Steps To Remove Rouge Fake Antivirus

 

So are you getting  an alert the moment you start up your computer, and there’s just something not quite right about it??….it looks kind of fishy you know the one that says you are Insanely INFECTED with a whole bunch of Viruses, Trojans, Spy-ware  etc.. And it won’t let you run anything, programs, web browser etc…so it asks for your credit card information In order to get everything up and running again.

WELL DON’T TRY TO PURCHASE IT!!

THESE ARE JUST TYPICAL SCAMS TO STEAL YOUR INFORMATION!!

So how can you get rid of it??

Well there are a few methods:

WARNING: Before starting, back up your system and your registry so it will be easy to restore your computer if anything goes wrong.

Method 1:

Before continuing be sure to boot up in safe mode by tapping the F8 key at startup.

The easiest method to remove these infections or any other type of Malware that may be infecting your computer is to run Malwarebytes (http://www.malwarebytes.org/) there are a few different versions but what we want right now is the free version which doesn’t have real time protection (Meaning it won’t be running in the background and blocking out potential threats) but in this case we just need to run it in order to remove this or any other type of Malware infection. Make sure to update Malwarebytes before you run it.

 Once Malwarebytes is finished you can then download ComboFix (http://download.cnet.com/Combofix/3000-8022_4-75221073.html?tag=mncol;1) however ComboFix will only run on a Computer running Windows XP. Whatever MalwareBytes couldn’t find….ComboFix would be sure to detect it.

In Some cases the infection might be so bad that it won’t let you run anything…not even these programs, so in this case we got to proceed with the next method.

 

Method 2:

Now if the infection isn’t letting you run anything at all, it is most likely because the Rouge Fake Anti-Virus is blocking it itself.

Now sometimes these fake Anti-Viruses will try and make themselves look so legit that they will even install icons of their fake product on the desktop…however this is actually a good thing, if you can see this icon on the desktop what you’re going to want to try is to delete it manually.

The way to track this infection down manually may not be as hard as it seems, what you’re going to want to try is,

1.       Right click on the Fake Antivirus Icon.

2.       Select properties from the menu.

3.       Once in properties select Find target location under the first tab.

If you’re able to find the folder where it is stored in than BINGO!

Now before we can actually delete it however, we got to stop the fake antivirus process that is causing all this headache…this is the tricky part, which is not always recommended for most users because we got to try and locate the process and completely stop it in order to delete the infection but if the wrong process is stopped than the computer will just go unstable and you would have to restart the P.C.

But because were in safe mode it should be a little easier to point out, so what I go for is to always try and find a process that has an abbreviation of the Fake Anti-virus, also another way that might help pinpoint it out is to look under the descriptions, and make sure it doesn’t say anything to do with Microsoft/Windows or it says drivers…. but if it’s a little bit too difficult to find then I suggest to try and look up what each process is on Google one by one.

Once you have found the process right click-it and select End Process Tree…if the process is successfully stopped than we can go back into the folder where it’s stored at and Shift-Delete it!

However!!!!….yup there IS another BUT!!

If you can’t even get the task Manager to run through Safe-Mode than that’s another issue more complicated.

Last resort if this Virus can’t be removed than you’ll either have to Reformat your Windows or bring it in for service!!

 

Please comment for any questions or suggestions you might have.

 

Thank you,

 

V.P.Tech.