Attentive Antivirus Rogue Interface

Attentive Antivirus is a rogue AV utility that belongs to the Rogue.WinWebSec group of fake anti-virus programs. And just like other fake anti-virus programs, Attentive Antivirus masquerades as legitimate program, but in reality it only displays artificial security warnings and system scan results that are filled with non existent threats. Attentive Antivirus circulates through malicious websites and infects unsuspecting website visitors through exploits and vulnerabilities in their operating system and installed software. Website visitors may be tricked into clicking on security warnings from fake online scanners that state that they are infected and also prompts them to install the rogue anti-virus program.

Once installed, the rogue program modifies configuration files so that it starts once the user logs into their Windows account. After Attentive Antivirus starts, it performs a scan of the compromised system and then states that numerous infected files and registry entries have been found on the computer. Any attempts to remove the detected threats that this program displays will be met with a prompt to purchase a license for the rogue program before the threats can be removed. It's all a scare tactic. So don't try to purchase it. If you do, you'll be placing your credit card and personal information at serious risk.

How To Remove Attentive Antivirus From Your Computer

Since the fake Anti-virus may hinder your attempts at downloading software on the compromised computer, you will need to download the software listed below on a clean computer and then transfer it to the infected system  on a burned cd/dvd.

  1. To begin restart the infected computer into “Safe Mode with Networking” by pressing the “Function F8” at system start up, before the “Windows” logo appears.

  1. At the login screen, select the user account that was in use when the rogue program was first observed. You could also use another account that has administrative rights.
  2. Once you’re logged in, navigate to the external media with the needed removal utilities and execute “rKill” by clicking on it’s executable. It will terminate any malicious processes that are running in your computer’s memory.
  3. After Rkill has completed, execute the copy of “Emsisoft Emergency Kit” by clicking on it’s executable.
  4. After it has been decompressed, click on “Start.exe” and then click on “Emergency Kit Scanner”.

  1. Next update the kit by clicking on “Update Now”.

  1. Next, perform a deep scan of your computer with the emergency kit.

  1. Once the deep scan completes,  quarantine any malicious files and entries that it locates.
  2. Next, reboot the computer normally.

At this stage your computer should be clear of the Attentive Antivirus infection. If there are still signs of the infection, use one of our more aggressive malicious software removal guides to remove the infection, such as our Ice Cyber Crime Center Ransomware removal guide.

Attentive Antivirus added files:








Attentive Antivirus added registry entries:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “[random]″ = “%CommonAppData%\[random]\[random].exe

Smith Technical Resources makes no guarantees or claims that the information contained in this article will help you completely remove the above listed malicious program(s) from your computer.  There are several variations of each particular virus in the wild . And the procedure listed above may not be adequate for the specific version of the virus that your computer has been compromised by.

If you feel uncomfortable performing any of the procedures that we've listed on this page, please contact a professional computer repair company in your area and have them complete the needed repairs on your computer. Smith Technical Resources takes no responsibility for any possible damage that could result from your use of the above instructions.

Windows XP Advanced Options Menu

© 2013 All Rights Reserved. Website Privacy Policy. Site Map

Emsisoft Emergency Kit Interface Emsisoft emergency kit screen Emisoft emergency kit scan pc options screen.
Share on Twitter Share on Stumble Upon Share on Digg Share on Delicious

Providing cost-effective local computer repair and network support in the middle Tennessee area

Phone (615)596-2592

Remote Access Portal

Remote Access Icon
Home About Us Onsite Services Online Services Self Help Pricing Blog Inquiries

You may also be interested in the following tutorials: