Rogue viruses are a type of malware that pretend to be system optimization or Anti-Virus programs. They start off by alerting you to faults or viruses in your computer and offer to fix the errors or remove the viruses; usually asking you to pay for their service. Unfortunately, the virus the are alerting you to is a hoax. The only virus is the program itself that is telling you that you have a virus!
Most Rogues will ask for a small amount of money, usually between 20 and 60 dollars. They ask for a modest amount of money to make them appear more likely to be legitimate anti-virus programs to the user. This allows them to stay below the radar, since large financial transactions are easier to trace.
A few examples of Rogue viruses are the Windows Recovery and Anti-Virus+ viruses. These viruses vary on their removal methods, but most can be taken care of with a combination of the RKill and Malwarebyte’s Anti-Malware Anti-Virus software. Many of these viruses also have some blow-back after they are removed – like hidden folders, exe files not opening, not being able to change your desktop wallpaper and key administration tools like task manager, command prompt and gpedit being disabled. Additionally, Rogue viruses often bring other viruses with them. They will use these other viruses as launchers, such as the Alurean rootkit that the Windows Recovery virus uses.
A guide written by Grinler on Bleeping Computer is listed below and is a great guide for removing Rogue viruses. It is targeted at the Windows Recovery virus in particular but the removal method is very much the same. If you have problems with not being able to open programs you can also try following the Microsoft Support article below.
As we always say, viruses are very real and very easy to catch if you’re not safe with your internet browsing habits. In all situations make sure you have a recent backup copy of your data because you can never be too safe.
Pictures of fake anti-virus programs that are actually infections on a computer: