Virus Problems – Fake Anti Virus and Ransomware

Posted on | July 15, 2012 | Comments Off on Virus Problems – Fake Anti Virus and Ransomware

The last few months here at Bluefish Computer Repairs in Chichester have seen a dramatic increase in the amount of virus calls.  The amount of calls related to Fake Anti-Virus and Ransomware in particular.

So what are these things?

Fake AntiVirus is just what it says on the tin, it’s a fake Anti-Virus program which pretends to scan your PC for malware/viruses/Trojans and then informs the user they are infected before informing them they can remove the threats by purchasing a full version of the program, see the image below for an example of what it looks like.

Fake Win 7 Antivirus 2012






Ransomware is a program which infects a users computer and then demands money is paid to the creator of the program in order for the restriction to be removed.  One of the most common forms we have seen lately is the “Metropolitan Police” ransomware program.  Which informs the user they have been caught looking at illegal websites and then demands payment by ukash the image below is an example of ransomware.

Met Police Ransomware Virus






After being infected users are left unable to close the program, unable to run additional programs, finding they are redirected to different websites when opening a browser, finding their pictures/documents/music /start menus/desktop files etc. missing.

Why are these programs created? Well purely for profit, despite the poor English and seemly obvious fake nature of these programs some people still pay the money to try and get them removed!  These programs are big business for cyber criminals and once you hand over your payment details you’re in for a whole heap of trouble!

So how do you get infected?  Here are some of the most common reasons:

–          Not keeping up to date with Windows updates, this leads to programs finding holes in your operating system.

–          Not applying updates to your programs, this leaves holes in programs like Adobe Reader, Java, Flash etc.  Then when opening PDF attachments or visiting an infected Java/flash website the user is in turn infected.

–          Spam emails, people open emails pretending to be from tax authorities, banks, parcel delivery companies etc.. and are then infected by opening an attachment or visiting the website link to an infected website.

Why didn’t my anti-virus stop it???  Almost always one of the first questions asked.  I won’t mention names but despite the claims and cost of some of the most popular anti-virus programs on the market they end up being a complete waste of time.  Quite often the virus disables and even removes parts of the anti-virus program rendering it useless.  I only recommend and sell one anti-virus program which is Kaspersky, in my opinion the best on the market.  It always finds and removes malware.  I never ever get a machine back with a virus that has had Kaspersky installed on it and I think that speaks for itself.

What do I do when I have a virus?  There are many guides on the internet you can use to try and remove a virus yourself and some are pretty good but I would always advise someone to seek the help of a professional.  Why?

–          A lot of malware either hides or moves a user’s files quite often to temporary directories.  I have seen quite a few cases recently of people trying to remove a virus only to end up permanently deleting their data.

–          We always create a complete image of a drive prior to undertaking any work to remove a virus.  This is very important, malware is constantly changing and guides quickly become outdated.  By taking an image of a drive we ensure we can always return the disk to the state we first received it in and begin again should things go wrong.

–          Boot sector viruses and rootkits allow the malware to continue to reinstall itself even after the initial virus is cleaned.  It is important to remove every trace of the malware.

Here at Bluefish Computer Repair we remove viruses / malware on a regular basis, we also always advise on and complete the steps required to prevent re-infection.  Please feel free to contact us if you need any more information or help on removing or preventing a virus infection.

Also please also consider the absolute need to back up your important data on a regular basis!


Comments are closed.