These fake Microsoft Security Essentials Trojan will try to trick you into thinking that your system is infected, so you'll buy and install one of the 6 rogue anti-virus software that is distributed. When Trojan gets executed will display a message that looks very similar to a legitimate Microsoft Security Essentials upozorenje.Lažni warning will be called "Microsoft Security Essentials Alert," and will state that the Trojan has been detected on your computer system. This Trojan will be listed as "Unknown Win32/Trojan 'and will be described as a severe infection.
At this point you have two equally destructive options to choose from, if you click on the "Clean computer" or "Apply Actions" button, you will be informed that the infection could not be removed, and you'll be prompted to scan 'online '. If you decide to click on' online Scan "button will appear showing a list of 36 different anti-virus program. 30 of these programs are legitimate anti-virus programs, and 6 are a rogue anti-virus programa.6 rogue anti-virus programs are:
of the Red Cross Antivirus
Peak Protection 2010
Pest Detector 4.1
Chief of Defence Kit
ThinkPoint
AntiSpySafeguard
In counterfeit Online Scan, only programs listed will say that they discovered that they believe the Trojan. Appearing with or with each of the rogue anti-virus software is "Free Install" button. This appears to be fooled into installing rogue software. If you press the "Free Install button your computer will reboot and a rogue program you selected will be made to run a fake scan of your computer system will begin. After the scan is completed you will be informed that the tramp was only able to remove some of the infection, remove the remaining infections are prompted to buy the full version. At this point your computer will most likely be able to open many programs and when you try will be presented with a message that these programs can not be executed because zaraženi.Poruke looks like this:
"taskmgr.exe application was launched successfully, but it was forced to close due to safety reasons."
"This happened because the request is infected with malicious software that could pose a threat to the OS."
"It is highly recommended that you install the necessary heuristic module and perform a full scan of your computer to exterminate it from malicious programs .'
"Warning: The database is updated !'
"Warning: Running trial !'
These messages are completely false and can be completely ignored.
If your computer is infected with this rogue anti-virus software, you will need to download some tools from the Internet to eliminate this infection. However, if your system is infected it is possible that you May not be able to download the software using the infected computer. If so you may need to download the tools they need to clean your system at various uninfected machine, transfer files to a USB drive, external drive or CD / DVD and then copy the software on the infected computer.
The first thing you should do is stop the processes that belong Fake Microsoft Essentials Alert, so that they do not affect the cleaning process. To do this, you will need to download RKill. RKill a program of the guys over at BleepingComputer.com which is designed to cancel the known malware process.
BleepingComputer If you are looking for a web page 'RKill' ll find a link to download.
to the download page, click on the button labeled 'iexplore.exe download link'. Save the file on your desktop, or if you downloaded the file to another computer, copied to the desktop of the infected machine.
Double click on the icon iexplorer.exe attempt terminating all processes associated with the Fake Microsoft Essentials and other rogue software. On May take a few minutes and wait. When the program finished the window will close. If you get a message that RKill the infection only to ignore it. In some cases RKill program will be stopped by rogue software. If this happens you can try leaving a message warning RKill open and running again. If RKill continue to be shut down by the rogue software that you can try downloading one of the other versions RKill listed on the download page. All files on the download page just renamed versions RKill.
Do not restart the computer after completing RKill or trojan will start again.
The next step is to download Malwarebytes Anti-Malware.
you will find a link to download the Malwarebytes Anti-Malware at malwarebytes.org
Download the file to your desktop, or if you use another computer to download the file, copy it to your desktop on the infected computer.
Close all open windows (including this one, if you clean this computer ).
Double click on the icon labeled "mbam-setup.exe '. This will start the installation process.
Just follow the instructions and leave all settings to default. After completion of the installation process to make sure that 'Update Malwarebytes Anti-Malware' and 'Run Malwarebytes Anti-Malware' are both checked. Do it again!
Malwarebytes will run and you should see the initial screen.
Be sure to 'Perform full scan' is selected and then click on 'Scan' button.
, the scanning process may take some time so find something to do while waiting to complete.
Once the scan is completed, click "Show Results" button.
Now click the "Remove Selected" button.
Malwarebytes May require you to reboot at this point to complete the removal process.
Good luck!
No comments:
Post a Comment