"Win7 Defender" nastiness.....

I’ve just spent hours removing a bit of nastiness called “Win7 Defender” from a Windows 7 laptop. (This is not the Microsoft product but something pretending to be it.)

It puts up a message for every app you run saying it is infected with some virus, and that by activating it (by paying for it), you can deal with the “infection”. What I also discovered is a probable sideline for the authors. When you search for it on Google, the first few pages are all pages supposedly offering a solution (it isn’t), and if it doesn’t work, they can help remove it for a fee.

It is cunning enough to disable almost all apps, hijack Internet Explorer, and interfere with antivirus programs. It even runs in Safe Boot mode.

What surprised me was that Avast could not stop it and the boot-time scan did not even pick it up.

I ended up using this advice to get rid of it:

http://www.bleepingcomputer.com/virus-removal/remove-win-7-defender

What surprised me was that Avast could not stop it and the boot-time scan did not even pick it up.
[b]Fake antivirus overwhelming scanners[/b] http://news.techworld.com/security/3203072/fake-antivirus-overwhelming-scanners/

if you need help, follow the guide and attach the logs requested http://forum.avast.com/index.php?topic=53253.0