This in via PC World: Fake anti-virus product Total Security, once installed, will disable all applications except the browser, claiming the computer is “infected” and keep the computer frozen until the owner pays for their “fix.” This works by disabling your actual security product, and then reinstalling itself in a slightly different form when you attempt to remove it using traditional means. Read the full story on the PC World link above.
The best defense I’ve found against the Fake AV exploit is this: when you start to get the pop up flood of “your computer is infected” messages, immediately disconnect your computer from the Internet, either by disconnecting your Ethernet (network) cable, or by turning off the power to your cable or DSL modem. These attacks rely on your Internet connection to add new capabilities to their initial attack, and disconnecting early may allow your real security product a chance to remove the initial infection successfully.
When this doesn’t work, the best course of action is to take your PC to a qualified computer support professional. But be prepared, to successfully remove this malware may require a full reinstallation of the operating system and all programs.Share