Friday, May 28, 2010

Security Master AV is a Self-Blamer

Security Master AV (SecurityMaster AV) is adware that states, for example, that malicious software has been found at the system it pretends to scan. It is to be noted that users often wonder finding their working stations equipped with Security Master AV. That is why the above statement appears to be a self-acquisition as Security Master AV is a malicious program and may be considered as the subject of its own security alert.
Trojans are used to disseminate Security Master AV. In case of backdoor installation you need to remove Security Master AV adware plus the related trojan. The said trojan facilitates further propagation of the adware of Security Master AV and may reinstall the adware, if it is removed.
Fake online scanners and other online advertisements are used to incline users into Security Master AV upload.
Security Master AV has been concocted from VirusDoctor family templates. Its appearance is true to VirusDoctor family clones. Security Master AV removal is of particular importance on the background of other VirusDoctor clones as the rogue is notorious for its bad impact on infected computer systems. Click here to run free computer scan and get rid of Security Master AV entirely and in safe way providing also removal of other viruses, worms, rootkits, rogue advertisers etc.

Security Master AV screenshot:


Security Master AV removal tool:


Security Master AV manual removal instructions:
Delete Security Master AV files
:
c:\Documents and Settings\All Users\Application Data\345d567\
c:\Documents and Settings\All Users\Application Data\345d567\16.mof
c:\Documents and Settings\All Users\Application Data\345d567\mozcrt19.dll
c:\Documents and Settings\All Users\Application Data\345d567\SM345d.exe
c:\Documents and Settings\All Users\Application Data\345d567\SMAV.ico
c:\Documents and Settings\All Users\Application Data\345d567\sqlite3.dll
c:\Documents and Settings\All Users\Application Data\345d567\Quarantine Items\
c:\Documents and Settings\All Users\Application Data\345d567\SMAVSys\
c:\Documents and Settings\All Users\Application Data\345d567\SMAVSys\vd952342.bd
c:\Documents and Settings\All Users\Application Data\SMNPCTCAV\
c:\Documents and Settings\All Users\Application Data\SMNPCTCAV\SMMPIBBZGHAV.cfg
%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Security Master AV.lnk
%UserProfile%\Application Data\Security Master AV\
%UserProfile%\Application Data\Security Master AV\cookies.sqlite
%UserProfile%\Desktop\Security Master AV.lnk
%UserProfile%\Recent\ANTIGEN.dll
%UserProfile%\Recent\CLSV.dll
%UserProfile%\Recent\DBOLE.exe
%UserProfile%\Recent\DBOLE.tmp
%UserProfile%\Recent\ddv.sys
%UserProfile%\Recent\energy.tmp
%UserProfile%\Recent\exec.dll
%UserProfile%\Recent\FS.sys
%UserProfile%\Recent\kernel32.drv
%UserProfile%\Recent\PE.dll
%UserProfile%\Recent\runddl.dll
%UserProfile%\Recent\runddl.sys
%UserProfile%\Recent\runddlkey.drv
%UserProfile%\Recent\sld.drv
%UserProfile%\Recent\sld.exe
%UserProfile%\Recent\sld.sys
%UserProfile%\Recent\tempdoc.tmp
%UserProfile%\Recent\tjd.tmp
%UserProfile%\Start Menu\Security Master AV.lnk
%UserProfile%\Start Menu\Programs\Security Master AV.lnk
Delete Security Master AV registry entries:
HKEY_CURRENT_USER\Software\3
HKEY_CLASSES_ROOT\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}
HKEY_CLASSES_ROOT\SM345d.DocHostUIHandler
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes “URL” = “http://findgala.com/?&uid=7&q={searchTerms}”
HKEY_CURRENT_USER\Software\Classes\Software\Microsoft\Internet Explorer\SearchScopes “URL” = “http://findgala.com/?&uid=7&q={searchTerms}”
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “RunInvalidSignatures” = “1″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Security Master AV”
HKEY_CLASSES_ROOT\Software\Microsoft\Internet Explorer\SearchScopes “URL” = “http://findgala.com/?&uid=7&q={searchTerms}”
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “CheckExeSignatures” = “no”

No comments: