Win 7 Anti-virus 2012.....????

Discussion in 'ESET NOD32 Antivirus' started by Blueswede, Dec 12, 2011.

Thread Status:
Not open for further replies.
  1. Blueswede

    Blueswede Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    3
    I recently started getting a message telling me that I had to upgrade to a new version of Windows 7 Anti-virus. It came up everytime I tried to open any program. After using my Droid to go online, I was informed that this is some sort of a trojan that simply wants me to pay the $$ for this supposed new anti-virus. I was given a fake registration number that allowed me to fool them into thinking that I had bought their program. Anyone else encounter this? And now, for some reason, every time I try to open an .exe file, I get a screen asking me what program I want to use to open it with. The answer is I DON'T KNOW! This has never happened before......and I dont' know how to rectify it. Any suggestions? I'm also curious how this anti-virus program got through NOD 32........
     
  2. MongrelCat

    MongrelCat Registered Member

    Joined:
    Aug 17, 2010
    Posts:
    24
    Location:
    South Carolina
    Reboot Windows 7 in the safe mode (with networking) using the F8 key. Install and run the latest free Malwarebytes while in the safe mode. Reboot after the malware is cleaned. A quick scan should suffice.

    This is one of many fake Antivirus programs that takes your computer hostage. They change so often AV vendors have a hard time keeping up with them, so it is said. However, if Malwarebytes can consistently keep up, I don't see why others can't. If there was a "full" security product out there (anti-virus, antimalware, etc.) that would consistenly catch this class of malware, I would buy it - But there isn't.
     
  3. pederoco

    pederoco Registered Member

    Joined:
    Dec 9, 2011
    Posts:
    9
    Location:
    Badhoevedorp, The Netherlands
  4. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    The same way like they go through other antivirus programs. Yesterday I've noticed a lot of ESET's detection of a rogue AV and after checking them at Virus Total ESET was the only one to detect them (of course, these were only on-demand scanner detections and security programs might have blocked them using other means).
     
  5. MongrelCat

    MongrelCat Registered Member

    Joined:
    Aug 17, 2010
    Posts:
    24
    Location:
    South Carolina
    There are two ways this happens.

    First by "drive by exploit", requiring no user intervention. The malware exploits a vunerability in your browser/operating system to gain access and install its goods. Make sure your opreating system and browser are fully up to date (latest revision possible of the browser!!), and use recomended security settings. This will prevent nearly all "drive-bys".

    The second way infection occurs is that the user clicks something on a window/pop up to enable installation of the malware. This often includes the "X" button on a malicious window. Use Alt+F4 or other means to close a suspicious window.

    Lastly, I bet there are some HIPS experts on the forum that could help us get Version 5 set up so as to never be bothered by this class of malware again!!
     
  6. rocket777

    rocket777 Registered Member

    Joined:
    May 20, 2011
    Posts:
    3
Thread Status:
Not open for further replies.