Simply ironic: adware program blocks off security software

What do you do when you realize that your computer has been infected by some kind of nasty adware? Logically, you install an anti-virus, anti-malware or anti-spyware application to help you remove it. This plan sounds really good, too bad that in certain situations it might not work. The adware called Vonteera has turned the tables on security products and, as soon as it infects your PC, it will actively block the installation of most known anti-virus programs that can remove it. Turnabout is fair play, right?

To keep the irony going, the previously mentioned adware uses Windows's best security feature, the User Account Control (UAC) to keep you from installing the anti-malware applications that you need. Vonteera abuses the digital signature check used by the UAC by convincing the feature to blacklist (and thus automatically block) the digital signatures of 13 security products: Avast Software, AVG Technologies, Avira, Baidu, Bitdefender, ESS Distribution, ESET, Lavasoft (Ad-aware), Malwarebytes, McAfee, Panda Security, ThreatTrack Security and Trend Micro.

Besides being smart, Vonteera is also aggravating and resilient. This adware displays ads on your PC at regular time intervals by creating multiple scheduled tasks, alters your browsers' shortcuts to automatically open a specific URL when opened, installs rogue extensions and registers a system service. If you need a way to get rid of it, but the adware keeps blocking your attempts to install the security software that you need, you can either completely disable the UAC or manually remove the security certificates from the Blacklist (but Vonteera will put them right back so you will need to move really fast.)

As one last piece of advice, if Vonteera has infected your PC while a security product was installed and running, you really should switch it with an anti-virus that actually does something.

Comments

0 comments
You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <em> <i> <q cite=""> <s> <strike> <strong>