Monday, June 25, 2012

Remove Windows Pro Defence fake antivirus in the course of real disinfection for your computer system

Windows Pro Defence does not mind user’s opinion on programs to be installed as hackers inject it immediately using exploits.
If it is user who completes the program installation, the user’s actions are provoked by misleading information on program features.
Get rid of Windows Pro Defence as yet another antivirus that has proven to be fake. Besides, it has been found destructive, namely to delete valuable info and change system settings to less secure state. Instead of protecting your working station the bogus antimalware exposes it to viruses.
Click the link so that free computer inspection could get started and complete Windows Pro Defence removal as a part of your computer disinfection. 

Windows Pro Defence screenshot: 


Windows Pro Defence activation code (helps removal):

0W000-000B0-00T00-E0020
NOTE: "Activating" Windows Pro Defence is not enough. You need to remove related trojans \ rootkits using reliable malware removal solution.
It is important to fix Windows registry after Windows Pro Defence malware removal using safe registry cleaner software.

Windows Pro Defence manual removal guide:
Delete infected files:
%AppData%\NPSWF32.dll
%AppData%\Protector-[random 3 characters].exe
%AppData%\Protector-[random 4 characters].exe
%AppData%\W34r34mt5h21ef.dat
%AppData%\result.db
%CommonStartMenu%\Programs\Windows Pro Defence.lnk
%Desktop%\Windows Pro Defence.lnk
Delete Windows Pro Defence registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “WarnOnHTTPSToHTTPRedirect” = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableRegedit” = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableRegistryTools” = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableTaskMgr” = 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system “ConsentPromptBehaviorAdmin” = 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system “ConsentPromptBehaviorUser” = 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system “EnableLUA” = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Inspector”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings “net” = “2012-4-27_2″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings “UID” = “tovvhgxtud”
HKEY_CURRENT_USER\Software\ASProtect
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\[random].exe

No comments: