SysChat is a free online computer support community. Ask questions, share resources, contribute knowledge and discuss technology. Join our growing community to access all features. Register Now!

SysChat » Tips 'n' Tricks » Security » Remove win32.zafi.b - A hazardous Virus/Adware

Security

tips on computer security, virus, spyware and malware prevention

Comment
 
LinkBack Tip Tools
 

Remove win32.zafi.b - A hazardous Virus/Adware

By dwarkarao
10-29-2009
Win32.zafi.b is a very dangerous adware which makes your system vulnerable to the core. It not only slows down your computer, but allows other infections to attack it. Below are its symptoms.
  • Gives fake popup to download PerfectDefender2009.
  • High CPU and network usage.
  • Antivirus will be disabled.

How to Remove Win32.zafi.b?

Follow the steps given below to remove the Win32,zafi.b completely from your system.
  • First of all you will have to stop virus using task manager or command prompt.Kill tasks named PerfectDefender2009.exe, pdefendr.exe and ikbmqvex.exe.
  • Now find virus files and delete them. Do this using cmd if possible. Here is the list of files made by the adware.
    c:\Program Files\Perfect Defender 2009
    c:\Program Files\Perfect Defender 2009\dbbase.div
    c:\Program Files\Perfect Defender 2009\pdefendr.exe
    %UserProfile%\Desktop\sccmsk.dll
    %UserProfile%\Local Settings\Temp\ikbmqvex.exe
    %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\PerfectDefender2009 1.32.lnk
    %UserProfile%\Desktop\PerfectDefender2009.lnk
    %UserProfile%\My Documents\PerfectDefender2009%UserProfile%\Start Menu\Programs\PerfectDefender2009\PerfectDefender2 009 1.32.lnk
    %UserProfile%\Start Menu\Programs\PerfectDefender2009\PerfectDefender2 009 Website.lnk
    %UserProfile%\My Documents\PerfectDefender2009\SDBHO.dll
    %UserProfile%\My Documents\PerfectDefender2009\sdcfg.dat
    %UserProfile%\My Documents\PerfectDefender2009\Logs
    %UserProfile%\My Documents\PerfectDefender2009\Quarantine
    %UserProfile%\Start Menu\Programs\PerfectDefender2009
    %UserProfile%\Start Menu\PerfectDefender2009 1.32.lnk
  • Now delete the entries from the registry which were made by the virus. Open Registry Editor and navigate to the following key. HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run “PerfectDefender2009″. And delete the one with Perfect Defender in name.
Most probably the virus is removed from your system. But still if you feel like there is something still left behind you can try scanning your computer using this online scanning service.

Free Virus Scan - Kaspersky Lab
Comment





Similar Threads
Tip Tip Starter Category Tips Last Post
How to remove Koobface Virus? Sajid Security 0 10-24-2009 11:03 PM
Windows: How to Remove the Vundo Trojan KarlM Security 0 04-13-2009 01:04 PM
Remove Antivirus 360: Windows XP and Vista KarlM Security 0 02-21-2009 03:11 AM
How To Remove Invalid Entries From Add Or Remove Programs fred fretz How To 0 10-31-2007 10:39 PM
How To Manually Remove Programs from the Add or Remove Programs jlacosta Windows 0 03-23-2007 12:38 PM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are on



» Ads



1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54