Results 1 to 4 of 4

Thread: Personal Antivirus (malware)

  1. #1
    mlail Guest

    Default Personal Antivirus (malware)

    Help, we have malware that keeps poping up stating that we have a trogen and to get rid of it we need to buy "Personal Antivirus". I see on the internet that this has attacked many people but all of the fixes point me to software that wants to charge me. ZoneAlarm Internet Security Suite (latest version) does not detect this and obviously won't remove it. Since malware is a form of spyware why is this not being addressed via ZAP? Does anyone have
    a free removal method or software package that works?
    Thanks,mlail

    Operating System:Windows XP Pro
    Software Version:8.0
    Product Name:ZoneAlarm Internet Security Suite

  2. #2
    Join Date
    Jun 2006
    Location
    The 3rd Coast - South Central Texas
    Posts
    10,465

    Default Re: Personal Antivirus (malware)

    Try to perform a full Antivirus/Antispyware scan but in SAFE MODE WITH NETWORKING.

    1. Disable system restore;2. Set ZA antispyware to "Deep inspection scan" under the advanced options on ZA antivirus/antispyware tab (detection);
    3. Reboot in SAFE MODE WITH NETWORKING;
    4. Manual run ZASS (ZA firewall will be OFF but Antivirus/Antispyware will be functional);
    5. Run a full ZA AV/AS scan;
    5. Reboot in Normal Mode
    6. Set ZA antispyware back to recommended settings ("Intelligent quick scan")7. Ensable System restore

    How to start in SAFE MODE WITH NETWORKING:
    http://www.bleepingcomputer.com/tuto...utorial61.html

    How to disable windows SYSTEM RESTORE:
    http://support.microsoft.com/kb/310405 If the abovefails try to clean your system with MBAM:http://www.malwarebytes.org/mbam.php
    WARNING: Some malware will block the download of this software, rename the installer to a random name before saving and running
    Download. update and scan with superantispyware FREE:
    http://www.superantispyware.com/download.htmlWARNING: Some malware will block the download of this software, rename the installer to a random name before saving and runningif the above fails try the bootable CD fromDrWeb:http://www.freedrweb.com/livecd/
    if ALL the above fails please post your Hijackthis log here:
    http://www.bleepingcomputer.com/forums/topic34773.html
    --------------------------------------------------------
    WinXP SP3
    ZoneAlarm Security Suite version:8.0.400.020
    TrueVector version:8.0.400.020
    Driver version:8.0.400.020
    Anti-virus engine version:6.0.2.678
    Anti-virus signature DAT file version:986124999
    Anti-spyware engine version:5.0.209.0
    Anti-spyware signature DAT file version:01.200906.6055
    AntiSpam version:6.0.0.1429
    -----------------------------------------------------------------
    GeorgeV
    ZoneAlarm® Extreme Security


    Click here for ZA Support
    Monday-Saturday__ 6am to 10pm Central time
    Closed Sundays and Holidays

  3. #3
    forum_moderator Guest

    Default Re: Personal Antivirus (malware)

    There is a good possibility we cant remove this.We suggest you use the free version of malwarebytes to detect and remove.Forum Moderator

  4. #4
    naivemelody Guest

    Default Re: Personal Antivirus/ Internet AntiVirusPro/ General Antivirus - MSRT

    If you've used June 9, 2009 - Microsoft updates - Windows Malicious Software Removal Tool, (MSRT) released Tuesday, adds detection for this dubious program, which masquerades as security software.<hr>Click here &gt; http://www.pcworld.com/businesscente...ml?tk=rel_news<hr>

    &quot;Microsoft has taken aim at a rogue antivirus program called Internet Antivirus Pro/ General Antivirus and Personal Antivirus.

    The company's latest update to its Windows Malicious Software Removal Tool, (MSRT) released Tuesday, adds detection for this dubious program, which masquerades as security software.

    Like all of these rogue antivirus products, Internet Antivirus Pro tries to trick victims into installing the software. It pops up a fake warning message and then pretends to scan the victim's computer. But instead of scanning for malicious software, Internet Antivirus downloads password-stealing software that looks for FTP user names and passwords, presumably so that its creators can install their software on Web servers.

    Internet Antivirus installs a browser component that displays fake messages, and it also pops up a fake Windows Security Center, Microsoft said in a
    blog posting Tuesday.

    The software has also used the names General Antivirus and Personal Antivirus...&quot;<hr>Download the MSRT for June 9 to remove 'some' of these types of 'rogue security/ scareware.'

    Here's a little tip
    I read about if you should ever come by one these types of 'pop-up/ rogue malware' ...

    Clicking the Red X button to end/ close the window page may not work ( it
    'may' continue to pop-up again and again
    and never close) ; instead open Task Manager and end that 'Application' web page -
    highlight and click 'End Task' button.

    Some of these types of 'rogue malware' will also try a 'drive-by-download' without your knowledge or consent.



    { personal note: I
    saw one of these 'pop-up rogue malware' - luckily for me I was using ForceField which caught the 'stealthy drive-by-download' attempt ~ ForceField download manager popped up and asked if I wanted to install the rogue software
    :0 yeah, right. }

    Message Edited by NaiveMelody on 06-11-2009 02:25 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •