Virus Alert: New Fake Antivirus / Scareware Hybrid

New Fake Anti Virus Image

Home PC Patrol Virus Alert: Scareware / Ransomware Virus Hybrid. Scareware and Ransomware viruses never seem to stop evolving, largely because they are so profitable for the 'businesses' that release them. Be on the look out for this new one we have encountered.

Home PC Patrol has encountered a new version of fake antivirus scareware that incorporates the lock screen element from the previously discussed Fake FBI virus with a traditional fake scanner. Basically what happens is your computer will get a white screen that is non interactive (you can't click, minimize, or escape out of it) that forces you to turn the computer off at the power button.

When the computer starts back up, it immediately starts the 'scan' shown in the attached image. If you try to close or escape the scan, it triggers the white screen again and you have to restart the PC again...

Basically, it forces you to watch the entire scan and then respond to the 'pay us $49 now to activate this product'. You technically can just ignore the scan box without closing it and use that time to back up email contacts, documents, check calendar appointments, etc. as long as you don't try to close the scan. The 'scan' window is movable, so you can, and may have to, move it around a bit if you are trying to work around it.

The best course of action is to immediately shut down the PC and contact a computer repair technician. The virus variants are based off the Rogue.AntiSpy-SP / Rans.Gendarm families and have been known to contain rootkits and backdoor trojans and downloaders.

These viruses generate huge amounts of income for the 'businesses' that create them, so those 'businesses' devote time, developers, and even professional graphic designers to change the code frequently, incorporate aspects of other viruses to make them harder to remove, and to duplicate legitimate logos, scan dialogues, etc as closely as possible; so the version of these viruses that we see today may be dramatically different next month, or even next week.

The one thing they all have in common is they are all "Scareware" something designed to look like a legitimate antivirus product and report bogus infections in hopes of scaring you into buying their product. If you pay them, they turn off the warnings for a few months and your computer 'appears' to be back to normal until they decide to turn on the alerts again and try to extort more money out of you.

Many of the variants require you to download the full version of their product (i.e. virus) after you pay for it and the full version typically installs rootkits, keyloggers and downloaders to locations throughout your computer. Home PC Patrol has serviced PCs that had upwards of 10,000 infected files following the installation of one of these 'full products'.

Whatever you do, never, ever pay these people or download their 'product'. If you suspect your computer is infected with one of these viruses, give us a call and we'll fix you up!