02.19.10
“Fake Antivirus which is actual[ly] a malware infection!”
Summary: Windows users like their antivirus software, but there are accompanying risks
I received the following E-mail an hour ago:
Please be aware of the latest security outbreak on campus.
Fake Antivirus which is actual a malware infection!
To all Hornet users there has been a sudden increase across the campus of virus infections by rouge antivirus software application called Antivirus Soft and Paladin Antivirus which display warning pop messages warning your machine has been infection.
Antivirus soft is a rogue anti-spyware and ransomware program from the same family as Antivirus Live. These infections are installed on to your computer through the use of malware that installs the program onto your computer without your permission or knowledge.
Antivirus Soft
Antivirus Soft will be configured to start automatically when Windows starts. Once running it will scan your computer and display numerous infections, but will state it will not remove them until you purchase the program. In reality, the infected files it detects are all fake and do not actually exist on your computer.
This program also uses aggressive techniques to protect itself from being removed by anti-malware programs. When the Antivirus Soft process is running it will close almost any running program while falsely stating that they are infected. Antivirus Soft will also change the Proxy settings in Internet Explorer so that you cannot browse to any web site other than the site for Antivirus Soft so that you can purchase the program. It does this so that you cannot browse the web to find removal guides or download software that will help you remove the infection. Using these two methods, the program essentially ransoms the normal use of your computer until you purchase the program or use this guide to remove the infection.
Paladin Antivirus
Paladin Antivirus is a rogue anti-spyware program from the same family as Malware Defense. This rogue is installed and promoted through the use of Trojans that will install it on to your computer without your permission.
Once installed, it will scan through the list of programs installed on your computer, and if it finds certain legitimate anti-malware programs, will prompt you to uninstall them. Some of the programs that it will attempt to remove are:
F-Secure
Malwarebytes’ Anti-Malware
NOD32
Agnitum Outpost Security Suite
Avira AntiVir
avast!
AntiVir
AVG8
Norton Internet SecurityWhen installed, Paladin Antivirus will be configured to start automatically when your computer loads. Once started, it will scan your computer and detect numerous infections. These infections, though, are all fake or legitimate programs that should not be deleted.
Therefore, please do not act upon any of the scan results that this program may show and follow the guide for removing the software as per the Hornet official website.
Please remember antivirus software is available to download from the Hornet site please only use these approved and tested software
A month ago there was a "Virus Outbreak". No wonder network administrators dislike Windows. I worked in this area for 6 years. An online friend who is still working in that field has just published “Does Open Source really hate windows?”
Excerpt:
While on the face of that previous statement it seems that microsoft is no different than any other business it is they way they operate which Open Source people find detestable. I always say that people are defined by their actions and not by what they say. The actions shown by microsoft are that they are ruthless, without business and personal ethics and treat their customers with less trust and respect than you would treat the homeless person on the street corner.
Truth be told, there is no hatred (there are some borderline lies and fabrications being spread about me today). There is yearning for the days when computers just worked. █
