PS - as this blog seems to get alot of hits please be reminded you can email to a friend from the little envelope at bottom of each post
What is A360 (or AV360)
Quote fron this link"AV 360, also known as A360 or AV360, the the acronym of the deadly fake antivirus, who full name is Antivirus 360. It is one of the most inflential rogue antivirus affecting thousands of computers wordlwide
If you are reading this page, most probably you want to remove Antivirus 360 from your computer. It is one of the latest rogue Antispyware to hit WWW.
Antivirus 360 generally come bundled with some trojan, which you might acquire if not protected adequately while surfing the web. As soon as Antivirus 360 enters your system, it modifies your system registry values to automatically start itself.
Once loaded, Antivirus 360 starts giving you false alarm messages that your system is infected with many spyware and malware and you need to remove them. It also claims to be able to remove all spyware and virus if you buy its licensed version.
But this is not true. Antivirus 360 will not clean your system because it is a fake or rogue antivirus. Keep away from it."
What it does in real life is a popup will appear and say it scanned your computer and found hundreds of spyware and you can download the cleaning program for free. DO NOT. For those that succumb it will do all kinds of nasty things. I have AVG security suite, and it asked permission to access internet - which I denied (and nice aspect of AVG).
I tried a detailed computer scan with AVG but to no avail. It is a good antivirus and firewall but seems failed on this account to find the malware. It did eventually find one version of the Vundo Trojan.
I searched the net and only free program I found that could remove it was Malwarebytes found at this link. Actually this program is so good I have added it to my suite of programs I use as discused in my blog page "Freeware Programs I Use". A reader suggested spybot will also remove A360, but I have no experience with this program.
If this horrible A360 has taken control of your computer, and disallows running Malwarebytes, boot in safe mode, then run the program. Run a full scan and this may take a few hours to complete. When finished boot again normally. You may also then have to check msconfig file for any trash left over that tries to start on the reboot, like missing file error. You then can deactivate this in msconfig, or from Revounistaller.
If by any mistake you actually installed this horrible program suggest you run a good uninstall program (Revo uninstaller - I love it) either before or after you run malwarebytes.
Another option to try is System Restore but I noticed the trojan also attacked this function so not sure it would be successful.
Below is list of all infected files removed by Malewarebytes. This is a very nasty trojan and a great free program to remove it.
If you found a different program to clean this Malware A360 please leave a comment with the information and if it is freeware, shareware or commercial. For the Good of All. Thanks
Where did this malware, or virus, come from and why not picked up by AVG?
I checked my system restore and only download I had was update MS Office Enterprise done automatically? Then I checked the event log and see lots of MSinstaller activity on 29.1.08 at 8:10 am then immediately after the MSinstaller completed 2 warnings are recorded saying "A provider, OffProv12, has been registered in the WMI namespace, Root\MSAPPS12, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests".
Then I noticed an event of System hang on 30/1/2009 and file is the AVg one that comes with the trojan. So I am no smarter but have turned off Automatic Updates till someone can tell us what program this A360 trogan is bundled and hidden with.
No comments:
Post a Comment