MacroVirus On-call
Posted: August 2, 2011
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Threat Level: | 10/10 |
---|---|
Infected PCs: | 19 |
First Seen: | May 13, 2010 |
---|---|
Last Seen: | January 10, 2019 |
OS(es) Affected: | Windows |
Although the availability of independent anti-virus programs has been growing of late, so has the availability of fake anti-virus applications like MacroVirus On-call. In spite of looking and acting like a real anti-virus scanner, MacroVirus On-call can't detect or remove viruses from your PC; however, SpywareRemove.com malware analysts have found that MacroVirus On-call makes up for this deficit, by creating fake system scan results and warning messages that try to delude you about what types of infections are on your computer. Don't take MacroVirus On-call at its word and don't spend money on its nonexistent security features; instead, delete MacroVirus On-call by using a good security program to scan your PC for all MacroVirus On-call components.
Putting Blockades Between MacroVirus On-call and Your PC
Protecting your computer from MacroVirus On-call entails guarding against the typical Trojan-based distribution methods that many other rogue security programs, such as Microsoft Security Center 2011 and Alfa Defender Pro also use. Trojans like Zlob and Fake Microsoft Security Essentials Alert usually install these rogue security programs as part of a fake online scan, but MacroVirus On-call can also be installed without interaction via drive-by-download script exploits.
Use the following methods to defend yourself against any possible MacroVirus On-call attack:
- Avoid contact with the macrovirus.com website, which SpywareRemove.com malware researchers have found to be directly linked to MacroVirus On-call. Any similar website that's linked to the MacroVirus.com company should also be considered dangerous. If you accidentally visit one of these websites, immediately scan your computer with anti-virus program, since some malicious script exploits don't need your interaction or consent to install MacroVirus On-call and other PC threats.
- Be cautious about enabling Flash or JavaScript for websites that you don't trust. Malicious websites and even advertisements can automatically install MacroVirus On-call and similar rogue security programs by exploiting vulnerabilities in Flash or Java.
- Avoid installing anti-virus program from websites with poor security until you've found independent sources that verify the program's safety. Many rogue security programs, including MacroVirus On-call, will flood websites with phony reviews and other misleading forms of marketing information. SpywareRemove.com malware analysts have also seen MacroVirus On-call on cnet.com, in addition to its own macrovirus.com website.
Behind MacroVirus On-call's Snazzy Interface Lies Fake Info and False Security
MacroVirus On-call uses multiple ways to trick you into spending money on its valueless virus protection features, which are nothing more than tidbits fake data dolled up to look like the real thing. Although MacroVirus On-call looks like a real anti-virus scanner, trying to scan your PC with MacroVirus On-call will create farcical results that are boiling over with supposed infections. If you try to verify the existence of these infections with other anti-virus scanners, you'll notice that MacroVirus On-call is inaccurate on every single count.
MacroVirus On-call will also display warning messages at random moments that alert you to more nonexistent virus, worm, Trojan or spyware infections. Since the only reason MacroVirus On-call is creating these fake errors is to force you to buy MacroVirus On-call to make them stop, you shouldn't fall for this scam or give the MacroVirus On-call website your credit card information. If you've purchased MacroVirus On-call by mistake, canceling your credit card is the only way to insure that other fake charges aren't added on in the future.
Even though MacroVirus On-call's file structure mimics the structure of a normal program, trying to uninstall MacroVirus On-call in a normal way will not work and may even damage your PC. The use of Safe Mode and a high-quality AV program can help you delete MacroVirus On-call conveniently and safely.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:MacroVirus.exe
File name: MacroVirus.exeSize: 11.97 MB (11973872 bytes)
MD5: 9ebe6955c2cf6c783864ea42b4728956
Detection count: 62
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: June 15, 2010
Launcher.exe
File name: Launcher.exeSize: 529.64 KB (529648 bytes)
MD5: b10e17557a69f61f3915570ff652e374
Detection count: 61
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: June 15, 2010
macrovirus[1].exe
File name: macrovirus[1].exeSize: 3.81 MB (3817984 bytes)
MD5: 5caa655182e2d5a53da23e846459e4a6
Detection count: 60
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: August 17, 2022
C:\Program Files\MacroVirus
File name: C:\Program Files\MacroVirusGroup: Malware file
C:\Documents and Settings\<username>\Start Menu\Programs\MacroVirus
File name: C:\Documents and Settings\<username>\Start Menu\Programs\MacroVirusGroup: Malware file
C:\Documents and Settings\<username>\Application Data\MacroVirus
File name: C:\Documents and Settings\<username>\Application Data\MacroVirusGroup: Malware file
C:\Documents and Settings\<username>\Application Data\MacroVirus\Settings
File name: C:\Documents and Settings\<username>\Application Data\MacroVirus\SettingsGroup: Malware file
C:\Documents and Settings\<username>\Application Data\MacroVirus\Log
File name: C:\Documents and Settings\<username>\Application Data\MacroVirus\LogGroup: Malware file
C:\Documents and Settings\<username>\Application Data\MacroVirus\Quarantine
File name: C:\Documents and Settings\<username>\Application Data\MacroVirus\QuarantineGroup: Malware file
C:\Documents and Settings\<username>\Application Data\MacroVirus\Registry Backups
File name: C:\Documents and Settings\<username>\Application Data\MacroVirus\Registry BackupsGroup: Malware file
C:\Documents and Settings\<username>\Start Menu\Programs\MacroVirus\MacroVirus on the Web.lnk
File name: C:\Documents and Settings\<username>\Start Menu\Programs\MacroVirus\MacroVirus on the Web.lnkSize: 1.35 KB (1359 bytes)
File type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
C:\Documents and Settings\<username>\Start Menu\Programs\MacroVirus\Uninstall MacroVirus.lnk
File name: C:\Documents and Settings\<username>\Start Menu\Programs\MacroVirus\Uninstall MacroVirus.lnkSize: 1.43 KB (1430 bytes)
File type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
C:\Documents and Settings\<username>\Start Menu\Programs\MacroVirus\MacroVirus.lnk
File name: C:\Documents and Settings\<username>\Start Menu\Programs\MacroVirus\MacroVirus.lnkSize: 622B (622 bytes)
File type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
C:\Documents and Settings\<username>\Application Data\MacroVirus\Settings\CustomScan.stg
File name: C:\Documents and Settings\<username>\Application Data\MacroVirus\Settings\CustomScan.stgMime Type: unknown/stg
Group: Malware file
C:\Documents and Settings\<username>\Application Data\MacroVirus\Settings\IgnoreList.stg
File name: C:\Documents and Settings\<username>\Application Data\MacroVirus\Settings\IgnoreList.stgMime Type: unknown/stg
Group: Malware file
C:\Documents and Settings\<username>\Application Data\MacroVirus\Settings\ScanInfo.stg
File name: C:\Documents and Settings\<username>\Application Data\MacroVirus\Settings\ScanInfo.stgMime Type: unknown/stg
Group: Malware file
C:\Documents and Settings\<username>\Application Data\MacroVirus\Settings\Settings.stg
File name: C:\Documents and Settings\<username>\Application Data\MacroVirus\Settings\Settings.stgMime Type: unknown/stg
Group: Malware file
C:\Documents and Settings\<username>\Application Data\MacroVirus\Settings\ScanResults.stg
File name: C:\Documents and Settings\<username>\Application Data\MacroVirus\Settings\ScanResults.stgSize: 66.68 KB (66683 bytes)
Mime Type: unknown/stg
Group: Malware file
C:\Documents and Settings\<username>\Application Data\Microsoft\Internet Explorer\Quick Launch\MacroVirus.lnk
