Winantivirus - Suspicious

Discussion in 'other anti-virus software' started by Albinoni, Jul 21, 2006.

Thread Status:
Not open for further replies.
  1. Albinoni

    Albinoni Registered Member

    Joined:
    Feb 17, 2005
    Posts:
    709
    Location:
    Perth, Western Australia
    My Father was using his PC and this pop up came up telling him to install this software called winantivirus by Winsoftware. I've never heard of this AV software, who makes it and whats it like. I've already got Bitdefender Pro 9 running on his PC for him, so really he doesnt need stuff like this. I just hope this so called winantivirus is not spyware.
     
  2. colt45allstar

    colt45allstar Registered Member

    Joined:
    Jun 9, 2006
    Posts:
    65
    Winantivirus is bad news.

    It's indeed malware of some form and not usable antivirus software in the least.

    Assuming it got on his computer, you might want to help him find removal instructions.

    Yahoo or Google would likely have helpful links.
     
  3. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    I suspect he has Vundo and the more I look the more it confirms this.

    Please download VundoFix.exe to your desktop.

    1 Reboot your PC into "Safe Mode".
    2. Double click on VundoFix.exe
    3. Place a tick next to "Run VundoFix" as a task.
    4. You will receive a message saying VundoFix will close and re-open in a minute or less.
    5. Click "OK".
    6. When VundoFix re-opens, click the "Scan for Vundo" button.
    7. Once it's done scanning, click the "Remove Vundo" button.
    8. You will receive a prompt asking if you want to remove the files, click "Yes".
    9. Once you click yes, your desktop will go blank as it starts removing Vundo.
    10. When completed, it will prompt that it will shutdown your computer, click "Ok".
    11. Turn on your computer.

    Let us know how you go...

    Cheers :D
     
  4. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Or maybe his computer is infected with the Zlob trojan. It also downloads "badware" like this which pretends that your computer is infected, and lures you into buying it in order to be able to remove the downloader that actually downloaded the software.
     
  5. betauser2

    betauser2 Guest

    Last edited by a moderator: Jul 22, 2006
  6. Albinoni

    Albinoni Registered Member

    Joined:
    Feb 17, 2005
    Posts:
    709
    Location:
    Perth, Western Australia
    Yes your correct if I recall now I did see BD pop up blocking this Zlob Trojan.
     
  7. Albinoni

    Albinoni Registered Member

    Joined:
    Feb 17, 2005
    Posts:
    709
    Location:
    Perth, Western Australia
    I actually ran a scan with both BD Pro 9 and also Spybot S&D and BD found and deleted two viruses while Spybot also picked up 4 Trojans and I'm sure one of them was the Zlob one.
     
  8. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    2,508
    Location:
    Slovakia
  9. betauser2

    betauser2 Guest

    cheers BigC
     
  10. dog

    dog Guest

    ~Please~ no more links ... it's a rogue AV ... Whether sarcastic or not ... some less knowledgeable member/guest could DL the product - which no one would want. ;)

    Thanks in advance for everyones understand and cooperation. :)

    Steve
     
  11. Albinoni

    Albinoni Registered Member

    Joined:
    Feb 17, 2005
    Posts:
    709
    Location:
    Perth, Western Australia
    Many kind thx for your help here but I'm just wondering why doesn't Bitdefender get rid of this since its one of the best av software around.

    The other thing is I ran a scan using Spybot S&D and after the scan it did pick up the Winantivirus but after I clicked on fix problem button thinking and hoping that I got rid of it, guess what ? it came back, i.e it just seems to come back.
     
  12. Albinoni

    Albinoni Registered Member

    Joined:
    Feb 17, 2005
    Posts:
    709
    Location:
    Perth, Western Australia
  13. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    My pleasure :D


    I guess it would depend upon the settings used. Once infected with this particular nasty you have to follow specific instructions to the letter in order to remove it.


    See the above answer.

    Cheers :D
     
  14. Arin

    Arin Registered Member

    Joined:
    May 1, 2004
    Posts:
    997
    Location:
    India
    Symantec products remove it properly.
     
  15. ASpace

    ASpace Guest

    Thanks for the information
     
Thread Status:
Not open for further replies.