System Removal
Please don't fall for the System Removal scam. System Removal is fake anti-virus software, which uses some pretty ridiculous scare tactics and fake interfaces in order to try to scare people into paying money to remove nonexistent threats from their PCs. How can you be sure that what is infecting your computer is System Removal? You'll see hideous pink windows and warnings about your browsing history that can "break your life.
Symptoms Caused by System Removal
System Removal would almost be laughable if System Removal wasn't so malicious. After all, its fake scanner interface uses a weird, pink color scheme that sticks out like a sore thumb, its name doesn't make any sense, and System Removal contains security warnings that are absurd on a grandiose scale – and which were apparently written by someone with a tenuous grasp of English, at best. Nonetheless, System Removal is dangerous, and System Removal needs to be treated with caution. The symptoms of this pink monster include:
- The phony System Removal interface loads every time Windows starts, and it pretends to run scans of your computer. These scans always turn up lists of results, and System Removal will tell you that the only way System Removal can remove the threats System Removal found is for you to pay for a System Removal license online.
- Alerts frequently pop-up, sometimes from the system tray, warning of imminent security threats. These alerts urge you to pay for a license or activation for System Removal in order to deal with these supposed threats.
- You are unable to open any other program, including any real anti-virus software you might have. System Removal will prevent all other applications from running, under the false pretense that they are malicious or infected.
- Your desktop wallpaper is changed to a blue and red warning, in barely cohesive English, about how everything you ever do on your computer or on the Internet is available to everyone you ever knew, which can – direct quote – "break your life!" (Please, don't believe that warning!).
Obviously, System Removal is incapable of actually scanning for threats, and System Removal can't clean up your system. Furthermore, some of the claims that System Removal makes in order to try to scare you, such as the "break your life" message on your desktop wallpaper, are flat-out false. There is no good reason to pay for a "license" for System Removal, since System Removal is incapable of doing anything beneficial or useful.
How, and Why, System Removal Infects so Many Computers
System Removal and its malware relatives have caused huge numbers of infections, even on computers that seem to be very well protected by anti-virus software, properly updated programs, and defensive Internet settings. This is because malware in System Removal's family relies heavily on fake program updates in order to trick users into voluntarily downloading a Trojan that actually does the dirty work of setting up the fake anti-virus software. In particular, this family of malware favors fake Flash updates from third-party sites. For example, one common method of infection is for a malicious link to be included in a spam email or spam social networking post, and the link takes the user to a site for a video that supposedly requires a Flash update in order to be viewed. If the user agrees to download the phony update, that is when the Trojan that supports System Removal is downloaded. The Trojan sets up System Removal, the registry is altered to make sure that System Removal runs when Windows starts, and then the System Removal malware is active.
System Removal History and Mutations
System Removal is part of a Russian malware scam that goes back at least to 2009, with relatively minor changes to the core malware over that time. Most of this related, or even cloned, malware uses the same awful pink interface as System Removal, although a handful of rogue anti-virus programs in the family use a blue interface with the same layout and design. System Removal is a mutation of the same malware that is known as System Tool, System Tool 2011, PC Tool 2011, System Security, Total Security, Total Security 2009, Total Security 4.52, and Windows Smart Security. Infection rates with malware in the System Removal family have been on the rise since the beginning of 2011.
File System Details
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | c:\Documents and Settings\All Users\Application Data\[RANDOM CHARACTERS]\[RANDOM CHARACTERS] | N/A |
| 2. | c:\Documents and Settings\All Users\Application Data\[RANDOM CHARACTERS] | N/A |
