My son’s Vista laptop is currently booted to save mode to run Avast free home edition version 5. His antivirus definitions are, and always are, up to date and he’s never had a problem with Avast before. The scan is currently 27% done and has found nothing so far.
This evening while visiting DeviantArt.com (I’ve since learned that many, many users across the web are reporting similar infections from DeviantArt), he was simply reading one of his own (text) files, and a virus warning, a fake one, popped up. He clicked the ‘x’ at the top right to close the popup, and a java notice showed up in the system tray area for a moment. Next thing he knew, one of the fake antivirus trojans was popping up warnings all over the place, not allowing him to open Avast, etc. He didn’t write down which one it was, unfortunately, he just panicked. He shut down his computer, but when he rebooted, the problem was still there … popping up fake antivirus notices and attempting to trick him into “buying the full version”. A green shield was in his system tray.
I helped him boot the computer to safe mode, and he’s running Avast now.
Does Avast detect and remove these things? I know there are a number of them out there, and it seems that this issue has been popping up randomly on DeviantArt for well over a year, so I’m hoping the current virus defs will cover it. Why would Avast allow this to just install itself? He’s always very careful to make sure his version of Avast is up to date and all shields running. Does anyone have a clue how something like this would have slipped past it? Apparently it comes through one of their ads, from a remote site (don’t advertisement-run sites bother to check before just allowing an infected website to advertise?)
And most importantly, with a fully up to date version of Avast run in Safe Mode clean his computer for him?