Thursday 15 August 2013

How to Get Rid of Antiviral Factory 2013 Malware

Most of us are at least a little aware of the dangers caused by malicious software but what if there was a form of malware that purported to be safe and to protect you from harm when in actual fact it was the very thing that was infecting your PC and inflicting damage on your computer or your bank account? It all sounds very underhand doesn’t it, but that’s exactly what rogue security software called Antiviral Factory 2013 does.

Let’s take a closer look at the issue because in some situations, this one included, ignorance is most definitely NOT bliss.

Antiviral Factory 2013 can be very dangerous and if you’re not completely sure what you’re looking for if you wish to install security software on your PC or laptop, you may well end up downloading and paying for something that is either useless – or worse – malicious. And even more galling is the thought that you’ve been conned and are merely being used to line the pockets of unscrupulous cyber criminals.


As more and more of us are getting more computer savvy it is easy to fall into the trap of thinking that we know what we’re doing online and what we’re downloading but that may not be the case.

Antiviral Factory 2013 works by convincing you that your computer is riddled with viruses and that it has lots of different forms of malware or unwanted software installed on it.

It usually finds its way on to your machine either after you have unwittingly visited a malicious web site or it will exploit some vulnerable lapse in your PC’s existing security. You will then see a pop up window which will normally look very professional or will have even been designed to emulate a reputable anti-virus software brand. The pop up box will ask you if you want to run a scan on your computer and guess what happens if you click ‘yes’? After pretending to have scanned your machine the fake software will return results telling you that you have dozens of potentially very dangerous issues on your system. Now that’s a surprise!



You are probably already one step ahead of me at this point and have already guessed that if you want the software to ‘remedy the problem’ you will need to pay for it. Not only will entering your credit card details into the software’s system mean that you are in effect paying for absolutely nothing, but you’re also handing over sensitive information to people whose aim is to extort money out of innocent web users. Antiviral Factory 2013 isn’t cheap either; often retailing for somewhere in the region of $50 to $100 per time. But when you’re faced with a realistic looking warning from what you believe to be a computer program that is trying to help you, and you believe that your online security, files, documents and data are at risk, doesn’t it seem so much easier just to get rid of the threat there and then by clicking the ‘pay now’ button.

In order to get rid of Antiviral Factory 2013 malware, please follow the removal instructions below. Even though you can remove the core files of this malware manually, I highly recommend you scanning the system with anti-malware software. Very often, this rogue security program comes bundled with Trojans and rootkits. If you won't remove these, you may end up with even worse situation than this. If you have any questions or suggestions, please leave a comment below. Your thoughts are always welcome. Good luck and be safe online!

Written by Michael Kaur, http://deletemalware.blogspot.com


Method 1: Antiviral Factory 2013 removal guide using activation key:

1. Open Antiviral Factory 2013. Click the "Registration" button.



Enter the Antiviral Factory 2013 activation key given below and click "Activate" to activate the rogue antivirus program. Don't worry, this is completely legal since it's not genuine software.

AA39754E-715219CE




Once this is done, you are free to install recommended anti-malware software and remove Antiviral Factory 2013 malware from your computer.

2. Download recommended anti-malware software (direct download) and run a full system scan to remove this malware from your computer.





NOTE: if you can't run anti-malware software, rename the installer to winlogon.exe and try again.


Method 2: Antiviral Factory 2013 removal in Safe Mode with Networking:

1. Reboot your computer is "Safe Mode with Networking". As the computer is booting tap the "F8 key" continuously which should bring up the "Windows Advanced Options Menu" as shown below. Use your arrow keys to move to "Safe Mode with Networking" and press Enter key.


NOTE: Login as the same user you were previously logged in with in the normal Windows mode.

2. Download recommended anti-malware software (direct download) and run a full system scan to remove this malware from your computer.





NOTE: if you can't run anti-malware software, rename the installer to iexplore.exe and try again.


Method 3: Antiviral Factory 2013 manual removal guide:

1. First of all, go to your Desktop and right click the Antiviral Factory 2013.lnk shortcut file and select Properties.



2. Select Shortcut tab. Find the location of Antiviral Factory 2013 executable file (target location). It should be a randomly named file. Simply click the Find Target button.



3. Browser to the executable file. Rename it, for instance to virus.exe. Restart Windows.



4. Download recommended anti-malware software (direct download) and run a full system scan to remove this malware from your computer.





NOTE: if you can't run anti-malware software, rename the installer to winlogon.exe and try again.

    Monday 12 August 2013

    How to Get Rid of PC Defender 360

    The main aim of PC Defender 360 is to trick you into believing that it is something that will benefit you by keeping you safe and secure when you’re online however nothing could be further from the truth. Unlike genuine security software, PC Defender 360 is completely fake and give you scant, or in the majority of cases, no protection whatsoever. What it will do, however, is to generate alerts in the form of pop-up windows which attempt to coerce you into handing over your hard earned cash for a product which is virtually useless.


    PC Defender 360 is also often called ‘scareware’ – and for good reason. This rogue security program deceives you into thinking it is the real deal and instead of you purchasing something which you believe is going to protect your computer, you may actually be wasting your money, handing over your credit card details to a less than honest third party and simply walking right in to the trap that these cyber criminals have laid for you.

    So why should you be aware of PC Defender 360? You might think the chances of you being a target are minimal but I'm sorry to say that no computer user is exempt and not only that but the number of rogue security software scams are on a slight increase.

    So what can you do to protect yourself, your computer and your bank account and how can you prevent yourself from falling for a scam? First of all do not fall for their scare tactics. If you do see pop-up windows extolling sinister sounding warnings, for example PC Defender 360 Firewall Alert, when you’re browsing the web immediately be on your guard.


    One other thing to look out for is that the makers of PC Defender 360 try and trick you into thinking they’re genuine by making their pop-up messages look just like those of real providers.

    What is more, this rogue security program changes Windows registry keys, so that you won't be able to use your web browser, anti-virus and even Paint. Pretty much every application on your computer will be blocked claiming that it's infected and may harm your machine. But we all know that this is a big fat lie.

     If you can't remove it from your computer, please follow the removal guide below. I wrote a few possible solutions and I'm pretty sure at least one of them will work for you. Please note that this infection is not the same for everyone. PC Defender 360 is often bundled with other malware, so there's a good chance that you have a combination of a rogue program and rootkit, or rogue program and password stealing trojan. These combos are very popular, that's why you should scan your computer with recommended anti-malware software. If you have any questions, please leave a comment below. Good luck and be safe online!

    Written by Michael Kaur, http://deletemalware.blogspot.com


    Method 1: Manual activation and PC Defender 360 removal:

    1. Open PC Defender 360 and select Registration or simply choose to remove threats and manually activate the rogue antivirus program. Enter the following key and click Activate.

    ?O?Z?L?W?I?T?F?Q?C?N?Y?K?V?H?S?E



    2. Then download recommended anti-malware software (direct download) and run a full system scan to remove this rogue security program and related malware from your computer.


    Method 2: Get rid of PC Defender 360 in Safe Mode with Networking:

    1. Please reboot your computer is "Safe Mode with Networking". As the computer is booting tap the "F8 key" continuously which should bring up the "Windows Advanced Options Menu" as shown below. Use your arrow keys to move to "Safe Mode with Networking" and press Enter key.


    NOTE: Login as the same user you were previously logged in with in the normal Windows mode.

    2. Then download recommended anti-malware software (direct download) and run a full system scan to remove the rogue program from your computer.


    Method 3: Manual PC Defender 360 removal instructions:

    Make sure that you can see hidden and operating system protected files in Windows. For more in formation, please read Show Hidden Files and Folders in Windows.

    Under the Hidden files and folders section, click Show hidden files and folders, and remove the checkmarks from the checkboxes labeled:
    • Hide extensions for know file types
    • Hide protected operating system files
    Click OK to save the changes.


    1. Right click on the "PC Defender 360" icon, click Properties in the drop-down menu, then click the Shortcut tab.



    In the Target box there is a path to the malicious file. You can simply click the Target button to open the target folder.



    In my case the malicious file was located in: C:\Documents and Settings\All Users\Application Data\ifdstore folder.

    2. The malicious file was called pcdefender.exe, but I'm sure that the file name will be different in your case.



    Rename pcdefender.exe to virus.exe and click Yes to confirm file rename. Restart your computer!



    3. After a restart, copy all the text in bold below and paste to Notepad.

    Windows Registry Editor Version 5.00

    [HKEY_CLASSES_ROOT\.exe]
    @="exefile"
    "Content Type"="application/x-msdownload"

    4. Save file as fix.reg to your Desktop. NOTE: (Save as type: All files)


    5. Double-click on fix.reg file to run it. Click "Yes" for Registry Editor prompt window. Then click OK.

    6. Open your web browser. Download FixExec utility an run it.

    7. Download recommended anti-malware software (direct download) and run a full system scan to fully remove this malware from your computer.

    Tuesday 6 August 2013

    What is MagniPic.exe and how to remove it?

    MagniPic.exe - Updater by MagniPic


    What is MagniPic.exe?


    MagniPic.exe belongs to an application called MagniPic which allows you to magnify Facebook images just by hovering over them. I'm not quite sure whether it's a good application to have or not, maybe someone will find it very useful but there's definitely something everyone has to know before installing it. MagniPic.exe is detected as Adware or PUP by most antivirus programs, for example PUP.Adware.MagniPic. There are a few antivirus engines that flag this application as a Trojan horse because it collects browsing information and then sends it to remote servers without your knowledge and permission. Usually, Trojans do the same thing. When your computer is infected you will notice that words get underlined and hovering over them shows popup advertisements (see the image below). Very often, it comes bundled with PrivitizeVPN and other potentially unwanted applications. It may also cause all web browsers to freeze. Some users noticed that their PCs suddenly became noticeably slower after installing MagniPic. To conclude, it's not essential for Windows and may cause problems. I recommend you to remove MagniPic.exe from your computer and run a full system scan with recommended anti-malware software.


    Security Rating: Potentially Dangerous

    File name: MagniPic.exe
    Publisher: MagniPic
    File Location Windows XP: C:\Documents and Settings\All Users\Application Data\Premium\MagniPic\MagniPic.exe
    File Location Windows 7: C:\ProgramData\Premium\MagniPic\MagniPic.exe
    Startup file: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run 'Updater'

    Thursday 1 August 2013

    Remove cloud-connect.net virus (Removal Guide)

    Cloud-connect.net is a tracking website which is also used to display pop up ads on infected computers. If you get pop up ads from this website then your computer is infected with adware and malicious web browser extensions. Usually, it's called browser hijacking. It is an irritating practice and one that is pretty much as the name suggests. What happens if you’ve been hijacked is that malicious software or websites (or sometimes both) display ads or change your default browser settings without either your knowledge or your permission – i.e. your browser has been taken over by force – it has been hijacked.

    What this then means is that virus which causes cloud-connect.net popups to show up will redirect you to a web page that you may have no interest in visiting. These websites are usually stuffed full of adverts, are gambling sites, weight loss sites or fake flash player update websites. Maybe you don’t actually mind visiting these sites but chances are you were trying to reach a completely different online destination in the first place before you got redirected so it can still be annoying. You will probably also find that you are bombarded with a never ending rotation of pop-up adverts.


    To remove cloud-connect.net virus from your computer you will have to uninstall recently installed applications and scan your computer with recommend anti-malware software. Pop-up blockers rarely help in such cases. Re-installing your web browser probably won't help you either. Anti-malware applications should be able to identify the browser hijacker and will then either scan your infected files and make them immune to further hijacking or they will allow you see all of the programs that are on your system the next time you log on so that you can choose which ones you allow to run.

    If you’ve run the scan and rebooted your system and you’ve still not managed to get rid of the cloud-connect.net virus, then you have picked up a very nasty strain of hijacking and you will probably need to seek professional help as the browser hijacker will very likely have been installed onto your PC via another application that was installed without your knowledge or permission. In these cases the malicious software is notoriously difficult to even find on your computer as it will have been hidden deep in the depths of your system making it virtually impossible for a regular PC user to find and delete.

    And if you don’t have anti-malware software installed on your PC – as soon as you’ve got the problem sorted out that should be the very next thing that you do before you become the victim of a browser hijacking for the second time!

    If you have any questions or need help removing this malware from your computer, please leave a comment below. Just make sure you did everything correctly as explained in the removal guide below. Good luck and be safe online!

    Written by Michael Kaur, http://deletemalware.blogspot.com


    Cloud-connect.net virus removal instructions:

    1. First of all, download recommended anti-malware software and run a full system scan. It will detect and remove this infection from your computer. You may then follow the manual removal instructions below to remove the leftover traces of this browser hijacker. Hopefully you won't have to do that.





    2. Uninstall recently installed applications including web browser extensions and related programs from your computer using the Add/Remove Programs control panel (Windows XP) or Uninstall a program control panel (Windows 7 and Windows 8).

    Go to the Start Menu. Select Control PanelAdd/Remove Programs.
    If you are using Windows Vista or Windows 7, select Control PanelUninstall a Program.



    If you are using Windows 8, simply drag your mouse pointer to the right edge of the screen, select Search from the list and search for "control panel".



    Or you can right-click on a bottom left hot corner (formerly known as the Start button) and select Control panel from there.



    3. When the Add/Remove Programs or the Uninstall a Program screen is displayed, scroll through the list of currently installed programs and remove Auto-Lyrics, DownloadTerms, LyricsPal, FindLyrics, LyricsContainer and any other recently installed application.



    Simply select the application and click Remove. If you are using Windows Vista, Windows 7 or Windows 8, click Uninstall up near the top of that window. When you're done, please close the Control Panel screen.


    Remove cloud-connect.net from Google Chrome:

    1. Click on Chrome menu button. Go to ToolsExtensions.



    2. Click on the trashcan icon to remove Auto-Lyrics, DownloadTerms, LyricsPal, FindLyrics, LyricsContainer or any other recently installed extension.




    Remove cloud-connect.net from Mozilla Firefox:

    1. Open Mozilla Firefox. Go to ToolsAdd-ons.



    2. Select Extensions. Remove Auto-Lyrics, DownloadTerms, LyricsPal, FindLyrics, LyricsContainer or any other recently installed extension. Close the window.




    Remove cloud-connect.net from Internet Explorer:

    1. Open Internet Explorer. Go to ToolsManage Add-ons.




    2. Select Toolbars and Extensions. Remove Auto-Lyrics, DownloadTerms, LyricsPal, FindLyrics, LyricsContainer Internet Explorer add-ons.