DO NOT LET CRIMINALS INTO YOUR COMPUTER

by team2000 on Thursday, March 4th, 2010 | No Comments

The following is a trimmed down version of a Q&A from a nationwide computer expert.

Q. My wife’s computer was invaded by Anti Vir, which took over the machine. Anti Vir kept popping up and wanting her to buy it. She couldn’t utilize her computer. We finally found a program on my laptop—STOPzilla. It got rid of Anti Vir, but it took over 12 hours. Can we report Anti Vir so it stops invading computers and almost forcing owners to buy it? I am sure other people have had this problem. If there is a fix, please post it on your site.
—Richard in Jacksonville, FL

A. This gets us into computer basics. This program is known variously as Antivir, Antivir 2010 and Antivir Antivirus. It is a rogue anti-malware program. There are many, many of these things.

Typically, they start with a pop-up while you’re on the Internet. (I, Michael Lancto, have had this popup numerous time, and I’ve clicked the X over and over to CANCEL it and not access it at all.) They offer a free scan. Assuming you bite, they announce you have Trojans and viruses on your computer. Send us money, they say, and we’ll clean your computer.

Of course, none of this is true. Let’s say you actually bought this software. After you ran it, you might want to rerun the original scan. It would “find” the same things.

These programs are technically Ad-ware (or SPY-ware). They get on your computer and demand that you buy. They are known on the street as FRAUDware or SCUMware.

There is an additional aspect to Antivir. It is easily confused with Avira AntiVir, a legitimate product. As a matter of fact, Avira is a legitimate program. I doubt that the name duplication is coincidental.

Your wife probably clicked a pop-up. After all, what can a free scan hurt??? BUT in so doing, she allowed this thing to install on her computer. (Fraudware could also be installed via an e-mail attachment. Or, it could have been a drive-by download. These take advantage of unpatched holes in Windows. But pop-ups are most common.)

STOPzilla is an anti-spyware program. That’s why the pop-ups stopped. Some of the people who develop malware programs are clever. That thing probably burrowed into Windows.

So, what can you do? In a word, security.

There are numerous anti-spyware programs. Every Windows user should run multiple anti-spyware programs. They should also run spyware scans occasionally. I scan weekly with Ad-Aware, running it overnight. The scan takes two or three hours. Most likely, these programs would have blocked Antivir. Certainly, they could have wiped it out in a scan.

Antivirus isn’t effective against spyware. You need anti-spyware programs. Some antivirus programs include anti-spyware tools. AVG does, for example.

Now, there are other things you can do. You need a firewall on your computer. The Windows firewall is inadequate. They’re free. Here is a popular one: http://www.zonealarm.com/security/en-us/anti-virus-spyware-free-download.htm

A capable firewall makes your computer invisible to hackers on the Web. They are constantly probing with automatic programs. Also, if something infects your computer, it can’t report back to the mothership.

Also, you must keep Windows updated. Security issues are discovered regularly. Updates will protect you from drive-by downloads. Those are found on Web sites that you are tricked into visiting. The sites determine the holes in your security, and download malware.

And while I’m on my soapbox, here are a couple other things. Use Firefox to browse, not Internet Explorer. Too many vulnerabilities are found in IE.

And be sure the pop-up blocker is working in Firefox. Click Tools>>Options. Select the Content tab. Be sure “Block pop-up windows” is checked. Hopefully, that will keep you from ever seeing a come-on.

Michael Lancto, NVP