Sunday, May 13, 2012

Remove Windows Be-on Guard Edition adware and please beware of brands counterfeiting in IT security business

Windows Be-on Guard Edition has been developed by hackers using well-known graphics. Originally, many icons and pics in the program belong to legitimate owners of intellectual property rights. In the above application those items are used in violation of rights of the respective holders.
Main victims of the trickery are rather ordinary users than software development companies. People are indeed inclined to trust renowned and trustworthy brands missing to remember that the craft of counterfeiting never fades and is a booming business in IT.
The misleading program is distributed in two basic ways, each includes countless variations. The essential difference is the user's role in the loading; where user is enticed into getting the deceptive utility downloaded, that is one of the ways, a suggestive one. Another method is a shadowed introduction, in which user does not install any kind of computer utility.
Removal of Windows Be-on Guard Edition is incomparably more laborious process than its introduction, if performed manually. To get rid of Windows Be-on Guard Edition adware by means of free scan followed by cleanup, click here.

Windows Be-on Guard Edition screenshot:



Windows Be-on Guard Edition activation code (helps removal):
0W000-000B0-00T00-E0020
NOTE: "Activating" Windows Be-on Guard Edition is not enough. You need to remove related trojans \ rootkits using reliable malware removal solution.
It is important to fix Windows registry after Windows Be-on Guard Edition malware removal using safe registry cleaner software.
 
Windows Be-on Guard Edition manual removal guide:
Delete infected files:
%AppData%\NPSWF32.dll
%AppData%\Protector-[random 3 characters].exe
%AppData%\Protector-[random 4 characters].exe
%AppData%\W34r34mt5h21ef.dat
%AppData%\result.db
%CommonStartMenu%\Programs\Windows Be-on Guard Edition.lnk
%Desktop%\Windows Be-on Guard Edition.lnk
Delete Windows Be-on Guard Edition registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “WarnOnHTTPSToHTTPRedirect” = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableRegedit” = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableRegistryTools” = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableTaskMgr” = 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system “ConsentPromptBehaviorAdmin” = 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system “ConsentPromptBehaviorUser” = 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system “EnableLUA” = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Inspector”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings “net” = “2012-4-27_2″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings “UID” = “tovvhgxtud”
HKEY_CURRENT_USER\Software\ASProtect
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\[random].exe

No comments: