Lyrics & Knowledge Personal Pages Record Shop Auction Links Radio & Media Kids Membership Help
The Mudcat Cafemuddy

Post to this Thread - Sort Descending - Printer Friendly - Home


Tech: Antivirus 2009 Scam/Antivirus Plus Infection

GUEST,Murphy 03 Dec 08 - 04:56 PM
Acme 03 Dec 08 - 07:01 PM
Bill D 03 Dec 08 - 07:11 PM
Joe Offer 03 Dec 08 - 07:16 PM
Bill D 03 Dec 08 - 07:41 PM
GUEST,Erik 04 Dec 08 - 05:39 AM
GUEST,Tootler on Mrs T's Computer 07 Jan 09 - 12:39 PM
Joe Offer 07 Jan 09 - 03:01 PM
Mick Pearce (MCP) 07 Jan 09 - 03:25 PM
Janie 07 Jan 09 - 03:31 PM
MissouriMud 07 Jan 09 - 05:01 PM
Tootler 07 Jan 09 - 05:30 PM
Bill D 07 Jan 09 - 06:18 PM
bobad 07 Jan 09 - 06:44 PM
GUEST,UncleLD 08 Jan 09 - 04:25 AM
Bonnie Shaljean 08 Jan 09 - 07:28 AM
Bill D 08 Jan 09 - 10:21 AM
GEST 08 Jan 09 - 09:02 PM
Acme 09 Jan 09 - 01:46 AM
Share Thread
more
Lyrics & Knowledge Search [Advanced]
DT  Forum
Sort (Forum) by:relevance date
DT Lyrics:





Subject: Tech: Antivirus Plus Infection
From: GUEST,Murphy
Date: 03 Dec 08 - 04:56 PM

My PC has been taken over by Antivirus Plus. It would also appear that every web site which might help me to remove this trojan has been
infected by the same virus. Can anyone help me to CLEAR OUT this nuisance.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Antivirus Plus Infection
From: Acme
Date: 03 Dec 08 - 07:01 PM

That's a nasty program the copies the look of many other legitimate programs and is just waiting to catch the unwary.

From a site I find very helpful, http://www.bleepingcomputer.com/:

    How to remove Antivirus Plus (Uninstall Instructions)
    Posted by Grinler on October 23, 2008

    What this programs does:

    Antivirus Plus is a rogue anti-spyware that uses false advertisements as a way to convince you to install their product. Once installed, Antivirus Plus will be configured to start automatically by launching the file C:\Windows\system\rundll32.exe. Once launched the program will scan your computer and state that your computer is infected with a variety of malware, but does not allow you to remove anything unless you first purchase the program. While Antivirus Plus is running you will also see frequent nag screens stating that you should purchase the program as well as fake security alerts stating your computer is infected. Furthermore, this program will launch a pop-up Window that pretends to be the Windows Security Center. This Window is just another advertisement trying to scare you into purchasing the software and should be ignored as it is not the real Windows Security Center.


The rest of that information is here. Scroll down the page and it gives you information for removing it. You may need to pick up another free program to get rid of it.

SRS


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Antivirus Plus Infection
From: Bill D
Date: 03 Dec 08 - 07:11 PM

When *I* am in charge, those folks will be prosecuted for false advertising, and anything else I can think of...


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Antivirus Plus Infection
From: Joe Offer
Date: 03 Dec 08 - 07:16 PM

I had a very similar problem on a computer where I do volunteer work. It gets used by a lot of different people, and it's amazing what people click on and what they install just because it's a free download.

I couldn't find a program that would remove the trojan, so I ended up saving the data and restoring Windows XP. It had the side benefit of making the machine act like a brand-new computer.

-Joe-


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Antivirus Plus Infection
From: Bill D
Date: 03 Dec 08 - 07:41 PM

Here is a page with a lot of ways to cope...

http://www.refdesk.com/anti.html


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Antivirus Plus Infection
From: GUEST,Erik
Date: 04 Dec 08 - 05:39 AM

Guess you have got the nasty version.

It includes a driver also loading in secure mode called TDSSsys - it's removeable but its a tough one, try malwarebytes.org for instructions. You can't surf from the infected machine - use another one.


Post - Top - Home - Printer Friendly - Translate

Subject: Tech: Warning: Antivirus Scam
From: GUEST,Tootler on Mrs T's Computer
Date: 07 Jan 09 - 12:39 PM

My daughter had a warning of security risks from various malware on her computer this morning by something called "Antivirus 2009"

Her computer came with a trial edition of McAfee which had not expired and had not picked up any of the "risks". However it was clear that McA had not updated itself nor was it functional, so I downloaded AVG free and Spyware Terminator which I use on other computers in the house and ran scans.

Spyware terminator picked up AV2009 as a false antivirus program and removed it.

Beware if you get messages from this beastie. It looks very convincing and asks you to register before it will remove the alleged malware so it looks to me like it's after your personal details and is itself malware


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Antivirus 2009 Scam/Antivirus Plus Infection
From: Joe Offer
Date: 07 Jan 09 - 03:01 PM

Hi, Tootler -

I combined your message with information from another thread. I'm not completely sure how the process works, or how to deal with these false avtivirus programs. I had to reinstall Windows XP to get rid of the "Antivirus" malware that hit a computer where I do volunteer work. No removal tool seemed to touch it - but that was quite some time ago, and maybe there a better removal tools available now. The computer that was hit did not have up-to-date antivirus software, and our computers were being maintained by the brothers and boyfriends of our college interns. After that mess, I took over maintenance of our computers.

As I understand it, these false antivirus programs are installed by a trojan horse or worm, one of the two. The programs then regularly flash a notice that your computer is not protected, and give you a link to a site where you can buy antispyware or an antivirus program. I can't imagine that you will actually get what you pay for, or that you will pay only the amount they tell you they will charge. Quite likely, following the link will allow them to steal your credit card and personal information.

Whatever the case, these false antispyware programs are a real mess to deal with, and it's far better to keep your computer protected with an up-to-date, reputable antivirus program that will not allow these programs to install themselves. Many Internet providers will give you Norton or McAfee antivirus for free - AT&T and Comcast now offer McAfee Internet Security Suite, although I'm still running the Norton Internet Security that AT&T formerly provided (and still continues to update for free).

-Joe-


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Antivirus 2009 Scam/Antivirus Plus Infection
From: Mick Pearce (MCP)
Date: 07 Jan 09 - 03:25 PM

I think malwarebytes anti-malware removes the Antivirus2009 and its relatives (and is free and safe!).

Mick


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Antivirus 2009 Scam/Antivirus Plus Infection
From: Janie
Date: 07 Jan 09 - 03:31 PM

I had the same problem a few months back. Malwarebytes took care of it pronto (and thanks to the Mudcatters who directed me there!)


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Antivirus 2009 Scam/Antivirus Plus Infec
From: MissouriMud
Date: 07 Jan 09 - 05:01 PM

AI had trouble getting rid of this thing with my normal systems - they would show it being deleted but it would come right back.   I tried using the fixes I found on the web but either they didnt work or I wasnt able to follow the instructions right.   Also I was concerned that I could not differentiate real fixes from fake ones.

However I managed to get rid of it this way:
One of the things the virus does is to block the ability to get Windows Update updates, which may be critical to dealing with it. While I could not get through to Windows Update, I was able to get directly to the microsoft.com site and through that site I got a free download of Windows Defender - which in relatively short order solved the problem (including enabling me to get Windows Update going again).   Basically running Windows Defender plus getting the new windows security patches via windows updates plus running my normal virus/spyware/adware systems (making sure they were all updated) solved the problem.   It might not work for everyone but it worked for me.

One other thing I did was switch from Windows Explorer to another browser that some folks seem to think is less susceptible to attack, but I really dont know if that was a factor in getting rid of the virus.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Antivirus 2009 Scam/Antivirus Plus Infection
From: Tootler
Date: 07 Jan 09 - 05:30 PM

I did not click on the "register" button on AV2009 but updated alternative defense. AVG did not pick it up, but Spyware Terminator did and said it had dealt with it, but I will check again in the morning, given what has been said above.

The whole thing looks very convincing, and has some pretty alarming messages, so whatever you do, do not under any circumstances click on register.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Antivirus 2009 Scam/Antivirus Plus Infection
From: Bill D
Date: 07 Jan 09 - 06:18 PM

Just as an aside...McAfee AV has a very 'mixed' reputation among experts. VERY few recommend it highly. They survive mostly by selling it cheaply to be installed with new computers...etc. I will not have it on one of mine.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Antivirus 2009 Scam/Antivirus Plus Infection
From: bobad
Date: 07 Jan 09 - 06:44 PM

I was told by some computer tech guys that AVG Free was also not very good but that the purchased AVG was. I have been running AVG Free for a few years now and have not had any problems with viruses or anything else. What is the general opinion around here about AVG Free compared to other AV programs.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Antivirus 2009 Scam/Antivirus Plus Infection
From: GUEST,UncleLD
Date: 08 Jan 09 - 04:25 AM

Thank You From the Bottom of my Heart

Your posting about malwarebytes worked great and the ZLOB Virus
was removed. I had previously tried everthing including Spy Bot
and Windows defender. My system restore is back to normal and
I am able to obtain Windows Updates which the Zlob Virus has stopped.

Thank You Very Much MUDCATS


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Antivirus 2009 Scam/Antivirus Plus Infec
From: Bonnie Shaljean
Date: 08 Jan 09 - 07:28 AM

Bobad, my partner and I both use the free AVG an our computers (running Windows XP, with the most recent Firefox as the browser) and have no problems at all. AVG certainly seem to keep their updates current. Do these computer tech guys perhaps have an agenda to sell something? Anyway, no complaints about AVG from either of us -

BTW Mudcat was where I heard about AVG. This place is better than any dedicated help forum I've ever visited.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Antivirus 2009 Scam/Antivirus Plus Infection
From: Bill D
Date: 08 Jan 09 - 10:21 AM

I have used AVG free for maybe 6 years with no problems....


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Antivirus 2009 Scam/Antivirus Plus Infection
From: GEST
Date: 08 Jan 09 - 09:02 PM

I've used AVG free without any problems as well, but I downloaded http://malwarebytes.org/mbam.php today and started out with the quick scan of my entire laptop which took about 30 minutes to scan over 50,000 objects. It found 14 of them infected, itemized them for my review, and deleted them all with the press of a button. AVG never knew they were there.

GEST Songs of Newfoundland and Labrador


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Antivirus 2009 Scam/Antivirus Plus Infection
From: Acme
Date: 09 Jan 09 - 01:46 AM

I've been reinstalling my computer after replacing the hard drive (the problem wasn't a virus, it was a program that didn't go quietly when it was uninstalled. Since a lot of work is involved, I figured I'd do it on a bigger new fast hard drive.) I see that the first link I posted to BleepingComputer went awry (it has a mudcat address chunk it in somehow).

The ironic thing is that when these sites have ads served by Google, you can actually end up with problem software prominently displayed in the site with the solution and have to pay attention and avoid the ads and getting the wrong software.

Buyer beware, even when it's free! I'm glad the answers worked for you. I'm loading my usual set of programs (AVG Antivirus, Spybot, Spywareblaster, Kerio, WinPatrol. . .).

SRS


Post - Top - Home - Printer Friendly - Translate
  Share Thread:
More...

Reply to Thread
Subject:  Help
From:
Preview   Automatic Linebreaks   Make a link ("blue clicky")


Mudcat time: 20 August 7:57 PM EDT

[ Home ]

All original material is copyright © 1998 by the Mudcat Café Music Foundation, Inc. All photos, music, images, etc. are copyright © by their rightful owners. Every effort is taken to attribute appropriate copyright to images, content, music, etc. We are not a copyright resource.