How to remove Vista Antivirus 2014 (Rogue)

There’s a new rogue antivirus program out there called Vista Antivirus 2014.

For those of you who do not know, a rogue antivirus program is a piece of malware that pretends to be antivirus software. It “scans” your computer and then claims your computer is infected with malware. it then demands payment for the “removal” of these “threats.”

Here is how to remove Vista Antivirus 2014:

Step #1: Reboot your computer into safe mode with networking.

To do this, turn the computer off and turn it back on.

Immediately after you press the power button to turn the computer back on, press the F8 key on your keyboard repeatedly until you come to a menu that gives you options such as Safe Mode. Use the arrow keys on your keyboard to select Safe Mode With Networking.

Step #2: To make sure that the rogue will not interfere with removal, we must run Rkill. Download iExplore.exe here: http://www.bleepingcomputer.com/download/rkill/

Step #3: Run the downloaded executable. It will open a black box, this is normal. Once the black box has closed on its own, proceed to step 4.

Step #4: Download Malwarebytes Anti-Malware from here: http://www.malwarebytes.org/mwb-download/

Step #5: Run the downloaded installer and install Malwarebytes Anti-Malware.

Step #6: Once the program is installed, it will automatically open a window. Once this window is open, click the Scan Now button on the lower right corner of the window.

Step #7: Malwarebytes Anti-Malware will now scan your computer. As this scan will take some time, I suggest you do something else while remaining in close proximity to the computer so you can check on the scan every once in a while. Once the scan is complete, proceed to step 8.

Step #8: When the scan is complete, click the show results button.

Step #9: Click Apply Actions. If Malwarebytes prompts you to restart your computer, please allow it to do so.

Step #10: Enjoy your computer which should now be free of Vista Antivirus 2014.

Advertisements

How to remove XP Protection 2014 (Rogue)

There’s a new rogue antivirus program out there called XP Protection 2014.

For those of you who do not know, a rogue antivirus program is a piece of malware that pretends to be antivirus software. It “scans” your computer and then claims your computer is infected with malware. it then demands payment for the “removal” of these “threats.”

Here is how to remove XP Protection 2014:

Step #1: Reboot your computer into safe mode with networking.

To do this, turn the computer off and turn it back on.

Immediately after you press the power button to turn the computer back on, press the F8 key on your keyboard repeatedly until you come to a menu that gives you options such as Safe Mode. Use the arrow keys on your keyboard to select Safe Mode With Networking.

Step #2: To make sure that the rogue will not interfere with removal, we must run Rkill. Download iExplore.exe here: http://www.bleepingcomputer.com/download/rkill/

Step #3: Run the downloaded executable. It will open a black box, this is normal. Once the black box has closed on its own, proceed to step 4.

Step #4: Download Malwarebytes Anti-Malware from here: http://www.malwarebytes.org/mwb-download/

Step #5: Run the downloaded installer and install Malwarebytes Anti-Malware.

Step #6: Once the program is installed, it will automatically open a window. Once this window is open, click the Scan Now button on the lower right corner of the window.

Step #7: Malwarebytes Anti-Malware will now scan your computer. As this scan will take some time, I suggest you do something else while remaining in close proximity to the computer so you can check on the scan every once in a while. Once the scan is complete, proceed to step 8.

Step #8: When the scan is complete, click the show results button.

Step #9: Click Apply Actions. If Malwarebytes prompts you to restart your computer, please allow it to do so.

Step #10: Enjoy your computer which should now be free of XP Protection 2014.

How to remove XP Antivirus 2014 (Rogue)

There’s a new rogue antivirus program out there called XP Antivirus 2014.

For those of you who do not know, a rogue antivirus program is a piece of malware that pretends to be antivirus software. It “scans” your computer and then claims your computer is infected with malware. it then demands payment for the “removal” of these “threats.”

Here is how to remove XP Antivirus 2014:

Step #1: Reboot your computer into safe mode with networking.

To do this, turn the computer off and turn it back on.

Immediately after you press the power button to turn the computer back on, press the F8 key on your keyboard repeatedly until you come to a menu that gives you options such as Safe Mode. Use the arrow keys on your keyboard to select Safe Mode With Networking.

