Tag: download

Not so, Antivirus2008

Paul

[ad#ad2-left]On F-secure blog they talk about this rogue antispyware.

OK, so let’s say the user (by some stroke of luckless chance, or courtesy of a trojan downloader) ends up with the demo installer of Rogue:W32/VirusRemover2008.C on their hands and it runs
[via F-Secure]

According to them, they have many different version of this rogue antispyware.  They have de, dk, es, fr, it, no, nl, and no, which are all attempting for you to buy this no so Virusremover2008 software.  They talk about how it tells you have a 9 infected viruses and that you need to remove them, but in truth, they use a text file to create this lie.  Check out all the details for further information.

Antivirus Professional 2008 uses Scare tactics

Paul

[ad#ad2-right-1]

We came across a rogue today called Antivirus Professional 2008 that uses GeoIP Lookup as part of its scare tactics. This site uses Flash and script to create the effect of an online scan, that then attempts to push an installer at the visitor. The NoScript extension for Mozilla Firefox is an excellent way to mitigate against this kind of garbage.

[Via F-secure]

It seems that there is a site out there, that seems to be trying to scare you into downloading there software. If you have any questions about this site please feel free to check out what I’ve found out:

Registration Service Provided By: ESTDOMAINS INC
Contact: 1.3027224217
Website: http://www.estdomains.com
Domain Name: ANTIVIRUS-ONLINE-SCANNER.COM
Registrant:
N/A
Serento faloimitator@list.ru

Minskay str. 27-14
Kiev
Kiev 237293
UA
Tel. 044.2901732
Creation Date: 07-Jun-2008
Expiration Date: 07-Jun-2009
Domain servers in listed order:
ns2.antivirus-online-scanner.com
ns1.antivirus-online-scanner.com
Administrative Contact:
N/A
Serento faloimitator@list.ru

Minskay str. 27-14
Kiev
Kiev 237293
UA
Tel. 044.2901732
Technical Contact:
N/A
Serento faloimitator@list.ru

Minskay str. 27-14
Kiev
Kiev 237293
UA
Tel. 044.2901732
Billing Contact:
N/A
Serento faloimitator@list.ru

Minskay str. 27-14
Kiev
Kiev 237293
UA
Tel. 044.2901732


[ad#ad2-right]Now as you can see this site is located in Russia, and if that’s the case it is probably some virus itself to take control of your system to do what they want with it. So you best advice is if you think you have a virus then check out my recommendations these are all free to download and try. Unlike this site, they are legitimate and actually do what they promise.  If you want to email them you can but It don’t think it will help.

*UPDATE on that Website*

According to F-secure that site is now Suspended.  Great job guys.  We are now fighting these people even better than I’d thought.

Avg detected Trojan Horse Generic 12.htc?

Paul2 Replies

Just got a warning from AVG about, trojan horse generic 12.HTC, haven’t heard of it, anyone out there hear if this one? apparently it infects explore.exe, and after months of explore.exe crashing I’d say it’s a legit virus.

[Via Answer Bag]

Some tricks and tips to remove this little virus is quite simple. It is embedded in your system so how do you remove this threat? Easy follow these steps and you will have a better chance of getting rid of the virus:

  1. Find out all you can on the virus — Finding out the extent of where the virus lays is really a good idea.  Just because you found one place doesn’t mean it isn’t also hiding some other place.  Some good ways to figure out where it might be is to download Hijackthis and Then onces you download it and install.  Run it, and when you get the LOG file you will want to go to HijackThis Log Analysis Site 1 and HijackThis Log Analysis Site 2, and see what it says.

  2. See if you can remove the Hidden Virus — After you find out what the extent of virus may lay.  You will need to download these programs.  Run whichever ones you like to see if you can locate and delete the virus.  You may also consider using one of the several onine services to see what they might suggest or see if they can find this virus.

  3. Check your services and reboot sequence — After you think you’ve gotten rid of the virus, reboot and do a rescan.  Usually the Virus will respawn after you reboot, some of them have a command in the reboot sequence.   You may want to check your reboot sequence, by check with MSCONFIG.  Sometimes it is hidden but if you check through the MSCONFIG for any files that might not need to load.  Also check the services tab and see if there is any services that may not be needed.  The best bet is to google search each service or program that is in there and see if that might fix the problem.

  4. Might be time to re-install Windows — Although this is the hard for people, this can sometimes fix the most challenging virus.  You need not have to loose your important data.  The only thing to remember when you back up is when restore you data after you re-install windows.  Just remember one thing, if it is  an .EXE, .COM, .BAT, and .MSI extensions than that might risk you getting the virus all over again.  Although remember that you will need the other tools I talked about on #2 to keep from getting the virus again.

These are some tricks I use to get rid of a virus and now I’ve shared them with you and now it is up to you do the work.  If you have any tips or tricks to get rid of a virus leave a comment.

Left 4 Dead Sneak Peak!

Paul

[ad#ad2-left]Yes they finally released the demo. According to my sources and I’ll quote:

Newell said: “We will be releasing demos for both the Xbox and for the PC. I don’t know what the date is for release on that, though. I think it’s going to contain the first part of one of the campaigns. I think it’ll probably be Hospital but I’m not sure. That’s a decision that Doug Lombardi is making.”

[Via Videogamer]

If you want to see the game screen shots you and preview the pictures all you need to do is go HERE.  You can also start pre-purchasing Left 4 Dead on The PC and be ready to play when it comes out. Watch the Video from Steam for Left 4 Dead Intro In English. You can also Gift the Game for the Holidays, I would like one to get and try it out so if you want to give me the Gift just send it to me via my email address.  According to Steam, you will haveto pre-purchase Left 4 Dead and then the Demo will be available for you a week before hand!! so that is one good thing!!  So go buy it and enjoy!!!  Also you will need to install Steam to enjoy the demo.

Sites that you need not Visit:

Paul

[ad#ad2-right]I’ve had some Anti-virus problems in the past few weeks and have been trying to see if it is my system or if it was just luck of the draw.  So I did some research and found some sites that you should not go to, or download from.   These sites have been know to spread the fake anti-virus malware software.   So I wanted to warn people of some common websites that have been known to have viruses on them:



  • hxxp://movieportal2008q.com/freemovie/Movie/xxxx/x/ — this site usually tries to send you the “Trojan.HTML.Zlob.AG” Virus.

  • hxxp://porntubedot.com/xxxxxxxx/WatchFreeMovie.php –This site usually tries to send you the “Trojan.Dropper.SMN” Virus.

  • hxxp://handballfondi.it/xxxxxx1.php — This site is one of the new Malware sites that looks like Youtube,   When you go to this site they say you need a special to play a video clip.  Most of the time when you get something like this, it is going to try to install Malware. A good broad set of Codecs that you may want to download is called Klite Mega Codec, which if you us that you should never need to download any other codec to play a movie clip from any site online.

  • hxxp://0scanner.com/—censored—/ —  This site usually tries to send you the “Adware.FakeAntiVirus.L” virus.  Another site trying to install malware. [ad#ad2-left]

If you want to check your system, here are some places to go to get a free Anti-virus check:

If you have any other ways sites that we should avoid by all means comment about it. I would love to hear sites that you know are bad!!