Jump to content

Funny trojan issue


Spaz The Great

Recommended Posts

So we're currently living with some friends right now, and their PC is hellish. It's always incredibly slow, and I'm sure part of the problem is viruses and spyware.

However, a couple of nights ago something funny happened. A program by the name of Windows Police Pro decided it was the anti-virus and it was going to warn us when something was infected. Ejay was infected, FruityLoops was infected, Firefox was infected, pretty much anything we tried opening was deemed infected and not allowed to open.

The kicker was, it wouldn't fix anything unless we paid for the full-version. That's when it clicked, I've seen this shit before. A lot like Win-AntiVirus. Well, we decided to sneak our way around and disable the shit((no process running in the task manager, and we couldn't even open Add/Remove Programs)). Then we downloaded and ran AVG and Spybot. Somehow it turned itself back on, and regenerated itself after Spybot deleted parts of it((could only delete parts of it)). Found out it had a backdoor installed, too. It kept warning us that something malicious was trying to attack the computer, but we knew it was our scanners attacking it.

AVG had run for almost two hours when the system shuts itself off. We assumed it was smart and knew what we were doing, and so shut down the machine. We ran it in Safe-mode and ran AVG's special safe-mode scan((apparently a really deep scan)), and so far we haven't seen any sign of it, so I assume we got rid of it.

Just found this to be quite a funny story and decided to share it with you guys. And also serve as a warning.

Link to comment
Share on other sites

Typical case of a rogue security program trying to pawn noobs off into paying for a piece of BS scareware. I ran into some cases of this scheme, and I noticed that some of them trojans are just copy-pasta'd variants of the same malware, with a different name or icon. Some of them are notoriously hard to remove, although in most cases Combofix or any other reputable removal tool can get rid of it rather easily.

Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
×
×
  • Create New...