[Tutorial]Removing Rogue anti viruses (With large list of)[Tutorial] - Xypher - 08-28-2010
Introduction
-What is a rogue anti virus? [Simplistic]
--Rogue security software is a form of computer malware that deceives or misleads users into paying for the fake or simulated removal of malware. Rogue security software, in recent years, has become a growing and serious security threat in desktop computing. [Credits to Wikipedia.]
-What is a rogue anti virus? [In depth]
--A rogue anti-virus is an "Anti-Virus" that downloads itself without you knowing it. It generally is back-doored with a trojan as well. A rogue anti-virus has a realistic look to it and will generally "scan" your computer. The detections that it comes up with generally consist of important files in the operating system, false reports, and itself. The "Anti-virus" (after scanning) then says you must pay to remove the infections. Once you pay it deletes itself along with taking the money you sent. The reason it has a trojan included is so that the person that is operating it and receiving the money can steal your personal info only if you keep ignoring the pay to remove infections popup.
[Credits to myself after reading many different definitions.]
Methods to remove.
-The most effective. [Most effective meaning it works for most.]
(All things mentioned to be downloaded will be included in a single download posted after instructions.)
1.Download rkill.exe
2.Download Malwarebytes Anti-Malware.
-Certain Rogue Anti-viruses do not block downloads, some do. I will include an installer and the installed files as well.
3.Run rkill.exe
4.Quickly after running rkill.exe run a full system scan with Malwarebytes Anti-Malware
5.Remove any infections found. (If you are using RAT's and keyloggers, I would still advise you remove everything.)
6.If prompted to restart, select yes. If not then go to the start menu and restart from there.
7.After Restarting download HiJack This and install it. Run a scan with it and save the log...Do Not remove anything that comes up in the HiJack This scan.
8.Once the scan has finished save it as a text document and then post a thread in the HiJack This section about it.
----Your system should now be clean.----
Download The above methods tools Here.
Download SUPERAntispyware Here.
-Use this method if the above did not work.
1.Download the Rar folder posted above along with the SUPERantispyware download provided above.
2.After downloading it, restart your computer in safe mode.
-While in safe mode, do the following steps.
3.Run rkill.exe
4.Quickly after running rkill.exe run a full system scan with Malwarebytes Anti-Malware
5.Remove any infections found. (If you are using RAT's and keyloggers, I would still advise you remove everything.)
6.If prompted to restart, select yes. If not then go to the start menu and restart from there.
7.After Restarting download HiJack This and install it. Run a scan with it and save the log...Do Not remove anything that comes up in the HiJack This scan.
8.Once the scan has finished save it as a text document and then post a thread in the HiJack This section about it.
----Your system should now be clean.----
Side notes:
-Make sure to scan all flash drives and other external hard drives you use.
-The second method is not much more different but it is fully effective.
Do not use it first. Rkill is not supposed to be ran while in Safemode unless absolutely necessary.
(I do not know why.)
-I have found these methods through other sites and then modified them to be much more effective. I do not remember the sites...I had these methods saved to text files.
List of known Rogue Anti-Viruses
Code: * Advanced Cleaner[21]
* AlfaCleaner[22]
* Alpha AntiVirus[23]
* ANG Antivirus (knock-off of AVG Anti-virus)
* Antimalware
* AntiSpyCheck 2.1[24]
* AntiSpyStorm[25]
* AntiSpyware 2009[26]
* Antispyware 2010
* Antivirus 7
* Antivirus Soft [27]
* Antivirus Suite [28]
* Antivirus System PRO[29]
* AntiSpyware Bot from 2Squared Software
* AntiSpywareExpert[30]
* AntiSpywareMaster[31]
* AntiSpywareSuite[32]
* AntiSpyware Shield[33]
* Antivermins[34]
* Antivirus 2008[35]
* Antivirus 2009[36]
* Antivirus XP 2010[37]
* Antivirus 2010 (also known as Anti-virus-1)[38],[39]
* Antivirus 360[40]
* Antivirus Pro 2009[41]
* AntiVirus Gold [42]
* Antivirus Live[43],[44]
* Antivirus Master[45]
* Antivirus XP 2008[46]
* Antivirus Pro 2010[47]
* Avatod Antispyware 8.0[48]
* Awola[49]
* BestsellerAntivirus[50]
* Cleanator[51]
* ContraVirus[52]
* Control Center
* Cyber Security[53]
* CyberDefender
* Doctor Antivirus[54]
* Doctor Antivirus 2008[55]
* DriveCleaner[56]
* Dr Guard[57]
* EasySpywareCleaner[58]
* eco AntiVirus
* Errorsafe[59]
* ErrorSmart
* Flu Shot 4[60][61] (probably the earliest well-known instance of rogue security software)
* Green Antivirus 2009[62]
* IE Antivirus (aka IE Antivirus 3.2)[63]
* IEDefender[64]
* InfeStop[65]
* Internet Antivirus (aka Internet Antivirus Pro, distributed by plus4scan.com)[66]
* Internet Security 2010[67],[68]
* KVMSecure[69]
* Live PC Care
* MacSweeper[70]
* MalwareCrush[71]
* MalwareCore[72]
* MalwareAlarm[73]
* Malware Bell (a.k.a. Malware Bell 3.2)[74]
* Malware Defender (not to be confused with the HIPS firewall of the same name)[75]
* Malware Defense
* MS Antivirus (not to be confused with Microsoft Antivirus or Microsoft Security Essentials)[76]
* MS AntiSpyware 2009 (not to be confused with Microsoft AntiSpyware, now Windows Defender)[77]
* MaxAntiSpy[78]
* My Security Wall
* MxOne Antivirus[79]
* Netcom3 Cleaner[80]
* Paladin Antivirus
* PCSecureSystem[81]
* PC Antispy[82]
* PC AntiSpyWare 2010[83]
* PC Clean Pro[84]
* PC Privacy Cleaner[85]
* PerfectCleaner[86]
* Perfect Defender 2009[87]
* PersonalAntiSpy Free[88]
* Personal Antivirus[89]
* Personal Security[90]
* PAL Spyware Remover[91]
* PCPrivacy Tools[92]
* PC Antispyware[93]
* PSGuard[94]
* Privacy Center
* Rapid AntiVirus[95]
* Real AntiVirus[96]
* Registry Great[97]
* Safety Alerter 2006[98]
* Safety Center
* SafetyKeeper[99]
* SaliarAR[100]
* SecureFighter[101]
* SecurePCCleaner[102]
* SecureVeteran[103]
* Security Scan 2009 [104]
* Security Tool [105]
* Security Toolbar 7.1[106]
* SiteAdware
* Security Essentials 2010 (not to be confused with Microsoft Security Essentials)[107]
* Smart Antivirus 2009[108]
* Soft Soldier[109]
* SpyAxe[110]
* Spy Away[111]
* SpyCrush[112]
* Spydawn[113]
* SpyGuarder[114]
* SpyHeal (a.k.a SpyHeals & VirusHeal)[115]
* SpyMarshal[116]
* Spylocked[117]
* SpySheriff (a.k.a PestTrap, BraveSentry, SpyTrooper)[118]
* SpySpotter[119]
* SpywareBot (Spybot - Search & Destroy knockoff, Now known as SpywareSTOP).[120]
* Spyware Cleaner[121]
* SpywareGuard 2008 (not to be confused with SpywareGuard by Javacool Software)[122] [123]
* Spyware Protect 2009[124]
* SpywareQuake[125]
* SpywareSheriff (often confused with SpySheriff)[126]
* Spyware Stormer[127]
* Spy Tool
* Spyware Striker Pro[128]
* Spyware Protect 2009[129]
* SpywareStrike[130]
* SpyRid[131]
* SpyWiper[132]
* SysGuard
* System Antivirus 2008[133]
* System Live Protect[134]
* SystemDoctor[135]
* System Security[136]
* Total Secure 2009[137]
* Total Security
* TrustedAntivirus[138]
* TheSpyBot (Spybot - Search & Destroy knockoff)[139]
* UltimateCleaner[140]
* VirusHeat[141]
* VirusIsolator[142]
* Virus Locker[143]
* VirusProtectPro (a.k.a AntiVirGear)[144]
* VirusRemover2008[145]
* VirusRemover2009[146]
* VirusMelt[147]
* VirusRanger[148]
* Virus Response Lab 2009[149]
* VirusTrigger[150]
* Vista Antispyware 2010[151]
* Vista Antivirus 2008[152]
* Vista Internet Security 2010
* Volcano Security Suite
* Win 7 Antivirus 2010
* WinAntiVirus Pro 2006[153]
* WinDefender (not to be confused with the legitimate Windows Defender)[154]
* Windows Police Pro[155]
* Windows Protection Suite[156]
* WinFixer[157]
* WinHound[158]
* Winpc Antivirus[159]
* Winpc Defender[160]
* WinSpywareProtect[161]
* WinWeb Security 2008[162]
* WorldAntiSpy[163]
* XP AntiMalware[164]
* XP AntiSpyware 2009[165]
* XP AntiSpyware 2010[166]
* XP Antivirus 2010[167]
* XP Antivirus Pro 2010[168]
* XP Internet Security 2010
* XP Security Tool[169] (not to be confused with Security Tool.)
* XP-Shield[170]
* Zinaps AntiSpyware 2008[171]
Originally posted by me on HF.
RE: [Tutorial]Removing Rogue anti viruses (With large list of)[Tutorial] - Dragon Hawk - 08-29-2010
looks like a good tutorial
RE: [Tutorial]Removing Rogue anti viruses (With large list of)[Tutorial] - Zurmi - 08-31-2010
Nice simple tutorial.
RE: [Tutorial]Removing Rogue anti viruses (With large list of)[Tutorial] - SpankDaHobo - 10-09-2010
Some fake anti-virus are a pain in the ass to deal with like Dr. Watson or whatever it was, I had to restart my computer in safe mode and delete the whole thing.
RE: [Tutorial]Removing Rogue anti viruses (With large list of)[Tutorial] - abel305 - 10-10-2010
Nice simple tutorial man thanks.
RE: [Tutorial]Removing Rogue anti viruses (With large list of)[Tutorial] - ariton - 10-15-2010
Nice tutorial. Helped my friend. He had a Rogue Anti-Virus that asked him every minute to pay a premium account for 40$.
My cousine uses Windows Vista, but the GUI of the Rogue Anti-Virus was Windows XP GUI, and I started to smell something fishy, then I visited this thread.
RE: [Tutorial]Removing Rogue anti viruses (With large list of)[Tutorial] - Apocalypse - 10-21-2010
(10-09-2010, 09:34 AM)SpankDaHobo Wrote: Some fake anti-virus are a pain in the ass to deal with like Dr. Watson or whatever it was, I had to restart my computer in safe mode and delete the whole thing.
I had to reformat when I had one because I didn't know of this thread and I had not joined any forums.
|