Thoughts, information and reflections about technology

Antivirus 360

We’ve had a couple of calls in the last week or so to clean up home PCs infected with Antivirus 360. Apparently this is picked up as a drive by download while web browsing.

AV 360 impersonates the Windows Boot Splash screen which makes users think that they are rebooting. It sticks a message on there about ‘registering av 360’.

This software gives you dire warnings that your machine is thoroughly infected and the only way to save it is to purchase the full version of their product.

We’ve been able to remove AV 360 by a combination of

  1. Using the add and remove programs
  2. Manually deleting the Program filesav 360 folder (using safe mode if necessary)
  3. Using either MSconfig or Spybot to remove the AV 360 startup
  4. cleaning up with an AV and/or spybot scan
  5. If you go to www.google.com and you see an ad for AV 360 after you have cleaned things up, go to Tools, Internet Options, Advanced, Reset and reset the configuration back to the defaults. Restart your browser and the AV 360 message should be gone from Google.

Some Hints

  • AV 360 seems to be user specific. If you have trouble killing it, try killing it from either safe mode or an uninfected user. If there are no uninfected admin users, simply create one.
  • AV 360 may reset your AV and firewall notifications under windows. Be sure to set them back.

Similar Posts:

Leave a Reply

Your email address will not be published. Required fields are marked *

Contact me
Archives
Categories
Recent Comments