Posts Comments

My Security Wall Removal

By admin on February 21, 2010 Leave a Comment

Visus Brief: My Security Wall is a fake anti-spyware that is in fact the well-known rogue software known as Virus Doctor appearing under a different name. It uses scare tactics to try and get users to pay for a software license. My Security Wall reaches user computers via Trojans and through fake online virus scanners. Once installed, this rogue software creates a large number of harmless files within the file system. It then performs fake system scans, returning results that point to the above created harmless files as dangerous viruses. My Security Wall also gives false threat warnings that state that the system is under attack from remote hackers. After generating all these fake warnings, My Security wall urges the user to purchase the ‘full’ version of the software, claiming that the currently installed ‘trial’ version cannot remove the detected ‘threats’. However, as My Security Wall is a fake program, it is important to remember that its so-called ‘full’ version is just as incapable of scanning or cleaning the system as the ‘trial’ version.

My Security Wall

My Security Wall

» Download My Security Wall Removal Software

In order to remove My Security Wall, you must stop its processes, unregister its DLL files, delete its files and folders and remove its registry entries.

My Security Wall Manual Removal Procedures

The first step you need to complete in order to remove My Security Wall is to stop the following processes:

  • MS339.exe
  • ppal.exe
  • kernel32.exe

Next, it is necessary to unregister the following DLLs:

  • tempdoc.dll
  • mozcrt19.dll
  • sqlite3.dll
  • exec.dll

As the final step in file removal, the following files and folders should be deleted:

  • C:\Documents and Settings\All Users\Application Data\117fc\MS339.exe
  • c:\Documents and Settings\All Users\Application Data\MSEAIVCW
  • c:\Documents and Settings\All Users\Application Data\MSEAIVCW\MSGWBQLMRPW.cfg
  • c:\Documents and Settings\All Users\Application Data\117fc
  • c:\Documents and Settings\All Users\Application Data\117fc\MSW.ico
  • c:\Documents and Settings\All Users\Application Data\117fc\7463.mof
  • c:\Documents and Settings\All Users\Application Data\117fc\mozcrt19.dll
  • c:\Documents and Settings\All Users\Application Data\117fc\sqlite3.dll
  • c:\Documents and Settings\All Users\Application Data\117fc\BackUp\Adobe Reader Speed Launch.lnk
  • c:\Documents and Settings\All Users\Application Data\117fc\BackUp
  • c:\Documents and Settings\All Users\Application Data\117fc\BackUp\Adobe Reader Synchronizer.lnk
  • c:\Documents and Settings\All Users\Application Data\117fc\MSWSys
  • c:\Documents and Settings\All Users\Application Data\117fc\MSWSys\vd952342.bd
  • c:\Documents and Settings\All Users\Application Data\117fc\Quarantine Items
  • %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\My Security Wall.lnk
  • %UserProfile%\Application Data\My Security Wall
  • %UserProfile%\Application Data\My Security Wall\cookies.sqlite
  • %UserProfile%\Desktop\My Security Wall.lnk
  • %UserProfile\Recent\ANTIGEN.tmp
  • %UserProfile\Recent\dudl.sys
  • %UserProfile\Recent\energy.drv
  • %UserProfile\Recent\exec.dll
  • %UserProfile\Recent\exec.drv
  • %UserProfile\Recent\grid.drv
  • %UserProfile\Recent\hymt.drv
  • %UserProfile\Recent\kernel32.exe
  • %UserProfile\Recent\pal.drv
  • %UserProfile\Recent\PE.drv
  • %UserProfile\Recent\ppal.exe
  • %UserProfile\Recent\tempdoc.dll
  • %UserProfile\Recent\tempdoc.drv
  • %UserProfile\Recent\tjd.tmp
  • %UserProfile%\Start Menu\My Security Wall.lnk
  • %UserProfile%\Start Menu\Programs\My Security Wall.lnk
  • c:\Program Files\Mozilla Firefox\searchplugins\search.xml

Once these steps have been completed, My Security Wall no longer resides on your hard disk. In order to make sure that the steps describing how to remove My Security Wall have been carefully followed it is recommended to scan the entire PC using genuine antivirus software such as SpyHunter.

My Security Wall Registry Removal Proedures

Removing files and folders alone is not sufficient to completely get rid of My Security Wall. The following registry keys and settings inserted by My Security Wall should also be removed:

  • HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes “URL” = “http://findgala.com/?&uid=7&q={searchTerms}”
  • HKEY_CURRENT_USER\Software\Classes\Software\Microsoft\Internet Explorer\SearchScopes “URL” = “http://findgala.com/?&uid=7&q={searchTerms}”
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “RunInvalidSignatures” = “1”
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform “Build/13.00007”
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “My Security Wall”
  • HKEY_CLASSES_ROOT\Software\Microsoft\Internet Explorer\SearchScopes “URL” = “http://findgala.com/?&uid=7&q={searchTerms}”
  • HKEY_CLASSES_ROOT\xp_5f014.DocHostUIHandler

Delete My Security Wall Directories:

%UserProfile%\Application Data\My Security Wall

Outside Resources:

http://www.bleepingcomputer.com/virus-removal/remove-my-security-wall

http://www.myantispyware.com/2010/02/12/how-to-remove-my-security-wall-removal-guide/

Filed Under: Virus Removal Tagged With: , , , ,

Speak Your Mind

*

RemoveVirus.org cannot be held liable for any damages that may occur from using our community virus removal guides. Viruses cause damage and unless you know what you are doing you may loose your data. We strongly suggest you backup your data before you attempt to remove any virus. Each product or service is a trademark of their respective company. We do make a commission off of each product we recommend. This is how removevirus.org is able to keep writing our virus removal guides. All Free based antivirus scanners recommended on this site are limited. This means they may not be fully functional and limited in use. A free trial scan allows you to see if that security client can pick up the virus you are infected with.