Anti Virus 2008

Thread view:

Enable EMail Alerts

Start New Thread

Thread rating:

Brendan Tierney - 26 May 2008 12:50 GMT

This application dropped in on my computer while my son (age 15) was on
line.
It offered a FREE a/virus scan which he accepted.
However when it came to the remove part he found that this would cost money
so he declined.
Now I am desperately trying to rid myself of this curse. I cannot open any
downloads or anything else without this warning me that I must remove
viruses with this prog before any further progress can be made.
I cannot be removed with my ununstallers, nor with its own. Equally I cannot
get system restore to do its tricks,
This is a really bad one. Can anyone offer any advice please?

Reply to this Message

Alias - 26 May 2008 12:58 GMT

> This application dropped in on my computer while my son (age 15) was on
> line.
[quoted text clipped - 7 lines]
> cannot get system restore to do its tricks,
> This is a really bad one. Can anyone offer any advice please?

http://www.sophos.com/security/analyses/adware-and-puas/antivirus2008.html

Good luck.

Alias

Reply to this Message

Ramone - 26 May 2008 12:59 GMT

You need to visit a "Hijack This" forum and do everything they tell you to
do.

Ramone

Reply to this Message

keepout@yahoo.com.invalid - 26 May 2008 15:31 GMT

>> This application dropped in on my computer while my son (age 15) was on
>> line.
[quoted text clipped - 7 lines]
>> cannot get system restore to do its tricks,
>> This is a really bad one. Can anyone offer any advice please?

If I haven't already added my $0.02.
Go to Trend micro anti virus.
Download any of the 3 home demos.
download spybot S&D [freeware util] also at Trend
run the demo. I'd recommend the medium version vs stripped or pro.
Let trend clean up the mess.
Then run spybot S&D.
poof all gone.

Then take and try the demo for a month and see if things don't run a whole lot
smoother.
Oh yeah a different browser than IE, such as firefox, might be a good move also
in the future.

To avoid getting infections, you have to be less of a target.
Apple, Firefox, anything other than M$ is less of a target.

Or you get a GOOD firewall, and anti virus program.

Oh and in the future assuming you follow the out with the bath water formula of
virus solutions [format everything] instead of prevention. Make your next post
clearer, such as identifying what ever it was you're infected with.

I'm guessing it's winspy something. It's out in the wild right now infecting
everything it touches.

You can't lay blame on anyone for this infection. It seeks you out.

Signature

more pix @ http://members.toast.net/cbminfo/index.html

Reply to this Message

Dave - 26 May 2008 15:51 GMT

> [ drivel snipped]

> Make your next post clearer, such as identifying what ever it was
> you're infected with.
[quoted text clipped - 3 lines]
>
> You can't lay blame on anyone for this infection. It seeks you out.

Can't you read ? The op's son installed it.
Quote:
"This application dropped in on my computer while my son (age 15) was on
line.
It offered a FREE a/virus scan which he accepted."

He dosen't need to make his next post clearer - the header says what it is.
Try reading the post before replying with total crap.
,

Reply to this Message

Vote out Brendan Nelson - 30 May 2008 16:45 GMT

>> [ drivel snipped]
>
[quoted text clipped - 15 lines]
> Try reading the post before replying with total crap.
> ,

These people can help http://free.grisoft.com/

Reply to this Message

keepout@yahoo.com.invalid - 30 May 2008 22:32 GMT

>>> [ drivel snipped]
>>
[quoted text clipped - 11 lines]
>> line.
>> It offered a FREE a/virus scan which he accepted."

Knowing that your post is specifically a troll post. He said NOTHING about what
was installed. Just SOMETHING offering a free virus scan.
Do you have any idea exactly how many FREE virus scan programs out there can
infect your machine, and stick their SPECIFIC garbage everywhere.
ie: You can't cure mumps with cough syrup. You need to know WHAT you're trying
to cure.

Anti virus 2008, is also the name of trend micros newest program. So before you
jump out of your skin trying to make believe you know what you're talking
about, YOU re-read what was written.

I gave him the best advice. download a FREE trend micro demo, run it. Also use
spybot S&D also available from Trend, if trend doesn't clean the thing
completely spybot should.

Much better than reformat and start from scratch.

>> He dosen't need to make his next post clearer - the header says what it is.
>> Try reading the post before replying with total crap.
>> ,
>>
>These people can help http://free.grisoft.com/

Signature

more pix @ http://members.toast.net/cbminfo/index.html

Reply to this Message

David H. Lipman - 26 May 2008 13:07 GMT

From: "Brendan Tierney" <bunkoman@iolfree.ie>

| This application dropped in on my computer while my son (age 15) was on
| line.
[quoted text clipped - 7 lines]
| get system restore to do its tricks,
| This is a really bad one. Can anyone offer any advice please?

You are infected with a fake anti malware utility.

1. Download and execute HiJack This! (HJT)
http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe

2. Disable Notepad's word wrap:
In Notepad.exe; Format --> uncheck; "Word wrap"

3. Download/run Deckard's System Scanner:
http://www.techsupportforum.com/sectools/Deckard/dss.exe

4. Save the scan results (Main.txt and Extra.txt)

5. And then post the contents of Main.txt and Extra.txt in your post in one of the below
expert forums...

{ Please - Do NOT post the HJT and Deckard's System Scanner Logs here ! }

Forums where you can get expert advice for HiJack This! (HJT) and Deckard's System Scanner
Logs.

