Posts Comments

Wireshark Antivirus Removal Instructions

By admin on August 16, 2010 Leave a Comment

Description: Wireshark Antivirus is a rogue antivirus program that uses the name of the well-known software company Wireshark™ to sell a fake program. Just like other fake antivirus applications, Wireshark Antivirus attempts to push the user into purchasing a software license to the software which does not help the user in any way. Wireshark Antivirus reaches user systems thanks to a Trojan that hides in malicious websites and then gets downloaded on to user computers when they visit the malicious websites. Once installed, Wireshark Antivirus will load itself up as a startup service with the help of the Trojan, and then it will proceed to perform a large number of fake antivirus scans on the user's system, subsequently reporting that there are a dangerous amount of viruses present on the user's computer. Wireshark Antivirus accentuates these claims with fake virus warning pop-ups that get generated from the Windows Taskbar. All these actions are aimed at tricking the user into paying for the 'full' version of Wireshark Antivirus by tricking them into believing that the currently installed 'trial' version of Wireshark Antivirus cannot remove the detected 'viruses' properly. However, you should always keep in mind that Wireshark Antivirus cannot remove any viruses from your computer under any sort of conditions.

Wireshark Antivirus

Wireshark Antivirus

» Download Wireshark Antivirus Removal Software

If you should stumble upon an installation of this dangerous malware application on your computer, you should immediately take action to remove Wireshark Antivirus. In order to delete Wireshark Antivirus, you need to stop its processes, unregister its DLL files, delete its files and folders and remove its registry entries.

Remove Proxy Setting so You Can Connect to the Internet Again.

Proxy Settings

Wireshark Antivirus Manual Removal Procedures

The first step you need to take in order to remove Wireshark Antivirus is to stop the following processes from executing:

  • Wireshark Antivirus.exe
  • alggui.exe
  • svchost.exe
  • dbsinit.exe
  • ccsmn.exe
  • ccsrr.exe
  • wpp.exe

Next, it is necessary to unregister the following DLL files:

  • adc_w32.dll
  • adc32.dll

The next step in Wireshark Antivirus removal is the deletion of the following files and folders:

Windows XP:

  • C:\Program Files\Wireshark Antivirus\Wireshark Antivirus.exe
  • c:\Program Files\adc_w32.dll
  • c:\Program Files\alggui.exe
  • c:\Program Files\extra1.dat
  • c:\Program Files\extra2.dat
  • c:\Program Files\nuar.old
  • c:\Program Files\skynet.dat
  • c:\Program Files\svchost.exe
  • c:\Program Files\wp3.dat
  • c:\Program Files\wp4.dat
  • c:\Program Files\scdata
  • c:\Program Files\scdata\dbsinit.exe
  • c:\Program Files\scdata\wispex.html
  • c:\Program Files\scdata\images
  • c:\Program Files\scdata\images\i1.gif
  • c:\Program Files\scdata\images\i2.gif
  • c:\Program Files\scdata\images\i3.gif
  • c:\Program Files\scdata\images\j1.gif
  • c:\Program Files\scdata\images\j2.gif
  • c:\Program Files\scdata\images\j3.gif
  • c:\Program Files\scdata\images\jj1.gif
  • c:\Program Files\scdata\images\jj2.gif
  • c:\Program Files\scdata\images\jj3.gif
  • c:\Program Files\scdata\images\l1.gif
  • c:\Program Files\scdata\images\l2.gif
  • c:\Program Files\scdata\images\l3.gif
  • c:\Program Files\scdata\images\pix.gif
  • c:\Program Files\scdata\images\t1.gif
  • c:\Program Files\scdata\images\t2.gif
  • c:\Program Files\scdata\images\Thumbs.db
  • c:\Program Files\scdata\images\up1.gif
  • c:\Program Files\scdata\images\up2.gif
  • c:\Program Files\scdata\images\w1.gif
  • c:\Program Files\scdata\images\w11.gif
  • c:\Program Files\scdata\images\w2.gif
  • c:\Program Files\scdata\images\w3.jpg
  • c:\Program Files\scdata\images\word.doc
  • c:\Program Files\scdata\images\wt1.gif
  • c:\Program Files\scdata\images\wt2.gif
  • c:\Program Files\scdata\images\wt3.gif
  • c:\Program Files\Sysinternals Antivirus
  • %UserProfile%\Application Data\Microsoft\Internet Explorer\ccsmn.exe
  • %UserProfile%\Application Data\Microsoft\Internet Explorer\ccsmn151.acf
  • %UserProfile%\Application Data\Microsoft\Internet Explorer\ccsmn151.ltd
  • %UserProfile%\Application Data\Microsoft\Internet Explorer\ccsmn151.lti
  • %UserProfile%\Application Data\Microsoft\Internet Explorer\ccsmn151_0.acb
  • %UserProfile%\Application Data\Microsoft\Internet Explorer\ccsmn151_0.aci
  • %UserProfile%\Application Data\Microsoft\Internet Explorer\ccsmn151_0.mt
  • %UserProfile%\Application Data\Microsoft\Internet Explorer\ccsrr.exe
  • %UserProfile%\Application Data\Microsoft\Internet Explorer\lleod150
  • %UserProfile%\Application Data\Microsoft\Internet Explorer\wmharun.log
  • %UserProfile%\Application Data\Microsoft\Internet Explorer\wmrun.log
  • %UserProfile%\Start Menu\Programs\Wireshark Antivirus
  • %UserProfile%\Start Menu\Programs\Wireshark Antivirus\Wireshark Antivirus.lnk

Windows Vista/ Windows 7:

  • C:\Program Files\Wireshark Antivirus\Wireshark Antivirus.exe
  • c:\Program Files\adc_w32.dll
  • c:\Program Files\alggui.exe
  • c:\Program Files\extra1.dat
  • c:\Program Files\extra2.dat
  • c:\Program Files\nuar.old
  • c:\Program Files\skynet.dat
  • c:\Program Files\svchost.exe
  • c:\Program Files\wp3.dat
  • c:\Program Files\wp4.dat
  • c:\Program Files\scdata
  • c:\Program Files\scdata\dbsinit.exe
  • c:\Program Files\scdata\wispex.html
  • c:\Program Files\scdata\images
  • c:\Program Files\scdata\images\i1.gif
  • c:\Program Files\scdata\images\i2.gif
  • c:\Program Files\scdata\images\i3.gif
  • c:\Program Files\scdata\images\j1.gif
  • c:\Program Files\scdata\images\j2.gif
  • c:\Program Files\scdata\images\j3.gif
  • c:\Program Files\scdata\images\jj1.gif
  • c:\Program Files\scdata\images\jj2.gif
  • c:\Program Files\scdata\images\jj3.gif
  • c:\Program Files\scdata\images\l1.gif
  • c:\Program Files\scdata\images\l2.gif
  • c:\Program Files\scdata\images\l3.gif
  • c:\Program Files\scdata\images\pix.gif
  • c:\Program Files\scdata\images\t1.gif
  • c:\Program Files\scdata\images\t2.gif
  • c:\Program Files\scdata\images\Thumbs.db
  • c:\Program Files\scdata\images\up1.gif
  • c:\Program Files\scdata\images\up2.gif
  • c:\Program Files\scdata\images\w1.gif
  • c:\Program Files\scdata\images\w11.gif
  • c:\Program Files\scdata\images\w2.gif
  • c:\Program Files\scdata\images\w3.jpg
  • c:\Program Files\scdata\images\word.doc
  • c:\Program Files\scdata\images\wt1.gif
  • c:\Program Files\scdata\images\wt2.gif
  • c:\Program Files\scdata\images\wt3.gif
  • c:\Program Files\Sysinternals Antivirus
  • %UserProfile%\AppData\Microsoft\Internet Explorer\ccsmn.exe
  • %UserProfile%\AppData \Microsoft\Internet Explorer\ccsmn151.acf
  • %UserProfile%\AppData\Microsoft\Internet Explorer\ccsmn151.ltd
  • %UserProfile%\AppData\Microsoft\Internet Explorer\ccsmn151.lti
  • %UserProfile%\AppData\Microsoft\Internet Explorer\ccsmn151_0.acb
  • %UserProfile%\AppData\Microsoft\Internet Explorer\ccsmn151_0.aci
  • %UserProfile%\AppData\Microsoft\Internet Explorer\ccsmn151_0.mt
  • %UserProfile%\AppData Microsoft\Internet Explorer\ccsrr.exe
  • %UserProfile%\AppData\Microsoft\Internet Explorer\lleod150
  • %UserProfile%\AppData\Microsoft\Internet Explorer\wmharun.log
  • %UserProfile%\AppData\Microsoft\Internet Explorer\wmrun.log
  • %UserProfile%\Start Menu\Programs\Wireshark Antivirus
  • %UserProfile%\Start Menu\Programs\Wireshark Antivirus\Wireshark Antivirus.lnk

Wireshark Antivirus Registry Removal Procedures

File deletion alone is not sufficient to ensure that you completely remove Wireshark Antivirus. In order to ensure complete Wireshark Antivirus removal, you should remove the following settings and keys from the Windows Registry:

  • HKEY_CURRENT_USERSoftwareWireshark Antivirus
  • HKEY_CLASSES_ROOTCLSID{149256D5-E103-4523-BB43-2CFB066839D6}
  • HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{149256D5-E103-4523-BB43-2CFB066839D6}
  • HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesAdbUpd
  • HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun "novavapp"
  • HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun "novavappr

You should now run a full security scan to ensure no other threats are installed on your computer if you have not already done so.

Wireshark Antivirus Directories:

Vista / Windows 7

  • c:\Program Files\scdata

XP

  • c:\Program Files\scdata

Outside Resources:

http://www.bleepingcomputer.com/virus-removal/remove-wireshark-antivirus

Filed Under: Virus Removal Tagged With: , ,

Speak Your Mind

*

RemoveVirus.org cannot be held liable for any damages that may occur from using our community virus removal guides. Viruses cause damage and unless you know what you are doing you may loose your data. We strongly suggest you backup your data before you attempt to remove any virus. Each product or service is a trademark of their respective company. We do make a commission off of each product we recommend. This is how removevirus.org is able to keep writing our virus removal guides. All Free based antivirus scanners recommended on this site are limited. This means they may not be fully functional and limited in use. A free trial scan allows you to see if that security client can pick up the virus you are infected with.