So I followed all the prompts in AV 360

AV360 is a fun little piece of malware that looks to the average end user like an anti-malware program. It's not exactly new, but it certainly seems to be making the rounds. Most commercial anti-malware software doesn't catch it, although we haven't had any problems at sites with our new Astaro 220 firewalls (they have gateway-level anti-malware that seems to be working quite nicely). It just pops up after a user clicks somewhere they shouldn't.

One of my users stopped me in the hall yesterday and told me that he'd gotten an alert about some malware on his computer, followed all the prompts, but then came to a point where he needed to enter a credit card number to fully remove the viruses the software had detected. I was mighty glad he didn't enter his credit card number and wasn't surprised to see a full-blown infection with AV 360. That's the point of this bit of malware, by the way: to steal a users credit card information.

By this stage, a full reinstall is usually in order. I've seen references to malwarebytes as a possible "cure" (talk back below if you've had any luck with this or with other patches/products), but AV 360 and the other related rogue software is pretty insidious, so I'm a big fan of a fresh start.

The point of this story is not for a chuckle at my user's expense. How should he have known? If it looks like a duck, quacks like a duck, and waddles like a duck, it must be a duck, right? This one's pretty sneaky and, although I have warned people about email attachments, suspicious items on their computers, and generally given them "the talk" on Internet safety/security, I never told anyone about this particular problem.

This one, in fact, was my fault. So communication is key...some serious gateway anti-malware doesn't hurt either.