AV.exe: The Yearly Trojan Post

Sigh. I wish someone would do a study of the total cost of ownership of Windows computers vs. Linux or Macs, taking into the account the time required to patch Windows, scan windows, fix the Windows registry, download and install all the updates, etc.

I just fixed my third AV.exe trojan which got past Symantec Client Security. With such a potent trojan out there, I wonder why SCS has let this go through three times.

The AV.exe virus/trojan manifests itself by installing in the startup folder, and then launching itself when the user logs in. Shortly after login you are presented with a very realistic screen that says you are infected with a virus and you should scan your computer now. Naturally the poor user clicks on the button, and gets linked to a web page with another realistic looking screen that prompts you to download and install a new scanner program.

The fix is to start Windows in Safe Mode, and dig into the registry to get rid of the startup programs. Instructions are located in several places on the internet, I used these. Once all this is done, I run CCleaner, and make sure that my virus and Windows files are up to date.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s