Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Introduction to Rogue Anti-Virus

30 Jun 2010   #11

Windows 7 Enterprise x64 SP1

Oh, those screenshots take me back to when I first encountered this type of threat. They were the most fun to clean off of client computers. :) A poor client said he suckered into this scam and entered his credit card to buy it. No clue if he ever got his money back or if he was a victim of id theft.

I think I even got one of those on one of my computers years ago. I think I had opened a website that was hacked.

Back then, I manually cleaned the malware off. Now, I use Malwarebytes.

My System SpecsSystem Spec
01 Jul 2010   #12

El Capitan / Windows 10

Boot safe mode with network in 7, download malwarebytes and do a full scan. That will clean up the easy stuff. Then go to and get and
Examine each user in autoruns and delete suspicious entries. Then examine all processes in procexp. Use Verify Image Signatures for more info.
My System SpecsSystem Spec
14 Jul 2010   #13

Windows 7 Ultimate RTM (Technet)

RKill and ComboFix are all you need to remove these little buggers. Google for ComboFix and you'll find both. I clean 4-5 machines per week.
My System SpecsSystem Spec

15 Jul 2010   #14

Win 7 Ultimate 32bit

Well,, be careful using ComboFix, there is a warning to using it, take head of it and back up your system prior to using it. It can and has blown up systems in the past.

But, when it works, it is great, and I am not saying don't try it, just be ready for the worst.
My System SpecsSystem Spec
15 Jul 2010   #15

Windows 7 Ultimate 32 bit

Jan, somehow I missed this thread. Thanks for posting it. It is good information.
My System SpecsSystem Spec
15 Jul 2010   #16

Windows 7 Professional SP1 64-bit

Ah, rouge antivirus's. I had to give a speech on these at school last semester (speech classes are mandatory for my degree). The teacher was 50, hated computers, and most speeches about technology. I managed to get an A on that speech....

But enough about that. I take care of these for people all the time and when its not a dirt poor college student I'm doing it for, I charge about $30 bucks to do it. Great way to make some extra cash. I don't care for MalwareBytes and a lot of these rouge anti-viruses come with programming to prevent the instillation or running of it anyways. Since there are so many that know how to make it run even if this programming exist, I can usually find a list of files and registry entries online and remove everything manually via safe mode. I then install MSE or AVG and let that remove any part of it I missed. I only know one person that actually paid for the program and it definitely installed something like it said it would. Too bad the stuff it installed was a bunch of adware. Made it harder to get the job done but made me feel justified in charging $50.
My System SpecsSystem Spec
15 Jul 2010   #17

Windows 7 Ultimate 32 bit

Congratulations on the A. I would like to have heard the speech.
My System SpecsSystem Spec
15 Jul 2010   #18

Main - Windows 7 Pro SP1 64-Bit; 2nd - Windows Server 2008 R2

Not exactly a rogue "Anti-Virus", but definitely a rogue:

ZeuS Trojan Learns How to Spoof Credit Card Security Popups | Maximum PC

Attached Images
Introduction to Rogue Anti-Virus-zues.jpg 
My System SpecsSystem Spec
15 Jul 2010   #19

Windows 7 Professional SP1 64-bit

Thats definately something to watch out for profdlp. Thanks for the info.
My System SpecsSystem Spec
16 Jul 2010   #20
Microsoft MVP

Windows 7 Ultimate 32bit SP1

So many of these "Rogue" (anti) Viruses include a Rootkit Rootkit - Wikipedia, the free encyclopedia
I won't even try to clean up a rootkit because the OS will remain unstable. This really requires a 'wipe' and "clean installation" of the Windows operating service.
My System SpecsSystem Spec

 Introduction to Rogue Anti-Virus

Thread Tools

Similar help and support threads
Thread Forum
Avast Free anti-virus : unwanted anti-spam toolbar in Outlook 2003
Hi, I have had Avast Free anti-virus for a long time. At some point, after an automatic upgrade, all my messages in Outlook 2003 got an added anti-spam toolbar from Avast. I don't want it. I did not find any way to make it go away from inside Outlook. It does not appear as an add-on in the...
System Security
Test your anti-malware/anti-virus protection with EICAR
As many of you know(quite a few don't) what EICAR is, this is a open poll to see what programs pick it up and what programs fail the basic tests. I am conducting this poll because A-Squared failed to see this on a scan, but MSE picked it up before it could be downloaded. So after you take...
System Security
BSOD 00x50 vipre anti-virus conflicting with new anti-virus
I did a bonehead move of installing PC tools anti-virus before uninstalling vipre on my wife who's out of town. The kids infected it playing flash games. long story short, Her Gateway (win7 home premium) is on a a start-up loop. All I can get to work with a recovery disk is get into the DOS prompt...
BSOD Help and Support
Anti-malware, Anti-virus, Anti-spyware
First of all i would like to apologize if this topic is in wrong category, or it should not even be asked on this site. And second of all, please be patience :) i'm a noob looking for answers :o So whats all about? Well i'm meeting new terms here and i have no idea what they mean and what they do....
System Security
How to Remove Win 7 Anti-Spyware 2011 (Fake Anti-Virus Infections)
How to Remove Win 7 Anti-Spyware 2011 (Fake Anti-Virus Infections) Source ...
System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 20:18.
Twitter Facebook Google+