Yup - what max there said.
Depends - if it was something relatively benign, we check the log and if it was "deleted" we move on.
Other things, less benign (and those fake AV apps are anything BUT benign! Registry and file corruption abound!) or other than "deleted" we run an update content and scan command and force a reboot at the end, then rescan.
Been through a couple of those fake AV apps and a rootkit, and the latter is NOT something to be taken lightly!