Announcement

Collapse
No announcement yet.

Antivirus 2009 hit?

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Antivirus 2009 hit?

    Hello, I've just been hit with what i think is Antivirus 2009. It's sitting in firefox waiting for me to activate it. I was hit by the 2008 version so i know what i'm looking at. That one cost me my hard drive. So i could reboot and it might kick it. I'm trying to find it with a scan but nothing with chkrootkit, if you know of a good scanner i would mind finding this thing and diesecting it. But more than anything i'd like to activate it and see if linux is immunised as they say. What do you think? good idea or let someone else find out.
    So it's out there right beside the conflicker so be careful. i got hit looking for a RS232 adapter in my home town at that, Edmonton Ab.Ca Do not click on any part of that box and your done, that includes the close button. To shut it off use the system monitor but it's not gone it's there when i open it again. See attachment.
    Attached Files

    #2
    Re: Antivirus 2009 hit?

    That malware, and other similar ones.installs a program on Windows machines that takes over the computer. Then it wants the user to pay for a program to remove itself. Some people have actually paid. The removal program just further infects the machine. I have removed it from several of my clients Windows machines. When I encountered it on my Linux machine, I clicked on it to see what would happen. Nothing happened.

    Comment


      #3
      Re: Antivirus 2009 hit?

      That's right, Detonate...

      I've encountered that scam several times. I even see them as links inserted by search engines. Most that I've checked out have *.ru or *.cn in their URL, and all of them are specific to Windows vulnerabilities.

      I get a laugh out of some of them when they "scan" my laptop (without asking) and then after a second or two, which is too soon for any actual scan to have been performed, immediately proclaim that they've found windows viruses!

      "A nation that is afraid to let its people judge the truth and falsehood in an open market is a nation that is afraid of its people.”
      – John F. Kennedy, February 26, 1962.

      Comment


        #4
        Re: Antivirus 2009 hit?

        if thats the one I think it is then I'v had sucsess removing it on 3 boxes with malwarebytes DL'd to a diferent box then moved in to the infected box thrugh a USB stick then install and run malwarebytes

        the virus wouldent let you DL and install a antivirus on the infected box but doing it from USB worked.

        but it's never done a thing to my Kubuntu

        VINNY
        i7 4core HT 8MB L3 2.9GHz
        16GB RAM
        Nvidia GTX 860M 4GB RAM 1152 cuda cores

        Comment


          #5
          Re: Antivirus 2009 hit?

          I have a friend who has this (Antivirus 2009) on their PC. I've been trying to remove it. Is what you describe as simple as downloading malwarebytes and installing it to a USB stick, plugging it into the infected PC, and running the app from the stick?

          Where is the *safe* website from which it can be downloaded?
          Windows no longer obstructs my view.
          Using Kubuntu Linux since March 23, 2007.
          "It is a capital mistake to theorize before one has data." - Sherlock Holmes

          Comment


            #6
            Re: Antivirus 2009 hit?

            http://www.malwarebytes.org/ and http://www.malwarebytes.org/products.php

            all I did was put the dl'd instaler/executibal on the USB stick and then copy it to the infected box and run it.

            the virus seamed to disabel antiviruses that were downloded to the box (avast) but transfering from a stick worked with malewarebytes

            VINNY

            i7 4core HT 8MB L3 2.9GHz
            16GB RAM
            Nvidia GTX 860M 4GB RAM 1152 cuda cores

            Comment


              #7
              Re: Antivirus 2009 hit?

              Thank you. I'll give that a try.
              Windows no longer obstructs my view.
              Using Kubuntu Linux since March 23, 2007.
              "It is a capital mistake to theorize before one has data." - Sherlock Holmes

              Comment


                #8
                Re: Antivirus 2009 hit?

                Malwarebytes is an excellent program. I usually remove the hard disk from the infected computer and mount it to my computer using my USB hard drive adapter
                http://www.geeks.com/details.asp?invtid=2020&cpc=SCH
                and run Malwarebytes on the infected drive that way.

                Comment


                  #9
                  Re: Antivirus 2009 hit?

