04-18-2010, 09:02 PM
###How to know when you have a Fake AV and how to remove it###
Hello, I've had a lot of Fake Anti-Virus's get on my computer some how. I'm going to show some Fake Anti-Virus's that are new and how to get rid of them. Also, when I hear of new Fake Anti-Virus's I'll update my thread.
You might have symptoms like:
When the Fake Anti-Virus process is running it will close almost any running program while falsely stating that they are infected.
It also can block websites so you can follow a guide on how to remove the program.
You might go to www.google.com and it will say "Internet Explorer Warning - visiting this web site may harm your computer!"
or
When you open a trusted program like MSN it will say "This program is infected close now!".
Also, don't download anything or follow ANY GUIDE FROM spywareremove
Reputation is terrible.
BleepingComputer.com is trusted.
Anti-Virus Soft:
Spoiler (Click to View)
This program also uses aggressive techniques to protect itself from being removed by anti-malware programs. When the Antivirus Soft process is running it will close almost any running program while falsely stating that they are infected. Antivirus Soft will also change the Proxy settings in Internet Explorer so that you cannot browse to any web site other than the site for Antivirus Soft so that you can purchase the program. It does this so that you cannot browse the web to find removal guides or download software that will help you remove the infection. Using these two methods, the program essentially ransoms the normal use of your computer until you purchase the program or use the guide below to remove the infection.
Removal Guide.
Antivirus7:
Spoiler (Click to View)
When Antivirus7 is installed it will be set to start automatically when you login to Windows. Once started it will scan your computer and state that there are a variety of infections on your computer, but will not remove them until you first purchase the program. These infections are all fake, though, and the files it states are infected are actually legitimate Windows programs. Therefore please do not manually delete any of the files it states are infections as it may cause your Windows operating system to not operate properly.
Removal Guide.
Antivirus Suite:
Spoiler (Click to View)
When Antivirus Suite starts it will perform various functions in order to protect itself from being removed. First, it will configure your Internet Explorer and Windows Internet settings to use a proxy server. This proxy server will not allow you to update anti-malware programs or let you visit a variety of sites and will instead show a screen stating that the site you are visiting is harmful. This warning will state "Internet Explorer Warning - visiting this web site may harm your computer!" and then prompt you to purchase Antivirus Suite in order to protect yourself. The program will also not allow you to launch most applications other than those absolutely required for Windows or Antivirus Suite to run properly. When you attempt to launch other programs, Antivirus Suite will state that they are infected. It will then prompt you to purchase the rogue to repair the infection. These are just further scare tactics and should be ignored.
Removal Guide.
--------------------------------------------------------------------------
There are many more of these kind of Fake Anti-Virus's
If you get Fake Anti-virus like these I would recommend downloading Malwarebytes and SUPERAntiSpyware plus ESET online scanner.
If that doesn't seem to do the job please go to the White Hat Help section or follow a Guide from BleepingComputer.com.
Hope this helps you stay clear of these Fake Anti-Virus's!
Cheers,
Peek