Update 10/16/2010 : You may want to also check out this related guide: Fake Microsoft Essentials Warning . This is the first part of the virus and we have included a video to help people remove it as well.
Description: Pest Detector is a malicious fake anti-malware application that is an exact clone of Red Cross Antivirus, Peak Protection, Major Defense Kit and AntiSpy Safeguard. Pest Detector installs itself on user systems through Trojans that get downloaded from fake security websites which exploit vulnerabilities in the system's security to get downloaded and installed without the user's knowledge. Once installed, Pest Detector immediately loads up as a Windows service, and proceeds to perform an endless number of fake security scans on the system. As a result of these fake scans, Pest Detector will report that there are viruses present on the system which are not really there. It will also generate fake security pop-ups from the Windows Taskbar, trying to convince the user that the system is infected. The aim of all this activity is to push the user into purchasing the license for the 'full' version of Pest Detector under the pretext that the currently installed 'trial' version is incapable of performing the cleanup activities needed to save the system. However, you should remember that the viruses that Pest Detector detected didn't exist in the first place, and therefore you should never pay for the license of such a fake application.
Pest Detector
» Download Pest Detector Removal Software
The first thing you should do as soon as you find a copy of this malware on your computer is initiate Pest Detector removal. In order to delete Pest Detector, it is needed to stop processes, delete files and folders and remove registry entries.
Remove Proxy Setting so You Can Connect to the Internet Again.
Pest Detector Manual Removal Procedures
The first step you need to take in order to remove Pest Detector is to stop the following processes from functioning:
- antispy.exe
- defender.exe
- tmp.exe
Delete Pest Detector Files
The next step in the process of Pest Detector removal is the deletion of the following files and folders:
- %UserProfile%\Application Data\PAV\
- %UserProfile%\Application Data\antispy.exe
- %UserProfile%\Application Data\defender.exe
- %UserProfile%\Application Data\tmp.exe
- %UserProfile%\Local Settings\Temp\kjkkklklj.bat
Now there will be no instances of Pest Detector installed on your computer any longer.
Pest Detector Registry Removal Procedures
File deletion alone is not sufficient to ensure complete Pest Detector removal. In order to remove Pest Detector completely, you should remove the following keys and settings from the Windows Registry as well:
- HKEY_CURRENT_USER\Software\PAV
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnonBadCertRecving" = "0"
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnOnPostRedirect" = "0"
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "tmp"
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce "SelfdelNT"
- HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" = "%UserProfile%\Application Data\antispy.exe"
Pest Detector Directories:
- %UserProfile%\Application Data\PAV\
We see this threat in the above folder and trace files in the Application Data folder. AKA Appdata folder for Windows 7 and Vista users.
Outside Resources:
http://forum.avira.com/wbb/index.php?page=Thread&threadID=120532
Speak Your Mind