Page 1 of 2 12 LastLast
Results 1 to 15 of 18

Thread: Scam Antivirus

  1. #1
    New Lounger
    Join Date
    Dec 2009
    Location
    Loomis,CA,USA
    Posts
    8
    Thanks
    0
    Thanked 0 Times in 0 Posts
    In recent months I have seen many fake antivirus scams infecting Windows XP machines! These PCs had current versions of either Symantec corp AV or the new Microsoft AV, with up to date definitions. Autorun is also disabled in most cases. The best defense has been education, but that only goes so far. Most of these don't take hold if you shut down the browser (or Windows) without clicking anywhere on the scam browser window. Is anyone successfully keeping this junk off their PCs? Any help would be greatly appreciated!

  2. #2
    Super Moderator Deadeye81's Avatar
    Join Date
    Dec 2009
    Location
    North Carolina, USA
    Posts
    2,654
    Thanks
    7
    Thanked 113 Times in 97 Posts
    Hi Gordon,

    You have covered the basics. Keeping AV and antispyware definitions up to date and practicing safe surfing and email handling are very important. Educating people about what to look for and how to respond when confronted with threatening situations is very important. All the protection in the world will be of little value if we do not become more savvy in our practices.

    I have received an XP and a Vista machine in for cleaning in the last two weeks due to variants of phony AV software. In one case, the client clicked on a link out of panic due to the message that his computer was infected. The other one received a false antivirus pop up on Facebook and clicked on it thinking it was a message from her antivirus software, and it promptly locked up everything on the computer except the link demanding a credit card number for the "Pro" version.

    I try to teach all my clients to slow down, look and think before clicking, and if in doubt pull up Task Manager to safely close the browser. I also install Web Of Trust for IE and Firefox to help keep my clients away from known infected sites, and I show them how it works. Still, just as with antivirus definition updates, there is an unprotected time period between discovery of a new infection and the update necessary for protection.
    Deadeye81

    "We make a living by what we get, we make a life by what we give." Sir Winston Churchill

  3. #3
    Super Moderator CLiNT's Avatar
    Join Date
    Dec 2009
    Location
    California & Arizona
    Posts
    6,121
    Thanks
    160
    Thanked 609 Times in 557 Posts
    I have not encountered any problems with this sort of scamware, not even on the XP laptop that I have, and IE at that.

    I'm very fastidious in keeping the browser cache cleaned out and limiting the add-on's I use in the browser as well. This of course
    presents it's own issues as I have to keep loging onto sites etc. but that's alright by me.
    Keeping your software and os patched and up to date goes a long way too.
    Too many ppl out there running IE 6 with XP SP1; Malware come and get me, I'm bored and in need of a challenge.
    DRIVE IMAGING
    Invest a little time and energy in a well thought out BACKUP regimen and you will have minimal down time, and headache.

    Build your own system; get everything you want and nothing you don't.
    Latest Build:
    ASUS X99 Deluxe, Core i7-5960X, Corsair Hydro H100i, Plextor M6e 256GB M.2 SSD, Corsair DOMINATOR Platinum 32GB DDR4@2666, W8.1 64 bit,
    EVGA GTX980, Seasonic PLATINUM-1000W PSU, MountainMods U2-UFO Case, and 7 other internal drives.

  4. #4
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    4,485
    Thanks
    283
    Thanked 573 Times in 477 Posts
    Using OpenDNS can also add to the passive protection from known malware and phishing sites, etc., there's a free, basic version.

  5. #5
    2 Star Lounger
    Join Date
    Dec 2009
    Location
    Calif
    Posts
    182
    Thanks
    0
    Thanked 14 Times in 13 Posts

    Wink

    Hi Gordon :

    For Preventing "Rogue antivirus" programs I would recommend PAYING
    for the "Professional" ( real-time protection ) Version of Malwarebytes
    Anti-Malware, available for download from http://www.malwarebytes.org/mbam.php .
    For the BEST in what counts in Life :

    http://www.ctftoronto.com

  6. #6
    New Lounger
    Join Date
    Dec 2009
    Location
    Loomis,CA,USA
    Posts
    8
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Thanks for all your suggestions!

  7. #7
    Lounge VIP bobprimak's Avatar
    Join Date
    Feb 2009
    Location
    Hinsdale, IL, USA
    Posts
    2,482
    Thanks
    176
    Thanked 152 Times in 129 Posts
    Quote Originally Posted by Robin Taylor View Post
    Hi Gordon :

    For Preventing "Rogue antivirus" programs I would recommend PAYING
    for the "Professional" ( real-time protection ) Version of Malwarebytes
    Anti-Malware, available for download from http://www.malwarebytes.org/mbam.php .

