Results 1 to 8 of 8

Thread: ANTIVIRUS PRO 2009 fix

  1. #1
    rightzilla Guest

    Default ANTIVIRUS PRO 2009 fix

    I have scanned my computer three times since I got my zone alarm yesterday. However, it has failed to remove this malicious software that appeared on my computer the day before I got the zone alarm software. It appears to have removed a few components, but there is still a red circle with an X in my tray and it continually pops up and warns me if viruses I supposedly have and tries to reinstall the parts that have been removed....ANY SUGGESTIONS??

    Operating System:Windows XP Home Edition
    Software Version:8.0
    Product Name:ZoneAlarm Internet Security Suite

  2. #2

    Default Re: ANTIVIRUS PRO 2009 fix

    Try this, download Malwarebytes ( the free version) start your computer in safe mode, run a full scan , let the scanner remove whatever is found.



    http://www.malwarebytes.org/mbam.php

  3. #3
    hulabird Guest

    Default Re: ANTIVIRUS PRO 2009 fix

    I got this virus about 4 hours ago and it is now removed, I am hopefully fully rid of it. Here is how it happened to me (I am posting because others on this board were so helpful to me). I was working online and suddenly my PC completely restarted and when I came back this pop up came up in the task bar and said my computer was infected, It said "windows" had detected it, so I clicked the round red circle that had a whote x in it and it took me to a page saying I could purchase the antivirus pro 2009 and that I had trojans on my PC, well I have zone alarm antivirus and firewall running so I did not make the purchase--however I did think it was windows, and so I was not understanding why windows is telling me I have no anti virus software when I have had zone alarm for some time now, so I went to WIN security center and it showed I had no anti virus but there was a link to get antivirus pro 2009...I did not click it. I then tried to get to the internet to go to zonelabs.com and it would not let me, I tried several antivirus sites and to no avail, I then went to do a yahoo search and found the malwarebytes info and downloaded it. Before this I tried my spybot search and destroy, but I could not get it to work, I then went to download.com and downloaded a new copy, but it would not allow a certain driver to install, (all the while I was running zone alarm) when zone alarm finished I could suddenly get spybot to work, and I still could not get it to update, but just ran it as it was. This virus literally stops you from going to sites to try to remove it! In my yahoo search, I found an article about how to manually remove it, but after I rebooted my PC and came back to get it, it would not let me get to it again, it is like it KNEW what it was all about! Also when I tried to shut down to restart my PC, it would not work and I had to manually push the power button to shut down. I am thinking zone alarm got some of it but not all, because after I came back on, that little icon in the task bar kept popping up--non stop. I ignored it and scanned with CCleaner and at the same time malwarebytes. After malwarebytes was done and I removed everything (there were tons of the antivirus pro 2009 files) I restarted and now everything seems back to normal. I am kind of aggravated that zone alarm did not catch this, why??????? I switched from Norton and now I am not sure that was smart. Anyway, I THINK my problem is solved, I was able to get to this forum and wasn't before removing the virus. Hope this helps someone else. It is hard to know who to trust when this happens, but zone alarm is a site I do trust. BUT PLEASE find a way to stop this virus!

  4. #4
    naivemelody Guest

    Default Re: AntiVirus Pro 2009/ AntiVirus 2008/ 2009 - malware

    Variations of AntiVirus
    XP 2008/ AntiVirus 2009 - Malware<hr>Just for your info. I just read a nicely detailed analysis of this type of 'scareware' virus. Click here &gt; http://www.theregister.co.uk/2008/08...omy_of_a_hack/
    -
    &quot;Anatomy of a malware scam. The evil genius of XP AntiVirus 2008&quot; by Jesper M. Johansson - dated Aug. 22, 2008 - It's kinda of long, but it's very detailed and very telling.<hr>&gt; http://forums.zonelabs.org/zonelabs/...d=117008#M4535 - past posts on this matter<hr>Nov.11, 2008
    - Malicious Software Removal Tool - doing good at removing many &quot;W32/FakeSecSen,&quot; the malware label for a broad range of bogus security program with names such as &quot;Advanced Antivirus,&quot; &quot;Spyware Preventer,&quot; &quot;Ultimate Antivirus 2008&quot; and &quot;XPert Antivirus.&quot; Click here &gt; http://forum.zonelabs.org/zonelabs/b...thread.id=4964<hr>X-(NaiveMelody NYC 11-9-08 - It's Tricky - Run DMC



    Message Edited by NaiveMelody on 11-22-2008 11:14 PM

  5. #5
    writer Guest

    Default Re: AntiVirus Pro 2009/ AntiVirus 2008/ 2009 - malware

    I have read that detection and prevention of this particular &quot;rogue&quot; malware is very hard to keep up with for security vendors including Check Point I'm sure, because of new and different variants. However, I would think ZA's OS Firewall would be of some help in prevention of it by alerting the person that something is trying to enter their PC. Any comments on this by you long term ZA users. Thanks.

  6. #6
    monkeshine Guest

    Default Re: ANTIVIRUS PRO 2009 fix

    Quote Originally Posted by hulabird View Post
    I am kind of aggravated that zone alarm did not catch this, why??????? I switched from Norton and now I am not sure that was smart. Anyway, I THINK my problem is solved, I was able to get to this forum and wasn't before removing the virus. Hope this helps someone else. It is hard to know who to trust when this happens, but zone alarm is a site I do trust. BUT PLEASE find a way to stop this virus!
    I have been using ZoneAlarm for years and years. This SCAMWARE or SPYWARE or VIRUS or whatever you want to call it is extraordinarily malicious. It is "Antivirus Security Pro" or "Antivir Pro" or "Antivirus Pro" or something similar. The makers have different versions of the same software apparantly.

    This scamware takes near complete control of all resources. It puts up fake alerts that look identical to windows alerts. It puts up the windows screen that tells you your firewall is on but your spyware is out of date. This too is probably fake but looks authentic.

    I am terribly, horribly disappointed that ZoneAlarm did not catch this and stop it. I am running the most up to date version and in fact did a manual update to make sure I wasn't missing something, hoping that an update would kill it but there were no updates availablle

    I could not get rid of this scamware. I found a couple of websites that explained how to remove it, but unfortunately in my case this thing jammed up my machine pretty bad. I am going to have to re-install a new boot drive. I am not a happy person today. I have been an advocate of ZoneAlarm but this one really made me mad. This scamware has been around for more than a year. ZoneAlarm should have defenses against it!

    FYI just moments before, I got an alarm I had never seen before something like "AZ.exe is trying to use 557.exe to access the internet" which of course denied, but not long after this thing came up. Not sure if they are related but that is what happened. (Not 100% sure of those names but similar to that).

    According to the instructions I read, to get rid of it manually you had to open in safe mode, so I switched the login to safe mode and now the machine won't get to a startup screen. Just loops around and around. So I am considering my boot drive dead and will have to install a new one. Very annoying! I'm very disappointed that ZA did not stop it.

  7. #7
    Join Date
    Aug 2009
    Location
    Texas Gulf Coast
    Posts
    1,648

    Default Re: ANTIVIRUS PRO 2009 fix

    Quote Originally Posted by monkeshine View Post
    According to the instructions I read, to get rid of it manually you had to open in safe mode, so I switched the login to safe mode and now the machine won't get to a startup screen. Just loops around and around. So I am considering my boot drive dead and will have to install a new one. Very annoying! I'm very disappointed that ZA did not stop it.
    Have you already run a rescue disk?

    If your computer is non-bootable you could create a rescue disk at this link :

    http://www.freedrweb.com/livecd/how_it_works/

    There are some free ISO burners you can use also.

    Have a nice Day
    Last edited by Sky Soldiers; November 29th, 2009 at 12:20 PM. Reason: paraphrase

  8. #8
    badtothebone Guest

    Default Re: ANTIVIRUS PRO 2009 fix

    I caught this rogue variant yesterday. I've used zone for years and I'm kind of PO'D they were not able to nail it in realtime. Anyway, the version that hit me was "antivirus system pro". First displayed false security alert followed by 'system infected' warnings, then hijacked ie7 to a porn site, asking all the time if i wanted to buy 'protection'. It did manage to lock up task manager and i could not reboot to safe mode or execute any app after reboot. Restore was also locked out. Read several google posts on a clean computer regarding this but these were mostly promoting their own spyware via cheesy "forum discussions." (Are these guys writing this rogue **** in the first place?) Finally got rid of it by clicking taskmanager first thing after reboot before other processes load up. Go to processes and stop anything like ****sysguard. Then download MBAM (malwarebytes antimalware), run it and quarantine what comes up. Do not keep rebooting or this thing will lock up your whole system and you will have to reinstall OS. Pretty sophisiticated for spyware so i re-scanned zone and it came up with Trojan.Win32.FraudPack.abrl and I quarantined that. Everything seems OK now. Hope this helps.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •