Skip to main content

Don't be an April Fool! Beware of FakeAV!

April 1, 2011 by Sara Nagreen

Don't be an April Fool!  Beware of FakeAV!

We've been seeing a large increase in the number of fake AV infections on PC computers here at the university.  If you don't know what this is, don't be fooled! 

If you are clicking away on the internet, and suddenly a virus warning pops up, be suspicious!

  • The best thing you can do is try to click the red X in the upper right hand corner to close it.  Don't click in any other place, especially the "cancel" buttons that they've provided. 
    • The upper right X button might not work either, but it's the best shot you have for closing it.
    • If you are able to close the window with the red X, IMMEDIATELY run an Symantec scan. 
    • If you are able to do the Symantec scan, download and run Malwarebytes.  http://www.malwarebytes.org/
    • If you are unable to close it with the red X, can you do a control+alt+delete to end task it?  If so, do the scans mentioned above.
  • This type of infection can do very harmful things to your computer's data, and put your entire computer at risk.  Have you run your Identity Finder scan to make sure you don't have sensitive data on your machine?  This you can do BEFORE you get infected to help identify any items you might have that are vulnerable. 
  • This type of infection also redirects URLs.  For example, symantec.com might redirect to a website specifically for the "rogue" antivirus that has been installed.  If you are having problems with strange popups or urls that you didn't mean to go to, you need to think about getting help for a virus infection.
  • This type of infection can also keep you from being able to open programs and documents on your machine.  If you can't do anything you'd normally do, you need to get help for a virus infection.
  • Do not EVER give your credit card or paypal information to a site to purchase online security software that randomly pops up on your machine.  This virus is simply a means of selling infectious software under the guise of an antivirus program.
  • If DoIT tells us you are infected, we might even remove you from the internet temporarily so we can get your computer clean again.  Problems with network connectivity?  You might want to check with us so we can find you faster.

Where to get help?

  • Contact us for help with university owned computers.  We can step through various steps to remove the virus, often in a few minutes.  It may take longer, depending on the type of infection.
  • Contact the DoIT Help Desk (4-HELP) for help with personally owned computers.  They'll help you remove the virus for free.  In fact, even if they have to work on it in person, they'll usually help you for free.  If the machine is too badly infected to completely fix in a short time, there may be a small charge involved.  It's a better alternative than struggling with a misbehaving computer.
Premium Drupal Themes by Adaptivethemes