    Avast Free does just as well. AVG Free, lacking rootkit protection, is not as good. Also, both Zone Alarm Free and Comodo Firewalls can help, due to their popup warnings -- but only if those warnings are heeded by the end user!
    -- Bob Primak --

  8. #8
    New Lounger
    Join Date
    Dec 2009
    Location
    Cabot, AR, USA
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I'm trying to clean up my daughter's PC. AntiVirus2009 was one of the over 3,000 trojans, worms, viruses, and trackers I've found using the paid AVG Suite (and all it's free removal tools), free MalwareBytes, and Spybot Search & Destroy.

    I've got it all cleaned up, EXCEPT AVG is reporting the Generic12.BOPU trojan infecting services.exe I've done the reboot remove option and now none of the others apps are seeing it. AVG is still reporting it, and it's resident shield and identity protection is reporting attempts to write to other system files and execute them. AVG IS NO HELP. Although their software identifies the trojan, their tools and resources don't seem to recognize it. Now AVG is wanting me to pay more for removal services and help that I've already paid for! It's looking a lot like the Antivirus2009 scam at this point.

    Any help or feed-back is appreciated.

  9. #9
    New Lounger
    Join Date
    Dec 2009
    Location
    Loomis,CA,USA
    Posts
    8
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I have found only one way to truly be sure a Windows PC is clean after a serious malware attack. Backup the data and settings, then do a clean install of Windows. This sounds extreme, but by the time you go through all the cleanup tools and manual processes, it isn't that much more. You are guaranteed to have a clean machine and your PC will run faster. Once you get it all put back together and your data restored, I HIGHLY recommend you make an image of the disk. That way any future problems can be taken care with a quick data backup (should be doing that anyway) and a re-image. I use Ghost, but there are several other options (some of them are free). Good luck!

  10. #10
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts
    Here's another one that can remove stubborn infections: SUPERAntiSpyware (has free and paid versions; haven't tried either of them myself)

  11. #11
    2 Star Lounger
    Join Date
    Dec 2009
    Location
    Calif
    Posts
    182
    Thanks
    0
    Thanked 14 Times in 13 Posts
    Hi Robert :

    Not knowing the degree to which you still may be "infected", I
    recommend you seek the Help of an experienced, CERTIFIED,
    Volunteer "Malware Removal Specialist" that can be found on many
    "Advanced Malware Removal" Forums, such as the One at GeeksToGo
    at http://www.geekstogo.com/forum/forums.html OR even the Spybot
    One at http://forums.spybot.info . The GeekstoGo Experts request
    posting a "Log" from the "OTL" program, available for download in
    their "Malware and Spyware Cleaning Guide" .
    For the BEST in what counts in Life :

    http://www.ctftoronto.com

  12. #12
    Super Moderator WebGenii's Avatar
    Join Date
    Jan 2001
    Location
    Redcliff, Alberta, Canada
    Posts
    4,066
    Thanks
    2
    Thanked 5 Times in 5 Posts
    I just have to chime in with a Whoops! here Just found myself infected with a Vista Antispyware rogue.
    Yes, I did click when I shouldn't have - in my own defense, they've mimicked the design of the the MS dialogues so closely - I thought it was from MS.
    I've got some screen shots to post later.
    Don't mock me too much.
    [b]Catharine Richardson (WebGenii)
    WebGenii Home Page
    Moderator: Spreadsheets, Other MS Apps, Presentation Apps, Visual Basic for Apps, Windows Mobile

  13. #13
    New Lounger
    Join Date
    Dec 2009
    Location
    Loomis,CA,USA
    Posts
    8
    Thanks
    0
    Thanked 0 Times in 0 Posts
    The bad guys are getting really good at mimicking the look and feel of the real stuff. This is the bad side of "social engineering". I've been trying to educate my users to beware.

  14. #14
    2 Star Lounger
    Join Date
    Apr 2003
    Location
    Jacksonville, North Carolina, USA
    Posts
    173
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I have also been bitten. I used the free SUPERAntiSpyware and it seem to work well in getting rid of the infections however now I am having difficulties in communicating w/ devices, downloading, opening applications. I came to the conclusion to re-install Windows XP Home edition HOWEVER Winddows XP Home edition came pre-installed on my computer and I never requested the actual CD before the warranty period expired. Is there such a thing as a free version available for download?

  15. #15
    New Lounger
    Join Date
    Dec 2009
    Location
    Loomis,CA,USA
    Posts
    8
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Reloading Windows is a sure-fire way to clean up your PC. What kind of PC do you have? As long as you have the original license sticker for XP Home (usually somewhere on the outside of the case, has a hologram and the XP license key on it), ask the vendor if you can purchase replacement media (CD). I don't think the PC still has to be under warranty for that. It may be sold as the recovery disc set for your PC, which includes XP. I've gotten these from HP for non-warranty PC's for around $30 shipped. A recovery disc is a good way to go, as they include all the drivers for all the hardware (audio, video, nic, etc.). You probably can find a copy of XP out there somewhere in cyberland (ligit?). Good luck!

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •