Trust Kroll Ontrack to recover your data

How to remove fake security software

Fake Security Software

Computer deskTo go online without using security and anti-spyware programs is close to crazy, as its imperative to safeguard your computer against rogue viruses and other malicious codes that litter the Internet.

Yet from our PC repair work their seem to be far too many people who don't have this basic but nonetheless essential protection installed.

It is with this background that a number of unscrupulous 'thieves' have tried to get people to pay for fake security software.

This sort of software is most commonly defined as malware - it is designed specifically to damage or disrupt your computer system. It will also try to trick you into making an unsecured credit card purchase.

These fake security programs usually appear in the form of a warning on your computer monitor that reads something like:

You have a specific number of viruses on your computer (usually in the hundreds) and that this 'fake software' has detected those viruses.

To remove these fictitious viruses, you will be prompted to buy the full-version of the fake security software.

The good news is that you probably do not have a PC that is infested with hundreds of viruses as this software claims. The bad news is that this fake software has installed itself on your computer and you must try to remove it.

Removal is often tricky because these fake programs can lock the Windows Control Panel and the Add/Remove Programs function to prevent you from removing it. Disabling these two tools make the job of removing these infections very difficult.

Other things that may be disrupted by the fake software include:

  • Being unable to visit valid anti-virus and malware web sites.
  • Being unable to install legitimate security software.
  • Being unable to properly access your desktop.

The fake security software wants to stop you from removing its program and wants you to proceed with the credit card purchase instead. So, in the worst cases, virtually the only program you can interact with is the fake software itself.

It's important to remember that by purchasing the full version of the fake software to remove the supposed viruses you will be submitting your personal information to unscrupulous people and may also end up being the victim of a credit card scam or even identity theft.

Here are just some of the names of the fake security software that you might unfortunately come across:

  • AntiVirus 2007, 2008, and 2009
  • AV AntiSpyware
  • Extra Antivirus
  • Home Antivirus 2009 and 2010
  • Malware Cleaner
  • MS-Antispyware
  • SpyWareGuard
  • SpywareProtect2009
  • WinPC Defender
  • Windows XP Repair
  • XP AntiVirus 2007, 2008, 2009 and 2010

New names are being thought up by the cyber criminals all the time and are used to try and fool you - so be careful what you click on as you surf the Internet.

The reason these fake programs are so successful - for the malicious coders - is because the warning screens and the software's appearance closely resemble the real thing, plus the fake software's name will closely resemble or sound like legitimate security programs, that you may have heard of.

When you visit an infected website you might see a warning screen pop up and think that it is a legitimate warning message. Alternatively you might be asked to download free anti-virus or anti-spyware software.

Before you download or click anything make sure you know it's safe to do so.

You may also visit a website to try and view a video and a screen may pop up telling you that you need to download a codec to view the file. The window prompting you to download the codec looks legitimate, however you are not going to download a codec - instead you will receive one of the many fake security software programs that circulate around the Internet.

How to Spot Fake Security Warnings

For the most part, you need to look at the windows that are popping up and the name of the program being shown.

If you know the program name of the security and spyware software you use, then seeing a different name in the warning window is the first clue.

Remember - Windows itself doesn't warn you of a virus.

Legitimate warnings from your computer system would come from the security program you have already installed.

Removing the Fake Security Software

Once downloaded to your PC it can be a really difficult task to remove fake security programs from your computer. To complicate the matter, there are many variations of these malicious programs and not all variants can be removed in the same way. Unfortunately, this is not something that novice computer users may be able to deal with on their own.

Also, due to the wide availability of these dangerous programs and people searching for answers on how to remove them, a number of scam programs also exist that lead users to believe the infection can be removed. All you have to do is download the new program so removal can begin.

Programs that claim to rid your system of a fake security program will scan your system and then prompt you for a credit card number so you can download a full version of the program to remove the infection. Sound familiar? It should be. This is a vicious cycle that users can become trapped in.

Still, the good news is that in many instances you can get rid of the fake security program without wiping and formatting your hard drive.

If you are already infected and you cannot access legitimate security related Web sites, you will need to download the following programs from a second computer and burn them to CD, or to a flash drive, to run on the infected computer.

1. CCleaner

2. Malwarebytes

3. AdAware

4. SpyBot Search and Destroy

All the above programs offer freeware versions - see our reviews page.

Before running any of these programs, you should turn off System Restore. If you don't turn it off, the programs may not be able to access those system files to clean them. You can turn it back on after you have successfully removed the fake security program.

In most cases, the fake security software may block one or more of these legitimate programs and not let them install.

If this is the case, you will need to open the folder where the fake security software is installed (generally in your Program Files or Program Files (x86) folders) and rename the fake programs executable file (.exe) to anything other than the program's name. (e.g. rename fake.exe to dead.exe).

Now restart your PC with your flash drive or CD already in place and as soon as Windows starts go to the appropriate folder where your programs are located and install CCleaner and run the program.

Also run the other three programs to clear out any rogue files.

Once you have run all the programs, be sure to go back and run CCleaner a final time to get rid of dead registry links from having the fake security software removed. Continue to run the registry option of CCleaner until no further problems are found.

Once the infection is removed make sure you keep all the above programs and run them often. You should also get a good and legitimate anti-virus program to protect you in the future from deadly attacks like this. By following these tips you can avoid being the victim of a disabled PC, and avoid the risk of credit card scams or even identity theft.

Read more articles about PC repairs, Web design & SEO