Blogging Fool

Be Wary of the The AVGFree71 Virus and other Virus Scanning Impostors -  and a Path to Solving It, Or Avoiding It Altogether

Last week several close friends saw a pop-up from their anti-virus software alerting them that their computers were rife with Trojans of all sorts. They were shown the list of threats and then asked to register / upgrade the software with a license key to remove the threats from their computers.

The software appeared to be the very reliable, fully functional and free AVG Anti-Virus software.  But it wasn’t.

fake virus screen

Beware a fake virus scanner luring you in. Photo is the property of "What's On My PC?" Please click to visit their site, or see link at the bottom of this article

In fact it was a self-persistent and very well developed trojan that wreaks havoc on computers, downloads additional data and software and buries itself so deep that it took me two days just to figure out what it was.

An exhausting process of trial and error and elimination of possibilities eventually pointed me to a rootkit stealth file called AVGFree71 – a file that seemed like a hangover from an old AVG Free installation, but in fact a wickedly tenacious piece of code that nor McCafee, Perfect Uninstaller or MalwareBytes could get to.

The only solution was to finally install powerful Malware removal software call Prevx 3.0 – but only by selecting the option to generate a random name for the installation executable file – it seems that this Trojan was pre-pared for almost any anti-virus software out there and capable of blocking them from installing or running.  For example – McCafee wouldn’t install because it required that I first uninstall “AVG Free 7.1″.  Of course, searching for this installation proved fruitless and there literally no solutions offered on any user forum I found – only some poor confused victims asking for help.

Prevx did successfully identify the infection and even removed it, but the nasty bugger pulled out some vital organs with it and I eventually ended up reinstalling my whole OS and applications to be sure.

So I wanted to share my experience – not because it is the best or the only way, but it WILL get you there and I don’t want to see any more poor folk surrendering their credit card numbers in a vain and desperate attempt to “clean” their computers.

But if you DO get a pop up that warns you, mysteriously, of virus infections, and its coming from software that you don’t remember having installed on your system, hit Alt-F4 to immediately exit out of the program, do not hit the “X” to close out of the window (and for the love of all that is holy, do not enter you credit card number in a panic) and you should circumvent the possibility of infection via this deeply underhanded method altogether.

As I was writing this article I happened to stumble across the first other article – “Protect yourself against FAKE Anti-Virus and FAKE Anti-Spyware Software…” – about the same topic that even remotely (and in fact quite extensively) covers this topic.  I recommend you go there and check it out before doing anything else.

Please note that either I or this site are in any way affiliated with Prevx software and the above endorsement is strictly an opinion and in no way constitutes formal technical support advice or does purchasing their software solution in any way send us a kickback.


Post to Twitter Tweet This Post Post to Plurk Plurk This Post

  • Share/Bookmark

don't go the way of the dodoToday I was watching a mini documentary from an old Matrix HD-DVD (remember those) on my Xbox 360 about the science behind the fiction and they spoke about the importance of Darwin’s idea about survival of the fittest and the relevance of the feedback loop in an economy. In fact, it could be argued that the feedback loop is a cornerstone for the very existence of an economy in that there must exist a dialogue between the producer and the consumer; if the producer sets the price of a product at ten dollars and the consumer says it is too high, the producer must either produce less or lower the price.

It can be argued, the speakers in the doc say, that this is why Communism failed – they would produce a product and sell it ten dollars regardless of what the market wanted to pay and even if that market failed to buy, they would continue to produce the product and sell at the same price.

It got me thinking about the feedback cycle more and how it really does form an essential loop – the product or content is created but unless we know how it is being received, and unless we are responding to the demands and rigors of that audience, how can that content possibly survive and more than a blind bird or a fish with no gills? There are ways of course (a bat develops sonar and a dolphin, a blowhole) but unless it is appropriate to the environment we are targeting it is really a matter of hit and miss and this is not the way to assure growth and longevity.

Later in the evening I came across an excellent and comprehensive guide to integrating some nice hacks to your custom WordPress installation that will engender reader interaction and participation with your blog.

I strongly encourage you to take a look at:

9 WordPress Hacks to Encourage User Interactivity

Post to Twitter Tweet This Post Post to Plurk Plurk This Post

  • Share/Bookmark

To everyone using a WordPress custom installation I strongly recommend upgrading to the latest patch version 2.8.4 which not only includes the previous point patches but prevents a malicious hack of the admin backend. Per the official statement from Automattic:

“[A] specially crafted URL could be requested that would allow an attacker to bypass a security check to verify a user requested a password reset. As a result, the first account without a key in the database (usually the admin account) would have its password reset and a new password would be emailed to the account owner.”

It is easy to install the update – simply click the upgrade button from your admin backend and confirm that you want to apply the patch. Be sure to backup your database using a plugin like Lester Chan’s excellent WP DB Manager in advance, to be sure.

Read more about the latest WordPress security fix 2.8.4 at the official Automattic site.

Post to Twitter Tweet This Post Post to Plurk Plurk This Post

  • Share/Bookmark

22 Aug, 2009

It’s Not Facebook, But Its Apps That Are Dangerous

Posted by: Blogging Fool In: Developer News

Facebook is feeling the heat after Commissioner Jennifer Stoddart of the Canadian federal privacy commission laid down the law, citing that Facebook contravenes its citizens privacy laws by keeping users personal information indefinitely and for “sharing users’ files with nearly one million third-party software developers around the world.”

Facebook has until Monday August 24th, 2009 to respond to the claims and offer a solution.

Facebook must take this seriously, given that Toronto, Canada, a city of over 5 million people has the highest usage per capita of the platform in the world.

Today WebProNews reporter Chris Crum reported:

“Facebook security firm Trend Micro has been researching malicious practices on Facebook, and has discovered numerous rogue apps on the social networking site this week. They’ve been alerting Facebook of them as they find them, but apparently more keep popping up as fast as they are eliminated.”



Post to Twitter Tweet This Post Post to Plurk Plurk This Post

  • Share/Bookmark

Enter your email address:

Delivered by FeedBurner


Blog Directory

blog search directory

About

Blogging Fool has been running internet communities since the days of Lynx, Veronica and gopher but only really understood the heart and soul of blogging as late as 2008. He has been invited to speak about emerging media strategies at conferences across North America.

Sign up for my private newsletter!

Name:
E-mail address:
Blogging Fool
Subscribe

Most Active Commenters

Twitter links powered by Tweet This v1.6.1, a WordPress plugin for Twitter.