Thursday 23 September 2010

More Fake Antivirus

More Fake antvirus

Have recently had a few laptops thru with a fake antivirus appearing on the screen, on the most recent case I found I could start spybot search and destroy and AVG scanning prior to the Fake av process starting.

Spy bot found some threats, which I removed and AVG found the Fake AV threat which was removed and cleaned up.
So if you have a fake av product appear, restart the PC / Laptop.
As soon as the system will let you set your real Antivirus to scan. The fake av screens may appear but hopefully your antivirus is doing a full scan.

Just to make sure I would normally boot to safe mode and scan again.

With the system logged in normally make sure all windows updates are applied and Antivirus updated.

Remember be very careful where you surf and which emails you open.

Wednesday 1 September 2010

Fake Antivirus and security software removal tips

I have seen an increase of Fake antivirus and security software, even PC’s and Laptops with Nortons and Mcafee products installed.


My standard fix which works in most cases is to boot to safe mode F8 and run Spybot Search and destroy. This normally finds the culprits, you may need to run a couple of times to make sure it is clean.

Run your AV product with latest updates just to make sure.

The dangerous bit for those that know what they are doing!!

I have had some which are more reluctant this normally involves using booting into windows and using Msconfig from the run box, check the startup tab, this displays all items that are set to run at startup via the registry.

I normal use this method when I have a hidden process that refuses to stop and keeps on recreating its self.

Look at the list for an entry that appears to be a random selection of letters and numbers, untick and apply. Wait a few seconds and refresh the startup list to see if another entry appears the same as the one unticked. If a new entry doesn’t appear then re tick, if a new entry appears you may have found the culprit start file.

I then normally go into safe mode and uncheck the file.

This is just my thoughts and don’t provide the full picture these are just some steps I take on the route to cleaning a pc / laptop.