Thursday, 21 March 2013

AVASoft Professional Antivirus Firewall Alert removal guide

AVASoft Professional Antivirus Firewall Alert has blocked a program from accessing the internet – this and many other fake security alerts will be displayed on your computer if you install a rogue antivirus application called AVASoft Professional Antivirus. It's a fairly new scam to be aware of but it isn't entirely new from a technical point of view. All the rogue applications from this malware family were using the same "Firewall Alert" notification to scare users into believing that certain applications, mostly web browsers, are infected and should be closed to avoid possible data loss, etc.

AVASoft Antivirus will block web browser and other applications on your computer to protect itself from being removed. In the image shown above, you can see that the fake antivirus applications blocked Internet Explorer because it was infected with a computer worm called Svchost.Stealth.Keyloger. A computer worm with such name doesn't even exist. Besides, normally, worms do not steal sensitive information. What is more, if you take a closer look at the image, you will notice that scammers user completely differt infection name at the end of the fake secuerity warning - Lsas.Blaster.Keylogger. It says 'Continue surfing and allow Lsas.Blaster.Keylogger to send your credit card details to remove host'.

Please note that this fake application will display the same misleading warnings for pretty much every application including anti-malware software. Well, actually it will display two warnings, the other one is slightly different and claims that AVASoft Professional Antivirus has detected a harmful software that can lead to your 'PC crash'. Scary, isn't it?

To stop this fake Firewall Alert you will have to remove the rogue application and related malware. Hopefully, it didn't came bundled with rootktis. The removal guide is located here:

If you have any questions or need help removing it please leave a comment below. I'll be glad to help! One last thing, if you have succesfully removed this malware from your computer, you should really think about the most essential security measures you should implement right now. Why? Because, your antivirus isn't working as it should be. Each and every variant of this malware was detected by 11 or 12 antivirus products, sometimes even less. Suprisingly, all the top-notch antivirus products can't detected and block this infection which really worries me because most users use those heavily promoted ones. Antivirus software alone won't help, you should also use anti-malware software.

No comments:

Post a Comment