How can I remove Security Master AV malware?

Lanny April 12, 2011
Pinterest Stumbleupon Whatsapp

I accidentally downloaded it, now I can’t uninstall it. Can anyone help me?

  1. TinysLittleDevol
    February 7, 2012 at 3:47 pm

    What site did you download from??

    I'm tricking my friend cuz he used IE and clicked an ad that downloaded porn in my FAMILY PC!!

    I rly need that site link xd

  2. FIDELIS
    April 13, 2011 at 3:55 am

    Hello, the most important thing you can do everytime you restart your computer is not to run the scan that pops up in order to boot up completely. Some of these new fake antiviruses infect you more the more you scan. Try to close fake antivirus program windows if possible. Here are the steps that work 100 % with these kind of infections. I would recommend not to reformat because on my experience these kind of fake antiviruses are a pain but no really hard to get rid off.

    Go to the following site and download Rkill. Rkill is a tool specifically coded to stop the malware executable files from working. When you run Rkill and it finishes shutting down the malware files, you can use your computer normally until the next restart.

    http://www.bleepingcomputer.com/download/anti-virus/rkill

    If you are using a different computer, try to download the iExplore.exe version to a flash drive and run it from there by double clicking on the file. If you are using the infected computer, downloaded to your desktop. This version of the program is almost never stopped from running by malware because it imitates the explorer.exe file on your computer. Once the program is on flash drive, plug your flashdrive and run the program by double clicking on the file. Let the program do its thing and you will know that it stopped the malware when you see no icons on your desktop and your computer is behaving normally.

    Ok, after you run Rkill, malware will not stop you from downloading antivirus updates or antivirus programs. Take advantage of this, and go to http://www.malwarebytes.org/ and download the free version to your desktop or a flash drive. Also go to http://www.superantispyware.com/portablescanner.html?tag=SAS_HOMEPAGE and download the portable version of the file. It should have a .com extension. Malwarebytes and SuperAntiSpyware are two of the best antimalware tools available nowadays and best of all, the free versions are more than enough to fix malware problems.

    Now, in order for you to completely clean your computer, it is better if you disable the system restore and its restore points. It is important you do this because if not, malware might reinstall next time you restart your computer. Remember that if you use
    rkill, you will have no icons on your desktop, you will have to use the task manager to access programs. In order for you to access system restore, follow the next steps:

    -- press Ctrl + Alt +Del to launch Task Manager or Ctrl + Shift + Esc
    -- on menu, click on File
    -- select new Task
    -- enter the following command:

    %systemroot%system32restorerstrui.exe

    -- click on Ok
    -- click on System Restore Settings
    -- put a checkmark on Turn off System Restore on all drives
    -- click on ok

    When the steps above are done, restart your computer and access safemode. It would be optimal to select safemode with networking because then you will be able to update your antivirus software and SuperAntiSpyware. Here is a link explaining different ways of reaching safemode:

    http://bertk.mvps.org/html/safemode.html

    Once you are on safemode with networking you can either, copy the programs you downloaded from your flashdrive to your computer, or run the programs from your flashdrive. Double click on the SuperAntiSpyware program, select updates, and then run a full scan. When program is finished scanning delete any entries found and if asked to restart computer, choose no.

    Now, execute the Malwarebytes program, check for updates and run a complete scan. When scan is finished, delete any entries found. By now, your computer should be clean or almost clean. To make sure, update your antivirus if you have one installed, and/or download a antivirus program and run a full scan. Here are two good free options:
    avast free: http://www.avast.com/en-ca/free-antivirus-download
    security essentials: http://www.microsoft.com/security/pc-security/mse.aspx

    After you run all the complete scans for the softwares mentioned above, and your system is reported clean, restart computer on normal mode and to make sure, run complete scans of the two spyware fighting softwares and also a complete scan with your antivirus software. If nothing is found and system is clean, go back to system restore and enable it. Make sure that you create a system restore when system is clean. Hope it helps;

  3. Anonymous
    April 12, 2011 at 5:50 pm

    TRy ClamWIn
    http://www.clamwin.com/

    Scan on safe mode and also on normal mode.

  4. Roy
    April 12, 2011 at 5:42 pm

    This is a "good news/bad news" kind of answer :) The good news is that the Security Master AV infection is one that's well-known enough to have documentation and fixing instructions available online. The bad news is that getting rid of it will be a bit of a pain!

    I usually have pretty good results from using the guides on bleepingcomputer.com when my friends or family call me to remove infections from their computers. So, here is a link to their post on Security Master AV:
    http://www.bleepingcomputer.com/virus-removal/remove-security-master-av

    They instruct you to install and use the free version of Malwarebytes' Anti-Malware because it recognizes this particular infection and works for getting rid of it. You don't necessarily have to keep Malwarebytes' software once you're done with it, but you do need to run some sort of anti-malware protection on your PC at all times.

    The guide linked above gives step-by-step instructions with screenshots. There will be some files to manually delete after Malwarebytes finishes. It will take a little time and work, but you can get rid of the problem. Good luck!

    P.S., I usually like to back up important files and reinstall Windows after a bad infection. You may choose not to, but in my experience the only way to truly get back to optimal performance is a clean install.