How do I use the ESET Rogue Application Remover (ERAR)?KB Solution ID: KB3035 |Last Revised: July 7, 2015
- Your computer is infected with a rogue application (for example "Internet Security Pro")
- A rogue application has made undesired changes to your registry
See below for a list of messages you may receive when using ESET Rogue Application Remover and the recommended action to resolve each:
Would you like to perform a reboot? Please run the scanner thereafter!
In some cases it may be necessary to restart your system to remove resilient threats. Reasons for restarting include performing advanced detection using the boot scan, deletion of a file that requires a restart or the detection of a suspicious application. Do not forget to save important documents/data before restarting.
Would you like to submit a report/ previously unsent report/ event log to ESET Live Grid?
The Live Grid™ Early Warning System collects data that ESET users have submitted worldwide and sends it to the ESET Virus Lab. Click to learn more about ESET Live Grid.
Do you want to open the website now?
You may be prompted before opening a website that could exploit a security issue recognized by your ESET product. To make sure that you are maintaining a high level of system security make sure that your ESET product has the latest virus signature database. If you suspect that your system is infected, visit our Knowledgebase article on preliminary malware troubleshooting.
Cannot reboot windows. Please reboot your computer manually!
Restart your system and perform an in-depth scan.
Minimum supported operating system is Windows XP
Upgrade your operating system.
Cannot grant required privileges!
Try running the tool using the Administrator account.
Please use 64-bit application version!
Download the 64-bit version of ESET Rogue Application Remover.
Internet connection is inactive!
We recommend that you check your Internet connection. Some features of ESET Rogue Application remover are only available on systems with an active internet connection.
- Download the ESET Rogue Application Remover by clicking the appropriate link for your system version below. Which version of Microsoft Windows do I have?
- Save the file to your Desktop. When the download completes, navigate to the file, right-click it and select Run as administrator.
- Click Accept to accept the End-User License Agreement (EULA).
- Press any key on your keyboard to exit the tool.
Running the ESET Rogue Application Remover (ERAR) from the command prompt
- Click Start → All Programs → Accessories. Right-click Command Prompt and choose Run as administrator from the context menu.
- Windows 8 users: Press the Windows key + Q to open an app search and type cmd into the Search field. Right-click the cmd application when it appears in results and select Run as administrator from the context menu.
- Type CD Desktop and press Enter.
- Type ERARemover_x86.exe (or ERARemover_x64.exe if you previously downloaded 64-bit version of ERAR) to run the tool. A new window will open in which the tool will execute.
- Follow the on-screen directions to complete the scan.