Pinterest Stumbleupon Whatsapp
Ads by Google

I hate, I repeat, I HATE fake antivirus programs with a fury! You know exactly what I am talking about. These are pieces of software that advertise their ability to protect and fix your machine, yet once they are installed, they take over your machine, disable your antivirus and hold your computer as a virtual hostage.

Here is an example of one of these roguee programs. It is called Antivirus 2008 and there is another called Antivirus 2009 that looks identical to it but with the different year. If you have never seen anything like this”¦ Then good for you! You are doing a great job at security (or you are using a Mac or Nix’ box!)

remove fake antivirus

I’ve found a great free app that helps remove fake antivirus applications. It’s aptly called Remove Fake Antivirus. Check out the list of applications that it detects and removes. Each of these links will take you to the author’s blogspot which will tell you more about the threat.

  1. Cyber Security
  2. Alpha Antivirus
  3. Braviax
  4. Windows Police Pro
  5. Antivirus Pro 2010
  6. PC Antispyware 2010
  7. FraudTool.MalwareProtector.d
  8. Winshield2009.com
  9. Green AV
  10. Windows Protection Suite
  11. Total Security 2009
  12. Windows System Suite
  13. Antivirus BEST
  14. System Security
  15. Personal Antivirus
  16. System Security 2009
  17. Malware Doctor
  18. Antivirus System Pro
  19. WinPC Defender
  20. Anti-Virus-1
  21. Spyware Guard 2008
  22. System Guard 2009
  23. Antivirus 2009
  24. Antivirus 2010
  25. Antivirus Pro 2009
  26. Antivirus 360 and
  27. MS Antispyware 2009

OK so I am assuming that you have one of these infections and you want to use Remove Fake Antivirus to fix your machine up. Let’s see how we can do that. First we start by downloading the application from here. That is a direct link because the download page is polluted with Google ads and confuses users as to what to download. The author’s site can be found here.

Run the application and you will first see its welcome screen listing the nastiness it can deal with and then you will see this screen:

Ads by Google

Remove1

Go ahead and hit ‘Yes’ and it will start scanning  your local machine for the fake applications listed above.

You can go ahead and click Show details to get a closer look as to what is going on:remove fake antivirus

As it goes through each possible infection you will see it listed on the console. Don’t be alarmed, this does not mean that your PC has the infections.

remove3

Up until now my only solution was Malware Bytes demo version. But now it looks like Remove Fake Antivirus 1.35 is going to be my go-to program. It took 6 minutes to run the full scan. I had originally located this application while battling Antivirus 2009 yesterday. And it worked like a charm!

Once the application has completed you will see this screen:

fake antivirus removal

Click Yes and all the files that Remove Fake Antivirus could not remove because the files were in use will then be kicked to the curb. The author’s site also serves up suggestions for how to deal with and prevent these types of infections. Among them is to set the UAC prompts to the highest levels – I guess I should not have mine disabled, eh?

Remove Fake AntivirusDownload

For more information about fake antivirus software, read Ryan’s post “Detect Fake Antivirus software & Spyware Removal programs Detect Fake Antivirus software & Spyware Removal programs Detect Fake Antivirus software & Spyware Removal programs Read More “. How do you deal with rouge or fake antivirus or spyware applications? Do you have policies that keep this type of stuff out of your corporate environments? What do you do or use? Please share with us in the comments so we can learn from each other!

  1. 1fastbullet
    November 21, 2009 at 12:13 am

    Great find.
    My neighbor is the type that, if it's free, it gets put on his machine. He keeps my rent paid for me, as I'm forever cleaning up the garbage he downloads.

    One Question: has anyone attempted using this from an USB flash drive? Mwn, this would be great to use from one!!

  2. Noah
    October 24, 2009 at 5:37 am

    See, I told you it would cause system damage. To repair it fully, you'll need the disk. Then run sfc /scannow . To prevent this happening in the future, make sure you start it in safe mode.

  3. Zequez
    October 23, 2009 at 11:44 pm

    And why you would download fake antivirus? It's just stupid. Really the people download software from banners?

  4. Altzan
    October 23, 2009 at 11:18 pm

    I tried running this and got an error: So-and-so illegal operation, Ignore or Abort.
    Can't get it to work on either XP or 2000.

    • Altzan
      October 23, 2009 at 11:57 pm

      GREAT. I ran this, and now I am getting a BSOD every time I boot the computer... 0x0000001E win32k.sys
      It's totally unusable now.

      • Zequez
        October 24, 2009 at 1:52 am

        LOL! Go linux! xD

  5. Mithun John Jacob
    October 23, 2009 at 10:21 pm

    Why we need another software when we are having AVs like KAV ?

  6. catester
    October 23, 2009 at 11:56 am

    Karl, This is VIPRE Antivirus + Antispyware, version 3.`.2837. My defs are up to date.

    I receive that message when I try to download the file from the site you linked to. I did not override the warning and download the program. Please contact me privately if you want more specifics; I'm happy to help.

  7. Gregor
    October 23, 2009 at 6:19 am

    Thanks Karl,

    exactly what i need when "that friend with constant computer problems" calls me explaining his antivirus is telling him he is infected. ;D

  8. catester
    October 23, 2009 at 1:18 am

    Just one problem...http://twitpic.com/mkfgs

    • Karl L. Gechlik
      October 23, 2009 at 8:35 am

      Catester what program is issuing the warning? It is listing the application as a numeric executable - an application that is NOT on my system.

      • EntrepreNerd
        October 29, 2009 at 3:14 am

        It also tries to change your default search provider. I have Google blocking such changes, which is why I know the attempt was made. I did not allow the change so I can not say what provider it tries to switch you to.

  9. Hiqutipie
    October 22, 2009 at 12:23 pm

    I know Symantec has a list of the Fake Software & Wikipedia has a partial list but where is the Full List posted for everyone and why haven't servers removed them...

    There are a ton of popups & advertisements that advise you to test your system with their software & that you can only repair the system by purchasing their software to fix all the problems they found...Its all false advertising & deceptive business practices which should be Flagged & Removed by Servers as well as made public...

    The Power users know how to avoid dangerous software but the average public user will be at High Risk until the net does a better job of policing itself...MacAfee siteadvisor & WOT should be out in front of this topic...

  10. Ishan@ILoveFreeSoftware
    October 22, 2009 at 11:49 am

    Fake Antivirus is really a headache. I am glad this tool can so easily take care of that.

  11. Noah
    October 22, 2009 at 10:28 am

    You should also note, removing them can destroy vital system files, so be careful when doing so.

  12. John D
    October 22, 2009 at 9:53 am

    I always found Malwarebytes to be 100% at removing such things, but it's always good to have another option!

  13. Altzan
    October 22, 2009 at 7:47 am

    Great Timing! I just got infected by Win Police Pro and I need to kill it. Gonna try this when I get home.

Leave a Reply

Your email address will not be published. Required fields are marked *