September 02, 2009, 6:54 AM — A rogue anti-spyware program called TotalSecurity is circulating the Internet, downloading itself on users' PCs to produce false malware scan results and prevent legitimate anti-spyware products from working.
Users can become infected with TotalSecurity the way they would any other malware; it’s installed on systems via Trojan viruses. According to a post on Symantec’s Security Response site, the rogue program then appears to scan a user’s system and produces fake or exaggerated scan results saying that multiple infections were found.
But, since the rogue program tells users they are running the trial version of TotalSecurity, they must purchase a license to the software to have the discovered malware removed, the program reports. Users are haunted by recurring pop-ups that flash unnerving messages such as “Security Monitor: WARNING,” urging them to download the complete version of the software to fix the problem.
As if that isn’t bad enough, the rogue program also terminates legitimate anti-malware programs that users might run…which of course would probably uncover TotalSecurity.
Symantec offers instructions for removing TotalSecurity here.
Do you tweet? Follow me on Twitter here.
