Hey you,
BE IN THE KNOW!

35,000 ransomware infections per month and you still believe you are protected?

Sign up to receive:

  • alerts
  • news
  • free how-to-remove guides

of the newest online threats - directly to your inbox:


How To Remove Trojan.Plugfakeav and Security Shield KIS 2.5 Fully

Trojan.Plugfakeav is a Trojan horse that presents itself as “Security Shield KIS 2.5”. It can affect browsing history, data on websites you visit, manage your downloads, applications, themes and extensions and modify other settings. It may inject malicious scripts into websites shown on the Google Chrome Browser.

NameTrojan.Plugfakeav , Security Shield KIS 2.5
TypeTrojan Horse
Short DescriptionThe Trojan may inject malicious scripts into websites shown on Google Chrome, modify various Internet settings, manage apps.
SymptomsThe Trojan may change data on visited sites, along with browsing history, downloads and other settings.
Distribution MethodInstalling fake Security Shield, Targeted Attacks
Detection ToolDownload Malware Removal Tool, to See If Your System Has Been Affected by Trojan.Plugfakeav
User ExperienceJoin our forum to start the discussion about Trojan.Plugfakeav.

trojan

Trojan.Plugfakeav – How Did I Get It?

There are a number of ways you could get infected with the “Plugfakeav” Trojan horse. The most common distribution method is to install it manually as “Security Shield KIS 2.5” thinking it is a useful security program, without knowing that you are actually getting the Trojan inserted into your system instead. You may be tricked that the “Shield” works, because the Trojan has the ability to block advertisements from some third-party sites in order to help its disguise.
You might have been infected with the Trojan from a targeted attack by downloading an email attachment. Files that can be used to spread various threats such as the Plugfakeav Trojan, most commonly have these extensions: .vbs, .bat, .exe, .pif, .scr!
You could also get infected via some plugin, popup, or a site that has malware on it.

Trojan.Plugfakeav – More About It

After the Trojan is installed on your computer, it will request permission from you, to do many things related to the safety of your browsing. It will want access to the following activities:

  • Read and modify data on websites you visit.
  • Read and modify your browsing history.
  • Manage downloads, extensions, themes and apps.
  • Change website settings allowing access to JavaScript, plugins, cookies, microphones and cameras.

As the Plugfakeav Trojan masquerades itself as a “Security Shield” program, and also having the capability to block advertising content from certain third-party sites, it may easily trick you into giving it access privileges to the data and settings stated above. If you permit those privileges and execute the Trojan, it will create JavaScript files in the directory stated below:

→C:\Documents and Settings\All Users\Application Data\Google\Chrome\User Data\Default\Extensions\fffdibkepdhebmljdkdjlgibpjpaflhi\2.5_0\

The files are called: page.js ; back.js ; manifest.json .
When all of this is set and done, the Plugfakeav Trojan receives scripts from the remote location “/bestorats.in“. These scripts are injected, by the Trojan, inside different web pages displayed on the Google Chrome browser and quite possibly, other browsers based on the Chromium platform. That allows the full possibility of the malicious program to send information back to the above-mentioned remote location, including the list of installed Chrome extensions.

Remove Trojan.Plugfakeav Completely

This Trojan can spy on you, access different sensitive information and over time, infect you with different kinds of malware. For now the true intentions of the cyber-criminal who created it, are unknown, but undoubtedly bad. In order to completely get rid of the Plugfakeav Trojan horse from your computer, carefully follow the step-by-step removal instructions provided down below!

1. Boot Your PC In Safe Mode to isolate and remove Trojan.Plugfakeav
2. Remove Trojan.Plugfakeav with SpyHunter Anti-Malware Tool
3. Remove Trojan.Plugfakeav with Malwarebytes Anti-Malware.
4. Remove Trojan.Plugfakeav with STOPZilla AntiMalware
5. Back up your data to secure it against infections by Trojan.Plugfakeav in the future

Also, here are some tips to help you make your PC management process more secure:

  • Make sure to use additional firewall protection. Downloading a second firewall (like ZoneAlarm, for example) is an excellent solution for any potential intrusions.
  • Make sure that your programs have less administrative power over what they read and write on your computer. Make them prompt you admin access before starting.
  • Use stronger passwords. Stronger passwords (preferably ones that are not words) are harder to crack by several methods, including brute forcing since it includes pass lists with relevant words.
  • Turn off AutoPlay. This protects your computer from malicious executable files on USB sticks or other external memory carriers that are immediately inserted into it.
  • Disable File Sharing – it is recommended if you need file sharing between your computer to password protect it to restrict the threat only to yourself if infected.
  • Switch off any remote services – this can be devastating for business networks since it can cause a lot of damage on a massive scale.
  • If you see a service or a process that is external and not Windows critical and is being exploited by hackers (Like Flash Player) disable it until there is an update that fixes the exploit.
  • Make sure always to update the critical security patches for your software and OS.
  • Configure your mail server to block out and delete suspicious file attachment containing emails.
  • If you have a compromised computer in your network, make sure to isolate it immediately by powering it off and disconnecting it by hand from the network.
  • Make sure to educate all of the users on the network never to open suspicious file attachments, show them examples.
  • Employ a virus-scanning extension in your browser that will scan all the downloaded files on your computer.
  • Turn off any non-needed wireless services, like Infrared ports or Bluetooth – hackers love to use them to exploit devices. In case you use Bluetooth, make sure that you monitor all of the unauthorized devices that prompt you to pair with them and decline and investigate any suspicious ones.
  • Employ a virus-scanning extension in your browser that will scan all the downloaded files on your computer.
  • Employ a powerful anti-malware solution to protect yourself from any future threats automatically.
NOTE! Substantial notification about the Trojan.Plugfakeav threat: Manual removal of Trojan.Plugfakeav requires interference with system files and registries. Thus, it can cause damage to your PC. Even if your computer skills are not at a professional level, don’t worry. You can do the removal yourself just in 5 minutes, using a malware removal tool.

Berta Bilbao

Berta is the Editor-in-Chief of SensorsTechForum. She is a dedicated malware researcher, dreaming for a more secure cyber space.

More Posts - Website

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...
Please wait...

Subscribe to our newsletter

Want to be notified when our article is published? Enter your email address and name below to be the first to know.