VirusRescue: The Latest Spyware Scam

Dennis Faas's picture

One of the ways that the spyware and Trojan makers get spyware on your computer is to trick you into installing it.

Just recently, I was deleting some spam on a forum I administer, I came across something that caught my eye. I was offered a video to watch, but I was told I had to install something to see it. I then decided to get my test computer ready, and installed the codec that I was told that I needed. Subsequently, the installed file brought spyware onto my computer.

Shortly after that, I began to get pop up ads. One of those pop ups had a new program that I had not heard of before, called VirusRescue. The other two ads I saw were for AntiVirusGold and SpyHeal -- but I already know they are are in fact Trojans. I decided to click on the VirusRescue ad -- just to see what it would do.

While VirusRescue was installing, I received a warning from another rogue antispyware product called SpywareQuake. From what I could tell, SpywareQuake was installed after I installed the codec. SpywareQuake then proceeded to tell me I had spyware on my computer. Oddly enough, one of those files reported to be spyware was the codec that I had installed in the first place!

OK -- so what about VirusRescue?

Well, it ran a scan on its own without even asking me. To no surprise, it reported more spyware on my computer and offered to remove it -- but only if I paid $49. And if all of this wasn't already overwhelming, I received a second warning balloon above the clock on my computer telling me I had spyware.

No kidding! Can you say: scam within a scam within a scam within a scam?

My verdict is that VirusRescue is just another scam just like the other ones going back to SpyAxe. Simply put: you get tricked into installing a file to watch a supposed video, and then get spyware from that. The same people who tricked you are now trying to sell you a way to remove the spyware it installs in the first place.

I wrote a more detailed article of my experience with VirusRescue in my security blog, Security Ticker. It includes pictures to show you what happens during the install and the fake warnings and pop ups that you get from this pest.

Right now, Sunbelt's CounterSpy detects this new threat and I am sure the other antispyware programs will follow soon. For a free and easy way to remove VirusRescue, SpywareQuake, and the other fake antispyware programs, you can follow my Easy Fix For Spyware and Virus Alert post on my blog.

Visit Nick's Malware Blog for more up-to-the-minute security tips, today!

Rate this article: 
No votes yet