Step #2: To make sure that the rogue will not interfere with removal, we must run Rkill. Download iExplore.exe here: http://www.bleepingcomputer.com/download/rkill/

Step #3: Run the downloaded executable. It will open a black box, this is normal. Once the black box has closed on its own, proceed to step 4.

Step #4: Download Malwarebytes Anti-Malware from here: http://www.malwarebytes.org/mwb-download/

Step #5: Run the downloaded installer and install Malwarebytes Anti-Malware.

Step #6: Once the program is installed, it will automatically open a window. Once this window is open, click the Scan Now button on the lower right corner of the window.

Step #7: Malwarebytes Anti-Malware will now scan your computer. As this scan will take some time, I suggest you do something else while remaining in close proximity to the computer so you can check on the scan every once in a while. Once the scan is complete, proceed to step 8.

Step #8: When the scan is complete, click the show results button.

Step #9: Click Apply Actions. If Malwarebytes prompts you to restart your computer, please allow it to do so.

Step #10: Enjoy your computer which should now be free of XP Antivirus 2014.

How to remove the SimplLocker ransomware.

The SimplLocker ransomware is a piece of ransomware that infects Android devices. The issue with mobile malware seems to be evolving, as this ransomware encrypts files and stops anything else on your Android device from working correctly.

 

It informs you of what it has done via a ransom screen that demands $21 to decrypt your files and continue using your device properly.

 

The ransomware is downloaded and installed when you download something online that claims to be something else, but is actually the ransomware. This ransomware is not found on the Google Play Store.

 

Manual removal of this ransomware has proven to be a difficult task, so we are going to be using an automated app made by avast! in this removal guide.

 

Step #1: Go to http://play.google.com from your computer.

 

Step #2: Login to the Google Play Store with the same user information you use to login to your device.

 

Step #3: Search for avast! Ransomware Removal in the Google Play Store.

 

Step #4: Click on the “Install” button to install avast! Ransomware Removal to your device.

 

Step #5: After avast! Ransomware Removal is installed on your device, press avast! Ransomware Removal in the notification bar.

 

Step #6: avast! Ransomware Removal will start and provide you with further instructions.

 

Step #7: Allow avast! Ransomware Removal to scan your device.

 

Step #8: After the scan is over, avast! Ransomware Removal will remove the ransomware from your device and decrypt your files.

 

Step #9: Uninstall avast! Ransomware Removal so that you can further use your device.

 

Your device should now be free of the SimplLock ransomware. I would consider looking into a free or paid anti-malware app for your Android device if you already did not have one on your device when you got infected with the ransomware.

How to remove the Koler Android Ransomware.

This blog post will be dealing with a new kind of ransomware that infects devices running Android.

 

It infects your Android device by asking you to download an app off the internet that claims to be helpful in some way. But it is actually just the ransomware. This app can only be found online and you will not find it in the Google Play Store.

 

In order for it to actually download the ransomware, you will need to allow your Android device to download from untrusted sources. When installing the app, it will ask for permission to access system tools in some way.

 

But the best way to tell if you are infected is if you get a notice saying your device (phone or tablet) is blocked. This notice will claim to come from places such as the FBI in order to make you think that it is real.

 

The ransomware will demand a payment of $300 in order to unlock your device. It will demand this payment in the form of a MoneyPak card.

 

It is strongly advised that you do not pay the ransom. Instead, follow the following removal guide. Please note that you should read all steps before starting removal, as this ransomware will pop back up every few seconds.

 

So in other words, attempt to remove this as fast as possible.

 

Regular Removal Guide:

 

Step #1: Go to Settings.

 

Step #2: Go to Apps.

 

Step #3: Scroll down in the list of apps until you find the app responsible for the ransomware.

 

Step #4: Touch the app and hit uninstall.

 

Step #5: Go to the Google Play Store to download an anti-malware app such as Malwarebytes Anti-Malware Mobile.

 

Step #6: Launch the anti-malware app and run a scan.

 

Step #7: Remove or uninstall anything the scan finds.

 

Persistence will pay off with this, but if you find it too hard to complete this removal guide without the ransomware coming back up, we will have to remove it from safe mode.

 

Safe Mode Removal Guide:

 

Step #1: Find out how to reboot your Android device into Safe Mode. Unfortunatly, most Android device makers have different ways of booting your device into Safe Mode. And there are so many ways that I just cannot list them all in this removal guide.

 

I suggest you use your favorite search engine on a computer (like the one you are using to read this) to look for how to boot into Safe Mode for your specific device or device manufacturer.

 

Step #2: Go to Settings.

 

Step #3: Go to Apps.

 

Step #4: Scroll down in the list of apps until you find the app responsible for the ransomware.

 

Step #5: Touch the app and hit uninstall.

 

Step #6: Boot your device into the Normal Mode.

 

Step #7: Go to the Google Play Store and download an anti-malware app.

 

Step #8: Launch the anti-malware app and run a scan with it.

 

Step #9: Remove on uninstall anything the scan finds.

How to remove WIndows Internet Guard (Rogue)

Alright, there’s a new rogue making the rounds on the internet today. It’s called Windows Internet Guard.

 

For those of you who do not know, a rogue antivirus program is a piece of malware that pretends to be an antivirus program. It then scans your computer and detects threats that are not actually on your computer. It is just trying to make you purchase it.

 

Here is how to remove it:

 

Step #1: Reboot your computer. As soon as you see anything on your screen, press the F8 key.

 

Step #2: On the boot menu, choose Safe Mode with Command Prompt.

 

Step #3: Once the computer has started up, in the command prompt window, type in regedit and press enter.

 

Step #4: On the left side of the new window, navigate to the following location: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\

 

Step #5: Highlight Winlogon.

 

Step #6: Double-click Shell and clear the entry data and replace it with “explorer.exe” (without quotes)

 

Step #7: Run explorer.exe.

 

Step #8: Navigate to %appdata% and delete guard-xxxx.exe. (Please note that the “xxxx” may be just a random string of letters)

 

Step #9: Reboot into regular mode.

 

Step #10: In order to make sure that your computer is fully cleaned, we will run MalwareBytes Anti-Malware. Download it here: http://www.malwarebytes.org/mwb-download/

 

Step #11: Run Malwarebytes Anti-Malware and install it.

 

Step #12: Run a threat scan. This may take some time depending on the number of files on your computer. So I suggest that you go do something else while you are waiting for the scan to finish.

 

This may be a good time to watch a 30 minute show you’ve been meaning to see, or finish that good book you have been reading that you just cannot seem to put down.

 

Step #13: Once the scan is done, click OK on the dialog box in order to see the results.

 

Step #14: Should it find anything, click Remove Selected and allow it to reboot your computer if it asks you to.

 

Step #15: Your computer should now be free of Windows Internet Guard.

How to remove Windows Internet Watchdog (Rogue)

Alright, there’s a new rogue making the rounds on the internet today. It’s called Windows Internet Watchdog.

 

For those of you who do not know, a rogue antivirus program is a piece of malware that pretends to be an antivirus program. It then scans your computer and detects threats that are not actually on your computer. It is just trying to make you purchase it.

 

Here is how to remove it:

 

Step #1: Reboot your computer. As soon as you see anything on your screen, press the F8 key.

 

Step #2: On the boot menu, choose Safe Mode with Command Prompt.

 

Step #3: Once the computer has started up, in the command prompt window, type in regedit and press enter.

 

Step #4: On the left side of the new window, navigate to the following location: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\

 

Step #5: Highlight Winlogon.

 

Step #6: Double-click Shell and clear the entry data and replace it with “explorer.exe” (without quotes)

 

Step #7: Run explorer.exe.

 

Step #8: Navigate to %appdata% and delete guard-xxxx.exe. (Please note that the “xxxx” may be just a random string of letters)

 

Step #9: Reboot into regular mode.

 

Step #10: In order to make sure that your computer is fully cleaned, we will run MalwareBytes Anti-Malware. Download it here: http://www.malwarebytes.org/mwb-download/

 

Step #11: Run Malwarebytes Anti-Malware and install it.

 

Step #12: Run a full scan. This may take some time depending on the number of files on your computer. So I suggest that you go do something else while you are waiting for the scan to finish.

 

This may be a good time to watch a 30 minute show you’ve been meaning to see, or finish that good book you have been reading that you just cannot seem to put down.

 

Step #13: Once the scan is done, click OK on the dialog box in order to see the results.

 

Step #14: Should it find anything, click Remove Selected and allow it to reboot your computer if it asks you to.

 

Step #15: Your computer should now be free of Windows Internet Watchdog.