I have received a couple of phone calls this week with clients being infected with the above Malware. It often leaves a large banner advert in the center of the screen which cannot be moved.
Some of my clients have mistaken this for an advert for McAfee but I think that is just being used as it is a well known and trusted name. If you attempt to remove PC App Store using the normal Settings/ Apps it just comes back again.
If you take a look in Task Manager you will see that PC App Store Runtime is running. You can end the PC App Store task but it will just start again. A closer look shows that there is a second task also running called ” Watchdog of PC App Store”. This also needs to be stopped to prevent the pop up banner appearing again. Once the process have been stopped you can start to remove the malware. In the case of one client the exceptional was found within User/appdata and in another client it was direct underneath the user folder.
Once found and deleted the PC was scanned with a malware scanner and a number of other infections identified.
Upon reboot the PC was again checked for signs of the PC App Store infection and was clean.
FAQ:
PC App Store is a potentially unwanted application (PUA) that often gets installed on computers without the user’s knowledge or consent.
PC App Store is technically a legitimate software distribution platform, but it’s frequently associated with adware and other unwanted programs.
While the application itself may not be malicious, it often comes bundled with more nefarious software like adware or browser hijackers
To avoid future infections:
Be cautious when downloading and installing free software.Carefully read all prompts during installation and opt out of any additional bundled programs
Always read installation prompts carefully and opt out of additional software offers.
Use a reliable antivirus program with real-time protection.Run regular scans to detect and remove any adware or malware.
Use an ad-blocker in your web browser to reduce exposure to potentially malicious ads.
Reset your browser settings to remove any lingering adware effects. This includes clearing cache, cookies, and resetting to default settings
Antivirus software can sometimes fail to detect malware for several reasons
Antivirus programs rely on a database of known virus signatures to identify threats. If this database is not regularly updated, the software may miss newer malware.
Malware creators use various techniques to avoid detection:
- Encrypting malicious code
- Frequently changing code signatures
- Disguising malware as legitimate programs
These methods can help malware evade signature-based detection