My Father was using his PC and this pop up came up telling him to install this software called winantivirus by Winsoftware. I've never heard of this AV software, who makes it and whats it like. I've already got Bitdefender Pro 9 running on his PC for him, so really he doesnt need stuff like this. I just hope this so called winantivirus is not spyware.

Winantivirus is bad news.

It's indeed malware of some form and not usable antivirus software in the least.

Assuming it got on his computer, you might want to help him find removal instructions.

Yahoo or Google would likely have helpful links.

I suspect he has Vundo (http://www.castlecops.com/postx119486-0-0.html) and the more I look the more it confirms this. (http://forums.us.dell.com/supportforums/board/message?board.id=si_hijack&message.id=16923#M16923)

Please download VundoFix.exe (http://www.atribune.org/ccount/click.php?id=4) to your desktop.

1 Reboot your PC into "Safe Mode".
2. Double click on VundoFix.exe
3. Place a tick next to "Run VundoFix" as a task.
4. You will receive a message saying VundoFix will close and re-open in a minute or less.
5. Click "OK".
6. When VundoFix re-opens, click the "Scan for Vundo" button.
7. Once it's done scanning, click the "Remove Vundo" button.
8. You will receive a prompt asking if you want to remove the files, click "Yes".
9. Once you click yes, your desktop will go blank as it starts removing Vundo.
10. When completed, it will prompt that it will shutdown your computer, click "Ok".
11. Turn on your computer.

Let us know how you go...

Cheers ;D

Or maybe his computer is infected with the Zlob trojan. It also downloads "badware" like this which pretends that your computer is infected, and lures you into buying it in order to be able to remove the downloader that actually downloaded the software.

hxxp://www.winantivirus.com/ is this what your referring to?


altered url==bigc

-{ Quote: "Or maybe his computer is infected with the Zlob trojan. It also downloads "badware" like this which pretends that your computer is infected, and lures you into buying it in order to be able to remove the downloader that actually downloaded the software." }-

Yes your correct if I recall now I did see BD pop up blocking this Zlob Trojan.

I actually ran a scan with both BD Pro 9 and also Spybot S&D and BD found and deleted two viruses while Spybot also picked up 4 Trojans and I'm sure one of them was the Zlob one.

http://img124.imageshack.us/img124/8121/capture07222006161327en7.jpg

cheers BigC

~Please~ no more links ... it's a rogue AV ... Whether sarcastic or not ... some less knowledgeable member/guest could DL the product - which no one would want. ;)

Thanks in advance for everyones understand and cooperation. :)

Steve

-{ Quote: "I suspect he has Vundo (http://www.castlecops.com/postx119486-0-0.html) and the more I look the more it confirms this. (http://forums.us.dell.com/supportforums/board/message?board.id=si_hijack&message.id=16923#M16923)

Please download VundoFix.exe (http://www.atribune.org/ccount/click.php?id=4) to your desktop.

1 Reboot your PC into "Safe Mode".
2. Double click on VundoFix.exe
3. Place a tick next to "Run VundoFix" as a task.
4. You will receive a message saying VundoFix will close and re-open in a minute or less.
5. Click "OK".
6. When VundoFix re-opens, click the "Scan for Vundo" button.
7. Once it's done scanning, click the "Remove Vundo" button.
8. You will receive a prompt asking if you want to remove the files, click "Yes".
9. Once you click yes, your desktop will go blank as it starts removing Vundo.
10. When completed, it will prompt that it will shutdown your computer, click "Ok".
11. Turn on your computer.

Let us know how you go...

Cheers ;D" }-

Many kind thx for your help here but I'm just wondering why doesn't Bitdefender get rid of this since its one of the best av software around.

The other thing is I ran a scan using Spybot S&D and after the scan it did pick up the Winantivirus but after I clicked on fix problem button thinking and hoping that I got rid of it, guess what ? it came back, i.e it just seems to come back.

-{ Quote: "hxxp://www.winantivirus.com/ is this what your referring to?


altered url==bigc" }-

Yes thats correct.

-{ Quote: "Many kind thx for your help here" }-My pleasure ;D


-{ Quote: "…I'm just wondering why doesn't Bitdefender get rid of this since its one of the best av software around." }-I guess it would depend upon the settings used. Once infected with this particular nasty you have to follow specific instructions to the letter in order to remove it.


-{ Quote: "The other thing is I ran a scan using Spybot S&D and after the scan it did pick up the Winantivirus but after I clicked on fix problem button thinking and hoping that I got rid of it, guess what ? it came back, i.e it just seems to come back." }-See the above answer.

Cheers ;D

Symantec products remove it properly.

-{ Quote: "Symantec products remove it properly." }-

Thanks for the information