"Personal Antivirus" scam

billjr · #1 08-27-2009, 07:35 PM

My wife's laptop started getting warning pop-ups about trojan horses and other stuff tonight, and when she clicked on them they pulled up a home screen for "Personal Antivirus." I had this happen to my PC years ago, so I went online (after I got my modem up and connecting, but that's a post in itself) and discovered it sure nuff was mallware, and gets worse if you don't remove it.

Her Norton had expired, so I renewed it, scanned, and didn't turn up anthing. I ended up purchasing another tool, Spyware Doctor, that found it and some others, and got rid of them.

Just thought I'd get a warning out. Those programs are such a pain in the &^$%

Quadcam · #2 08-27-2009, 07:40 PM

malwarebytes will remove it. it's probably the green antivirus malware program, someone called me about it the other day

Tama · #3 08-27-2009, 07:45 PM

Quote:

Originally Posted by billjr

My wife's laptop started getting warning pop-ups about trojan horses and other stuff tonight, and when she clicked on them they pulled up a home screen for "Personal Antivirus." I had this happen to my PC years ago, so I went online (after I got my modem up and connecting, but that's a post in itself) and discovered it sure nuff was mallware, and gets worse if you don't remove it.

Her Norton had expired, so I renewed it, scanned, and didn't turn up anthing. I ended up purchasing another tool, Spyware Doctor, that found it and some others, and got rid of them.

Just thought I'd get a warning out. Those programs are such a pain in the &^$%

OI, there are so many clever/destructive programs that can be so very difficult to remove/repair.

I format just to keep things going fast & clean. I don't really get viruses either.

Funny one:
My boss comes to me and say" Damn Groov (that is my nickname for some 20 years now)
my office workstation has a bad virus with porno pop-ups and whatnot !!!"

He's freaking out now because he may get in trouble.

I laugh & say: "Well Mike, I guess you'd better stay of THOSE sites while on the company computer."

He gets all red-faced & says: "But Groov, I was only looking up a barbeque recipe"

Good one Mike, I like Asian girls too.....LOL

I fixed him right up...you could see the relief on his face...LOL..wink, wink, nudge, nudge

TOOL460002 · #4 08-27-2009, 08:54 PM

ESET NOD 32

that should seriously end this thread. if you disagree youre probably wrong. sorry to sound like a doucher, but im right.

MJ5150 · #5 08-27-2009, 09:37 PM

Find out how they got there and do some preventative education, or you'll find yourself doing this again. Who knows what other software you will have to buy then.

-Mike

WookieeForLife · #6 08-27-2009, 10:25 PM

Girlfriend was on Myspace. THing poped up saying it found a virus and to download the program halfway through download she told me about it and i told her to pause it. Looked it up and was a virus. She got rid of it easy. Her friend downloaded the whole thing.

rcarraher · #7 08-27-2009, 11:41 PM

Quote:

Originally Posted by billjr

My wife's laptop started getting warning pop-ups about trojan horses and other stuff tonight, and when she clicked on them they pulled up a home screen for "Personal Antivirus." I had this happen to my PC years ago, so I went online (after I got my modem up and connecting, but that's a post in itself) and discovered it sure nuff was mallware, and gets worse if you don't remove it.

Her Norton had expired, so I renewed it, scanned, and didn't turn up anthing. I ended up purchasing another tool, Spyware Doctor, that found it and some others, and got rid of them.

Just thought I'd get a warning out. Those programs are such a pain in the &^$%

There are a few of these that have been going around for the past couple years. Antivirus 200x (I've seen 07, 08, 09) Antivirus Pro and a couple variations.

The thing to remember here is these aren't Virus's in the strictest definition. What they are is malware. They can spawn endless popups, install back doors, high jack your browser, install key loggers, etc...I couldn't begin to say how many times I have taken these off friends machines and machines at work, or had to save someones data because the only "sure" cure is a scrub and a reload. They will also Turn Off your antivirus. It'll look like it is active down in the system tray, but in reality, if you look at services, it is disabled. They also will prevent you from down loading updates to your antivirus software and your anti malware if they are seperate. It'll also prevents Microsoft Updates from installing. And thats just a few of the tricks.

For each specific one, there are "fixes" out there which usually involve editing the registry, so don't try this unless you are comfortable in there. Most antivirus won't stop it or remove it. Most anti malware is designed to kill it before it gets on your machine, not after. Again, its not a virus but a HACK. If you have a good anti malware it may warn you, but the tricky and simple thing about these types of threats is YOU told the system to install it. So the antimalware/antivirus figures you know best.

When it popped up in the browser window, it has fooled you or the user into clicking on an instruction that amounts to running setup. If you are running Vista you not only clicked on Setup, you then told the OS that yes, you wanted to run the program.

The best way not to get hit by these types of threats is to educate computer users, wives/children or users at work that Antivirus software NEVER pops up in a browser window and says you have a virus or other problem. It'll also NEVER ask yu to update through a browser window. In other words, you need to recognize the threat and just click "no thanks".

Now, the problem with all the fixes out there is some may not be complete. Because this threat has the ability to "fool" antivirus and anti malware software into turning off or ignoring this threat, you really don't know unless you do some sophisticated digging and testing whether its all gone. Best cure, format and reinstall or reimage. If thats not practical try some of the sites in the following link, matter of fact use more than one as after 20 years of fighting and researching malware I find a "cocktail" approach the most through.

http://www.myantispyware.com/online-scanners/

There is also a Microsoft site "windows live scan" that is pretty through, but can take literally a day or more, and may actually "break" ligit software. But it has cleaned machines for me that were badly infected. You just end up spending time fixing your ligit software after the lenghty fix.