Tuesday, May 18, 2010

How to Remove User Account Control Malware

The genuine User Account Control (UAC) or UserAccountControl is a feature in Microsoft Windows Vista and 7 Operating System, implemented to assist in preventing unauthorized changes to your computer system. With its famous security warnings or permission alert messages, such as “Windows needs your permission to continue;” “A program needs your permission to continue,” and much more, UAC tends to seek your permission before performing actions that could potentially affect the overall performance of your computer.

Just recently, cybercriminals have developed a rogue (fake) anti-spyware program with a similar name as User Account Control. This bogus software deliberately displays fake security alerts and reports false system security threats to trick you into thinking your computer is infected with spyware, adware, Trojans or other malicious programs. If your computer is infected with User Account Control rogue antispyware, get rid of the malware immediately.

Listed below are the steps necessary to completely remove all the components and files of User Account Control. Please fell free to contact the technical support experts at AdachiCompuTech.com if you need technical assistance removing User Account Control malware:

1. Kill or terminate the following processes associating with User Account Control:

• UserAccountControl.exe
• launch.exe
• LiveSS.exe
• Service.exe

2. Locate and remove the following files relating to User Account Control:

• %UserProfile%\Local Settings\Application Data\Microsoft\Windows\services.exe
• %UserProfile%\Application Data\User Account Control\unins000.exe
• %Program Files%\User Account Control\LiveSS.exe
• %Program Files%\User Account Control\db\WMILib.dll

3. Find and delete the following registry entries relating to User Account Control:

• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent “URLSS[]”
• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center “AVPath” = “\\.\root\SecurityCenter:AntiVirusProduct.instanceGuid=”{653E64F8-62B6-4F96-B22D-4FFC6E44130E}”"
• HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “User Account Control”
• HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer “uniname” = “User Account Control_is1″
• HKEY_CURRENT_USER\Software\Microsoft\FTP “SearchDir” = “%Program Files%\User Account Control\”
• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\User Account Control_is1
• HKEY_CURRENT_USER\Software\User Account Control

Blog Disclaimer:

The aim of this posting is to educate readers and computer users on how to safely detect and remove spyware, viruses, malware, Trojans, adware, worms, and other Internet threats off their computer systems. Any information provided herein is “as is” for reference and educational purpose only.

About AdachiCompuTech.com

Adachi Computech Solutions is your one-click solution to remote computer repair and support. Whether you need help with PC Tune-Up, Remote Spyware Removal, Computer Optimization, Wireless Network Setup, Internet Security Protection, we can help!

No comments: