Advanced Security Tool 2010 Removal Guide
Advanced Security Tool 2010 provide fake features like Full PC Scan, Privacy Keeper, and Firewall. It shows "It is highly recommended that you activate Advanced Security Tool to assure that your PC works correctly and has no crashes." It produces fake warning: "Your PC might be at risk. Activate the software to protect it." Don't believe all of them.
Advanced Security Tool 2010 should be removed immediately.
Advanced Security Tool 2010 Removal Guide
Kill Process
(How to kill a process effectively?)
asectool.exe
Unregister DLL files
%UserProfile%\Application Data\scan.dll
Delete Registry
HKEY_CURRENT_USER\Software\Advanced Security
HKEY_CLASSES_ROOT\BrcWizApp.BrcWiz
HKEY_CLASSES_ROOT\BrcWizApp.BrcWiz.1
HKEY_CLASSES_ROOT\CLSID\{80c10400-59cb-4c79-97ce-cc693103afca}
HKEY_CLASSES_ROOT\Interface\{4B66E1DF-4DE3-4CDA-83B5-11673EADAB0B}
HKEY_CLASSES_ROOT\Interface\{9692BE2F-EB8F-49D9-A11C-C24C1EF734D5}
HKEY_CLASSES_ROOT\TypeLib\{58B4E0F5-F122-4C02-B038-C482D998486A}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{80c10400-59cb-4c79-97ce-cc693103afca}
HKEY_CURRENT_USER\Software\Microsoft "adver_id" = "29"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = ".exe;"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "AdvSecTool"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "rundll32" = ""
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" = "%UserProfile%\Application Data\asectool.exe" /sn"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "EnableLUA" = "0"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "rundll32" = ""
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" = "explorer.exe C:\WINDOWS\system32\ntload.exe"
Remove Folders and Files
%UserProfile%\asr.dat
%UserProfile%\Application Data\1tmp.bat
%UserProfile%\Application Data\asectool.exe
%UserProfile%\Application Data\scan.dll
%UserProfile%\Application Data\secmof.tmp
%UserProfile%\Desktop\Advanced Security Tool 2010.LNK
%UserProfile%\Start Menu\Advanced Security Tool 2010.LNK
Advanced Security Tool 2010 should be removed immediately.
Advanced Security Tool 2010 Removal Guide
Kill Process
(How to kill a process effectively?)
asectool.exe
Unregister DLL files
%UserProfile%\Application Data\scan.dll
Delete Registry
HKEY_CURRENT_USER\Software\Advanced Security
HKEY_CLASSES_ROOT\BrcWizApp.BrcWiz
HKEY_CLASSES_ROOT\BrcWizApp.BrcWiz.1
HKEY_CLASSES_ROOT\CLSID\{80c10400-59cb-4c79-97ce-cc693103afca}
HKEY_CLASSES_ROOT\Interface\{4B66E1DF-4DE3-4CDA-83B5-11673EADAB0B}
HKEY_CLASSES_ROOT\Interface\{9692BE2F-EB8F-49D9-A11C-C24C1EF734D5}
HKEY_CLASSES_ROOT\TypeLib\{58B4E0F5-F122-4C02-B038-C482D998486A}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{80c10400-59cb-4c79-97ce-cc693103afca}
HKEY_CURRENT_USER\Software\Microsoft "adver_id" = "29"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = ".exe;"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "AdvSecTool"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "rundll32" = ""
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" = "%UserProfile%\Application Data\asectool.exe" /sn"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "EnableLUA" = "0"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "rundll32" = ""
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" = "explorer.exe C:\WINDOWS\system32\ntload.exe"
Remove Folders and Files
%UserProfile%\asr.dat
%UserProfile%\Application Data\1tmp.bat
%UserProfile%\Application Data\asectool.exe
%UserProfile%\Application Data\scan.dll
%UserProfile%\Application Data\secmof.tmp
%UserProfile%\Desktop\Advanced Security Tool 2010.LNK
%UserProfile%\Start Menu\Advanced Security Tool 2010.LNK
No comments:
Post a Comment