Re: Antivirus 2009 hit?

That malware, and other similar ones.installs a program on Windows machines that takes over the computer. Then it wants the user to pay for a program to remove itself. Some people have actually paid. The removal program just further infects the machine. I have removed it from several of my clients Windows machines. When I encountered it on my Linux machine, I clicked on it to see what would happen. Nothing happened.

Re: Antivirus 2009 hit?

That's right, Detonate...

I've encountered that scam several times. I even see them as links inserted by search engines. Most that I've checked out have *.ru or *.cn in their URL, and all of them are specific to Windows vulnerabilities.

I get a laugh out of some of them when they "scan" my laptop (without asking) and then after a second or two, which is too soon for any actual scan to have been performed, immediately proclaim that they've found windows viruses!

Re: Antivirus 2009 hit?

if thats the one I think it is then I'v had sucsess removing it on 3 boxes with malwarebytes DL'd to a diferent box then moved in to the infected box thrugh a USB stick then install and run malwarebytes

the virus wouldent let you DL and install a antivirus on the infected box but doing it from USB worked.

but it's never done a thing to my Kubuntu

VINNY

Re: Antivirus 2009 hit?

I have a friend who has this (Antivirus 2009) on their PC. I've been trying to remove it. Is what you describe as simple as downloading malwarebytes and installing it to a USB stick, plugging it into the infected PC, and running the app from the stick?

Where is the *safe* website from which it can be downloaded?

Re: Antivirus 2009 hit?

http://www.malwarebytes.org/ and http://www.malwarebytes.org/products.php

all I did was put the dl'd instaler/executibal on the USB stick and then copy it to the infected box and run it.

the virus seamed to disabel antiviruses that were downloded to the box (avast) but transfering from a stick worked with malewarebytes

VINNY

Re: Antivirus 2009 hit?

Thank you. I'll give that a try.

Re: Antivirus 2009 hit?

Malwarebytes is an excellent program. I usually remove the hard disk from the infected computer and mount it to my computer using my USB hard drive adapter
http://www.geeks.com/details.asp?invtid=2020&cpc=SCH
and run Malwarebytes on the infected drive that way.

Re: Antivirus 2009 hit?

My wife keeps getting it on her eMac, a reboot wipes it. Thank God we don't have a PC with Microsoft systems. I went straight to Linux when I got my Dell laptop and never turned back.

Re: Antivirus 2009 hit?

I've actually had a few systems at work get this and we have all the neat tools to help M$ Windows from getting infected. It still got this one. Anyway, the ones we have "received" installs usually in the "C:\Program Files" directory. Easy to locate and delete in "Safe' mode. I've never seen it add registry entries or even located any other than what I remove using "Startup Control Panel". I actually laugh when people @ work tell me they have they same thing @ home and they can't use their computer any more. I do however give them the link to Malware Bytes' site.

Re: Antivirus 2009 hit?

These scans are written by poor coders who cannot detect when they are "scanning" a Windows box or an Apple or Linux box. As I said before, it is really laughable when they claim that they have detected "somevirus.exe" on my Kubuntu box.

One of the first "games" I played using Linux, nearly a decade ago, was to see how Windows viruses worked by installing WINE and then firing off the windows virus or Trojan inside of WINE. It's so easy to determine what additional files and directories the infection created and how it worked and what its payload did. Then, when I was done playing, I'd blow WINE off and reinstall it and play with another virus. It was on and off again fun for about a year. It soon became obvious that there are only a handful of infection routes, less than a dozen, and that virus makers were merely changing a single variable name or an arbitrary address in order to create a "new" virus that could fool the anti-virus programs. Even though a new vaccine file ( *.dat) could be generated within a couple months by the AV software companies, a couple of months was long enough for a virus to infect MILLIONS of computers. In fact, I still have an animated gif file that shows the MASSIVE world wide infection of the CodeRed virus which occurred in under 24 hours.

Nearly a decade later the number of routes available to infect Windows boxes has hardly changed, but even a slight variation in the code of an old virus is all it takes to fool the latest AV product. It's no wonder that the total number of Windows viruses has passed one million per year and is closing in on two million per year. The website "AV-comparatives" uses about two million infection agents in its test of the effectiveness of AV products. In fact, AV software makers are having a hard time keeping up with the bad guys.

Everyone has a method or formula for keeping Windows installations "free" of malware, but MILLION zombie Windows bot farms still get created anyway because few people know enough or can afford to follow the advice. It's as if Microsoft coded insecurity into their OS deliberately just to create a market for AV products which, as it turns out, aren't good enough, fast enough to detect the "new" old bugs.

Re: Antivirus 2009 hit?

Intresting, didn't know that it would show up at all tbh (and probably would be quite concerned if it showed up on my machine)

I have a question though, more in general, that I've been thinking about, what about hand held devices? My HTC hero is quite a powerful machine (comparing to the machines I've/family had since early '90s).
How do android, for instance, compare on the security? I can install quite a lot of apps, but they are from googles repo "market" however, but I could set it to install from websites (by default that option is unchecked).
I haven't read about any malware on any android phones/devices yet, would there be any risk of any showing up? I'm not sure about the root privileges but it as far as I can tell users don't have any on HTC hero/Android .. or am I wrong?