Four Phase Removing Antivirus fake

There are currently 304 fake antivirus detected circulating and transmit thousands of computers in Indonesia. In addition to the flash, the virus can be spread through e-mail to send false messages contain attachments.
Viruses act by giving a false message that resembles the Windows program, which seems that the computer tells you there is a spyware / virus, then install the antispyware program that is false 'XP AntiSpyware 2009. For up, there are some steps that need to be done. This is how:
1. Disconnect the computer that will be cleared from the network. 2. Scan your computer using the removal tool. You can use the removal tool from Norman up to (you can download here http://download.norman.no/public/Norman_Malware_Cleaner.exe 3. Remove string registry was created by the virus. To facilitate the registry can use the script below.
[Version] Signature = "$ Chicago $" Provider = Vaksincom Oyee [DefaultInstall] AddReg = UnhookRegKey DelReg = del
[UnhookRegKey] HKLM, Software \ CLASSES \ batfile \ shell \ open \ command ,,,"""% 1 ""% * " HKLM, Software \ CLASSES \ comfile \ shell \ open \ command ,,,"""% 1 ""% * " HKLM, Software \ CLASSES \ exefile \ shell \ open \ command ,,,"""% 1 ""% * " HKLM, Software \ CLASSES \ piffile \ shell \ open \ command ,,,"""% 1 ""% * " HKLM, Software \ CLASSES \ regfile \ shell \ open \ command,,, "regedit.exe" "% 1" "" HKLM, Software \ CLASSES \ scrfile \ shell \ open \ command ,,,"""% 1 ""% * " HKCU, Software \ Microsoft \ Internet Explorer \ Main, Search Bar, 0 HKCU, Software \ Microsoft \ Internet Explorer \ Main, Search Page, 0 HKCU, Software \ Microsoft \ Internet Explorer \ Main, Start Page, 0 HKLM, SOFTWARE \ Microsoft \ Internet Explorer \ Main, Default_Search_URL, 0 HKLM, SOFTWARE \ Microsoft \ Internet Explorer \ Main, Search Page, 0 HKLM, SOFTWARE \ Microsoft \ Internet Explorer \ Main, Start Page, 0 HKLM, SOFTWARE \ Microsoft \ Internet Explorer \ Search, SearchAssistant, 0 HKLM, SOFTWARE \ Microsoft \ Security Center, AntiVirusDisableNotify, 0 HKLM, SOFTWARE \ Microsoft \ Security Center, FirewallDisableNotify, 0 HKLM, SOFTWARE \ Microsoft \ Security Center, UpdateDisableNotify, 0 HKLM, SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Windows, AppInit_DLLs, 0 HKLM, SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon, Shell, 0, "Explorer.exe" [del] HKCU, Software \ Microsoft \ Windows \ CurrentVersion \ Run, braviax HKLM, SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run, braviax HKLM, SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run, brastk HKCU, Software \ Microsoft \ Windows \ CurrentVersion \ Explorer \ MountPoints2, (706ab86c-937e-11dd-a04c-000c290bc510) HKLM, SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Image File Executions Options, Explorer.exe
Use notepad, then save with the name "Repair.inf" (use the Save As Type option became All Files to avoid an error occurred). Repair.inf run with the right-click and select install. Repair.inf should create a file on a clean computer, so that the virus is not active. 4. For optimal cleaning and prevent re-infection, you should use the antivirus update and identify all of the installation file with the virus.

Pros: clean your computer's anti - virus fake

Link: http://www.ciao.com/Topics_beginning_with_F__Review_10172643