Beware fake virus protection

Had these bloody things on my XP partition on my Mackbook and on my XP PC at work - they are a pain and normal antivirus does not detect or delete them - had to google for a tool to remove the buggers which was successful though.
 
My laptop got infected by one these fake security apps, Wista AntiVirus. It killed McAfee and prevented most other antivirus apps I tried from working correctly. It removed all access to the registry and the task manager making removal virtually impossible.

I finally tried Malwarebytes' Anti-Malware which was mentioned on a blog page i found; fortunately I still had access to the internet.

McAfee was useless in this instance...Wista Antivirus was never even mentioned on the McAfee website when I did a search for it. Useless!
 
get them at work every now and then, people just click on stuff :rolleyes:

i use spybot, processExplorer and securitytaskmanager to remove them.
 
Yeah, we got them for awhile. Had internet access removed from some PCs that actually didn't need access to the 'net, and now all is well. For now.

B
 
At work we've got a Smoothwall (and Eset Smart Security on one machine; McAfee on another; and AVG Free on the rest), and at home I use NOD32 on my Vista partition:).

Haven't had any problems in the last eight months [after the Smoothwall and Eset Products were introduced]:D.
 
Started a policy at work where I install Ubuntu Linux on any box that gets infected with malware. After the the first couple of installations it's amazing how the infections dropped off.. :D
 
I got that "Windows Anti-Virus" and it screwed up my original Anti-virus, had to format the drive cause I couldn't do anything. My drives and program list just disappeared and it kept trying to connect me to the internet. I made sure I put on some high protection via firewall this time round :D
 
As I use OpenSuSE most of the time, I'm not worried about some pox blight infecting my PC... :)

Same here. Few times I have to use windows for CoD4 etc I go so far as to unplug the network cable. :D
 
in the link rpm gave to the flickr picture, one guy commented and said it was "effective"

LOL...
 
Easy fix

I pluged in my Eee PC to an users home pc that got infected, ran KlamAV on c$ (eee comes with it on) and it was sorted....

To be honest best way to get rid of the virus is install Linux
 
This is old news...

I myself got infected with this crap through no fault of my own. It was "bundled" with other viruses located in a dodgy Winzip install package
 
so are we saying that linux will never become a virus target?
 
I have seen something similar on a client’s computer about two years back, there was a popup on right hand side saying something like - the computer is infected by some spyware or viruses and when you click on the popup it takes you to a site where you can buy fake antivirus/antispyware software bundled with some free viruses:eek:. The funny thing was I could not find a process responsible for the popup and antivirus software turned up nothing; it seemed to be somehow embedded in the shell. After a while, I found a little program called SmitfraudFix, which did the job at removing the damn thing.
 
I have cleaned a few pc's successfully from these type of nasties.
These are the main things to get rid of these.I must stress that no antivirus will clean it.
1-hijackthis is a must tool
2-spybot search and destroy
3-system restore turned off
4-disable startup
5-Redo again after every restart;)
never forget the small apps on the net for the specific ones like vundufix,SmitfraudFix....etc
 
Depends

so are we saying that linux will never become a virus target?

If you run Linux properly (not as root) there is alot less damage a virus can do when it hits a Linux box. That in its own would limit its spread, and it would be limited to the users home directory.

The fact that Linux is OpenSource also makes it less prone to stay open for 8+ years after a well documented flaw has been found. Example

So I will not go and say never, but I would say the chances of it getting and spreading would be far less than Microsoft, also that the damage caused would in most cases be very limited, and it will actually get fixed, not worked around.
 
I have cleaned a few pc's successfully from these type of nasties.
These are the main things to get rid of these.I must stress that no antivirus will clean it.
1-hijackthis is a must tool
2-spybot search and destroy
3-system restore turned off
4-disable startup
5-Redo again after every restart;)
never forget the small apps on the net for the specific ones like vundufix,SmitfraudFix....etc

I've used Hijackthis a bit, but it's logs are so complicated and it's difficult to really know what it's finding, i.e. whether or not it's finding cr4p.

Where is a good place to submit the logs to for others to tell you whether you have malware or not? Obviously this forum has knowledable types on it, but I'm wondering if there is a specialist forum for this somewhere? (Guess I will look at their main website for a start though :D)

Is Spybot free s/w, as far as I can tell it is?

Why will system restore being turned off aid in malware removal?

What do you mean by disable startup? Do you mean disable the malware's start up? How do you go about that? Surely most malware is designed to stop you from doing so?
 
Top
Sign up to the MyBroadband newsletter