By far the most common topic type in the Home User Assistance Community is the dreaded Fake Anti-Virus infection. The names, icons, graphics and code of these 'programs' will vary but all have the same reasons for being - financial gain for the malware authors. We see many new families and variants being created every day and we are constantly writing new signatures and detection methodologies to protect our customers from these threats.


So why, you may well ask, did my PC get infected? "I paid McAfee my subscription money so it should stop these things getting through, right?"

We'd love to say that was always going to be the case. Unfortunately no genuine anti-virus software manufacturer in the world is able to promise or deliver 100% detection. We strive to be as close to 100% as possible, and independent test results show that with innovations such as Artemis technology we're regularly hitting the 99.9% mark, but there will always be new threats that we don't immediately detect.


If you are unlucky enough to fall foul of a new fake AV infection there are plenty of things you can try, starting with the following documents:

Required Reading - Home User Assistance Malware Troubleshooting


Combating Threats - FakeAlert.pdf


How To Fix File Associations in Windows - useful if you have removed a Fake AV infection but are seeing errors when trying to launch applications


If you're still having problems have a search through the previous posts within the Security Awareness Community - you can find a lot of good information from other members who have successfully removed them or helped others to do so. If you can't find anything helpful from previous posts then do start a new thread giving as much detail as possible about what's happening to your machine.


Additionally, if you are able to do so, it's always good to send us any suspicious samples - please see this web page for details on how to submit files to McAfee Labs.

Please do not ever attach potentially infected files to your community posts though, they will be deleted by a moderator and will not be sent on to a researcher.


Obviously prevention is always better than cure, and it almost goes without saying that having fully updated AV software is a basic security requirement for everyone these days. However unless you never connect your PC or laptop to the internet or access removable media device such as a USB key then there will always be a risk that you get hit with something bad, be it a Fake AV program or something else. There are some very good tips in our Security Best Practice Community on what more you can be doing to keep your personal data secure, prevent identity theft, and generally stay safe when online.