Blogging Fool

Be Wary of the The AVGFree71 Virus and other Virus Scanning Impostors -  and a Path to Solving It, Or Avoiding It Altogether

Last week several close friends saw a pop-up from their anti-virus software alerting them that their computers were rife with Trojans of all sorts. They were shown the list of threats and then asked to register / upgrade the software with a license key to remove the threats from their computers.

The software appeared to be the very reliable, fully functional and free AVG Anti-Virus software.  But it wasn’t.

Beware a fake virus scanner luring you in. Photo is the property of "What's On My PC?" Please click to visit their site, or see link at the bottom of this article

In fact it was a self-persistent and very well developed trojan that wreaks havoc on computers, downloads additional data and software and buries itself so deep that it took me two days just to figure out what it was.

An exhausting process of trial and error and elimination of possibilities eventually pointed me to a rootkit stealth file called AVGFree71 – a file that seemed like a hangover from an old AVG Free installation, but in fact a wickedly tenacious piece of code that nor McCafee, Perfect Uninstaller or MalwareBytes could get to.

The only solution was to finally install powerful Malware removal software call Prevx 3.0 – but only by selecting the option to generate a random name for the installation executable file – it seems that this Trojan was pre-pared for almost any anti-virus software out there and capable of blocking them from installing or running.  For example – McCafee wouldn’t install because it required that I first uninstall “AVG Free 7.1″.  Of course, searching for this installation proved fruitless and there literally no solutions offered on any user forum I found – only some poor confused victims asking for help.

Prevx did successfully identify the infection and even removed it, but the nasty bugger pulled out some vital organs with it and I eventually ended up reinstalling my whole OS and applications to be sure.

So I wanted to share my experience – not because it is the best or the only way, but it WILL get you there and I don’t want to see any more poor folk surrendering their credit card numbers in a vain and desperate attempt to “clean” their computers.

But if you DO get a pop up that warns you, mysteriously, of virus infections, and its coming from software that you don’t remember having installed on your system, hit Alt-F4 to immediately exit out of the program, do not hit the “X” to close out of the window (and for the love of all that is holy, do not enter you credit card number in a panic) and you should circumvent the possibility of infection via this deeply underhanded method altogether.

As I was writing this article I happened to stumble across the first other article – “Protect yourself against FAKE Anti-Virus and FAKE Anti-Spyware Software…” – about the same topic that even remotely (and in fact quite extensively) covers this topic.  I recommend you go there and check it out before doing anything else.

Please note that either I or this site are in any way affiliated with Prevx software and the above endorsement is strictly an opinion and in no way constitutes formal technical support advice or does purchasing their software solution in any way send us a kickback.

Tweet This Post Plurk This Post