Saturday, July 3, 2010

AV Security - Rogue Antivirus

AV Security is the latest rogue antivirus program to invade and intimidate people into believing they're infected, and that buying the product is the only way to clean the computer. If this pops up on your computer, do NOT click on it, and do NOT buy it. Stop and clean it now before it goes further, requiring a complete reinstallation of the computer.

How to Clean
A quick Google search will reveal much advice on how to clean out AV Security. There is no one sure way to completely remove all traces of it and the others it's brought in short of a complete wipe and reinstallation. However - if you're lucky - running a few cleaners will get you back in business.

The Security Tango procedure (thanks, Nick Francesco) at http://securitytango.com/ will go a long way to cleaning out the bad stuff. It's long and detailed, and will take up most of your weekend. If you skip steps you will regret it sooner rather than later.

A quick way to regain use of the computer (NOT a full fix) is to boot into Safe Mode with Networking, then update and run CCleaner, Malwarebytes and SUPERAntiSpyware. Find them all at http://www.download.com/ or http://www.filehippo.com/

How Did I Get This?
There are many ways to trigger this rogue antivirus. It can come through email, particularly forwarded email when you click on a link to go see the pretty picture or read the joke. It can happen when you visit a web site with an infected banner ad.

How Do I Keep From Getting It Again?
The best protection against rogue malware is to be aware and to keep your antivirus/antispyware protection up-to-date. If you see a popup from a program you don't recognize, stop what you're doing and investigate. Put it into a Google or Yahoo search box and see what others are saying about it.

The best thing you can do for yourself and friends and family is to not forward chain letters/forwards/petitions/jokes/screensavers/pretty pictures. Write an original email yourself, and put multiple recipients in the BCC line so their email addresses cannot be harvested by scammers.  More on this next time.

More help
http://www.bleepingcomputer.com/virus-removal/remove-av-security-suite

http://www.2-spyware.com/remove-av-security-suite.html

I would not advise installing any repair programs other than the ones I've mentioned above. There are many programs puporting to help you, when in fact, they're the problem in the first place - just like AV Security.

No comments: