How to Eliminate Trojan:JS/FakePAV Manually

Is your computer suffered from Trojan: JS/FakePAV? Have tried every antivirus softwares but none of them work? This nasty virus needs to be manually removed out of your computer.

Trojan:JS/FakePAV Virus Information

Trojan: JS/FakePAV is a nasty Trojan virus that always comes with Trojan: Win32/FakePAV. Your computer system will definitely be in high risk when being infected by this virus. Ways to distribute mainly through spam emails. You may not notice if it’s a spam email or not at first, because all the hacked emails are sent by a normal contact user. But it is actually a hijacked mailbox. Even if you do a scan as always when downloading attachments from emails, you will be reported that they are safe files or programs. But they are not and now your computer has been infected. As mentioned before, no antivirus software can remove it completely. When you think you have removed Trojan: JS/FakePAV out, it will just come back every time you reboot your computer. And what’s worse, the Trojan changes every time. Once being infected with Trojan: JS/FakePAV, this rogue will capture your personal information to a remote hacker so that cyber criminals could have your bank account numbers, private documents and passwords. It is advised to eliminate it without any delay.

Trojan: JS/FakePAV Virus Symtoms

a. There will be lots of annoying pop-up ads and fake security alerts;
b. It will block your access to the Internet and redirect everything you do on your browser to malicious web pages;
c. It will slow down the whole system speed or even cause system crash down;
d. Antivirus programs on the computer will automatically be shut down;
e. It may come with additional viruses and malware to further damage your computer;
f. Your private and critical information may be captured a remote host who will use them in Internet crimes.

Guides on Manually Removal

It is suggested that you manually remove this Trojan: JS/FakePAV out of your computer since some non-upgraded antivirus applications cannot even detect it. And in case that any mistake might occur and cause unpredictable damages, please spend some time on making a backup beforehand. Then follow these steps given as below:

1. Reboot the infected computer and get into safe mode with networking. When you have pressed the restart button, please keep pressing F8 on your keyboard until a black screen with several commands appears. Then use the arrow keys to select “Safe Mode with Networking” and press E/ENTER;
2. Press Ctrl+Alt+Del keys on the keyboard to open the Windows Task Manager;

3. Search for the following files and delete all generated by Trojan: JS/FakePAV:
%AllUsersProfile%\{random}
%AllUsersProfile%\Application Data\.dll
%AllUsersProfile%\Application Data\.exe
C:\Documents and Settings\admin\local settings\temp\random.exe
C:\Documents and Settings\admin\local settings\temp\random.tmp.bat

4. Open Registry Editor and put Regidit in the search programs and files blank and then click search. Remove all these following registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “.exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Trojan: JS/FakePAV
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\[random]
HKEY_LOCAL_MACHINE\SOFTWARE\Trojan: JS/FakePAV

5. Reboot the computer again to get into the normal mode and check if everything works properly.

Video Shows You How to Safely Modify Windows Registry Editor:

Note: If you don’t have much computer background knowledge and are not able to remove it following the steps mentioned above, please contact YooCare professionals for a fast and full removal.

Published by on May 14, 2012 5:39 am, last updated on November 13, 2012 6:13 pm

Leave a Reply

Problems with your PC, Mac or mobile device?

Live Chat Now

Thanks for using YooCare Services!

Here're some of the support team members who are passionate about their works and support our customers 24/7.

As Seen On