I was shopping online and Symantec detected a virus called Trojan.FakeAV. It quarantined the virus but for some reasons my computer was messed up. I got tons of ads whenever I was online and the computer worked extremely slow. So is the virus still in my computer? I’ve never had such problem before. How do I completely get rid of the virus and make my computer work as usual?
Trojan.FakeAV is categorized as a Trojan that can infect your computer without your knowledge and be able to spy on infected computer, leak data, download and install rogue programs from a server. It comes into the computer via many ways such as from spam emails that contain links or attachments, or blogs and forums that are spammed with links to adult video. If you have ever visited porno websites or other malicious website, then your computer will be easily attacked by this virus. Although in many cases, it can be caught by antivirus program, but it is hard to be removed completely. It is not surprised that every time you’ve removed the virus, it comes back in the next day. Normally this Trojan is used to distribute malware or fake antivirus programs. After it is downloaded, it will dropseveral malicious files and create a couple of folders under Application Data folder, making users get confused about how to distinguish and find out from all the legal system files. Thus, the removal becomes so complicated. Manual removal is recommended to handle this stubborn Trojan.
Now computers running with Windows XP, Windows Vista, Windows 7 or Windows 8 are the main targets of this Trojan because Microsoft Windows computer is globally used in individual, educational institutions, up to known organizations. If the virus sneaks into your computer, it is likely that fake antivirus program is also placed on your computer at the same time. It will run a fake scan and then tell you that your computer has been seriously infected with various viruses, you have to pay the full version of the rogue program in order to get rid of those non-existent infections. The user is continually prompted to pay for the software using a credit card. Therefore, this Trojan can only put your computer security and privacy in high risk. Furthermore, this virus takes up high resources and strikingly slows down your computer speed and even causes your computer stuck frequently. Hence, you must get rid of Trojan.FakeAV once upon detection.
1. This virus slows down your computer speed which makes you in a trouble while opening program and surfing Internet. It takes forever to open a program or website.
2. Antivirus you have installed keeps popping up messages while you are surfing on the internet showing you the computer is at risk but you can’t get rid of it all.
3. This virus will shut down your other anti-virus and anti-spyware programs. And it will also infect and corrupt your registry, leaving your computer totally unsafe.
4. This virus will disable the proper running of many different programs or even disable some functions of your computer.
5. System restore can’t help to remove this trojan completely.
1. End the malicious process from Task Manager.
Once Trojan.FakeAV is installed, computer user may notice that CPU usage randomly jumps to 100 percent. At any time Windows always has many running processes. A process is an individual task that the computer runs. In general, the more processes, the more work the computer has to do and the slower it will run. If your system’s CPU spike is constant and remain at a constant 90-95%, users should check from Task Manager and see if there is a suspicious process occupying the system resources and then end it immediately.
(The name of the virus process can be random.)
Press Ctrl+Shift+Esc to quickly bring up Task Manager Window：
2. Show hidden files and folders.
Open Folder Options by clicking the Start button, clicking Control Panel, clicking Appearance and Personalization, and then clicking Folder Options.
Click the View tab.
Under Advanced settings, click Show hidden files and folders, uncheck Hide protected operating system files (Recommended) and then click OK.
3. Open Registry entries. Find out the malicious files and entries and then delete all.
Attention: Always be sure to back up your PC before making any changes.
a. Press the “Start” button and then choose the option “Run”. In the “Open” field, type “regedit” and click the “OK” button.
b. All malicious files and registry entries related to Trojan.FakeAV that should be deleted:
Trojan.FakeAV is a malicious Trojan that breaks into the target computer by exploiting software vulnerability and runs in the background to wreak chaos on the infected machine. Once inside, it causes lots of destructive problems on your computer. You may have noticed that the CPU occupancy rate is very high, which often causes computer stuck problem and program no responding problem. Also whenever you browse online, you will receive numerous pop-up ads on your browser and you are not able to close or minimize those pop-up windows. Watch out! This virus also can modify system settings and gather your confidential data in the background, and then it transfers to the remote hackers without your knowledge. As a result, your bank account information and email password will be exposed. There is no reason for you to keep this Trojan in your computer. On the contrary, you have to get rid of Trojan.FakeAV from your computer as quickly as possible.
Note: If you are not knowledgeable enough to be able to distinguish the location of this virus, or you are afraid of making mistake during the manual removal, please contact experts from Yoocare Online Tech Support for further help.
Published by & last updated on September 22, 2014 10:42 am