your spyware program took four hours to scan it and fix it but a web page that loads in 30 secs found 25 problems ( in other words there is no way they can scan your puter in 30 secs)???? Doesn't that right there tell you something? I get them (pop-ups telling me I'm infected or at least my puter is ) all the time but since I run Linux I just laugh at them.
Well, right. One of the clues is that it scans a lot faster than AVG. Though I also use Advanced System Care, and it runs much more quickly, but it's more for spyware and registry errors than virus protection. And "Advanced Virus Remover" doesn't come up as a webpage; it looks like something generated from your start-up bar, so it could have been running for some time before "announcing" itself.
That XP internet security thing is admitted into your computer when you "ALLOW" a pop-up. In other words to admitted it (although unknowingly). Last year a similar program ran it's course.
The Program is malware and it leaves a line in your registry asking it to search for it's active program. If it doesn't find it "active" it sends an instruction to replicate itself again. It can be more than just an annoyance. A friend of mine got it and she was nearly in tears, and she is always so careful about where she surfs. I removed the program by installing MalwareBytes and running it (it's a free program) her computer had gotten to the point where she could not run any .exe or .com program and that included her AntiVirus Program.
By the way, if you purchase the "XP Internet Security" your problem will seem to go away for a while and it stops the Pop-ups which foretell ipending doom and stops the Browser Hijacking. Yousaved yourself about 200 - 300 dollars George, bygetting rid of it yourself, and it's a good thing you did this right away or within a short time of acquiring this malware. It can get beyond the Average person's ability to fix within a week.
Of course the whole point to it is to get you to Buy their "program." (get the Registered version - as I recall their verbage)
If you have Anti-spyware/virus/malware and wonder how you got it, re-read my opening statement, you told your programs hey, it's okay we're buddies, let'em in.
A couple of weeks ago, I was websurfing, and I got a pop-up from the start-up taskbar telling me that my computer had been infected.
No, you got a Javascript program on the page when you websurfed,
which was scripted to RESEMBLE the Windows Messenger Popups.
I can't get those for several reasons. One, my Windows Messenger is DISABLED
because even WINDOWS admitted they never used the thing, so they set things
up to make it easier to disable, and before THAT, I found a program to disable
it called "Shoot the Messenger."
Two, I use FireFox, and I have both a Popup Remover on, and the AddOn program
NoScript, which prevents little surprise programs like the one that fooled you
from even RUNNING. The popup was an advertisement.
A "scan result" showed 25 problems, including a couple of Trojans, etc. It gave the appearance of a Microsoft product for Windows XP (which I run), including very Microsoft-ish shield insignias, etc. Various other pop-ups appeared warning me not to run "unprotected." The window with the "scan results" had a radio button with "Remove Infections" (or something like that). Clicking on it gives you the chance to purchase the "full edition," not just the "trial" version. I thought to myself, I already have antivirus and antispyware software; let's try it out.
The entire thing was STILL part of the advertisement.
There was no real "scan", thus no "scan RESULT."
It pretended to run a scan, then announced "results."
The fact that your getting these popups mean you DO need to run
some programs. However, the ones they're advertising are NOT the
ones you need. There's plenty of free programs you should run.
I ran AVG 9.5, taking about two hours, which showed no viruses, even though the threat definitions had been updated earlier that day.
So, then I re-booted. Not only did the "Advanced Virus Remover" nonsense come up again, but now I couldn't open AVG!
Finally I ran Spybot, taking about four hours. (I know, I know, I need better memory!) Anyway, Spybot DID find the rogue software and removed it. (Although, when I brought up Windows again, there was still a pop-up!)
A system restore to two days earlier brought AVG back up and eliminated further pop-ups.
Apparently, there are other, similar scareware programs, so be on the lookout.
I wonder, If one actually contacts the site to purchase the "full" edition, does one actually get something to remove the hoax?
George
Sometimes you do. The "hoax" was installed when you agreed to "let it remove infections."
If you'd ignored it, you would not have had to remove that.
Although your settings SHOULD prevent that from running.
I haven't seen those announcements in quite a few years.
I've dealt with this for two years now at work. We have 25 or so laptops that are in public schools the majority of the time. Malware Malbytes is great. But one of the first things that this goes after IS malware Malbytes and your anti-virus. Our company is using ESET NOD32 and in the past year, we've only been infected about 3 times (and in all of those cases the users were going to sites they shouldn't have been going to)
The latest batch totally disabled two laptops. Had to reformat the drives. It is vicious, but lots of good advice on here.
Recommended Posts
bulwinkl
your spyware program took four hours to scan it and fix it but a web page that loads in 30 secs found 25 problems ( in other words there is no way they can scan your puter in 30 secs)???? Doesn't that right there tell you something? I get them (pop-ups telling me I'm infected or at least my puter is ) all the time but since I run Linux I just laugh at them.
Link to comment
Share on other sites
GeorgeStGeorge
Well, right. One of the clues is that it scans a lot faster than AVG. Though I also use Advanced System Care, and it runs much more quickly, but it's more for spyware and registry errors than virus protection. And "Advanced Virus Remover" doesn't come up as a webpage; it looks like something generated from your start-up bar, so it could have been running for some time before "announcing" itself.
George
Link to comment
Share on other sites
Gen-2
That XP internet security thing is admitted into your computer when you "ALLOW" a pop-up. In other words to admitted it (although unknowingly). Last year a similar program ran it's course.
The Program is malware and it leaves a line in your registry asking it to search for it's active program. If it doesn't find it "active" it sends an instruction to replicate itself again. It can be more than just an annoyance. A friend of mine got it and she was nearly in tears, and she is always so careful about where she surfs. I removed the program by installing MalwareBytes and running it (it's a free program) her computer had gotten to the point where she could not run any .exe or .com program and that included her AntiVirus Program.
By the way, if you purchase the "XP Internet Security" your problem will seem to go away for a while and it stops the Pop-ups which foretell ipending doom and stops the Browser Hijacking. Yousaved yourself about 200 - 300 dollars George, bygetting rid of it yourself, and it's a good thing you did this right away or within a short time of acquiring this malware. It can get beyond the Average person's ability to fix within a week.
Of course the whole point to it is to get you to Buy their "program." (get the Registered version - as I recall their verbage)
If you have Anti-spyware/virus/malware and wonder how you got it, re-read my opening statement, you told your programs hey, it's okay we're buddies, let'em in.
Link to comment
Share on other sites
WordWolf
No, you got a Javascript program on the page when you websurfed,
which was scripted to RESEMBLE the Windows Messenger Popups.
I can't get those for several reasons. One, my Windows Messenger is DISABLED
because even WINDOWS admitted they never used the thing, so they set things
up to make it easier to disable, and before THAT, I found a program to disable
it called "Shoot the Messenger."
Two, I use FireFox, and I have both a Popup Remover on, and the AddOn program
NoScript, which prevents little surprise programs like the one that fooled you
from even RUNNING. The popup was an advertisement.
The entire thing was STILL part of the advertisement.
There was no real "scan", thus no "scan RESULT."
It pretended to run a scan, then announced "results."
The fact that your getting these popups mean you DO need to run
some programs. However, the ones they're advertising are NOT the
ones you need. There's plenty of free programs you should run.
Sometimes you do. The "hoax" was installed when you agreed to "let it remove infections."
If you'd ignored it, you would not have had to remove that.
Although your settings SHOULD prevent that from running.
I haven't seen those announcements in quite a few years.
And even then, it wasn't on MY PC.
Link to comment
Share on other sites
cman
how to remove it
http://www.bleepingcomputer.com/virus-removal/remove-advanced-virus-remover
personally i bought Malewarebytes to have full time protection
$25 for a lifetime license
although the free one works on demand
and is just a thorough as the paid version
Link to comment
Share on other sites
pawtucket
I've dealt with this for two years now at work. We have 25 or so laptops that are in public schools the majority of the time. Malware Malbytes is great. But one of the first things that this goes after IS malware Malbytes and your anti-virus. Our company is using ESET NOD32 and in the past year, we've only been infected about 3 times (and in all of those cases the users were going to sites they shouldn't have been going to)
The latest batch totally disabled two laptops. Had to reformat the drives. It is vicious, but lots of good advice on here.
Link to comment
Share on other sites
cman
Yeah, that's a vicious one, like it's cousins that I've seen posted.
They will disable any ability to run any program at all, making a reformat the only option.
One of them took out my pc and the advice was Malwarebytes full time to stop it before it infects.
So I did.
I ran Avira antivirus, [btw recently updated to version 10] (free version) for a long time which does ok,
but then I switched to Nod32, worth the price I believe.
I have nearly 100gb of stuff and would hate to start over with a reformat,
although I do full backups to my usb drive.
Link to comment
Share on other sites
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.