NOTE: Registration is REQUIRED in any of the below before posting a log

Suggested primary:
http://www.thespykiller.co.uk/index.php?board=3.0

Suggested secondary:
http://www.bleepingcomputer.com/forums/forum22.html
http://castlecops.com/forum67.html
http://www.malwarebytes.org/forums/index.php?showforum=7

Suggested tertiary:
http://www.dslreports.com/forum/cleanup
http://www.cybertechhelp.com/forums/forumdisplay.php?f=25
http://www.atribune.org/forums/index.php?showforum=9
http://www.geekstogo.com/forum/Malware_Removal_HiJackThis_Logs_Go_Here-f37.html
http://gladiator-antivirus.com/forum/index.php?showforum=170
http://forum.networktechs.com/forumdisplay.php?f=130
http://forums.maddoktor2.com/index.php?showforum=17
http://www.spywarewarrior.com/viewforum.php?f=5
http://forums.spywareinfo.com/index.php?showforum=18
http://forums.techguy.org/f54-s.html
http://forums.tomcoyote.org/index.php?showforum=27
http://forums.subratam.org/index.php?showforum=7
http://www.5starsupport.com/ipboard/index.php?showforum=18
http://aumha.net/viewforum.php?f=30
http://makephpbb.com/phpbb/viewforum.php?f=2
http://forums.techguy.org/54-security/
http://forums.security-central.us/forumdisplay.php?f=13

Signature

Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

Reply to this Message

scrooge - 26 May 2008 13:15 GMT

have you tryed booting in safemode and then uninstalling it?
scrooge

Signature

scrooge

Reply to this Message

Dave - 26 May 2008 13:28 GMT

> This application dropped in on my computer while my son (age 15) was
> on line.
[quoted text clipped - 7 lines]
> cannot get system restore to do its tricks,
> This is a really bad one. Can anyone offer any advice please?

Here's some manual removal notes:
http://www.wiki-security.com/wiki/Parasite/Antivirus2008

.

Reply to this Message

joel406 - 26 May 2008 14:12 GMT

Your screwed. Most apps that act like this such as WinAntivirus are
almost imposible to "completly" remove even when using help such as
provided by Hijack this. You may get temporary relief but somewhere down
the road something will set it off again.

The only real way to remove them entirely is to reformat and reinstall
your system.

Speaking from a vast bottom less pit of experience.

Signature

joel406

Reply to this Message

joel406 - 30 May 2008 23:15 GMT

While spybot is truly one of the best spyware removers money doesnt have
to buy, Trend is really going to be little help. I'm afraid I have
personaly witnessed it fail to protect systems and am currently mopping
up a big mess it let happen at a very busy business costing a lot of
hours and money.

Avira(even the free version) or Avast(yes available free as well) will
do a better job.

However, once this type of infection takes hold, the system will never
feel the same unless everything is purged and re-installed. These
programs set themselves in deep and are very hard to remove entirely.

Winantivirus and a whole batallion of crap like these are desighned to
dig in and fight removal at every turn.

The time involved trying to remove these is far greater then the time
it would take to re-install the entire system. And reformating is a for
sure way of being sure all the offending application is permanetly and
completly removed.

Signature

joel406

Reply to this Message

keepout@yahoo.com.invalid - 31 May 2008 14:07 GMT

>While spybot is truly one of the best spyware removers money doesnt have
>to buy, Trend is really going to be little help. I'm afraid I have
>personaly witnessed it fail to protect systems and am currently mopping
>up a big mess it let happen at a very busy business costing a lot of
>hours and money.

I won't say any virus program is bulletproof.
I just went into my 8th year using Trend. Because it works. They released an
update that was worse than any virus. But out of 8 years, I'd call that almost
a perfect record.
I have to scan weekly, and trend finds crap all the time that made it under the
radar. Such as winspy a week back. But with spybot S&D, it cleaned it up just
fine.
Trend couldn't identify it. For registry removal I had to find winspy in
Symantecs encyclopedia.
But spybot found what symantec missed.
What this guy is explaining sounds just like winspy. And spybot takes and
cleans it up just fine.
You don't have to reformat EVER. just quit spreading rumors that these things
some how have super human abilities.
They stick themselves in hidden folders, they scatter stuff through the
registry. They lock all files. Change permissions etc..
But they don't do anything that makes them permanent fixtures. If they can be
installed, they can be removed.

>However, once this type of infection takes hold, the system will never
>feel the same unless everything is purged and re-installed. These
>programs set themselves in deep and are very hard to remove entirely.

And you don't stop until you've removed it. Just google with the information
you have, and you'll find someone else that's had the problem, and fixed it.

>The time involved trying to remove these is far greater then the time
>it would take to re-install the entire system. And reformating is a for
>sure way of being sure all the offending application is permanetly and
>completly removed.

It took me an hour for winspy. It takes me weeks to reinstall all the software,
and setup all the configs. Format would be the last resort before considering
turning it into a planter.
Format is Seldom an option.

Signature

more pix @ http://members.toast.net/cbminfo/index.html

Reply to this Message

Alias - 31 May 2008 14:44 GMT

>> While spybot is truly one of the best spyware removers money doesnt have
>> to buy, Trend is really going to be little help. I'm afraid I have
[quoted text clipped - 35 lines]
> turning it into a planter.
> Format is Seldom an option.

I used to use TrendMicro until I discovered that Avast! free found
viruses that TrendMicro didn't find.

Alias

Reply to this Message