PDA

View Full Version : Remove Fake Antivirus Software Programs


AtYourService
10-19-2009, 03:19 PM
http://www.ghacks.net/wp-content/uploads/2009/10/remove_fake_antivirus.jpg
Remove Fake Antivirus is a portable software program for the Windows operating system that has been designed to uninstall 27 different rogue antivirus software programs from the computer system. The following rogue security software programs can currently be removed with Remove Fake Antivirus:

Cyber Security
Alpha Antivirus
Braviax
Windows Police Pro
Antivirus Pro 2010
PC Antispyware 2010
FraudTool.MalwareProtector.d
Winshield2009.com
Green AV
Windows Protection Suite
Total Security 2009
Windows System Suite
Antivirus BEST
System Security
Personal Antivirus
System Security 2009
Malware Doctor
Antivirus System Pro
WinPC Defender
Anti-Virus-1
Spyware Guard 2008
System Guard 2009
Antivirus 2009
Antivirus 2010
Antivirus Pro 2009
Antivirus 360
MS Antispyware 2009

http://freeofvirus.blogspot.com/


i havent tested this at all so your mileage may vary

TekSiDoT
10-19-2009, 03:48 PM
if it lives up to its promise it certainly seems useful, going to test it, thanks for the heads-up.

edit: After testing a little I found it a bit weird as it "removed" all of the fake AntiVir programs - but lacked a clear indication of whether there actually were any of those programs installed.

NYJimbo
10-19-2009, 04:07 PM
Wow, if this really works its gonna shave alot of time off doing a cleanup.

Dunne_Computing
10-19-2009, 04:25 PM
Sounds like a useful peace of software but as TekSiDoT said it would be better if it checked to see if any of the "software" was actually installed.

ProTech Support
10-19-2009, 04:29 PM
I have a laptop coming in today that is infected with a rogue anti-virus, not sure which one it is at the moment, but if it is one on this list I will give the software a test run.

iisjman07
10-19-2009, 04:34 PM
This is perfect for on-site removal where time is of the essence. I added this link to my Ketarin script so it'll automatically update: "http://olzenkhaw.googlepages.com/RemoveFakeAntivirus.exe"

studiot
10-19-2009, 04:35 PM
83k seems rather small to me.

Even early versions of Stinger and Microsoft remover were 10 times bigger than this.

Siphon
10-19-2009, 04:48 PM
I just tested this on a machine that I know is clean and it said it removed everything that it searches for. Not just one or two of them, but everything it searches for. I'm sorry but this machine never had Antivirus 2009 installed. Makes me wonder if this actually does anything.

stevenamills
10-19-2009, 06:53 PM
Raymond's blog is one of the very few "must see" sites I check every day. It's a great resource.

You must, however, move slowly on some recommendations. Frequently, youthful exuberance overtakes necessary skepticism.

TekSiDoT
10-20-2009, 06:40 AM
Has anyone actually tried it under live conditions or put it to a test on a infected VM install? Would be nice to know it actually does what it says.

NickCat11
10-20-2009, 07:27 AM
I just gave this a shot on my test machine with Alpha Antivirus loaded up. It effectively removed it :)

Methical
10-20-2009, 11:17 AM
I've just been reading the comments over on the raymond.cc blog about this lil app. Alot of people are having problems with it; from not being able to connect to the internet, to BSoD's, to not working at all. Also deleted a users C# compiler as well.

Anyone here had any problems ?

studiot
10-20-2009, 12:01 PM
You're a programmer, Meth, (unlike me) can you not disassemble it?

Canadian Tech
10-20-2009, 12:45 PM
I've used it and haven't had any problems with it.

Howellga
10-20-2009, 02:20 PM
I have a customer coming in this morning with a Fake AV, I'll try it out and report back here.

ProTech Support
10-20-2009, 03:15 PM
Unfortunately the rogue a/v I had come in yesterday was not on the list, so I did not even bother with this. Judging from the later comments, I am happy I didn't :p .

