07-25-2010, 01:15
|
#1
|
Guerrilla
Join Date: Nov 2009
Location: Murrieta, Ca
Posts: 316
|
Warning: Antivir 2010
Warning do not, I repeat do not fall for the Antivir 2010 scam. It is becoming more prominent on the internet. Antivir 2010 involves tricking you by displaying deceptive pop-up ads that may appear as regular Windows notifications with links which look like buttons reading Yes and No. No matter which "button" that you click on, a download starts, installing Antivir 2010 on your system. Antivir 2010 installs on your computer through a trojan and may infect your system without your knowledge or consent. Antivir 2010 is difficult to detect and remove. Antivir 2010 is not likely to be removed through a convenient "uninstall" feature. Antivir 2010, as well as other spyware, can re-install itself even after it appears to have been removed.
You also run the risk of damaging your computer since you're required to find and delete sensitive files in your system such as DLL files and registry keys. It is recommended you use a good spyware remover to remove Antivir 2010 and other spyware, adware, trojans and viruses on your computer.
Run a Antivir 2010 scan/check to successfully detect all Antivir 2010 files with the SpyHunter Spyware Detection Tool. If you wish to remove Antivir 2010, you can either purchase the SpyHunter spyware removal tool to remove Antivir 2010 or follow the Antivir 2010 manual removal method provided in the "Remedies and Prevention" section.
http://www.bleepingcomputer.com/viru...remove-antivir
Another way to remove this type of spyware is to do a system restore. So watch out, this one is a nasty little f**ker.
__________________
“Try not to become a man of success but rather try to become a man of value.”
–Albert Einstein
|
spherojon is offline
|
|
07-25-2010, 01:59
|
#2
|
Guerrilla
Join Date: Apr 2006
Location: Phoenix, AZ
Posts: 312
|
Fake AV has been around for a long time, and is nothing new, but it still gets a lot of people. Keep it simple. If you have an AV program installed, don't click anything that doesn't come from YOUR antivirus program. If you don't have antivirus installed, you know you shouldn't click on ANY of these notifications.
It should also be noted that if you're getting the popups, your system ALREADY HAS MALWARE ON IT. It probably isn't running with elevated privileges, until you click on it and give it said authority, but it IS already there. Spybot S&D is not bad. Ad Aware is not nearly as good as it used to be. Bazooka adware scanner is pretty good at finding them, but you will have to manually remove the malware.
The first step in keeping this activity down is to practice "safe browsing." Stop looking at internet porn sites. Don't go to "warez," download sites, software crack sites, etc. You can enhance your browsing security with the use of certain software like the "noscript," addon for Firefox...that's what I personally use.
I'm an IT security professional, so I take more drastic measures than most, but here's how I browse:
Ubuntu 10.04, fully patched.
within that, I run a Windows XP virtual machine, also fully patched, with a good "snapshot." I do all my surfing in the VM, using firefox with noscript. If I DO get some malware on the system, I can just restore from the snapshot. System Restore is NOT a good way to try to get rid of malware, for future reference, as many programs are written to infect system restore files.
Really, though...I could write a whole book on how to secure your system, and it'll only keep a "casual," intruder out. A professional will get in if they want in...so just be glad professionals probably aren't targeting your system.
|
Irishsquid is offline
|
|
07-25-2010, 02:57
|
#3
|
Guerrilla
Join Date: Nov 2009
Location: Murrieta, Ca
Posts: 316
|
Quote:
Originally Posted by Irishsquid
Fake AV has been around for a long time, and is nothing new, but it still gets a lot of people. Keep it simple. If you have an AV program installed, don't click anything that doesn't come from YOUR antivirus program. If you don't have antivirus installed, you know you shouldn't click on ANY of these notifications.
It should also be noted that if you're getting the popups, your system ALREADY HAS MALWARE ON IT. It probably isn't running with elevated privileges, until you click on it and give it said authority, but it IS already there. Spybot S&D is not bad. Ad Aware is not nearly as good as it used to be. Bazooka adware scanner is pretty good at finding them, but you will have to manually remove the malware.
The first step in keeping this activity down is to practice "safe browsing." Stop looking at internet porn sites. Don't go to "warez," download sites, software crack sites, etc. You can enhance your browsing security with the use of certain software like the "noscript," addon for Firefox...that's what I personally use.
I'm an IT security professional, so I take more drastic measures than most, but here's how I browse:
Ubuntu 10.04, fully patched.
within that, I run a Windows XP virtual machine, also fully patched, with a good "snapshot." I do all my surfing in the VM, using firefox with noscript. If I DO get some malware on the system, I can just restore from the snapshot. System Restore is NOT a good way to try to get rid of malware, for future reference, as many programs are written to infect system restore files.
Really, though...I could write a whole book on how to secure your system, and it'll only keep a "casual," intruder out. A professional will get in if they want in...so just be glad professionals probably aren't targeting your system.
|
Yes, this is all true, the reason why I posted it is because I had to go fix a friends computer that Antivir locked his computer. Apparently its being sent in emails more frequently now.
Edit: Forgot to add that Avira is a great free program that allows for antivirus and malware scans.
__________________
“Try not to become a man of success but rather try to become a man of value.”
–Albert Einstein
Last edited by spherojon; 07-25-2010 at 03:04.
|
spherojon is offline
|
|
07-26-2010, 09:03
|
#4
|
Quiet Professional
Join Date: Aug 2006
Location: Potomac River
Posts: 925
|
There is a version that is getting into computers from forums such as this one. Some of the popular AV programs are not recognizing it. Running Firfeox NoScript helps prevent.
__________________
The man in black fled across the desert, and the gunslinger followed.
SFA M-9545
|
Buffalobob is offline
|
|
07-27-2010, 17:57
|
#5
|
Area Commander
Join Date: Dec 2007
Location: UK
Posts: 2,952
|
Quote:
Originally Posted by Buffalobob
There is a version that is getting into computers from forums such as this one. Some of the popular AV programs are not recognizing it. Running Firfeox NoScript helps prevent.
|
Thanks Bob!
I use Firefox with Ad-blocker, I'll now add NoScript.
RF 1
|
Red Flag 1 is offline
|
|
07-28-2010, 09:20
|
#6
|
Guerrilla
Join Date: Aug 2008
Location: Pittsburgh, PA
Posts: 146
|
New Version
What seems to be a new and improved version of Antivir will change your proxy server so that even if you do remove it as previously directed it will reload with your first IE logon. Updated directions for easy removal are here.
The loading of Malwarebytes can be done @ FILEHIPPO for free. Two other free packages I recomend from this site are CCleaner and SuperAntiSpyware. All are easy to load and free. Unlike many other packages, the free versions will fix any problems that are found. The Firefox browser can also be downloaded at FILEHIPPO. If you like the packages, you may purchase the complete/deluxe version.
Remember, never, ever pay a site to remove a virus that you were unexpectedly warned that you have. The warning itself is a virus and you are giving your credit card number to thieves.
__________________
Unkown
"A politician sees his family everyday; a deployed soldier once in 6 months or a year. A politician flies 1st class; a soldier flies in a C130. A politician's pension is not reduced; a soldier's is clawed 65%. A politician enjoys an expense account; a soldier must justify extra rations. A politician vows to defend their country; a soldier actually keeps that promise."
"Beware of fake quotes on the Internet." -- Abraham Lincoln.
|
PR31C is offline
|
|
07-28-2010, 23:22
|
#7
|
BANNED USER
Join Date: Jan 2007
Posts: 3,751
|
This thing is an absolute MF-er! It got into the computer downstairs that the kids use (mostly) and that thing is now a box that does NOTHING except offer the opportunity to pay $45 or $55 or $65 to download the "fix". We have no internet (except one window to buy the fix -- like hell) and can't get into Word (glad it's summer and school hasn't started), can't access downloaded pictures and BCMU's god-zillion songs are inaccessible. She is HOT!
So here is my question. . . how do I get these fixers that I read about here into a computer that can't get "here"?
|
Dozer523 is offline
|
|
07-29-2010, 05:18
|
#8
|
Quiet Professional
Join Date: Aug 2006
Location: Potomac River
Posts: 925
|
Dozer
Depending on how this thing is behaving, you may can start you computer in "safe" mode, and copy any needed files to a thumb drive. Then erase the whole machine down to empty. Reinstall the operating system and one by one reinstall the programs you need back on the machine.
After you get the machine totally erased you will need an OS. If you have to go and buy an OS then you may be better off just trashing the machine and starting over with an upgraded computer. What I did because I do my consulting work on my personal laptop was just to buy another laptop and make sure each one is totally backed up. I have long periods of time when I do not need a machine but when it is end of project time and the client is due the report then I have to be operational. Also I can take the old laptop hunting and not worry about destroying it with dust or bacon grease or bullet holes.
__________________
The man in black fled across the desert, and the gunslinger followed.
SFA M-9545
|
Buffalobob is offline
|
|
07-29-2010, 05:29
|
#9
|
Guerrilla
Join Date: Apr 2006
Location: Phoenix, AZ
Posts: 312
|
Get a copy of ERD Commander or Ultimate Boot CD for Windows. Bootable CDs which have access to your installed operating system. They also have limited antivirus capability. They won't get everything off your system, but will clean it up enough that you can get into windows and get rid of the rest.
|
Irishsquid is offline
|
|
07-29-2010, 06:23
|
#10
|
Area Commander
Join Date: Dec 2007
Location: UK
Posts: 2,952
|
Any thoughts about "Spybot Search & Destroy" and "Spyware Blaster"?
RF 1
|
Red Flag 1 is offline
|
|
07-29-2010, 14:09
|
#11
|
Guerrilla
Join Date: Apr 2006
Location: Phoenix, AZ
Posts: 312
|
Quote:
Originally Posted by Red Flag 1
Any thoughts about "Spybot Search & Destroy" and "Spyware Blaster"?
RF 1
|
Never tried spyware blaster, but Spybot S&D is not a bad program at all. I run it on my windows machines. Works better than ad-aware, by far.
|
Irishsquid is offline
|
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT -6. The time now is 21:28.
|
|
|