Anyone else had the anti virus 2009 VIRUS?
#4
it can be pretty nasty
I'd advise you download this, which solved the problem for me:
Malwarebytes.org
I'd also advise to ditch AVG and get a proper solution like NOD32 by ESET
I'd advise you download this, which solved the problem for me:
Malwarebytes.org
I'd also advise to ditch AVG and get a proper solution like NOD32 by ESET
#7
Anti-virus software are all garbage really anyway, they are all reactive, not a preventative measure. Your computer is protected from you, not from a Virus.
I have never run Virus software on any of my home machines, my internet habits are such that it's impossible for a virus to infect my computer, rendering software like this pointless.
Keeping Windows patched and staying behind a hardware based firewall is all that is needed.
I have never run Virus software on any of my home machines, my internet habits are such that it's impossible for a virus to infect my computer, rendering software like this pointless.
Keeping Windows patched and staying behind a hardware based firewall is all that is needed.
Trending Topics
#9
Scooby Regular
Join Date: Sep 1999
Location: Swindon, Wiltshire Xbox Gamertag: Gutgouger
Posts: 6,956
Likes: 0
Received 0 Likes
on
0 Posts
Anti-virus software are all garbage really anyway, they are all reactive, not a preventative measure. Your computer is protected from you, not from a Virus.
I have never run Virus software on any of my home machines, my internet habits are such that it's impossible for a virus to infect my computer, rendering software like this pointless.
Keeping Windows patched and staying behind a hardware based firewall is all that is needed.
I have never run Virus software on any of my home machines, my internet habits are such that it's impossible for a virus to infect my computer, rendering software like this pointless.
Keeping Windows patched and staying behind a hardware based firewall is all that is needed.
Antivirus programs are not just reactive, but block the things getting onto your system into the first place. I have on occaision been sent documents, or other files from trusted sources (customers, family relations etc), only to find them infected with stuff. No dodgy internet browsing habits here, but I would still have been infected. Why take the risk?
I can only assume that Mr Dedrater never clicks on any internet links, downloads anything, or simply just likes living life on the edge. Then again, if he has never run any antivirus software on his systems, how does he know if he has been infected or not?
Nod32 is one of the best bets out there. Please do not install the buggy and ineffective pile of poo that is AVG...
#10
Because I know what I am doing, if I am in doubt, then I simple run Hijackthis. In any case, all my data is backed up in raid arrays and I can format my C: drive and reinstall Windows within 30 minutes, if the absolute worst happened. It never has, ever.
#11
Also, when I said
Take this thread for example, in regards to the Anti virus 2009 Virus, it is advertised on misleading/rouge web sites that attempt to make you think your computer is infected with a variety of malware, thus the user installs this piece of Malware.
If the OP would have been using FF, this thread would not exist.
...they are all reactive, not a preventative measure. Your computer is protected from you, not from a Virus...
If the OP would have been using FF, this thread would not exist.
#12
To the OP run this..
http://download.bleepingcomputer.com...mbam-setup.exe
or delete these from the registry..
http://download.bleepingcomputer.com...mbam-setup.exe
or delete these from the registry..
O2 - BHO: &Research - {037C7B8A-151A-49E6-BAED-CC05FCB50328} - C:\WINDOWS\system32\winsrc.dll
O4 - HKCU\..\Run: [75319611769193918898704537500611] C:\Program Files\Antivirus 2009\av2009.exe
O4 - HKCU\..\Run: [ieupdate] "C:\WINDOWS\system32\ieupdates.exe
O4 - HKCU\..\Run: [75319611769193918898704537500611] C:\Program Files\Antivirus 2009\av2009.exe
O4 - HKCU\..\Run: [ieupdate] "C:\WINDOWS\system32\ieupdates.exe
#13
Scooby Senior
Feel free to detail your thoughts on Heuristic Analysis, I'd be more than interested as I spoke of it's use in Antivirus products from '93 to '07.
Are there any Antivirus products that don't use Heuristics?
