I just spent the last several hours cleaning someone's computer of these nasty little intrusions. (User will remain anonymous due to being gullible. lol)
The first thing to blow my mind was the fact this computer appeared to be running 3 antivirus programs. <<<Insert Disaster Movie flashback here>>> McAfee plus these 2 fakes. I envisioned an OS re-install but it didn't come to that.
First off, I'll point you to the Google results for both of these. Most sites say the same thing about them, so just pick one and read the overview...
http://www.google.ca/search?hl=en&q=...G=Search&meta=
http://www.google.ca/search?hl=en&q=...e+Search&meta=
I should point out that the official version of MS Antivirus (by MicroSoft) has been discontinued for some time now. This new one is a fake but looks like an official MicroSoft (XP?) product.
Most of these Google Results deal with the removal of these nasties, so if you recognize these trojans on your computer, you'd best take those steps to deal with it.
One endearing feature of these programs is they detect hundreds of (fake) infections. Trojans, backdoors, viruses, you name it. Certainly enough to scare the casual computer user. But wait! There's a "fix" button! Press it and you're asked to pay $49.99 to get the "full" version so you can remove all these (fake) infections.
The owner of this computer has not only given these bandits $49.99, but also all his credit card info. He hadn't paid for the latest McAffee and thought that was who he was paying. When I left his house, he was about to call and have the card cancelled and the charge reversed. Keep in mind this person I removed these for isn't the most computer-savvy person, but certainly knows enough not to install strange stuff from websites onto his computer. Somehow, it managed to slip in. (Apparently embedded into a video codec that he doesn't remember installing)
These fake virus alerts may not happen right away either. The MS Antivirus 2008 I came across had not activated yet. It was still showing 0 detections. Only the Antivirus 2009 was showing alerts at this point. Given enough time the MS Antivirus 2008 would've come to life to do the same thing.
The owner said he called the store where he bought the machine to see if he could get it fixed. They said they couldn't look at it right now as they already had over 50 machines in line for the bench with the same problem. I'm guessing a lot of the less computer-savvy users are falling for this scam.
Quite a few of the blogs listed in the above Google searches have hundreds of comments from people infected with these and have paid out money.
Hopefully my posting about this will save someone the 3 hour aggrivationFest I just went through.
Threaded Mode
