Courtesy of Panda Security.
This week’s PandaLabs report looks at Total Security 2009, yet another
example of the many fake antiviruses in circulation.
This type of malware passes itself off as legitimate software applications in order to steal users’ money by tricking them into believing that they will eliminate threats that actually do not exist.
Once installed on the target computer
Total Security displays a warning indicating that the computer is at risk.
Then, it simulates a system scan reporting a series of infections in order to scare users into buying the antivirus solution.
On finishing the scan, Total Security displays a screen offering a solution to the
user’s problem. The solution consists of activating the fake antivirus.
However, to activate the product, users must pay a fee to the anti-malware vendor. After this, users receive a code they must enter in the program.
Once they do this, the malicious application stops displaying warnings about
threats. This aims to make users believe they have actually bought an antivirus product, whereas, in reality, no infection has been removed and users are not protected against threats.
Total Security installs on computers just as if it were a legitimate security solution. It creates a shortcut in the desktop, another one in the program directory of the Start menu and a third one in the Add or Remove Programs section.
This malware can reach users in a variety of ways: through links in spam messages, downloaded from a malicious Web page, etc. Once run, the
program launches the installation process.
More information about these and other malicious codes is available in
the Panda Security Encyclopedia. You can also follow Panda Security’s online activity on its Twitter and PandaLabs blog.
If you become infected by this, or other scareware (rogue software), have your PC worked on by a certified computer technician, who will have the tools, and the competency, to determine if the infection can be removed without causing system damage. Computer technicians do not provide services at no cost, so be prepared for the costs involved.
If you feel you have the necessary skills, and you want to try your hand at removal, then by all means do so.
The following free resources can provide tools and the advice, you will need to attempt removal.
Malwarebytes, a very reliable anti-malware company, offers a free version of Malwarebytes’ Anti-Malware, a highly rated anti-malware application which is capable of removing many newer rogue applications.
411 Spyware – a site that specializes in malware removal. I highly recommend this site.
Bleeping Computer – a web site where help is available for many computer related problems, including the removal of rogue software. This is another site I highly recommend.
SmitFraudFix, available for download at Geekstogo is a free tool that is continuously updated to assist victims of rogue security applications.
What you can do to reduce the chances of infecting your system with rogue software.
Be careful in downloading freeware or shareware programs. Spyware is occasionally concealed in these programs. Download this type of program only through reputable web sites such as Download.com, or sites that you know to be safe.
Consider carefully the inherent risks attached to peer-to-peer (P2P), or file sharing applications.
Install an Internet Browser add-on that provides protection against questionable or unsafe websites. My personal favorite is Web of Trust, an Internet Explorer/FireFox add-on, that offers substantial protection against questionable or unsafe websites.
Do not click on unsolicited invitations to download software of any kind.
Additional precautions you can take to protect your computer system:
When surfing the web: Stop. Think. Click
Don’t open unknown email attachments
Don’t run programs of unknown origin
Disable hidden filename extensions
Keep all applications (including your operating system) patched
Turn off your computer or disconnect from the network when not in use
Disable Java, JavaScript, and ActiveX if possible
Disable scripting features in email programs
Make regular backups of critical data
Make a boot disk in case your computer is damaged or compromised
Turn off file and printer sharing on the computer.
Install a personal firewall on the computer.
Install anti-virus/anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet
Ensure the anti-virus software scans all email attachments
If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.
Bill Mullins' Weblog - Tech Thoughts 
Pingback: An Infection Has Been Detected! « Tech – for Everyone
Pingback: Total Security 2009 Scareware – Panda Security Takes a Look « Bill … « Security
I am really piss of!!
I want uninstall your program!!!
How can I do that?
Please advise.
Jorge
Jorge,
I’ll leave your comment up, as an example of how people like you can’t READ!
If you had read the article, it would have been impossible for you to leave such a ridiculous comment.
Bill
Sir, their is vires in my computer “torojan”. and i have install the total security 2009, it scane all my computer but now it can’t remove the infected files. and want the security code, that not i have. and i also not have any card to pay the fee. please sir do something for me and send me the security code with out fee. and solove the problem.
i shall be very thankful for this kindness.
Thanks,
yours obediently,
Iftikhar Ahmed.
Mr. Mullins,
Do you get a lot of these?
All I can say is “wow”…
Thanks for the heads up, I have saved this as a document for my clients as I have had a lot of these in recently – helps them understand their ability to Click – but cant seem to find the correct UNCLICK button.
Can you believe those guys above – welcome to my worls LOL.
Thanks for dropping by Ian.
I have great admiration for computer techs who have to deal with people such as those 2 above. I definitely don’t have the patience for it, so I stick to writing. LOL! It’s not often that I snap at a reader, but those who don’t even bother to read the article (as in this case), deserve more than an acknowledgment of a stupid comment. Decorum stops me from saying what I *really* want to say to this type of person. No wonder cyber-crooks find it so easy to screw people like this.
Best,
Bill