I have seen an increase of Fake antivirus and security software, even PC’s and Laptops with Nortons and Mcafee products installed.
My standard fix which works in most cases is to boot to safe mode F8 and run Spybot Search and destroy. This normally finds the culprits, you may need to run a couple of times to make sure it is clean.
Run your AV product with latest updates just to make sure.
The dangerous bit for those that know what they are doing!!
I have had some which are more reluctant this normally involves using booting into windows and using Msconfig from the run box, check the startup tab, this displays all items that are set to run at startup via the registry.
I normal use this method when I have a hidden process that refuses to stop and keeps on recreating its self.
Look at the list for an entry that appears to be a random selection of letters and numbers, untick and apply. Wait a few seconds and refresh the startup list to see if another entry appears the same as the one unticked. If a new entry doesn’t appear then re tick, if a new entry appears you may have found the culprit start file.
I then normally go into safe mode and uncheck the file.
This is just my thoughts and don’t provide the full picture these are just some steps I take on the route to cleaning a pc / laptop.
Flash 0-day in the wild – patch now!
5 hours ago