Advanced Virus Remover is one of many fake antivirus applications like Antivirus Live or Internet Security 2010, which are really just rogue viruses that hold your computer hostage until you pay the ransom money. They tell you that your PC is infected with loads of viruses, even though it’s the only virus on your computer. The biggest problem with these things is that they block you from doing almost everything—you can’t use task manager, Safe Mode, or even install a real malware removal tool.
This thing just covers your PC with messages about viruses that they claim you have as shown in this screen shot:
There are popups, messages, and just dozens of windows that open as shown below:
Their goal, of course, is to get you to pay them.
Advanced Virus Remover is tricky… if you open an application more than once, it’ll block you from opening it again, preventing you from installing any anti-malware tools. You note that it also changes your wallpaper.
Advanced Virus Remover also prohibits you from heading into Safe Mode, where you at least might have a better chance of getting rid of it.
Steps to take for Removing Rogue Fake Antivirus Infections
Carry out the following steps to get rid of the majority of rogue antivirus infections, and actually most malware or spyware infections of any type:
- Try to use the free, portable version of SUPERAntiSpyware to remove the viruses.
- If that doesn’t work, reboot your PC into safe mode with networking (use F8 right before Windows starts to load)
- Then use the free, portable version of SUPERAntiSpyware to remove the viruses.
- Reboot your PC and go back into safe mode with networking.
- If that doesn’t work, and safe mode is blocked, try running ComboFix.
- Install MalwareBytes and run it, doing a full system scan. .
- Reboot your PC again, and run a full scan using your normal Antivirus application preferably Microsoft Security Essentials.
- At this point your PC is usually clean.
Steps To Remove Advanced Virus Remover
(1) Grab the free, Portable edition of SUPERAntiSpyware and put it on a flash drive (from another computer).
(2) Then open it up on the PC, making sure to run the scan immediately. Don’t close it and reopen it, or Advanced Virus Remover will figure out what you’re doing and block you.
(3) Once it’s all done, it’ll get rid of the Advanced Virus Remover .
(4)Then you’ll be prompted to reboot, which you should do.
What To Do If Advanced Virus Remover Blocks SUPERAntiSpyware
If you have an issue running SUPERAntiSpyware, you can try and use the following technique. Open up the Windows Run box with the Win+R shortcut key, or through the start menu. Then type in the following commands, hitting enter after each one.
(a) taskkill /f /im winupdate86.exe
(b) taskkill /f /im winlogon86.exe
Note that this may or may not help… the goal is to try and shut down the processes that are blocking you, and malware changes filenames all the time. You can also open up Windows Explorer, head into the Windows\System32 folder, and try and locate the bad processes there, then use the taskkill command to get rid of them.
Clean up the Leftovers if any
Since a single anti-malware tool may not be completely effective, you can try running multiple passes from multiple malware removal tools. You can run a second pass with the free edition of Malwarebytes Anti-Malware.