February 25, 2024

Tishamarie online

Specialists in technology

Problems With Rogue Anti – Spyware Software – Personal Security

Personal Security is a rogue antispyware program.

It can be distributed through the use of trojans that may come from fake online malware scanners and misleading websites. When the trojan is downloaded and installed, it will install Personal Security onto the computer and will register the fake antispyware in the Windows registry to run automatically when the computer starts.

As with all instances of messages telling you that your PC is infected, and that you need to download software to remove the problem, you should treat them with extreme caution. No genuine anti-virus or anti-malware company would try to sell you products in this way.

When installed, the Personal Security software will appear to carry out a genuine scan of your computer and inevitably will find numerous problems with your PC. You will then be told that none of these problems can be fixed without purchasing the rogue software. You can rest assured that these problems are fake, don’t exist and can be safely ignored. However having the Personal Security software on the the PC will cause you problems and needs to be removed.

Examples I have seen that have caused problems are websites “mysteriously” after about 20 seconds changing to a red screen warning that the web site you are browsing is unsafe. You may have guessed that the suggested solution to this is to purchase and run Personal Security. Don’t be fooled by this!.

Other warnings that may pop up are messages from the Windows Security Centre warning you that you do not have any anti-virus software in place, even though you probably have! Again, this is just a deliberately misleading notification to get you to hand over your money to the authors of Personal Security.

These kinds of rogue programs can often be tricky to remove, reinfecting the PC after you think you have removed all traces of it.

Anti-malware software may well remove Personal Security but the time I came across it I removed the program from C:Program FilesPsecurity and then ran the following script using a program called Avenger, which can be obtained from http://swandog46.geekstogo.com/avenger2/avenger2.html.

The following needs to be entered as the Input script:

Drivers to delete:

NDISRD

Registry keys to delete:

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC

Folders to delete:

%ProgramFiles%Common FilesPSecurityUninstall

%ProgramFiles%PSecurity

%ProgramFiles%PersonalSec

Files to delete:

%WinDir%system32win32extension.dll

%WinDir%system32driversNDISRD.sys

%WinDir%tasksPersonalSec.job

Now run the script and reboot when requested to do so.

It is advisable to take a backup of the registry first.

Hopefully your system will now be rid of Personal Security.

If problems still persist you need to run something like MalwareBytes anti-malware which can be obtained online, just search for MalwareBytes

If all else fails you’ll probably need to call your local PC Repair Technician such as myself or similar technician in your vicinity.

Good luck and remember to be wary of any messages or web sites that claim to know that you have an infected PC and can clean it, at a cost of course!