sclchina.com

How To Remove Security Tool and Other Rogue Antiviruses

7
Fake, or 'rogue', antivirus products have become among the most prevalent of viruses in recent years. They present themselves as a legitimate virus removal solution, while simultaneously locking down your computer, and attempting to to steal your personal information and identity. What's worse, most real antivirus removal programs on the market do not protect the consumer from these viruses, and cannot remove them once infected. The few programs that can remove them, such as Malwarebyte's, do not protect you well from reinfection, and may not be successful at the removal in the first place.
This begs the question; what are you to do? Well, this article is going to give you two options for removal. I recommend the first, especially for those who are not very computer savvy.

1. The best removal software.
A new piece of software has recently entered the market and was designed specifically for targeting and removing these rogue anti-viruses. The software not only removes the virus, and is 100% guaranteed to do so, it also keeps you from being reinfected, and teaches you how the virus infects your computer and how to avoid it in the first place.
The software is also much cheaper than most antivirus programs. So, there is no reason not to give that a shot. There will be a link at the bottom of this page with more information.

2. Removing the virus yourself.
I recommend the first option over this one because this method will only remove the virus once, and serves as no form of protection. If you are comfortable accessing hidden folders, safe mode, and changing proxy settings, read on.

Step 1. Boot into safe mode.
The first step requires you to turn off your computer. When you turn the computer back on, keep hitting the f8 button on your keyboard until a menu comes up. This menu should give you the option to boot Windows into safe mode.

Once in safe mode, the process may vary a little based on which version of Windows you are running.

Step 2. Disable the virus.

Windows XP: Click the start button in the bottom left of the screen. Then, click run. In the box that pops up you will want to type "msconfig".

Windows Vista/7: Click the start button, and in the search box, type in "msconfig".

This will bring up a configuration utility. Click on the startup tab. Here, you will need to use some discretion. You need to pinpoint which of the items in this list is the virus. Usually, it will have a nonsensical name like "489fh93n92". Uncheck the virus once you find it. There may be multiples, as you may be infected multiple times, Uncheck any of these types of items.

Step 3. Locate the virus.
While still in the startup section, there are four columns. The first column is Startup Item, then Manufacturer, Command, and Location. Whichever item in the list was the virus, you need to write down the command address of the entry.

Step 4. Remove the Virus
Once you have the Command written down, open up My Computer and navigate to the address that you wrote down. You are best off typing the address in than navigating manually as 90% of the time these viruses are in hidden folders. Once here, you will see the virus files. Delete all of these files.

Step 5. Verify Proxy settings.
The next step is to thwart reinfection. It is common for these viruses to change your proxy settings. What this does is redirect you every time you get online, instantly reinfecting you with the virus. So, open up Internet explorer, go to tools - Internet options - connections- LAN settings. Here make sure proxy server is unchecked, and "automatically detect settings" is checked.

Step 6. Reboot
Congratulations, you removed the virus. Now restart the computer in the regular way. I do recommend getting the software to keep you from getting reinfected, but at least you have a working computer again!

Source...
Subscribe to our newsletter
Sign up here to get the latest news, updates and special offers delivered directly to your inbox.
You can unsubscribe at any time

Leave A Reply

Your email address will not be published.