My wife, kids, and I spent this past Christmas at my parents’ house. It wasn’t long after we arrived before I gravitated to their computer to check my email, read the news, check the stock market, etc.
Much to my dismay, I found a barrage of malware, spyware, and rogue software had made its way onto their machine. I searched around a bit, and found the perfect solution: Malwarebytes’ Anti-Malware.
By far the most annoying type of software that had been installed on their machine was rogue antivirus software. The worst and most persistent offenders were Spyware Guard 2008 and Antivirus 2009. Both of these programs (and many similar ones) are designed to deceive a computer user into believing they are legitimate, by informing the user that spyware and malware has been detected on the system.
Unwitting users click away at the dialog boxes and pay to register the programs, although in reality the programs themselves are the nuisance. Although my parents appeared to have acquired these programs with relative ease, I had a very hard time finding them to intentionally install them (on a virtual machine) for taking screenshots of them in action.
I was able to find a website that generates a very convincing screen that indicates it has located malware on the computer. The webpage and application even use the Windows Security Center Icon, which enhances its appearance of legitimacy.
In reality, the webpage does not perform any scan on the system although it claims to have done so. Upon completion of the bogus scan, the page displays a dialog box that will install the program no matter what you click (if you download and run the EXE installer). Once installed, Antivirus 2009 constantly displays warnings in attempt to have the victim purchase the full version of the software (fortunately my parents had not done this).
Antivirus 2009 Screenshots
Spyware Guard 2008
Spyware Guard 2008 is very similar to Antivirus 2009, in that it also attempts to have the user pay to register the product. Unfortunately, I was unable to find a website that attempts to lure me into installing the program so that I could provide screenshots. However, I was finally able to find the install exe (SpywareGuard2008.exe) on a filesharing site.
Spyware Guard 2008 Screenshots
Removal of the Rogue Software
Fortunately, Malwarebytes’ Anti-Malware makes it relatively quick and easy to remove this horrendous software. Just download the program and run a full system scan. When the scan is complete, click the Show Results button and then the Remove Selected button.
If there are still active programs once the removal has taken place, Anti-Malware will inform you and request a reboot to complete the removal process. Upon reboot, the system will have been disinfected.
It is important to note that although the free version of Malwarebytes’ Anti-Malware does an excellent job of detection and removal, it will not provide prevention. If you would like to prevent the installation of malware in the first place, you will need to purchase the full verison.
Photo Credit: Chris Dewey