The number of computers being infected by Scareware has increased considerably over the last few months, especially those without any real perimeter defence.

It works by claiming to have found viruses and then asks the user to purchase anti-virus software that will kill the “found viruses”.  Anyone who does this will have wasted their money and may well have given hackers access to their PC.  Unfortunately this is a constantly evolving piece of malware and is difficult to spot, so vigilence is required.

This is Managed Networks’ recommended route to clearing it.  To get rid of the malware is a two-stage process and will have hopefully happened before the malware gets through to the server infrastructure.

1.  use Malwarebytes and SUPERAntiSpyware to delete it
2. you have to delete and rebuild the user’s profile because this is usually where the malware embeds itself.  It should be deleted from both the local desktop and the server.

You should be protected from older versions of this malware, if your AV software is up to date, but please be vigilant.