                  My wife keeps getting it on her eMac, a reboot wipes it. Thank God we don't have a PC with Microsoft systems. I went straight to Linux when I got my Dell laptop and never turned back.
                  Robert Collard, Springfield, IL<br />Dell Inspiron 1545 Laptop, Intel Duo T3400 CPUs @2.16Ghz<br />Xubuntu 9.10 x86_64

                  Comment


                    #10
                    Re: Antivirus 2009 hit?

                    I've actually had a few systems at work get this and we have all the neat tools to help M$ Windows from getting infected. It still got this one. Anyway, the ones we have "received" installs usually in the "C:\Program Files" directory. Easy to locate and delete in "Safe' mode. I've never seen it add registry entries or even located any other than what I remove using "Startup Control Panel". I actually laugh when people @ work tell me they have they same thing @ home and they can't use their computer any more. I do however give them the link to Malware Bytes' site.

                    Comment


                      #11
                      Re: Antivirus 2009 hit?

                      These scans are written by poor coders who cannot detect when they are "scanning" a Windows box or an Apple or Linux box. As I said before, it is really laughable when they claim that they have detected "somevirus.exe" on my Kubuntu box.

                      One of the first "games" I played using Linux, nearly a decade ago, was to see how Windows viruses worked by installing WINE and then firing off the windows virus or Trojan inside of WINE. It's so easy to determine what additional files and directories the infection created and how it worked and what its payload did. Then, when I was done playing, I'd blow WINE off and reinstall it and play with another virus. It was on and off again fun for about a year. It soon became obvious that there are only a handful of infection routes, less than a dozen, and that virus makers were merely changing a single variable name or an arbitrary address in order to create a "new" virus that could fool the anti-virus programs. Even though a new vaccine file ( *.dat) could be generated within a couple months by the AV software companies, a couple of months was long enough for a virus to infect MILLIONS of computers. In fact, I still have an animated gif file that shows the MASSIVE world wide infection of the CodeRed virus which occurred in under 24 hours.

                      Nearly a decade later the number of routes available to infect Windows boxes has hardly changed, but even a slight variation in the code of an old virus is all it takes to fool the latest AV product. It's no wonder that the total number of Windows viruses has passed one million per year and is closing in on two million per year. The website "AV-comparatives" uses about two million infection agents in its test of the effectiveness of AV products. In fact, AV software makers are having a hard time keeping up with the bad guys.

                      Everyone has a method or formula for keeping Windows installations "free" of malware, but MILLION zombie Windows bot farms still get created anyway because few people know enough or can afford to follow the advice. It's as if Microsoft coded insecurity into their OS deliberately just to create a market for AV products which, as it turns out, aren't good enough, fast enough to detect the "new" old bugs.
                      "A nation that is afraid to let its people judge the truth and falsehood in an open market is a nation that is afraid of its people.”
                      – John F. Kennedy, February 26, 1962.

                      Comment


                        #12
                        Re: Antivirus 2009 hit?

                        Intresting, didn't know that it would show up at all tbh (and probably would be quite concerned if it showed up on my machine)

                        I have a question though, more in general, that I've been thinking about, what about hand held devices? My HTC hero is quite a powerful machine (comparing to the machines I've/family had since early '90s).
                        How do android, for instance, compare on the security? I can install quite a lot of apps, but they are from googles repo "market" however, but I could set it to install from websites (by default that option is unchecked).
                        I haven't read about any malware on any android phones/devices yet, would there be any risk of any showing up? I'm not sure about the root privileges but it as far as I can tell users don't have any on HTC hero/Android .. or am I wrong?
                        ASUS M4A87TD | AMD Ph II x6 | 12 GB ram | MSI GeForce GTX 560 Ti (448 Cuda cores)
                        Kubuntu 12.04 KDE 4.9.x (x86_64) - Debian "Squeeze" KDE 4.(5x) (x86_64)
                        Acer TimelineX 4820 TG | intel i3 | 4 GB ram| ATI Radeon HD 5600
                        Kubuntu 12.10 KDE 4.10 (x86_64) - OpenSUSE 12.3 KDE 4.10 (x86_64)
                        - Officially free from windoze since 11 dec 2009
                        >>>>>>>>>>>> Support KFN <<<<<<<<<<<<<

                        Comment

                        Working...
                        X