Fake AV masquerading as Java Update
 

IE appears to allow automatic install. Firefox blocks it. Pop up shows the Java mug and on next boot PC Tools is installed and blocking some usage.

Its a typical program of this type easily cleaned using Rkill and Malwarebytes but still a pain in the botton

Re: Fake AV masquerading as Java Update
 

So, how did you let yourself get infected in the first place, dodgy websites again :D

Re: Fake AV masquerading as Java Update
 

not me ;)

Re: Fake AV masquerading as Java Update
 

This is one of the reasons i dislike Java, it is becoming more and more of an infection vector (allthough it`s not really in this case).
Where`s your botton? Sounds like a place up north :p:

Security Shield seems to be the one doing the rounds at the moment, one in a lovely pink

Re: Fake AV masquerading as Java Update
 

The ones that change the explorer shell are pain too, Thinkpoint being one:

https://www.cableforum.co.uk/images/local/2011/02/2.jpg

Stops you going into safe mode, doesn't stop taskmanager though ;)

Re: Fake AV masquerading as Java Update
 

I've had success using the Bit-defender rescue CD in the past to remove infections from a machine, It's a linux based live CD with the Bit-defender AV built in which means you're booting from a clean environment which should in theory help where a rootkit is suspected. (As you are booted from the CD instead of into the compromised OS on your hard-drive)

If it detects a usable network connection it will download the latest definitions before starting to scan the system.

http://download.bitdefender.com/resc...-rescue-cd.iso

Re: Fake AV masquerading as Java Update
 

safe mode with command promt no shell launched then just run explorer.exe . only had to do it once though

Re: Fake AV masquerading as Java Update
 

Thanks for that Dragon. I've used Avira rescue cd many times in the past which works rather well but I'll have to give the Bit-Defender version a try as well. One can never have too many good tools.

Re: Fake AV masquerading as Java Update
 

I think it's a place for special boys and girls
http://www.cvt.org.uk/our-communities/botton-village-north-yorkshire

Re: Fake AV masquerading as Java Update
 

yep 2 of my mates got the PC Tools virus.

This has been around since about 2007 under various different names but all looks roughly the same and do roughly the same thing.

Re: Fake AV masquerading as Java Update
 

That was a bit uncalled for...they can't help how they were born :(

Re: Fake AV masquerading as Java Update
 

its not a virus its malware aimed at getting your credit card details for nefarious purposes

Re: Fake AV masquerading as Java Update
 

:mad: your sick mate

Re: Fake AV masquerading as Java Update
 

I know the VM DHS team have been getting inundated with calls about this. Seems a lot of people fall for it.

Re: Fake AV masquerading as Java Update
 

How is it uncalled for?? they are special , I didn't put any smileys or winking or any other symbols or jokes. I mentioned it because there is a place called Botton and it's a lovely place to visit and any advertising for their site can't be a bad thing.

It all depends on which way your mind works.