Fake anti-viruses are the most important and dangerous infections from which we need to be cautious about. They keep pestering us with pop-ups showing many risks and show us to purchase a full version of it when we click on clean infections. This includes spy wares that take access of most of the system processes and disable most of the trouble shooting tool in windows. Since they take spy on computers after getting installed they are called Spy wares. These fake anti-viruses are created by hackers trying to steal your money using the tactics: fake alerts, wrong scan results and Interfaces that look similar to popular anti-virus software. They will make PC run slow. This can infect operating systems XP, Vista and win-7
It is one of the most popular spyware that is being spread these days. All the spywares work in a same fashion.
- Pop-up on some website
- Gets installed once we click on them
- Runs a scan at the system start up and at regular intervals of time
- Shows a page where it asks to purchase once we click on get full version which in turn will help hackers to steal your money.
HOW TO REMOVE THEM MANUALLY:
- Once the computer is infected with Thinkpoint fake anti-virus it starts to show up at the boot up screen once the windows logo shows up.
- Click on Safe Start up it will run a scan and shows the threats
- Press Ctrl+Shift+Esc, this will load Task manager
- You will see hotfix.exe or defender.exe, right click on it and click on go to processes, click on End Process and OK.
- Click on Application tab on the top and click on New Task at the bottom. It will open a new window like this
- Type 'explorer.exe' in the space provided and click on OK.
- Once you click on start up you will find startup items starting with any number or just blank entry click on that , click disable and goto Location subtab which is the location of it in the registry.
- Just click on that entry in registry and delete it. After that Search for that same entry in registry delete all entries of it.
- We also need to check in Application data in Documents and Settings for some of its files we have to delete them, if we don't find them it has not affected this folder
- If they won't get deleted we need to boot the system in safe mode and go to Application data and delete the folder on its name.
- Run a full system scan using any popular anti-virus scanner after updating its definitions.
SUMMARY:
End the process in task manager.
Start explorer process.
Goto Start up in Ms-config and disable for unknown program
Goto registry using the path in startup location in ms-config and delete that registry entry with that same name.
Scan using any good anti-virus program.
3 comments:
hijack this is very helpful in removing viruses and infections
Is there a different anti-virus program which can help me with these infections ?
Yes, one of the good virus detecting tools is GMER and for removing trojans and malware we can use Trojan remover.
Post a Comment