Removing Fake Antivirus Software
The vast majority of computer users would have at some point experienced or at least know someone who has had the misfortune of having a rogue application on their computer. Although there are several terms that this type of software is referred by, the most commonly used term to describe it is fake antivirus software, which is a kind of application that tricks you into believing that it is an authentic antivirus tool.
It gets onto your computer, and then it runs what appears to be a real scan of your system, but is in fact a simulation of one. After it completes this fake scan, it tells you that your computer is infected with viruses, worms, Trojans and other malicious files, and that you must purchase the software in order to remove it. This is a lie of course, as all the issues it presents are fabricated by the application itself.
There are similar types of software that fool you into believing that your hard drive is about to die, telling you that you must purchase said software to recover your data before it all fails.
In most cases, these fake antivirus programs will interfere with the current internet security solution you have installed on your computer, usually by disabling it. This rouge application will also prohibit you from running any .exe files, such as security scanners, internet browsers, Task Manager, registry editor, command prompt, essentially all the programs you’d need to access in order to get rid of the software. It locks the computer down to a shell, preventing you from doing anything but purchase the software.
The main thing about these kinds of programs is that typically it will not corrupt your personal files, which means your personal data is not at risk, as it would if your system was infected with a virus. Instead, they lock the computer down and force you into paying for the fake software, or until you are able to somehow kill the application and clean up your computer. Of course, this is not the only kind of rouge software out there; you also have ransomware, which is very similar only a little more aggressive, as these kinds of applications will lock you completely out of your system until you make payment.
Thankfully, these fake internet security tools, and hard drive recovery applications can be removed, if you have the knowhow and expertise to do it. But the easiest solution is to use specialised software to remove it for you. These programs can kill the program, while your malware scanner does the rest, cleaning up all the remnants of the program. Other tools can remove and clean the computer at the same time.
Anyway, of the available tools, the most effective I would say, is the following:
Remove Fake Antivirus
Uninstalling or removing these fake internet security tools from your computer can be a fairly difficult task. That is why the use of specialised software is your best option. Remove Fake Antivirus is the first tool that I would recommend and that is because it is more than capable of removing these programs from your computer.
There are many different fake antivirus programs around, and this tool can remove virtually all of them.
All your need to do is download and click on the Start button. It may take some time, but when it’s complete, the software should be completely removed from your system.
This application is also updated quite frequently by those who developed it, which means you can be safe in the knowledge that it will be able to remove any new fake software, in the event that your computer becomes infected again.
Malwarebytes is probably one of the most popular antimalware tools available today, and that’s for good reason. This tool is very proficient at removing fake antivirus, hard drive, and ransomware tools. The best thing about Malwarebytes is its ability to remove said programs while restoring your system back to its previous working order. It does this by removing all registry entries and alterations made to the system settings by the fake software.
With Malwarebytes Pro, you have software that is capable of protecting your system from these types of software from every getting onto your system. The free edition does not come with on-demand scanning, which means it can only be used to fix your computer after the fact. However, Malwarebytes Pro supports on-demand scanning, which means it can and will scan every last file that comes onto your system, this way programs can and will be removed before they cause any damage to your computer.
The Malwarebytes Chameleon tool is another option designed to allow the end user install a legitimate antivirus tool on their computer while these rouge or fake applications are on the computer. This is very important; as there is a strong possibility that, despite having the appropriate software to remove the tool from your computer, the rouge software itself may simply block you from running it. This tool works by killing any rouge processes, then downloading and installing Malwarebytes antimalware automatically.
This method doesn’t always work, as there are some rouge applications that can block the Chameleon tool from running, such as Smart Internet Security Fake Antivirus.
Malwarebytes Antimalware is definitely one of the best programs to use for situations like this. I’ve personally use it myself when my system was hijacked by a fake application. In my particular situation, I booted into Safe Mode, and then ran it; this prevented the fake software from blocking Malwarebytes. So that’s something you may want to keep in mind, when faced with this same problem.
RKill is a tool that was designed specifically for ending the process of the fake antivirus program or other similar rouge software. Over the years, it has developed more features, making it useful for a number of different tasks.
Despite the usefulness of its additional repair features, the RKill tool was not designed to remove the rouge software, but simply a means to stop it from running on your computer. To remove the program and the entries it’s made to your registry, you will need to use third-party internet security software, like Malwarebytes, which I have already written about.