File name: C:\Documents and Settings\<username>\Application Data\Microsoft\Internet Explorer\Quick Launch\MacroVirus.lnkSize: 608B (608 bytes)
File type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
C:\Documents and Settings\<username>\Application Data\MacroVirus\Settings\SelectedFolders.stg
File name: C:\Documents and Settings\<username>\Application Data\MacroVirus\Settings\SelectedFolders.stgMime Type: unknown/stg
Group: Malware file
desktop+\MacroVirus.lnk
File name: desktop+\MacroVirus.lnkSize: 646B (646 bytes)
File type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
C:\Program Files\MacroVirus\MacroVirus.exe
File name: C:\Program Files\MacroVirus\MacroVirus.exeFile type: Executable File
Mime Type: unknown/exe
Group: Malware file
C:\Program Files\MacroVirus\zlib.pyd
File name: C:\Program Files\MacroVirus\zlib.pydSize: 69.63 KB (69632 bytes)
Mime Type: unknown/pyd
Group: Malware file
C:\Program Files\MacroVirus\_tst.pyd
File name: C:\Program Files\MacroVirus\_tst.pydSize: 147.45 KB (147456 bytes)
Mime Type: unknown/pyd
Group: Malware file
C:\Program Files\MacroVirus\unicodedata.pyd
File name: C:\Program Files\MacroVirus\unicodedata.pydSize: 405.5 KB (405504 bytes)
Mime Type: unknown/pyd
Group: Malware file
C:\Program Files\MacroVirus\bz2.pyd
File name: C:\Program Files\MacroVirus\bz2.pydSize: 77.82 KB (77824 bytes)
Mime Type: unknown/pyd
Group: Malware file
C:\Program Files\MacroVirus\mav.db
File name: C:\Program Files\MacroVirus\mav.dbSize: 4.95 MB (4955136 bytes)
Mime Type: unknown/db
Group: Malware file
C:\Program Files\MacroVirus\sqlite3.dll
File name: C:\Program Files\MacroVirus\sqlite3.dllSize: 250.36 KB (250368 bytes)
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
C:\Program Files\MacroVirus\_sqlite.pyd
File name: C:\Program Files\MacroVirus\_sqlite.pydSize: 299 KB (299008 bytes)
Mime Type: unknown/pyd
Group: Malware file
C:\Program Files\MacroVirus\mav.db.version
File name: C:\Program Files\MacroVirus\mav.db.versionSize: 10B (10 bytes)
Mime Type: unknown/version
Group: Malware file
C:\Program Files\MacroVirus\Launcher.exe
File name: C:\Program Files\MacroVirus\Launcher.exeSize: 517.61 KB (517616 bytes)
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
C:\Program Files\MacroVirus\mavapi.pyd
File name: C:\Program Files\MacroVirus\mavapi.pydSize: 114.68 KB (114688 bytes)
Mime Type: unknown/pyd
Group: Malware file
C:\Program Files\MacroVirus\MacroVirus.url
File name: C:\Program Files\MacroVirus\MacroVirus.urlSize: 51B (51 bytes)
Mime Type: unknown/url
Group: Malware file
C:\Program Files\MacroVirus\python24.zip
File name: C:\Program Files\MacroVirus\python24.zipSize: 788.55 KB (788557 bytes)
Mime Type: unknown/zip
Group: Malware file
C:\Program Files\MacroVirus\mav.log
File name: C:\Program Files\MacroVirus\mav.logSize: 1.86 MB (1867776 bytes)
Mime Type: unknown/log
Group: Malware file
C:\Program Files\MacroVirus\msvcr71.dll
File name: C:\Program Files\MacroVirus\msvcr71.dllSize: 348.16 KB (348160 bytes)
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
Registry Modifications
HKEY..\..\..\..{RegistryKeys}HKEY_CURRENT_USER\SOFTWARE\MacroVirusHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MacroVirusHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MacroVirus_is1
MacroVirus On-call is absolutely scandalous. Just so you know, it wont let you surf the net. It wont even let you open up some programs on your PC. Good info BTW and great solution i downloaded. Worth the price and saved my butt from reformatting my hard drive.
Took me at least 5min of my time... These people who create such programs really are NO-LIVERS! THanx for the instructions
I also got scammed today. I was linked through another site also. However on their home page it said "JOIN FREE". So being stupid I did and listed my info and credit card # ( thinking it would be like ebay , which I've never had any problem) I have sent numerous emails and finally found the phone # that says the mailbox is full and you cannot even leave a message!!!!! The good news we have an excellent credit card and called them and they said when the charge comes through they will take of it. So people if you got burned try to work it out with your credit card. It's your only hope.