Monday, May 28, 2012

Remove Windows Defence Counsel phony antimalware to close annoying ads and prevent possible system collapse

Windows Defence Counsel fake antivirus detects names in its database of virus denomination. The database is not associated with any descriptions and recognition methods.
It may then pretend to disclose infections in random locations on your PC, or report its threats without pointing to their location peculiarities. The rogue thus runs a fake scan of your PC.
Removal of Windows Defence Counsel malware is not limited to elimination of annoying, misleading alerts only. The rogue’s influence on computer system is disastrous. In the long run, abandoning the infection leads to computer system collapse – click here to initiate free scan and get rid of Windows Defence Counsel both to eliminate annoying ads and protect your computer system.

Windows Defence Counsel screenshots:



Windows Defence Counsel activation code (helps removal):
0W000-000B0-00T00-E0020
NOTE: "Activating" Windows Defence Counsel is not enough. You need to remove related trojans \ rootkits using reliable malware removal solution.
It is important to fix Windows registry after Windows Defence Counsel malware removal using safe registry cleaner software.

Windows Defence Counsel manual removal guide:

Delete infected files:
%AppData%\NPSWF32.dll
%AppData%\Protector-[random 3 characters].exe
%AppData%\Protector-[random 4 characters].exe
%AppData%\W34r34mt5h21ef.dat
%AppData%\result.db
%CommonStartMenu%\Programs\Windows Defence Counsel.lnk
%Desktop%\Windows Defence Counsel.lnk
Delete Windows Guard Tools registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “WarnOnHTTPSToHTTPRedirect” = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableRegedit” = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableRegistryTools” = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableTaskMgr” = 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system “ConsentPromptBehaviorAdmin” = 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system “ConsentPromptBehaviorUser” = 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system “EnableLUA” = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Inspector”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings “net” = “2012-4-27_2″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings “UID” = “tovvhgxtud”
HKEY_CURRENT_USER\Software\ASProtect
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\[random].exe

No comments: