Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Oh my... What happens after you've PURCHASED the fake AV software???


  • Please log in to reply
5 replies to this topic

#1 schildkraut1

schildkraut1

  • Members
  • 82 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Brooklyn, NY
  • Local time:12:53 AM

Posted 08 November 2011 - 06:42 AM

I've been here before about this computer: Win7 with Microsoft Security Essentials, Malware AM, CCleaner, and all the good stuff that I've learned from the great folks here.

Well, somehow this malware that screams that he's got 67 viruses and must fix it right this second has landed, again, on my brother's computer. And for some kooky reason, he went ahead and purchased the "full version" that came complete with a barely intelligible email from the "antivirus company."

MSE found 5 viruses, and MAM found 1 infection. There is an exe called full_privacy.exe that he's downloaded, but he did not go all the way and install it. Neither MSE or MAM picks this up. I'm using LogMeIn to check in on this computer, and its not doing anything strange: it is allowing updates to his AV software, and no popups are coming.

Are no popups coming because he did what they wanted, which was whip out his credit card and buy their item? What happens now? I have plenty experience with the Screaming Windows of Fake AV Software, but none with an actual purchase of it.

Thanks. The fake AV is called Privacy Protection 1.01.

BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,046 posts
  • ONLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:11:53 PM

Posted 08 November 2011 - 11:31 PM

First things first. Your brother needs to call the credit card company NOW and tell them his account has been compromised and the account needs to be closed.
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Internet Security, NoScript Firefox ext.


animinionsmalltext.gif

#3 schildkraut1

schildkraut1
  • Topic Starter

  • Members
  • 82 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Brooklyn, NY
  • Local time:12:53 AM

Posted 08 November 2011 - 11:51 PM

Eh, it is a prepaid card. :)

#4 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:04:53 AM

Posted 10 November 2011 - 08:01 AM

Hi schildkraut1,

Would you like us to check if the PC is still infected and, if it is, attempt removal? Or are you just asking advice about the credit card bit?

Some rogues will stop with their symptoms once they've received payment (since they don't want you running another AV which may remove the rogue itself). The PC is never normally infected except for the rogue itself, though sometimes these rogues will install other malware or were themselves installed by other malware - so it might be worth just checking it over.

Let me know what you'd like to do :)

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#5 schildkraut1

schildkraut1
  • Topic Starter

  • Members
  • 82 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Brooklyn, NY
  • Local time:12:53 AM

Posted 10 November 2011 - 12:44 PM

Hi, thanks for your response. You know what, I was able to remove the software and some issues that came with it. The comp is running fine. :)

#6 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:04:53 AM

Posted 11 November 2011 - 11:18 AM

OK, great. Thanks for letting us know :thumbup2:

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users