A client called today to report a “fake anti-virus” on her screen. Luckily she left it on her screen so that I could remote in, see the problem, and fix it.
Here is a quick how-to on defeating this right when it occurs so that the “malware” does not get installed on a Windows machine with the Internet Explorer browser:
- Run Windows Task Manager by using [Start],[Run] from the task bar, type in taskmgr and click on [OK].
- Click on the Applications tab.
- For each Application listed, select and click the [End Task] button. If you get the prompt to either “wait” or “end now”, choose “end now.”
- Close the Task Manager window.
- Open the Control Panel and then open “Internet Options”.
- Find the option to delete temporary files. In IE8, there is a [Delete…] button in the “Browsing History” section.
- Choose the option to delete “Temporary Internet Files”. This is really the only item that needs to be checked.
- Close control panel.
- Reboot your machine.
WARNING: If you do not close the applications using the Task Manager, you will likely cause your machine to get infected when you reboot. It’s a long story as to how this happens — just be careful. Otherwise, you will likely need to make a call for IT support.
ANOTHER CAVEAT: If your machine is already infected, this will not disinfect it. This only prevents the “Fake Anti-Virus” from getting installed the first time.
