Tuesday, July 31, 2012

Get rid of a fake antivirus

Have you ever heard a fake antivirus? A fake antivirus is a program that has a look just like a real antivirus. An Example of a fake antivirus is a program named Windows Basic Antivirus. This program shows you a fake warning. The warning said that your computer was infected by viruses but actually was not. Windows Basic Antivirus is a kind of virus named Gen.variant.Zusy.905. These are the steps to get rid of it:
1. Enter Windows in save mode
2. Disable "System Restore" if  you have Windows XP/Vista/7 as an operating system
3. Clean your computer with a real antivirus
4. Repair Windows registry by making a file with notepad.
    Open your notepad then type the script below, if you've finished typing, save it as REPAIR.INF.




    HKLM, Software\CLASSES\batfile\Shell\open\command,,,"""%1""%*"
    HKLM, Software\CLASSES\comfile\Shell\open\command,,,"""%1""%*"
    HKLM, Software\CLASSES\exefile\Shell\open\command,,,"""%1""%*"
    HKLM, Software\CLASSES\piffile\Shell\open\command,,,"""%1""%*"
    HKLM, Software\CLASSES\regfile\Shell\open\command,,, "regedit.exe"%1""
    HKLM, Software\CLASSES\scrfile\Shell\open\command,,,"""%1""%*"

    HKCU, Software\Microsoft\Windows\CurrentVersion\Run, Inspector

5. Go to Folder Options. Choose option  "Show hidden files and folders", uncheck option "Hide extension for known file types", also uncheck option "Hide protected operating system files (Recommended)".

6. Delete these files made by viruses:
    a.  Protector-pma.exe (located in C:\Documents and Settings\%user%\Application Data\)
    b.  result.db (located in C:\Documents and Settings\%user%\Application Data\)
    c.  Windows Basic AntiVirus.Ink (located in C:\Documents and Settings\%user%\Desktop\)

7. Re scan with an updated real antivirus program.



  1. Nice post ....
    very informative blog updates .
    Thanks for share How to install XP

  2. Nice post ....
    very informative blog updates .
    Thanks for share How to install XP