Wednesday, 18 April 2012

Remove Malware Belonging to The Family FakeVimes (Uninstall Guide)

FakeVimes is a family of rogue antivirus programs that pretends to scan your computer for malicious software and constantly generates fake security alerts claiming that you are infected. It reports fictitious infections and detects files that do not even exist on your computer as malicious or potentially dangerous. Then the rogue anti-virus program informs that you need to pay money to register the software in order to remove these non-existent threats. FakeVimes has been all over the web recently. We've seen some well executed attacks on social networks and popular forums that lead to rogue anti-virus programs that belongs to the FakeVimes family. Most of the time, scareware is distributed through the use of fake online virus scanners titled Windows Antivirus 2012 but of course there are other means of distribution as well. In fact, their most popular tactics "Your computer is infected - buy our superb antivirus programs" do not work so well anymore, so they apparently decided to diversify into other markets, spamming Twitter for example.

This is a typical FakeVimes GUI:

Cyber crooks who run FakeVimes malware campaigns change the name of their fake security product very often, almost every day. FakeVimes has been distributed with several different names when it first appeared on the web. The number of different names has been increasing steadily and now we have more than 80 different variants of FakeVimes scareware. However, the graphical users interface hasn't change much since it was released back in 2010.

Fake security alerts are all the same as well. They didn't change much. Here's an example of what a typical fake security alert looks like:

Once installed, this fake security product alters Windows Hosts file to redirect search results, displays fake security warnings or dialog boxes and blocks certain apps on the infected computer, including most of the legitimate and well know antivirus programs. For this reason, some users may find it difficult to properly remove this scareware from infected computers. To remove rogue antivirus program belonging to the family FakeVimes, please follow the removal instructions below. Note, it doesn't matter how the rogue program calls itself. Windows Guard Solutions, Windows Safety Manager, etc. It doesn't matter, they are all the same. If you need  further assistance with this issue, please leave a comment below. Good luck and be safe online!

FakeVimes removal instructions:

1. Click the question mark icon as show in the image below and select Activate Now.

2. Enter the following debugged registration key and click Register to register the rogue antivirus program. Don't worry, this is completely legal since it's not genuine software.


3. Download and run TDSSKiller. Wait for the scan and disinfection process to be over.

4. Download recommended anti-malware software (Spyware Doctor) and run a full system scan to remove FakeVimes scareware from your computer. That's it!

Tell your friends:

No comments:

Post a Comment