Are there any Antivirus products that don't use Heuristics?
#14
Scooby Regular
Join Date: Sep 1999
Location: Swindon, Wiltshire Xbox Gamertag: Gutgouger
Posts: 6,956
Likes: 0
Received 0 Likes
on
0 Posts
Firewalls and Windows patches provide no protection whatsoever? Again, I am not going into detail on this, that is just an insane comment.
I let my IMAP webmail service provider sort this, there is zero risk to me.
I use Firefox and only allow scripts to run from trusted sites only. I use Usenet for file downloads.
If this is the mentality running our defense industry, I seriously worry for our national security...
In any case, all my data is backed up in raid arrays and I can format my C: drive and reinstall Windows within 30 minutes
Last edited by Iain Young; 23 February 2009 at 07:47 PM.
#15
Avg and other subprime AVs use a Sandbox (File emulation), whereas Nod32 searches line by line for any dodgy pieces of code (File analysis). If you want to use Sandbox you might aswell go straight to the source..
Virtual Sandbox Free Edition - Free software downloads and reviews - CNET Download.com
Jack, I am more Algorithm/Metaheuristic than Analysis.
Last edited by Dedrater; 23 February 2009 at 07:48 PM.
#16
Not against viruses they don't. Firewalls protect from outside attack (i.e. hackers trying to get acces to your computer). Viruses do not fall into this category. They infect you machine in variety of ways, none of which will be deflected by a firewall. The best windows patches can do is to fix a problem that already exists. They do not employ any sort of heuristics, and are not released that often. Thus, they will not protect you either.
Exe files I can Sandbox. If I was the only member of staff using the computers there, I would switch off of the AV servers, as there are there to protect against the users.
I don't use images.
Last edited by Dedrater; 23 February 2009 at 08:06 PM.
#17
Scooby Regular
iTrader: (3)
Join Date: Aug 2000
Location: 1600cc's of twin scroll fun :)
Posts: 25,565
Likes: 0
Received 2 Likes
on
2 Posts
Well all that is gibbledigook to me
I sit here with my pc (i like to build them and make them run ) i use windows vista, i even use IE!!!!! now isnt that scary?!
Well no, because i have a GOOD internet security package, anti virus, anti spam, firewall etc etc etc (you get the picture).
I will not use hacked versions of anti virus software (though my brother in law swears by them, if its been tampered with then it could have been really tampered with leaving gaps in your security) so its an off the shelf package for me
On part of my previous job was security in the telecommunications enviroment (and not low level stuff either!) and the one thing you always remember is that you can never have enough security, the more the better, the better the more secure.
Complacency isnt your friend, you are and only you, if you know what you have put in place then you know what level of protection you are running, pop's n stuff still baffle me a bit (but im getting there ) though its all the same, protection is protection and complacency is dangerous!
Tony
I sit here with my pc (i like to build them and make them run ) i use windows vista, i even use IE!!!!! now isnt that scary?!
Well no, because i have a GOOD internet security package, anti virus, anti spam, firewall etc etc etc (you get the picture).
I will not use hacked versions of anti virus software (though my brother in law swears by them, if its been tampered with then it could have been really tampered with leaving gaps in your security) so its an off the shelf package for me
On part of my previous job was security in the telecommunications enviroment (and not low level stuff either!) and the one thing you always remember is that you can never have enough security, the more the better, the better the more secure.
Complacency isnt your friend, you are and only you, if you know what you have put in place then you know what level of protection you are running, pop's n stuff still baffle me a bit (but im getting there ) though its all the same, protection is protection and complacency is dangerous!
Tony
#18
Scooby Regular
Join Date: Sep 1999
Location: Swindon, Wiltshire Xbox Gamertag: Gutgouger
Posts: 6,956
Likes: 0
Received 0 Likes
on
0 Posts
Actually, if you read your post, that was clearly implied
It won't, (although the current AV heuristics are better than nothing at all). Having said that, companies like Eset (Nod32) release updates at regular intervals (sometime numerous updates per day). Windows patches sometimes take weeks, and rarely cover most of the viruses out there. They generally just patch security holes in the operating system / software (which isn't the same thing at all).
There is a well known saying in the computer industry. "Assumpution is the mother of all f**k ups". Do you run a virus scanner in your sandbox? If not and it appears ok, do you then assume it's ok to have on your main system? Most viruses do not flash a message on the screen to say they have installed themselves. Very often they just sit in the background silently looking for your banking details etc.
Well, for a start, an AVI file could be written to use a particular codec / decoder which would contact a server and download something nasty. Not saying that it's a common thing, but it is certainly possible to do damage if you are determined enough
How about coms, dlls, batch files, vb scripts, active-x controls etc etc. Do you really not use any of those things, even from "trusted" sources? How about if you install software demos, shareware programs etc. All can be infected.
No, they are there to protect the business. That can be from users, unexpected attacks, or genuine mistakes. You would quickly get the sack at most companies out there for bypassing data security in this manner.
Lol, even if I believed all that, it hardly makes you a typical internet user does it? Why are you even bothering to try and make recommendations like this to "normal" people, as it is obvious that most people don't live in your utopian world? It's irresponsible at best, and potentially downright dangerous advice.
To use your "fix a problem that already exists" approach, how is your AV going to protect you from say a zero day threat? In regards to AV Heuristics, unless you dedicate a server to it, it will be largely unsuccessful.
I will assume they are, if I am unsure I will run it in a Sandbox, I do not normally feel the need to though.
Tell me, as a coder, how you would compile a Virus to run in an AVI or MP3 file?
Exe files I can Sandbox.
If I was the only member of staff using the computers there , I would switch off of the AV servers, as there are there to protect against the users.
I don't use images.
Last edited by Iain Young; 23 February 2009 at 11:11 PM.
#20
Scooby Regular
to a degree Dedrater is correct,
as I stated in a previous post on this issue we have a communal computer at home, used by 4 people, my wife and my three older kids, the youngest is 6 and tbh I reload it every 2/3 months all my software is MSI files on an external Drive, the OS is on a seperate volume to the data, My documents is redirected etc
AV programs give a false view of security, most trojans get installed by the user -- who accepts increasing byzantine messages, even Microsoft get in on the act asking you to skip active X warning messages on your browser to download updates in fact I would argue that the WGA tool is spyware anyway etc -- no wonder the consumer is confused
you can have as many locks on your front door, but if you give a bloke who knocks on iyour front your credit card and pin code -- then what good have all the locks and alarms done
its education really, even Vista's UAC just gives more prompts to which most people say yes too
the best defence is to browse the internet within a VM -- then just close the file -- job done
plus have your ever monitored the rsources that AV programs use it frightening.
I think Jack Schofield the technology journalist ran a test machine with just a natted firewall and a basic software fw with a patched OS -- he did this for a few years with no infections
as I stated in a previous post on this issue we have a communal computer at home, used by 4 people, my wife and my three older kids, the youngest is 6 and tbh I reload it every 2/3 months all my software is MSI files on an external Drive, the OS is on a seperate volume to the data, My documents is redirected etc
AV programs give a false view of security, most trojans get installed by the user -- who accepts increasing byzantine messages, even Microsoft get in on the act asking you to skip active X warning messages on your browser to download updates in fact I would argue that the WGA tool is spyware anyway etc -- no wonder the consumer is confused
you can have as many locks on your front door, but if you give a bloke who knocks on iyour front your credit card and pin code -- then what good have all the locks and alarms done
its education really, even Vista's UAC just gives more prompts to which most people say yes too
the best defence is to browse the internet within a VM -- then just close the file -- job done
plus have your ever monitored the rsources that AV programs use it frightening.
I think Jack Schofield the technology journalist ran a test machine with just a natted firewall and a basic software fw with a patched OS -- he did this for a few years with no infections
Last edited by hodgy0_2; 24 February 2009 at 02:28 PM.
#21
Scooby Regular
Join Date: Sep 1999
Location: Swindon, Wiltshire Xbox Gamertag: Gutgouger
Posts: 6,956
Likes: 0
Received 0 Likes
on
0 Posts
I have seen software installation cds from trusted vendors (big names) with viruses on in the past. Although not common, the interweb is not the only way of contracting them.
If you want to risk it, then that's fine. The number of virus riddled machines I've had to recover over the years suggest that the less technically minded need all the protection they can get
I've never fallen off a motorbike, or crashed my car at a track day. Doesn't stop me wearing a helmet though...
Last edited by Iain Young; 24 February 2009 at 03:21 PM.
#22
Scooby Regular
yes Iain I dont disagree with anything you say, but my point is, ultimatly it's education that will win, blind trust in technology is not the way to go (which is what the AV vendors like to push)
And I too have recovered virus riddled machines and in ALL cases recently (the days of Vendor CD's infected is long gone IMO) its the user that has installed the trojan in the first place, the machines have been fully patched and upto date virus deffs on them
on my corporate laptop -- i don't browse the internet, period, i dont open emails from people i dont know
I think the subtext of Dedraters point (although I,m sure he can speak for himself) is that people should take more rsponsibilty for their actions and not trust technology to sort it all out coz it wont
if you give the keys to the car thief -- no amount of technology is going to stop them nicking it, thats why its a people problem not a technology problem
And I too have recovered virus riddled machines and in ALL cases recently (the days of Vendor CD's infected is long gone IMO) its the user that has installed the trojan in the first place, the machines have been fully patched and upto date virus deffs on them
on my corporate laptop -- i don't browse the internet, period, i dont open emails from people i dont know
I think the subtext of Dedraters point (although I,m sure he can speak for himself) is that people should take more rsponsibilty for their actions and not trust technology to sort it all out coz it wont
if you give the keys to the car thief -- no amount of technology is going to stop them nicking it, thats why its a people problem not a technology problem
Last edited by hodgy0_2; 24 February 2009 at 04:03 PM.
#23
Scooby Regular
Join Date: Sep 1999
Location: Swindon, Wiltshire Xbox Gamertag: Gutgouger
Posts: 6,956
Likes: 0
Received 0 Likes
on
0 Posts
I had one just before Christmas. Don't trust anyone, that's my motto
Yes and no. The only way that would work is if you make people take a technology exam before being allowed to buy a machine (not a bad idea imo ). Trouble is 99% of users out there just aren't aware of this stuff (and don't seem to be inclined to learn).
no amount of technology is going to stop them nicking it, thats why its a people problem not a technology problem
#24
Iain, a few other people in my office have looked at this thread now, all came to the same conclusion, you don't sound like some who has been programming for 20+ years, not a dig, but some of the stuff you have said doesn't correlate.
In regards to this infected vendor CD, how do you know your AV software didn't reacted to it as a false positive? Would you send me this 'virus' or tell me what the cover disk was, where from etc, I will be able to decompiler and tell you actually what virus it is, or more likely is not.
For someone one cares so much about your Windows install, why are you assuming you AV is going to protect you? Most people would just run Virtual Machine, that is guaranteed secure, bar hack attacks, as detailed here..
http://www.symantec.com/avcenter/ref...ne_Threats.pdf
this is when the firewalls come in. So that is an odd comment,not to mention the fact there there are Rootkits that are undetectable by AV software.
RootkitRevealer
I can only assume that you think a computer virus spreads like a biological virus among computers and would of thought someone in the business for 20+ years would have a much more technical view point of such things.
At its heart, anti-virus software is little more than a blacklist and is a deeply flawed approach to security. Relying as you seem to do, on a blacklist model for security is tantamount to admitting failure, I can back this up. Lets look at the latest results from an independent AV test site, AV Comparatives.
The pro active test.
Retrospective / ProActive Test November 2008
The max score in this test was 71% (Antir & Kaspersky) So 71% of 45.831 virus signatures, do the math, hardly secure computing is it.
The on demand test.
