Go Back   TechArena Community > Technology > Networking & Security
Become a Member!
Forgot your username/password?
Tags Active Topics RSS Search Mark Forums Read

Reply
 
Thread Tools Search this Thread
  #1  
Old 21-10-2009
Member
 
Join Date: Jan 2009
Posts: 46
Removal of Fake Nortel Antivirus

Hi,
Recently I visited a spanish website for an article. After opening the site a pop up come up saying that there is virus in my system. I run the scan and a antivirus named Nortel was installed. My friend told me that it is a fake antivirus. It installed more threats to the system instead of cleaning. Now whenever I go online it comes again prompting virus alert. How to remove this buggy tool.
Reply With Quote
  #2  
Old 21-10-2009
Member
 
Join Date: Apr 2008
Posts: 3,423
Re: Removal of Fake Nortel Antivirus

It is a malware tool. You must not install such fake recommendation online. Now press Ctrl + Alt + Del and under process tab look for the file name. Kill the process and search for the relevant file. Delete it. The virus normally creates a folder in program files of its name. Delete the same under safe mode. If possible run a antimalware tool.
Reply With Quote
  #3  
Old 21-10-2009
Member
 
Join Date: May 2008
Posts: 3,514
Re: Removal of Fake Nortel Antivirus

The fake antivirus creates this files in your computer. They are WinAvXX.exe, wox.exe and mrgdll.exe. This files are created by the virus. You will have to first kill the process by using Task Manager and then your can launch a search process under safe mode. After that run registry editor. Go to the following path and delete the file listed. Click on Run and type Regedit. Navigate to the following path - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\?[RANDOM NAME]? = ?C:\ProgramData\nol\mrgdll.exe? & HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\?[RANDOM NAME]? = ?C:\ProgramData\nol\wox.exe?
HKEY_CURRENT_USER\Software\wox
Reply With Quote
  #4  
Old 21-10-2009
Member
 
Join Date: Apr 2008
Posts: 3,336
Re: Removal of Fake Nortel Antivirus

Nortel is a fake antivirus and a malicious tool. After installation it creates a .exe file in your Windows directory which is runs automatically. First delete this files. C:\ProgramData\nol\wox.exe, C:\ProgramData\nol\mrgdll.exe, C:\Documents and Settings\All Users\Application Data\nol\wox.exe, C:\Documents and Settings\All Users\Application Data\nol\mrgdll.exe and C:\ProgramData\nol\. Delete the files wox.exe from each folder listed. Then run a registry repairer tool.
Reply With Quote
Reply

  TechArena Community > Technology > Networking & Security
Tags: , , , ,



Thread Tools Search this Thread
Search this Thread:

Advanced Search


Similar Threads for: "Removal of Fake Nortel Antivirus"
Thread Thread Starter Forum Replies Last Post
TDSS removal causing Fake AV redirection Lol$prakash Networking & Security 6 24-06-2011 09:32 PM
Fake Antivirus Removal Humberto Guides & Tutorials 3 15-07-2010 01:32 AM
Fake message from Antivirus live Ash maker Windows Software 5 13-07-2010 04:14 PM
Does StopZilla is a fake antivirus Cruzz Networking & Security 5 28-01-2010 12:57 AM
Database of Fake antivirus Odalis Tips & Tweaks 1 17-01-2010 06:22 AM


All times are GMT +5.5. The time now is 05:20 PM.