Computer Tips -Tech Info



« | »

How to Remove PCSecure | PCSecure Removal Guide

PCSecure is a recent rogue antivirus from the notorious and prolific wini family of rogue security software. It is typically promoted via trojan downloaders. Usually these will be on a website with a video that may be highly sought after. In order to see the video though you are told that you need to download a codec update or flash player update. This is where you get the infection that starts the nightmare of popups complaining of viruses on your system and multiple security problems on your pc. The real kicker is that they claim that the problems cannot be fixed unless you purchase their software. This is a scam and should be avoided. Read on for how to remove PCSecure.


This and other recent versions of the wini rogues may also bundle a rootkit that has been called the TDL3 rootkit. You may need further cleanup on this machine than the relatively simple rogue security software removal. Among the warnings you may see on your system will be the following:

German Alert:
Spzprogramm Warnzeichen!
Ihr Computer ist mit Spionprogramm infektioniert. Das kann Ihren Dateien und die im Internet zugänglich machen. Klicken bitte hier, um Ihre Kopie von PcsSecure zu registrieren und Ihr PC von Spyprogramm frei zu machen.

English Alert:
Spyware Alert!
Your computer is infected with spyware. It could damage your critical files or expose your private data on the Internet. Click here to register your copy of PcsSecure and remove spyware threats from your PC.

French Alert:
Spyware Alerte!
Votre ordinateur est infecté de spyware. Il pourrait endommager vos fichiers critiques ou exposer vos données prives sur ‘Internet. Cliquez ici pour enregistrer votre copie de PcsSecure et enléver des menaces spyware de votre OP.

Italian Alert:
Spyware miniaccia!
Il suo computer è infetto di spyware. Puo dannegiare i suoi files criticali rivelare i suoi dati personali nell’Internet. Clicca qui per registrare la sua coppia di PcsSecure e rimouvere le minacce di spyware dal suo computer.

The first and easiest way to attempt removal of pcsecure or other rogues may or may not work. This is going to the control panel and the add/remove programs area and then uninstall pcsecure. As I said, this may work, but it may not. Even if it does, you should follow this with a scan of your computer using a malware removal tool that is reputable such as superantispyware or malwarebytes antimalware. You also should scan the system with a reputable antivirus such as AVG/Avira/Trendmicros online housecall, etc.

If you were unable to remove this pest by using the control panel, I think the next easiest way should be the portable scanner from superantispyware. You can find a link to it on my virus removal toolkit page. Basically, it is rebuilt each day so you shouldn’t have to worry about updating it before scanning and it is given a random name each time it is downloaded so the rogues shouldn’t be able to kill it off thinking it is security software. That much said, if you have a hard time running your download of the portable scanner you may try the following: 1) rename the download to something like explorer.exe or iexplore.exe or firefox.exe – these are usually process names that the rogues will leave alone (especially explorer.exe). 2) reboot into safe mode and attempt torun the scanner there. Make sure to note the filename when you download since it is almost always a different filename.

If you would like to try to attempt a manual removal of pcsecure then you will need to know the filenames listed below.

%docs%All UsersDesktopPcsSecure.lnk
%docs%All UsersStart MenuProgramsPcsSecure
%docs%All UsersStart MenuProgramsPcsSecure1 PcsSecure.lnk
%docs%All UsersStart MenuProgramsPcsSecure2 Homepage.lnk
%docs%All UsersStart MenuProgramsPcsSecure3 Uninstall.lnk
%progfiles%PcsSecure Software
%progfiles%PcsSecure SoftwarePcsSecure
%progfiles%PcsSecure SoftwarePcsSecurePcsSecure.exe
%progfiles%PcsSecure SoftwarePcsSecureuninstall.exe
%win%10548h5c9tool4z5.exe
%win%105z5troj199.cpl
%win%11359not-z-9irus405.bin
%win%system3248fcthizf1950.cpl
%win%system324943h9ckto5lz78.ocx
%win%system3249705hi9f896z.bin
%win%system32RANDOM.exe

After the above files have been removed you should still scan your system with a reputable malware removal tool and reputable antivirus to make sure that your system is clean. I will typically run scans until the scans start coming up with nothing found to make certain that everything related to the rogues have been eliminated.

Related Posts

Blog Traffic Exchange Related Posts Blog Traffic Exchange Related Websites
PDF24    Send article as PDF   

Posted by on January 25, 2010.

Tags: , , , , , , , , , , , ,

Categories: antivirus, malware, Rogue Security Software

« | »




Recent Posts


Pages



Switch to our desktop site