Email scams work because the cyber-crooks responsible for these scams are experts at using social engineering as the hook. They rely on the fact that we are a curious species on the one hand, and that we are easily frightened by the unknown, on the other hand.
Currently, rogue security developers (cyber-crooks), are combining both of these powerful persuaders, to convince unaware Internet users to download a harmful fake anti-virus/anti-spyware program, Antivirus 2009, which in reality causes the problem that it supposedly solves.
The very familiar bogus celebrity scandal email link is the teaser, which when activated launches a “your computer is infected with a virus” message screen. Clicking on the accompanying ad for a free anti-malware removal program, will download a Trojan horse which will install Antivirus 2009; rogue security software that launches fake malware detection warnings.
Rogue security applications, and there seems to be an epidemic of them on the Internet, including Antivirus 2009, have been developed to mislead uninformed computer users’ into downloading and paying for the “full” version of this bogus software, based on the false malware positives generated by the application.
The majority of typical Internet users, I speak with, are not aware that such a class of software even exists. But it does; and regrettably, it is becoming more widespread. An email scam is not the only method in which this parasitic software can be installed on a users system.
Just like its predecessor, Antivirus 2008, this particular rogue security software’s installer (ZLOB/MediaAccess Codec) can be found on adult websites, or it can be installed manually from rogue security software websites like antivirus-scanner.com, or antivirus2009.com.
If the full program fee is not paid, XP Antivirus 2009 continues to run as a background process incessantly reporting those fake or false malware detection warnings. To really try your patience, this rogue security software cannot be uninstalled using the Windows Add/Remove Programs tool. Unfortunately, even if an unaware user pays for this rogue security, the program will continue to run.
Here are some typical comments from a few of this Blog’s readers which will give you an indication of how destructive this rogue software is:
“My home computer is infected with the xp antivirus 2009 rogue software. It has grown like a cancer and has attacked my .dll files and I no longer can use my Internet Explorer to log on to the internet. I was told by a customer support person at Dell computer that eventually it will destroy all my files and I’ll have nothing but a blue screen. I’ve tried several removal tools that require you to buy their full program and since I can’t get on the internet I’m dead in the water. Is their any free program that actually works? I’ve tried PC Tools, Avira, Spy Hunter, a Squared & others. HELP!!!”
“I also purchased this software out of fear and they are continuing to bill my account for charges I did not authorize. I have called the billing company and emailed them without success. I just got off the phone with a foreign country who told me he couldn’t help me even though they say they can help 24-7. I contacted my bank 2 days ago and found out I had to wait till they received the order and I was charged (at that time the charges were pending). The charges were removed yesterday and back on today with additional charges. Anybody got any ideas how to stop this. I emailed the FTC and plan to call them tomorrow”.
“What an awesome page this is, thank you. Unbelievable what this thing did to my laptop. No access to task manager, no access to “my computer”. Pop-ups everywhere. Tried spybot, fixwareout, HijackThis to no avail. Might as well not have had Black Ice and Norton. Somehow I maintained the presence of mind to realize I was getting seriously bent over. I swear to God “breaking on the wheel” is a good punishment for these psychopaths. Luckily I keep most of the important stuff, including a script I’m writing, externally, so I re-formatted (2X). I know, NOT a good solution for people with all their stuff on the C drive. I’ll try the freeware, but basically I’m going to keep myself prepared as much as possible to have to scrub the hard drive at a moments notice. Bastards”.
Rogue Fix at Internet Inspiration
SmitFraudFix available for download at Geekstogo is a free tool that is continuously updated to assist victims of rogue security applications.
Bleeping Computer is a web site where help is available for many computer related problems, including the removal of rogue software.
Malwarebytes, a reliable anti-malware company has created a free application to help keep you safe and secure. RogueRemover will safely remove a number of rogue security applications.
If you are an advanced computer user, checkout “XP Antivirus 2008/2009 – Advanced User Removal Solution” on this Blog.
What you can do to reduce the chances of infecting your system with rogue security software.
- An absolute necessity is to make sure that any security application you are considering installing is recognized as legitimate by industry experts. An excellent web site that will keep you in the loop, and advise you what products work and have a deserved reputation for quality performance is Spyware Warrior.
- Be careful in downloading freeware or shareware programs. Spyware is occasionally concealed in these programs. Download this type of program only through reputable web sites such as Download.com, or sites that you know to be safe.
- Consider carefully the inherent risks attached to peer-to-peer (P2P), or file sharing applications where exposure to rogue security applications is widespread.
- Install an Internet Browser add-on that provides protection against questionable or unsafe websites. My personal favorite is Web of Trust, an Internet Explorer/FireFox add-on that offers substantial protection against questionable or unsafe websites.
- Do not click on unsolicited invitations to download software of any kind.
- Be kind to your friends, relatives, and associates and let them know that all of the above dangers are now epidemic on the Internet. In that way, it raises the level of protection for all of us