Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Antivirus 360


  • Please log in to reply
1 reply to this topic

#1 arthew

arthew

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:04:55 PM

Posted 17 March 2009 - 08:53 AM

On Saturday a woman in my office was complaining about pop ups on her computer that wouldn’t go away. I found that Antivirus 360 had loaded on her computer. I spent three hours downloading programs, copying them to her computer, watching them scan, deleting files, deleting registry entries, and doing all the other necessary things.

Finally Antivirus 360 was gone. I found that the probable cause was from a “cute” video that another woman in the office had sent her the previous day in an e-mail. Our machines are not networked, they are all standalone. Later the other woman came into the office, turned on her computer, and yes, she also had the Antivirus 360 pop ups. She glared at the computer, said in a nasty tone of voice “I don’t have time for this crap,” rebooted. The Antivirus 360 pop ups never reappeared. Her acts of hostility lasted less than three minutes.

She cured the problem in 3 minutes with comparative ease while I tied up 3 hours of my time. What happened?

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,393 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:55 PM

Posted 17 March 2009 - 10:08 AM

While the popups may be gone, your co-worker still may have malicious files on her system. This type of malware will vary in the seriousness of infection and symptoms exhibited. Depending on how long the malware is on a computer, the longer it has the opportunity to download additional malicious file to do more damage. Your approach, although time-consuming, was the way to proceed to ensure the computer was clean. A simple reboot is not a solution and she should be doing scans with anti-virus and other security tools to ensure the same thing.

This particular malware is a Rogue security program often seen with a Vundo infection. Vundo is a Trojan that infects a system with malicious Browser Helper Objects and .dll (Dynamic Link Library) modules attached to system files like Winlogon and Explorer.exe. The infection is responsible for launching unwanted pop ups, advertising for rogue antispyware programs, and downloading more malicious files which hampers system performance. Newer variants of Vundo typically use bogus warning messages and alerts to indicate that your computer is infected with spyware or has critical errors as a scare tactic to goad you into downloading a malicious security application to fix it. The messages can mimic system messages so they appear as if they are generated by the Windows Operating System. The problem with these types of infections is that they can download other malicious files so the extent of the infection can vary to include backdoor Trojans and rootkit component which make it more difficult to remove.

Vundo spreads via Internet Relay Chat, by visiting underground web pages, adult, gaming or pirated software sites, and by using peer-to-peer (P2P) file sharing programs which are a security risk that can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites. Users visiting such sites may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. The infection also spreads through emails containing links to websites that exploit your web browser’s security holes and by exploiting a vulnerability in older versions of Sun Java. When you click on a Vundo laced email link, Internet Explorer launches a site that stealthy installs the Trojan so that it can run every time you startup Windows and download more malicious files. For more detail on how these types of rogue programs install themselves, read Anatomy of a malware scam.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users