Windows AntiVirus Booster is a new fake antispyware program from the family of Win32/FakeVimes rogues. It is distributed through the use of trojans that come from fake online anti-virus scanners and various misleading web sites that prompt you to download and install a fake “flash player update” required to watch a video online.
Once installed, the rogue will configure itself to run automaticaly every time when Windows loads. Next, Windows AntiVirus Booster will start a “system scan” and detect a lot of infections to trick you to buy the paid version of the program, in order to remove these reported infections. Important to know, all of these infections are a fake and do not actually exist on your computer. So you can safely ignore the scan results that Windows AntiVirus Booster gives you.
While this malware is running, it will display various security alerts. Some of the alerts are:
Trojan activity detected. System integrity at risk. Full system scan is highly recommended.
Warning! Identity theft attempt detected
Hidden connection IP: xx.xxx.xxx.xxx
Moreover, the malicious program may block legitimate Windows applications claiming that they are infected. Thus, you will be unable to run some programs, including antivirus software. Of course, like false scan results above, all of these alerts and messages are just a fake. All of them are created in order to convince you that you must purchase the full version of Windows AntiVirus Booster and, thus, fix the entire system. So, you can safely ignore the fake warnings and alerts.
As you can see, all Windows AntiVirus Booster does is fake and you should stay away from the malicious application! If your PC has been infected with the rogue, then ignore all it gives you and follow the removal instructions below in order to remove Windows AntiVirus Booster and any associated malware from your computer for free.
Windows AntiVirus Booster removal step by step instructions
The rogue will not allow you to run a malware removal tools, then you will need to reboot your computer in Safe mode with Command Prompt.
Restart your computer. After hearing your computer beep once during startup, start pressing the F8 key on your keyboard. On a computer that is configured for booting to multiple operating systems, you can press the F8 key when the Boot Menu appears.
Instead of Windows loading as normal, Windows Advanced Options menu appears similar to the one below.
Windows Advanced Options menu
When the Windows Advanced Options menu appears, select Safe mode with Command Prompt and then press ENTER.
Once Windows loaded, command prompt (black window) opens. In the command prompt type explorer.exe and Press Enter. Your desktop will now appear. Run Notepad and write the text below to Notepad:
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“GuardSoftware” =-[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
“Shell”=”explorer.exe”
Save this as fix.reg to your Desktop (remember to select Save as file type: All files in Notepad.)
Double Click fix.reg and click YES for confirm.
Reboot your computer in Normal Windows mode.
Now you should download Malwarebytes Anti-malware and remove all Windows AntiVirus Booster associated malware.
Download MalwareBytes Anti-malware (MBAM). Close all programs and Windows on your computer.
Double Click mbam-setup.exe to install the application. When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing, make sure a checkmark is placed next to Update Malwarebytes’ Anti-Malware and Launch Malwarebytes’ Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded you will see window similar to the one below.
Malwarebytes Anti-Malware Window
Select Perform Quick Scan, then click Scan, it will start scanning your computer for Windows AntiVirus Booster infection. This procedure can take some time, so please be patient.
When the scan is complete, click OK, then Show Results to view the results. You will see a list of infected items similar as shown below. Note: list of infected items may be different than what is shown in the image below.
Malwarebytes Anti-malware, list of infected items
Make sure that everything is checked, and click Remove Selected for start Windows AntiVirus Booster removal process. When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.
Your system should now be free of the Windows AntiVirus Booster virus. If you need help with the instructions, then post your questions in our Spyware Removal forum.
Windows AntiVirus Booster removal notes
Note 1: if you can not download, install, run or update Malwarebytes Anti-malware, then follow the steps: Malwarebytes won`t install, run or update – How to fix it.
Note 2: your current antispyware and antivirus software let the infection through ? Then you may want to consider purchasing the FULL version of MalwareBytes Anti-malware to protect your computer in the future.
Note 3: If you follow this guide above to remove Windows AntiVirus Booster let us know how you managed by sending us your comments please.
Thank-you