March 12, 2008

How to remove Suspicious Application 'MalwareCore' ?

Suspicious Application MalwareCore removal tips...

1. Disable System Restore (Windows Me/XP)

If you are using Windows XP or Windows ME, You must disable or turn off System Restore before Virus scan because the _Restore folder is protected by default. Antivirus cannot remove virus or any malicious files inside _Restore folder. Windows prevents outside programs,including antivirus programs, from modifying System Restore. The System Restore feature is not designed to detect or scan for virus infections or virus activity.
How to disable System Restore ?

2. Update computer anti virus software with latest virus definitions.

3. Backup system registry.

You must backup System registry before editing the registry because it contains information and settings for all the hardware, operating system software, most non-operating system software, users, preferences of the PC, etc. Any wrong changes will lead you to more problems.
How to backup Windows Registry ?

4. Restart your system in safe-mode.

An operating system in safe mode will have reduced functionality, but the task of isolating problems is easier because many non-core components are disabled (turned off). An installation that will only boot into its safe mode typically has a major problem, such as disk corruption or the installation of poorly configured software that prevents the operating system from successfully booting into its normal operating mode.
How to start your system in safe-mode ?

5. Run a full system virus scan using your updated anti virus program.

6. Delete these values and subkeys added to registry.


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\"MalwareCore 7.4" = "%ProgramFiles%\MalwareCore 7.4\MalwareCore 7.4.exe"

HKEY_CLASSES_ROOT\AppID\MalwareWipe.EXE

HKEY_CLASSES_ROOT\AppID\{70F17C8C-1744-41B6-9D07-575DB448DCC5}

HKEY_CLASSES_ROOT\CLSID\{5D4348FB-DF43-0334-69B8-DAD6CA156781}

HKEY_CLASSES_ROOT\Interface\{343F7ED5-4F1F-4FAF-B9C8-5DE9F89DF1DD}

HKEY_CLASSES_ROOT\Interface\{371D800C-EA03-4F2A-8225-CD6B9DB3F636}

HKEY_CLASSES_ROOT\Interface\{4C1971FC-9F5D-41D0-91E7-958CE354E0BB}

HKEY_CLASSES_ROOT\Interface\{52168EAF-394C-476C-8891-4CDD0470FEA2}

HKEY_CLASSES_ROOT\Interface\{6C74062F-BDD2-4BDC-8477-557B8AC66950}

HKEY_CLASSES_ROOT\Interface\{77C60BC3-BC70-4312-8AB1-6661F623B99D}

HKEY_CLASSES_ROOT\Interface\{80A2F7CA-22C8-4435-9716-6F7421631A77}

HKEY_CLASSES_ROOT\Interface\{8150F909-30A4-44AF-9293-9E677C03BF3C}

HKEY_CLASSES_ROOT\Interface\{89170106-7E35-4CD9-B1A5-AE7CDE44D159}

HKEY_CLASSES_ROOT\Interface\{8E232A63-A5E4-41F9-BCE2-D48F524A15F1}

HKEY_CLASSES_ROOT\Interface\{9FB6637E-FD7A-4F41-BC26-8CCE6E48845E}

HKEY_CLASSES_ROOT\Interface\{C36B573F-6075-4534-BA1A-EEF87028A072}

HKEY_CLASSES_ROOT\Interface\{CEF7AC70-5B42-4B91-9C29-D6B47CC5710D}

HKEY_CLASSES_ROOT\Interface\{D13D9397-2D78-4CC9-97B7-C22317D7DD0B}

HKEY_CLASSES_ROOT\Interface\{DC3461E4-CB8C-46A9-A379-F90C12264E16}

HKEY_CLASSES_ROOT\Interface\{FF23845E-21D3-4E96-8CFB-F6D45DF3F2B2}

HKEY_CLASSES_ROOT\TypeLib\{339F31D8-2B4B-44BA-8293-7B99E11E0E0B}

HKEY_LOCAL_MACHINE\SOFTWARE\MalwareCore 7.4

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MalwareCore 7.4.exe 7.4

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MalwareCore 7.4

No comments: