”
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “RunInvalidSignatures” = “1″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Security Master AV”
HKEY_CURRENT_USER\Software\3
No related posts.