August 2008
These results are distorted, max score was 99.6%, but again this was for 3 million signatures, a lower score of 99.1% (for 1.096.202 signatures) for newer virus's within a 9 month period. Nod32 scored a lowly 93%. Considering that it only takes one virus to do a machine over, it is a pointless exercise trying to "protect" against the rest. An AV is to protect against the user, Iain, why are you using it?
But who cares about most of these virus, a patched system is unaffected by most of the security risks and the rest are user input.
Lets have a look at the top 5 threats at the minute..
Virus Threats and Analysis
As you can see, to get any of these involves the user being dumb and running the virus themselves or using a unpatched version of Windows and clicking things they shouldn't.
VLC or GOM players will not do this, if any other player does then it shouldn't be a problem as you will have a Firewall running ready to block the request.
I am obviously not going to start shutting down security mainframes am I. IBM,Google and a whole load of others do not use AV software in there research divisions, they only use Whitelisting and VM.
That's not the issue with realtime AVs, it is disk usage, top end games can blue screen if you keep an AV running.
Is there no MS Cert pros on this forum? Have you got last years or the year before that, exam answer on the limitations of AVs?
Boro, good input.
In regards to this infected vendor CD, how do you know your AV software didn't reacted to it as a false positive? Would you send me this 'virus' or tell me what the cover disk was, where from etc, I will be able to decompiler and tell you actually what virus it is, or more likely is not.
http://www.symantec.com/avcenter/ref...ne_Threats.pdf
this is when the firewalls come in. So that is an odd comment,not to mention the fact there there are Rootkits that are undetectable by AV software.
RootkitRevealer
I can only assume that you think a computer virus spreads like a biological virus among computers and would of thought someone in the business for 20+ years would have a much more technical view point of such things.
At its heart, anti-virus software is little more than a blacklist and is a deeply flawed approach to security. Relying as you seem to do, on a blacklist model for security is tantamount to admitting failure, I can back this up. Lets look at the latest results from an independent AV test site, AV Comparatives.
The pro active test.
Retrospective / ProActive Test November 2008
The max score in this test was 71% (Antir & Kaspersky) So 71% of 45.831 virus signatures, do the math, hardly secure computing is it.
The on demand test.
August 2008
These results are distorted, max score was 99.6%, but again this was for 3 million signatures, a lower score of 99.1% (for 1.096.202 signatures) for newer virus's within a 9 month period. Nod32 scored a lowly 93%. Considering that it only takes one virus to do a machine over, it is a pointless exercise trying to "protect" against the rest. An AV is to protect against the user, Iain, why are you using it?
But who cares about most of these virus, a patched system is unaffected by most of the security risks and the rest are user input.
Lets have a look at the top 5 threats at the minute..
Virus Threats and Analysis
As you can see, to get any of these involves the user being dumb and running the virus themselves or using a unpatched version of Windows and clicking things they shouldn't.
Is there no MS Cert pros on this forum? Have you got last years or the year before that, exam answer on the limitations of AVs?
Boro, good input.
#25
Scooby Regular
Join Date: Sep 1999
Location: Swindon, Wiltshire Xbox Gamertag: Gutgouger
Posts: 6,956
Likes: 0
Received 0 Likes
on
0 Posts
Actually I've been programming a lot longer than that, (used to get programs published in magazines and public domain libraries right from the Dragon32 days) but I've been doing it professionally for 20+ years. Started working mainly on mainframe and unix environments (SCO and AIX mainly), and now work mostly on Windows (although still do some of the former). Worked mainly on developing compilers / language analysis tools, and software I've written is used by the majority of the major financial institutions in the world, (as well as government departments, supermarkets etc). But you can believe what you like. Doesn't bother me. There are plently of people on here who know me and know that I speak the truth
In regards to this infected vendor CD, how do you know your AV software didn't reacted to it as a false positive?
Would you send me this 'virus' or tell me what the cover disk was, where from etc, I will be able to decompiler and tell you actually what virus it is, or more likely is not.