I think its safe to say your best bet is to test this software on a VM rather then a functioning PC, seems it may turn your day to hell

Methical
10-20-2009, 09:39 PM
You're a programmer, Meth, (unlike me) can you not disassemble it?

Do you want the code studiot ? lol

You might be on to a winner here. Grab the code and make it better. Then sell it. Lol. These fellas make so much money off these fake A/V programs, why can't i make some to get rid of the fake A/V's ... lol

AtYourService
10-21-2009, 02:02 AM
blah i had alpha antivirus on a computer today and i forgot to test this out on it
next time :o

iisjman07
10-21-2009, 07:35 AM
isn't alpha antivirus just a clone of Personal Antivirus? I've had PAV but not alpha...

PatrickB
10-21-2009, 02:38 PM
I'm not sure if it is a clone, it probably is, but you can see screenshots of Alpha Antivirus and others by Google Imaging for that name.

http://images.google.com/images?sourceid=navclient&ie=UTF-8&rlz=1T4GGLL_enUS305US305&q=Alpha+Antivirus

-- Patrick B.

geekhelp4u
10-21-2009, 02:48 PM
Alot of people are having problems with it; from not being able to connect to the internet,

Anyone here had any problems ?

I could not connect to the internet after using. Ran ipconfig/release, ipconfig/flushdns, ipconfig/renew, ipconfig/registerdns and everything was back to normal

iisjman07
10-21-2009, 05:51 PM
I could not connect to the internet after using. Ran ipconfig/release, ipconfig/flushdns, ipconfig/renew, ipconfig/registerdns and everything was back to normal

That might not have been caused by this software though...

geekhelp4u
10-22-2009, 12:14 AM
That might not have been caused by this software though...

This software was the only thing I ran on a perfectly normal clean machine. After reboot - no internet. I ran Dial-a-fix which resulted in a few dll error - still no internet connection. Then I reset the IP settings and all was good.

Methical
10-22-2009, 12:18 AM
I've had a request for a disassemble. If i have time this weekend I'll look into it.

Howellga
10-22-2009, 07:42 PM
As far as my limited testing this product did what it said it would do, it removed Cyber Security with no problems and no lingering issues. I am going to try it again on another PC soon but I would still be cautious.

Methical
10-23-2009, 03:24 AM
For those who had the same internet connection problem as Chris (geekhelp4u) when running this app/utility.. use the following batch file to get your connection back up and running

ipconfig /release
ipconfig /renew
ipconfig /flushdns
ipconfig /registerdns

Make sure you save it as a .bat file.

DrumThumper
10-23-2009, 03:46 AM
For those who had the same internet connection problem as Chris (geekhelp4u) when running this app/utility.. use the following batch file to get your connection back up and running

ipconfig /release
ipconfig /renew
ipconfig /flushdns
ipconfig /registerdns

Make sure you save it as a .bat file.

It's simple things like this that I never think of doing. I need to get back into the habit of simplifying. Thanks for the reminder Meth!

Methical
10-23-2009, 03:58 AM
No worries mate. Check out the Scripts & Automation thread. Its hidden to non-members, so you might not of seen it before since your fairly new.

This script will only save 2 mins, but 2 mins is 2 mins at the end of the day.

iisjman07
10-23-2009, 05:33 PM
BTW, new version......................

bagellad
10-24-2009, 02:45 AM
Just a heads up that I needed to use Winsock fix two computers after this program, said media not found But it did seem to help clean up some troublesome ones! Even one that I initially thought was gone.. until it reinstalled itself soon as i connected to the internet.

Wheelie
11-06-2009, 06:56 PM
I stay away from programs that have limited or no reputation. I would be very concerned about using a product like this on a customer's PC. You could be infecting the machine. If anyone has any reputable references on this product please post ... such as who wrote the program? Is he/she trustworthy?

Stick with a known quantity: i.e. manual removal, Spybot, Malwarebytes, ComboFix, etc.

BTW - Malwarebytes and ComboFix are phenomenal ....

AtYourService
11-11-2009, 03:30 AM
i finally got to test it on alpha antivirus , didnt remove it
and when i posted on his blog that it didnt work , the comment was either deleted or not approved :confused: