New Fake Antivirus.....Caution

Most of us are not "computer people" so post your technical questions and comments here. If you have computer or Internet expertise, share it here.

Moderators: carlson1, Keith B

Post Reply

Topic author
computerfixerguy
Junior Member
Posts in topic: 1
Posts: 8
Joined: Wed Aug 04, 2010 3:10 pm
Location: San Antonio TX
Contact:

New Fake Antivirus.....Caution

#1

Post by computerfixerguy »

Just wanted to remind you folks to update your antivirus, anti malware, and anti spyware and run a full system scan.

Ive just gotten 2 computers back to back that are both infected with what appears to be the latest round of the fake antivirus variant calling itself AntiMalwareDoctor.

This variant is much more insistent about not being removed, mess with it too much without knowing what you are doing and you may find yourself locked out of windows.

laterz,
computerfixerguy

Mike1951
Senior Member
Posts in topic: 1
Posts: 3532
Joined: Fri Dec 02, 2005 3:06 am
Location: SE Texas

Re: New Fake Antivirus.....Caution

#2

Post by Mike1951 »

MalwareBytes' Anti-Malware is the only one I trust to be both legitimate and effective.

The same goes for Avira AntiVir.
Mike
AF5MS
TSRA Life Member
NRA Benefactor Member

Lu1g1
Junior Member
Posts in topic: 1
Posts: 2
Joined: Thu Jan 13, 2011 8:42 pm

Re: New Fake Antivirus.....Caution

#3

Post by Lu1g1 »

This is really a disastrous virus. If you encountered this virus, you need to have an updated anti-virus. I am also worried about this virus because it can cause real damage to computer.
Last edited by Lu1g1 on Mon Jan 17, 2011 4:50 am, edited 1 time in total.
User avatar

pbwalker
Senior Member
Posts in topic: 1
Posts: 3032
Joined: Thu May 01, 2008 10:12 am
Location: Northern Colorado

Re: New Fake Antivirus.....Caution

#4

Post by pbwalker »

it's times like this where I am soooo glad I don't use a windoze machine anymore...
*NRA Endowment Member* | Veteran
Vote Adam Kraut for the NRA Board of Directors - http://www.adamkraut.com/
User avatar

baldeagle
Senior Member
Posts in topic: 1
Posts: 5240
Joined: Tue May 25, 2010 8:26 pm
Location: Richardson, TX

Re: New Fake Antivirus.....Caution

#5

Post by baldeagle »

You get the fake antivirus because either Adobe Reader, Java or Adobe Flash is not up to date. Make sure you keep all of those up to date all the time.
The Constitution preserves the advantage of being armed which Americans possess over the people of almost every other nation where the governments are afraid to trust the people with arms. James Madison
NRA Life Member Texas Firearms Coalition member

WarHawk-AVG
Senior Member
Posts in topic: 1
Posts: 1403
Joined: Sat Jul 28, 2007 11:05 pm

Re: New Fake Antivirus.....Caution

#6

Post by WarHawk-AVG »

TxLobo wrote:in reference to this..

I had a fun one at the start of the week that I had not run into before..

the computer would flash up that IE had been blocked by Microsoft Security Essentials due to being infected with a Win32 Trojan. Would I like to clean the infection?

I isolated the box and played with it for a bit.. if you agree to the "cleaner" it opens and starts searching for ANY anti virus/malware removal program that you have on your computer and will delete it.

Ended up I had to run rkills to stop the hidden processes, then I was able to install a fresh copy of Malwarebytes.. (if you tried to use the existing one, it would tell you it was infected and block it from running) .. Then you were able to clean the machine.

the trojan drops a file with the same name as a microsoft NT update called "hotfix.exe"

I use Malwarebytes, combofix and follow up with a separate independent scan from Eset.
Quick fix for that

A. Reboot in safe mode w/ networking
B. run msconfig, in there you will see a program with a really funky name, and it will be running from a "temp" dir, uncheck/disable it
C. Reboot in safe mode w/ networking (the program/services no longer running) update all anti-virus/malware, run what you can (sometimes they wont run in safe mode)
D. Reboot regular, re-run...you should be clean

Apply the hosts thing I have been posting about...my cousin keeps infecting her computer by doing facebook and junk...put that hosts entries in there..clean as a whistle for quite some time now.
A sheepdog says "I will lead the way. I will set the highest standards. ...Your mission is to man the ramparts in this dark and desperate hour with honor and courage." - Lt. Col. Grossman
‘All that is necessary for the triumph of evil is that good men do nothing’ - Edmond Burke
Post Reply

Return to “Technical Tips, Questions & Discussions (Computers & Internet)”