For someone one cares so much about your Windows install, why are you assuming you AV is going to protect you? Most people would just run Virtual Machine, that is guaranteed secure, bar hack attacks, as detailed here.
Why do you insist in being so blinkered to basic logic? The original poster (and majority of internet users) do not use a VM, probably wouldn't know how to, and most likely don't have more than one operating system license to install one with anyway. Advising these people to not use any form of protection is dangerous, and downright stupid.
I can only assume that you think a computer virus spreads like a biological virus among computers and would of thought someone in the business for 20+ years would have a much more technical view point of such things.
The max score in this test was 71% (Antir & Kaspersky) So 71% of 45.831 virus signatures, do the math, hardly secure computing is it.
An AV is to protect against the user, Iain, why are you using it?
But who cares about most of these virus, a patched system is unaffected by most of the security risks and the rest are user input.
As you can see, to get any of these involves the user being dumb and running the virus themselves or using a unpatched version of Windows and clicking things they shouldn't.
I am obviously not going to start shutting down security mainframes am I.
IBM,Google and a whole load of others do not use AV software in there research divisions, they only use Whitelisting and VM.
That's not the issue with realtime AVs, it is disk usage, top end games can blue screen if you keep an AV running.
p.s. Boro, that was good input
Last edited by Iain Young; 26 February 2009 at 10:36 AM.
#26
Moderator
iTrader: (4)
Join Date: Jul 2004
Location: The Terry Crews of moderation. P P P P P P POWER!!
Posts: 18,687
Likes: 0
Received 0 Likes
on
0 Posts
Just a vote for Esnet's smart security internet package here: excellent protection and small system footprint.
Made Norton look like a complete POS to be honest!
Made Norton look like a complete POS to be honest!
#27
Scooby Regular
iTrader: (3)
Join Date: Dec 1999
Location: UK
Posts: 13,274
Likes: 0
Received 0 Likes
on
0 Posts
A small memory footprint is all well and good, but how does it perform?
Look at most of the reviews and the product that consistancy performs well with a small footprint, you should be looking at Avira.
I work in network security, and I would recommend a good anti virus product along with ensuring your operating system and applications are patched. A firewall would be good, but all to often I see this hindering home users rather than protecting them (as they normally turn them off completely). Please apply some level of security to wireless networks as well!!!
Look at most of the reviews and the product that consistancy performs well with a small footprint, you should be looking at Avira.
I work in network security, and I would recommend a good anti virus product along with ensuring your operating system and applications are patched. A firewall would be good, but all to often I see this hindering home users rather than protecting them (as they normally turn them off completely). Please apply some level of security to wireless networks as well!!!
#28
Scooby Regular
iTrader: (21)
The opposite actually, I am just doing my MPhil CS thesis, titled Heuristic functions I wont go into detail on this, I take it you know all about its use in AV programs. I am also a civilian position in the MOD in a computer security related position. Firewalls and Windows patches provide no protection whatsoever? Again, I am not going into detail on this, that is just an insane comment.
I let my IMAP webmail service provider sort this, there is zero risk to me.
I use Firefox and only allow scripts to run from trusted sites only. I use Usenet for file downloads.
Because I know what I am doing, if I am in doubt, then I simple run Hijackthis. In any case, all my data is backed up in raid arrays and I can format my C: drive and reinstall Windows within 30 minutes, if the absolute worst happened. It never has, ever.
I let my IMAP webmail service provider sort this, there is zero risk to me.
I use Firefox and only allow scripts to run from trusted sites only. I use Usenet for file downloads.
Because I know what I am doing, if I am in doubt, then I simple run Hijackthis. In any case, all my data is backed up in raid arrays and I can format my C: drive and reinstall Windows within 30 minutes, if the absolute worst happened. It never has, ever.
Seriously if you expect everyone to know all about what you say above, then you are being silly
#29
Scooby Regular
and thats why there is a good chance she will get infected with a Trojan/Malware, they rely on the people trusting AV products, then just clicking away on the internet/email links etc