One thing I noticed about this program, is that the website looks quite professional and appears in the number 1 spot in google when you search for keyword “Virus Trigger 2009″. Nasty huh.

Time to check this baby out.

After firing up my dummy box, I proceeded to download Virus Trigger 2009.

Screenshots

Like most Rogue Spyware applications, its hard to actually minimize or close the Virus Trigger window, especially when it prompts you to purchase the application.

Manual Removal of Virus Trigger 2009

The Solution

Whilst you can manually remove “Virus Trigger 2009″ by simply deleting registry keys and files as per the manual removal stage featured above, its much easier to remove “Virus Trigger 2009″ simply by using PCTools Spyware Doctor..

%productBox%

No related posts.

Ultra Antivirus 2009 pretends to be a “Anti-Spyware” program, often tricking users into thinking its a legitimate program. The main goal of Ultra Antivirus 2009 is to trick users into purchasing the software, often by providing fake scan results and informing the user that the software detected threats on the computer.

But alas that is not true, and when reality kicks in; your computer is in fact fine. Ultra Antivirus 2009′s main goal is to get you to Purchase Their Product!

For gods sake DON’T DO IT!

Screenshots

Analysis Stage

Ultra Antivirus 2009 installs itself into the following folder.
c:\program files\UltraAv <- Delete this folder!

Through some analysis, I uncovered that Ultra Antivirus 2009 connects to the following server in order to retrieve new information regarding payment details.
Internet Protocol, Src: 91.208.0.223 (91.208.0.223)
Not Good ..

Removing from Startup
To remove this program from starting up when your computer starts, following these instructions

1) Click the start menu, then run
2) Type "msconfig" and hit enter
3) Click the startup Tab
4) Untick "UltraAV"
5) Reboot

The Solution

Whilst you can manually remove Spyware protector by simply deleting registry keys and files as per the Analysis stage featured above, its much easier to remove Ultra Antivirus 2009 simply by using PCTools Spyware Doctor.

%productBox%

No related posts.

For those that don’t know, a “Rogue Anti-Spyware” program is a fairly new form of threat that entices users to download a program to protect their PC, but in fact the software they download is a form of malware, designed to entice users to pay for the software, in order to remove it. The main goal of Rogue Anti-Spyware programs is to make money, infecting and performing unwanted actions on your PC is just a measure in order to get you to “pay up”.

I wanted to see this MS AntiVirus 2008 program in action, so I fired up my Windows XP test box and gave it a whirl.

First I infected my PC with the MS AntiVirus program

See how MS AntiVirus 2008 looks and behaves like an AntiSpyware program, designed to trick the user that it is a legitimate program.

Fake infection

The below screenshot shows MS AntiVirus 2008 telling me that my system is infected. Rogue AntiSpyware often uses “fake spyware results” to inject fear into the user, so they feel the need to buy the software to remove the “fake results”.

MS AntiVirus 2008 communicating to a third party

The below screenshot shows packet sniffing software “WireShark”, detecting MS AntiVirus 2008 talking to a third party web service, namely a MACOS web server called “WebObjects” – nasty stuff.

Okay its time to get rid of this nasty program, time to whip out AdAlert.

Removing MS AntiVirus XP with AdAlert

I cracked open AdAlert and performed a full scan; below are the results.

No related posts.

Kill the process

First of all, kill the executable which should show in your processes list as

“AntiMalwareGuard_Free[1].exe”.

Remove registry entries

Next, fire up regedit (Start>run>regedit) and proceed to delete the following keys/folders if they exist.

HKEY_LOCAL_MACHINE/Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\AntiMalwareGuard

HKEY_CURRENT_USER/Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\AntiMalwareGuard

Reboot

Reboot your computer and AntiMalware Guard should be gone!

However I cannot state this enough, you must install and have an up to date AntiVirus and AntiSpyware application to stop threats like this from entering your computer in the first place. I’ve reviewed popular antispyware products AdAlert and NoAdware here.

No related posts.