Anti-Virus warning

[Carole]

I expect many of you will already be familiar with this, but for those who are not, I thought I'd post this as a warning.

Since I had my new PC I've been using Free AVG (which was already on my computer) even though my ISP - Virgin,  supply free PC Guard with their broadband.  I did find some aspects of PC Guard (when I had it on my old computer a bit annoying and guess I was also being a bit lazy as I was not sure how to re-install it and thought the Free AVG would be OK.

This evening I got invaded by a rogue Anti-Virus spyware called Anti-Virus 360.  This looks at first as though it is part of AVG (or so I thought) and it told me I had loads of viruses and spyware on my PC which needed eliminating and wanted me to install the software.  I thought I was downloading a superior version of AVG (stupid me) and soon realised what I had done, I tried to remove the programme but it did not appear on the installed files list.

All the time it kept popping up with a window telling me I had these serious infections and trying to get me to click on the button to eradicate them.  It was very annoying and also worrying.

I did a search on the internet and it told me that it was Rogue Spyware and this is how it operates alarming people into thinking they have viruses (and worse) to get them to install it.  It also said it was difficult to get rid of.  Then these sites were also offering their software to get rid of the Anti-Virus 360.

In the end I worked out how to install the Free PC Guard from Virgin and this got rid of it.

I am posting this to warn those who don't know about it to be on their guard and to say that AVG was completely useless against this.

Carole

[Mike]

Strange. I've used AVG on all of my computers for the last 4 years and never had a single problem with it. WHen was the last time you updated the database on it?

[Carole]

Not sure what you mean by updating the database.  I was using Free AVG and it scans and updates the system all the time.  Even when I had this horrid Antivirus 360 on my PC I went into AVG and it told me that all the systems were up to date and working and all had green ticks.

It hadn't detected the rogue "antivirus 360" and did not get rid of it.

The Antivirus 360 was telling me I had Trojan Horses and lots of other horrid viruses.  It was all a hoax to make me download it, which fortunately I had only partly done but then could not get rid of it until I installed PC Guard.

Now I have it re-installed PCG I remember some of the irritating things that PCG did, like not saving my user name for OAS site.  Still I'd rather login in every time than have what I experienced this evening.

Carole

[Ian]

one of my PCs has had this too. there seems to be a couple of flavours of rogue software claiming to be AV software that are exploiting weaknesses in Windows.

The best advice is to turn on automatic updates and consider carefully what websites you choose to visit.

[Mac]

It hadn't detected the rogue "antivirus 360" and did not get rid of it.

Probably because its not actually a virus, its spyware / malware.

Its a very common problem,
you goto certain web sites, who, install a small script, which gives you the pop up,
saying you have a serious virus
you click on it to remove
and in doing so you install the malare / spyware
which then carries on getting downloading all the popups.
and allows you to the purchase, a fix, which normally dosent work!!

fairly easy way to remove it is to goto start menu RUN
type in msconfig in the black box that pops up
goto the start up tab.

(This is the software that gets run when your pc is turned on.
Most, not all, of the malware / spyware software is installed there)
have a look through, you should be able to recognise what should or shouldn't be there.

I'd suggest that you get a good free spayware remover.

something like, adaware or  spybot, both of which are free.

Adaware  http://majorgeeks.com/Ad-Aware_2008__d5947.html
spybot.  http://majorgeeks.com/download2471.html

[Fay]

I have just gone in, to download the new Windows patch regarding problems with Internet Explorer. The site said I was up to date, so I think it does it automatically or perhaps my version is not 7 

[Mike]

Mac is correct. AVG is anti-virus software, not anti malware/spyware. What anti-spyware software were you using?

[Carole]

Probably because its not actually a virus, its spyware / malware.

Yes, I realised it wasn't a virus as such, but needed some software to detect it and get rid of it and AVG did not do that.

Thanks for the tips, but as I've now eradicated it and have the PCGuard that does the trick I'm OK now, but hopefully your tips can help any-one else with the same problem.

Nasty persistent invader that was, apart from what it may or may not have been doing to my PC, it popped up every 45 seconds getting in the way of what I was doing.

Does any-one think it may have retrieved any information (i.e. logins and passwords) for the short time it was on my PC ?  If so I think I'll have to change my security info on another computer before dare using them again.

Carole

[Mike]

AVG is not designed to detect spyware. It's anti-virus software. They are two different things. You need anti-spyware such as spybot to do that.

[Carole]

AVG is not designed to detect spyware.

Hmmm, I wondered about that, but when I went into AVG it definitely said something about Spyware which had a green tick, so I assumed it covered that as well.  I can't check it now as I've replaced it with the PC Guard.  I did not have separate Spyware.

Anyway, thanks all for your advice.  I got some feedback from a friend which may be useful for some-one else.  He sent me two websites where you can remove Antivirus 360 free of charge.

http://www.2-spyware.com/remove-antivirus-360.html

http://www.bleepingcomputer.com/malware-removal/remove-antivirus-360

Can any-one answer the question as to whether the Spyware may have captured anything (Passwords etc).

Carole

Carole

[Mac]

Can any-one answer the question as to whether the Spyware may have captured anything (Passwords etc).

This type of spyware / malware is not normally a password stealer,
it is relying on you purchasing the fake fix for this program.
and making its money that way.

Mac,

[Carole]

Thank Mac, I was hoping that would be the answer.

Carole