Updated: I had an ugly run-in with scareware last night, but I'm not sure what left me more annoyed: The dreaded Antivirus Pro 2009 scareware or McAfee, my anti-virus software provider.
First, my PC was overtaken by Antivirus Pro 2009, which is a rogue anti-spyware application. In a nutshell, Antivirus Pro starts automatically when you log on to your computer, creates fake malware and then holds the PC hostage. In addition it hi-jacks Internet Explorer and pelts you with porn sites (sprinkled in with a little Viagra for good measure). Simply put, Antivirus Pro 2009 tries to scare you into registering the software.
It's not entirely clear how Antivirus Pro got into my Windows XP home PC. I was at work at the time, but the scareware wasn't flagged by McAfee's software and the signatures were up to date. Perhaps it was user error, but once Antivirus Pro is installed you're screwed. Running task manager and add/remove was a disaster.
After McAfee scans (quick and the long versions) failed to turn anything up nefarious it was clear that I needed to manually remove the files. The problem: I couldn't find them despite some pretty thorough directions.
After a few hours of trying a little of everything (including failed installations of Kaspersky's anti-virus software and Malwarebytes Anti-Malware) I decided I needed some help. For some odd reason, I figured I'd pay McAfee support almost $90 to go into my PC and fix things. I figured I was running out of time (I was falling asleep at the keyboard) and I'd do anything---except pay the rat bastards behind Antivirus Pro 2009.
First, the McAfee chat client wouldn't run, but I attributed that to the Antivirus Pro issues. Then I called a number to a call center and was put on hold for what was supposed to be 20 minutes or so. Ninety-minutes later I just gave up. Here's what was particularly annoying: There was no automated break-in telling me where I stood in the queue or any updates on wait times. If you're going to operate a call center do it right.
Ultimately, it was the phone service that did McAfee in for me. The weak scans were one thing, but the inability to get enough folks to man the phones was the real killer for me.
The good news: In my 90 minutes of hold time I tried the add/remove icon in the control panel just enough times that it actually stayed up. once. Given that brief Window---I searched for Antivirus Pro to no avail---but did manage to completely remove Internet Explorer from the PC. I figured if I couldn't find Antivirus Pro I could at least prevent those annoying browser windows from appearing.
Throughout this time, the McAfee Web client was turning up nothing on scans. In addition, searching hidden files on my PC yielded nothing. After a restart, I was fortunate enough to have a trial of Kaspersky successfully installed (I'm not quite sure how that happened). You get bombarded with so many browser windows and fake malware messages that you're literally looking around dozens of windows to get anything done.
Kaspersky updated its database and found the Antivirus Pro files to eradicate. Thus far, the PC is working fine.
I still have some issues in that I have to call McAfee and get a refund for the expert time I never received. Once that's taken care of I'm done with McAfee. I was a four-year customer, but this experience (the lack of finds in the scan and the inability to work through its call center calls) forced my hand. There are plenty of anti-virus software companies, but frankly all I want is one that works during crunch time. For now, that company is Kaspersky.
Update: Cody Spears, McAfee's executive customer assistance team, gave me some color on what happened. He said the scareware I encountered isn't new, but was updated a couple of days ago. Spears added that the company was prepared for a Conficker, but "unfortunately we weren't prepared for this."
As a result call volume spiked at McAfee when I called. According to Spears:
McAfee is typically staffed to handle about 600 calls a night, but last night it received 2,000. That explains the wait time.
McAfee said it is pushing out definitions for all the variants of the malware with tonight's update.
The company also set up a team just for this issue. "Today, we're not having the same issue you had last night," said Spears.
Separately, I got my refund for the customer service call last night. There wasn't any hold time for that one.
The Malwarebytes Anti-Malware has good word of mouth, but I was getting a run-time error and couldn't launch it.
Ryan Naraine notes that Vista for all its flaws would have stopped Antivirus Pro 2009 at the door. Windows 7 too.
The latest update from Microsoft for XP patches installed on Wednesday. My hunch is havoc ensued Tuesday night with the scareware and screwed up the auto-update that should have run Tuesday.