Visus Brief: My Security Wall is a fake anti-spyware that is in fact the well-known rogue software known as Virus Doctor appearing under a different name. It uses scare tactics to try and get users to pay for a software license. My Security Wall reaches user computers via Trojans and through fake online virus scanners. Once installed, this rogue software creates a large number of harmless files within the file system. It then performs fake system scans, returning results that point to the above created harmless files as dangerous viruses. My Security Wall also gives false threat warnings that state that the system is under attack from remote hackers. After generating all these fake warnings, My Security wall urges the user to purchase the ‘full’ version of the software, claiming that the currently installed ‘trial’ version cannot remove the detected ‘threats’. However, as My Security Wall is a fake program, it is important to remember that its so-called ‘full’ version is just as incapable of scanning or cleaning the system as the ‘trial’ version.
My Security Wall
» Download My Security Wall Removal Software
In order to remove My Security Wall, you must stop its processes, unregister its DLL files, delete its files and folders and remove its registry entries.
My Security Wall Manual Removal Procedures
The first step you need to complete in order to remove My Security Wall is to stop the following processes:
- MS339.exe
- ppal.exe
- kernel32.exe
Next, it is necessary to unregister the following DLLs:
- tempdoc.dll
- mozcrt19.dll
- sqlite3.dll
- exec.dll
As the final step in file removal, the following files and folders should be deleted:
- C:\Documents and Settings\All Users\Application Data\117fc\MS339.exe
- c:\Documents and Settings\All Users\Application Data\MSEAIVCW
- c:\Documents and Settings\All Users\Application Data\MSEAIVCW\MSGWBQLMRPW.cfg
- c:\Documents and Settings\All Users\Application Data\117fc
- c:\Documents and Settings\All Users\Application Data\117fc\MSW.ico
- c:\Documents and Settings\All Users\Application Data\117fc\7463.mof
- c:\Documents and Settings\All Users\Application Data\117fc\mozcrt19.dll
- c:\Documents and Settings\All Users\Application Data\117fc\sqlite3.dll
- c:\Documents and Settings\All Users\Application Data\117fc\BackUp\Adobe Reader Speed Launch.lnk
- c:\Documents and Settings\All Users\Application Data\117fc\BackUp
- c:\Documents and Settings\All Users\Application Data\117fc\BackUp\Adobe Reader Synchronizer.lnk
- c:\Documents and Settings\All Users\Application Data\117fc\MSWSys
- c:\Documents and Settings\All Users\Application Data\117fc\MSWSys\vd952342.bd
- c:\Documents and Settings\All Users\Application Data\117fc\Quarantine Items
- %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\My Security Wall.lnk
- %UserProfile%\Application Data\My Security Wall
- %UserProfile%\Application Data\My Security Wall\cookies.sqlite
- %UserProfile%\Desktop\My Security Wall.lnk
- %UserProfile\Recent\ANTIGEN.tmp
- %UserProfile\Recent\dudl.sys
- %UserProfile\Recent\energy.drv
- %UserProfile\Recent\exec.dll
- %UserProfile\Recent\exec.drv
- %UserProfile\Recent\grid.drv
- %UserProfile\Recent\hymt.drv
- %UserProfile\Recent\kernel32.exe
- %UserProfile\Recent\pal.drv
- %UserProfile\Recent\PE.drv
- %UserProfile\Recent\ppal.exe
- %UserProfile\Recent\tempdoc.dll
- %UserProfile\Recent\tempdoc.drv
- %UserProfile\Recent\tjd.tmp
- %UserProfile%\Start Menu\My Security Wall.lnk
- %UserProfile%\Start Menu\Programs\My Security Wall.lnk
- c:\Program Files\Mozilla Firefox\searchplugins\search.xml
Once these steps have been completed, My Security Wall no longer resides on your hard disk. In order to make sure that the steps describing how to remove My Security Wall have been carefully followed it is recommended to scan the entire PC using genuine antivirus software such as SpyHunter.
My Security Wall Registry Removal Proedures
Removing files and folders alone is not sufficient to completely get rid of My Security Wall. The following registry keys and settings inserted by My Security Wall should also be removed:
- HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes “URL” = “http://findgala.com/?&uid=7&q={searchTerms}”
- HKEY_CURRENT_USER\Software\Classes\Software\Microsoft\Internet Explorer\SearchScopes “URL” = “http://findgala.com/?&uid=7&q={searchTerms}”
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “RunInvalidSignatures” = “1”
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform “Build/13.00007”
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “My Security Wall”
- HKEY_CLASSES_ROOT\Software\Microsoft\Internet Explorer\SearchScopes “URL” = “http://findgala.com/?&uid=7&q={searchTerms}”
- HKEY_CLASSES_ROOT\xp_5f014.DocHostUIHandler
Delete My Security Wall Directories:
%UserProfile%\Application Data\My Security Wall
Outside Resources:
http://www.bleepingcomputer.com/virus-removal/remove-my-security-wall
http://www.myantispyware.com/2010/02/12/how-to-remove-my-security-wall-removal-guide/
Speak Your Mind