«
»

How to Remove SecuritySoldier | Security Soldier Removal



SecuritySoldier is the latest in the WiniGuard Family (SecurityFIghter, SaveArmor, SaveDefender are just the names that came out in the last week.) These busy bees have pretty much just renamed the program and files. It looks the same as each of the recent previous rogues. Just as those do it may install via trojans or web exploits and claim that you have security problems on your computer that it will then be able to fix if you pay for their software. All warnings are trumped up, i.e. not legitimate and it really doesn’t clean up anything. Read on for How to Remove SecuritySoldier.


One thing I should mention about so many of these rogue antivirus programs. Once they are on your system they can do most anything. So, for instance links on webpages can be hijacked and redirected to pages that they want you to see. I noticed an odd exit link in my logs last night and on investigation it was a page to receive payments for alpha antivirus. So, I went to the alpha antivirus removal page to see if there was any link with that address on the page. There wasn’t, there were only links to the tutorial itself, other removal guides and the page for my virus removal toolkit. So, I can only assume someone was browsing from a machine with alpha antivirus already installed and it hijacked the link. It’s usually best to look for removal help from a machine that’s not infected. You really never know what other things it could do after it’s installed on the system. The malwarebytes antimalware download could be substituted or altered with something else – so download your cleanup tools on a clean system if at all possible.

First I would download malwarebytes antimalware from my virus removal toolkit page. Try installing that and run an update and then scan. Alternatively you may boot into safe mode and try scanning if the first fails to work.

The following domain should be blocked.

securitysoldier.com

The following processes should be found and killed off in task manager. The process names are:

securitysoldier.exe
uninstall.exe

These processes could interfere with cleanup. If you have failed with the automatic removal with malwarebytes you might retry after this is done.

The following dll needs to be unregistered and removed:

1044zhackt9ol5b2.dll

(Possibly randomized name – look for similar patterns to dll names.)

Then remove the following files and folders:

%ProgFiles%SecuritySoldier Software
%ProgFiles%SecuritySoldier SoftwareSecuritySoldier
%ProgFiles%SecuritySoldier SoftwareSecuritySoldierlicense.txt
%ProgFiles%SecuritySoldier SoftwareSecuritySoldiersecuritysoldier.exe
%ProgFiles%SecuritySoldier SoftwareSecuritySoldieruninstall.exe
%WIN%102z6w59m3c4.cpl
%WIN%1044zhackt9ol5b2.dll
%WIN%10683v9rzs656.cpl
%WIN%10915hief309z.cpl
%DocRoot%All UsersDesktopSecuritySoldier.lnk
%DocRoot%All UsersStart MenuProgramsSecuritySoldier
%DocRoot%All UsersSt

The above filenames may include some randomization so use what you see above as a pattern to find the files that SecuritySoldier has dropped. You may need to use what you find to then go back and remove the dll file listed above. For complete securitysoldier removal you should run malwarebytes antimalware (and update it) again after removing files manually to ensure that you have removed it from your system.

Popularity: 1% [?]

Free PDF    Send article as PDF   
Blog Traffic Exchange Related Posts
  • How to Remove SysDefence | Sysdefence Removal Guide Sysdefence is another rogue antivirus application from the wini family. This family of rogues has been quite prolific lately and typically is pushed on computer users through aggressive trojans that will appear on web pages masquerading as an update for flash player or a video codec for a video that......
  • How to Remove Anti-Virus Elite | Anti-Virus Elite Removal Guide Anti-Virus Elite is a rogue antivirus application. These rogue antivirus applications pose as a legitimate security application, but in reality is a scam to try to trick you out of money. They will find and claim that there are multiple security problems with your computer. They will claim that you......
  • How to Remove ProtectPCs | ProtectPCs Removal Guide ProtectPCs is a rogue antivirus application from the Wini family of rogues. It will push itself through claims of it being a video codec update or flash player update. Usually these appear on a site that shows up in the search results for whatever latest greatest sought after video clip......
Blog Traffic Exchange Related Websites
  • Using Proper Leverage With Twitter's Autoresponder Hardly any people ever use the Twitter autoresponder even though it can be effective when used the right way. You can skillfully and easily make your job at Twitter much easier by simply taking advantage of this simple tool. If you look around Twitter, you'll find that the majority of......
  • Spyware Adware Removal At Free Of Cost Adware and spyware have always been a major problem of using the internet and. Because of their hostile behavior, they have turned into malware. Some people intentionally use it for identity theft purpose. Some steps can help you stay away from its hazardous behavior. Use Latest Browser Using latest and......
  • How to Install a Home Security System: Most Common Pitfalls Installing a home security system might seem easy. To be sure, it’s a lot easier to install one today than it was just a decade ago. Inexpensive consumer electronics components combined with robust wireless technology means that even an amateur can put in a decent system. Just because it’s easy,......

Similar Posts


This entry was posted on Monday, September 28th, 2009 at 10:29 am and is filed under antivirus, Rogue Security Software. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.

See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.

Switch to our mobile site