Antivirus 2009 – A Nightmare
I was once one of those people who thought that backing up the computer was unnecessary. After all, I had programs that protected against viruses and spyware so why worry. However, little did I know I would loose everything, and that if I had backed up necessary files, then I would have been able to replace pictures and other data that was lost.
As I turned on the computer, Saturday evening, August 16, I had no knowledge as to what “hell” I would have to endure. When the desk top came up, I noticed a flashing red square, in the task bar indicating an update for the AVG virus program. One thing that I always kept in mind was that if updates are not installed, then the computer may not be fully protected against viruses, spyware or malware programs.
I started to download the updates, and then shortly received an error message. Apparently, the updates would not download because of a missing bin file. Shortly afterwards, another box appeared, I presumed from AVG, which contained the missing file. I was advised to download the missing bin file and then the updates; this downloading resulted in the loss of the AVG program. The next move was to delete and then reinstall AVG, I went to the add/remove section of the Control Panel and deleted the program. After deleting, I then tried to reinstall AVG but was unable to. An error message stated that AVG could not be installed because the AVG tool bar could not locate AVG. (very strange message) Next, I tried to delete the program again, resulting in a message stating that AVG could not be installed because of an error. For some reason I could not fully delete nor install AVG.
Within seconds, a red shield with a white x appeared in the task bar. This shield is exactly the same icon used by Microsoft Security Center, when there is a problem with security. The shield warned that the computer was at risk, and that there was also a security problem. Next, a box appeared stating that the computer may be infected with viruses, and asked if I wanted the computer scanned. (Yes or No boxes) I checked no. Apparently, the checked no was ignored, Antispyware 2009 came up, and started to scan. To stop the scanning I had to quickly reboot the computer.
After rebooting, I went to the Security Center, located in the Control Panel, to check if the firewall was still up. I found that the firewall was up, but as far as an antivirus program, AVG was listed as outdated, although the version installed was 2008. I went to Microsoft live and went to help. I entered an online chat with Nesty, who advised me to fully run a scan on the computer; we shortly lost the internet connection thereafter. Since the scan would probably take at least 5 hours and the hour was late, I decided to start the scan and then go to bed.
I checked on the computer Sunday morning and found that the scan had produced 10 items and 10 problems and had removed all except three of them. I once more tried to install AVG, but it failed. I then tried to install other antivirus programs; however they would not download since I already had an antivirus program installed. So again I went to Microsoft for help. I spent at least 2 hours with the Microsoft agent and nothing seemed to help. The agent took my name and stated a technician would call me Monday morning.
On Monday, August 18, the technician called. She asked for permission to connect to the computer so that she could get an idea of what was happening, however the connection was barred by AVG. She asked me to try different scanning programs, such as Microsoft One Care, or Micro Trend House Call, to get rid of the bug. She would have another technician call me Tuesday, and that there was nothing more that she could do. Later that day, I noticed several more changes in the computer. First of all, the computer was very sluggish and took longer to function. Microsoft Word was also affected. I was allowed to type four to five letters and then the screen would freeze. In order to keep typing, I had to click on the Word screen after every four or five letters. Another problem with Word was that some of the typed letters would disappear after being typed on the screen. I was unable to play games off-line; the games would either freeze, pause constantly or shutdown. Lastly, my home page kept changing from Yahoo to Goggle no matter what I did. If I went on-line to a secure site such as Microsoft.com, the box with the “Your computer may be at risk” kept popping up, insisting that I scan the computer for viruses.
Tuesday came and still no one could get the computer freed of this malware program that had fraudulently used AVG update, and copied the Microsoft shield. The technician asked first if I had a back up copy of my files, the answer was no. Then the technician had me try to restore the computer by going back to August 13, however that action was also blocked. Again, the technician did all that he could do, and decided that the final step would be to have a more advanced technician call me Wednesday. I was told that “at this time, my only alternative would be to reformat the hard drive” unless the technician that I talked to, had more knowledge of this type of problem.
The very first thing that the technician tried to do on Wednesday morning was to take control of my computer, but he to was blocked. Secondly, he then had me try to restore the computer, but this action was also blocked. The next step was to enter the registry to check on what programs were there. After opening the registry, I found several files that belonged to AVG. I was then told to take no action but to close the registry and to open my documents, where I found other AVG files. These files were what kept me from downloading any other antivirus software, by indicating that I had an antivirus program. Secondly, these files were misplaced, and not removed when I deleted the AVG antivirus program. I was then told that the last alternative was to reformat the hard drive, and to understand since there wasn’t a back up copy, I would loose everything
.As we talked on the phone, a different box popped up stating that the computer could be scanned free by Antispyware 2009 and that they were partners with Microsoft and also recommended by Microsoft. I then reported this to the technician, who then warned me not to let the malware scan the computer. Even though, I did not choose yes or no, the program began to scan on its own, and again I had to reboot the computer. The technician stated that he would talk me through the reformatting because of the malware problems.
While reformatting, I asked several questions about the Antispyware 2009 malware program and found that the program was a few years old. It first started out with pop ups that enticed the user to download a free scanning program. Later, the malware program began to imitate updates for other antivirus programs and sought new ways of gaining access to computers.
The purpose of the Antispyware program is to gain access to computers and take control. This program will make changes to your computer indicating that there are Trojans, viruses and antispyware present. Next, the malware will offer free scanning of the computer, and often will fraudulently state that they are partners with Microsoft, and also recommended by Microsoft. If the scanning is allowed, then the scanner will find quite a few viruses and spyware programs. Next, the user of the computer will be told that the only way to remove these programs is to purchase the Antispyware or Antivirus 2009 program, which cost approximately $50-$80. These programs only removed what the malware installed on the computer and are then completely useless.
After getting control of the computer, and getting back online, my first action was to download all recent updates to Windows XP. Secondly, I downloaded the free 90 day trial of Microsoft OneCare, and then updated to Explorer 7.
I decided to explore and looked for information concerning the Antispyware 2009. The first site of interest that I found was from Metacafe which displays a video that explains how some of the malware programs take over computers. I found the information quite interesting and beneficial. Next I went to the Wikipedia site. This site gave more detail about the rogue software, better known as malware or malicious software. This software forces users to pay for the removal of the nonexistent spyware so that they can gain control of their computer. The malware is a Trojan that infests the computer. At times, if the Ok button is clicked on the box, the user is taken to a pornographic site, and if the x in the upper right corner is clicked, the malware is downloaded and activated. Wikipedia also explained that this malware does not actually remove spyware, but can add more if purchased. Wikipedia goes even further and provides a partial list of various malware programs to avoid. Another site worth interest is Sunbelt Malware Research Labs. Malware Labs points out that these malware programs can collect private information located on the computer, plus make the computer very unstable for use. The last site that I visited was Antispyware 101. This site warns that a malware program is using e-mails to gain access to computers. They sent out e-mails entitled CNN.Daily Top Ten stories. Many of the users who received the e-mails thought that the e-mail was from CNN news listing the top ten stories of the day, so they opened it. Instead of getting informative news, they received malware instead. This malware used the Trojan Downloader. Agent. El. This Trojan will fake spyware programs, increase pop ups, give fake warnings, modifies Windows Registry, take over the desk top, crash the operating system and bringing up the blue screen of death. The site goes further and explains how to protect your computer, what a Trojan is, and what can be done if you have the problem.
One thing that I did learn from all of this is that making backup copies of your computer system is very vital and can help to retain needed information and files, especially if you have to reformat your drive. Once reformatted, use your backup copy to bring the computer up to date. Don’t take the chance thinking that the antivirus programs will protect your computer. They just may not.