I'm working in a small PC store and I'm seeing people coming in with many different variants of this security tool and other fake AV software almost every day now. I started seeing a number of these about a year ago, they were fairly simple to remove - just a exe and some registry entries. A few people have put their credit card and other details into these programs and a least one person I spoke to had money stolen out of his account. A lot of these people were running no AV software or AVG Free. I have never seen any version of AVG be able to remove these threats -Not sure why?? I find that most people are not coming in because they want to remove Security Tool, its because Security Tool or what ever the variant calls itself tells them they are infected. They can't tell a Windows warning message from a fake (or those fake pop-ups you see on the web).In the last two months these scam/ransom-ware products have become much more complicated and difficult to remove, often making the system completely unusable. A common way these take over your Windows OS at the moment is my making the EXE file type associated with the malware. So when a user runs myimportantsoftware.exe or myantivirus.exe it runs the malware program instead and the malware says "You may not run". HERE'S A TIP: If running Vista or 7 right click the exe you want to run and click "Run as administrator", this gets around this problem. Its a good way to get MalwareBytes or some other antispyware onto the system if you don't have access to a live boot CD or other computer.
If you're going to put that much effort into it it might be better just to do image based backups to an external drive.Every sunday I backup my stuff and 'my documents' syncs in realtime to dropbox. I don't even bother with AV since if I get hit with something (hasn't happened in years) and if some program messes up my stuff I can hit restore and by the time I've had a nice lunch, my data is pristine again.
Some users are so stupid with the internet that I wish I could just install Faronics Deep Freeze (or any other "freeze" program) and be done with them.
youmustagreeMar 7, 2010Buried
I'm working in a small PC store and I'm seeing people coming in with many different variants of this security tool and other fake AV software almost every day now. I started seeing a number of these about a year ago, they were fairly simple to remove - just a exe and some registry entries. A few people have put their credit card and other details into these programs and a least one person I spoke to had money stolen out of his account. A lot of these people were running no AV software or AVG Free. I have never seen any version of AVG be able to remove these threats -Not sure why?? I find that most people are not coming in because they want to remove Security Tool, its because Security Tool or what ever the variant calls itself tells them they are infected. They can't tell a Windows warning message from a fake (or those fake pop-ups you see on the web).In the last two months these scam/ransom-ware products have become much more complicated and difficult to remove, often making the system completely unusable. A common way these take over your Windows OS at the moment is my making the EXE file type associated with the malware. So when a user runs myimportantsoftware.exe or myantivirus.exe it runs the malware program instead and the malware says "You may not run". HERE'S A TIP: If running Vista or 7 right click the exe you want to run and click "Run as administrator", this gets around this problem. Its a good way to get MalwareBytes or some other antispyware onto the system if you don't have access to a live boot CD or other computer.
captininsanityMar 8, 2010Buried
CONGRATULATIONS! YOU HAVE BEEN SELECTED TO RECEIVE A FREE IPOD! *mutes speakers*the creator of that ad needs to be banned from the internet...
mrteflonMar 7, 2010Buried
Send me $25.00 my Dear Friends and I will personally ask them to stop.
80hdMar 7, 2010Buried
If you're going to put that much effort into it it might be better just to do image based backups to an external drive.Every sunday I backup my stuff and 'my documents' syncs in realtime to dropbox. I don't even bother with AV since if I get hit with something (hasn't happened in years) and if some program messes up my stuff I can hit restore and by the time I've had a nice lunch, my data is pristine again.
witchdoktorMar 7, 2010Buried
Well played... I had to think about how this was relevant for a second.
TheDordMar 8, 2010Buried
Make sure Java and Flash are updated. A few months ago there was a big vulnerability through flash.
anonnowMar 7, 2010Buried
Some users are so stupid with the internet that I wish I could just install Faronics Deep Freeze (or any other "freeze" program) and be done with them.