[تروجن] [فيرنتيإكس]
![[تروجن] [فيرنتيإكس] [سكرينشوت]](http://www.411-spyware.com/images/Trojan.Virantix.C.gif "[تروجن] [فيرنتيإكس] شاشة طلقة خردق")
[تروجن] [فيرنتيإكس] [ا] [تروجن] أنّ يعجز ك [أنتي-فيروس] برمجيّة ويعدي حاسوبك مع كثير [ملور] و [سبور], عادة ب يجلب مبرد من FreeRealityMpegs.com. سيخلق [تروجن] [فيرنتيإكس] [موتإكس] - {[393921-939391-3919139-3د3738-11]} - أن يتأكّد هو دائما يركض على حاسوبك. [تروجن] [فيرنتيإكس] يمكن حاولت أن يخيف أنت داخل يجلب [روغ] [أنتيسبور] [ويننتيفيروس] مع مقلّدة أمن إنذارات. هذا [تروجن] [فيرنتيإكس] يقرأ [بوبوب]:
"[ويندووس] أمن إنذار إنذار! ممكنة [سبور] عملية!
يجعل حاسوبك نسخ من غير إذن من ك نظامة وإنترنت مبارد. شوط يشبع [أونثوريسد] مسح الآن أن يمنع أيّ منفذة إلى مباردك! طقطقت هنا أن يجلب [سبور] ناقل…
أعديت حاسوبك!"
أو
"أعديت حاسوبك!
قد كشف [ويندووس] [سبور] تلوث
هو أوصيت أن يستعمل خاصّة [أنتيسبور] أدوات أن يمنع معطيات خسارة. سيجلب [ويندووس] الآن وسيركّب ال [أنتيسبور] [أوب-تو-دت] أكثر ل أنت.
طقطقت هنا أن يحمي حاسوبك من [سبور]!"
يحاول [تروجن] [فيرنتيإكس] بعد ذلك أن يربط إلى www.softcashier.com/members/link_____ إلى [دوونلوأد] تمويه [أنتيسبور].
أزلت ما لم هوية إختلاس و [بوبوبس] يصوّت مثل حالة لهو نهاية أسبوع إلى أنت, [تروجن] [فيرنتيإكس].
حصلت يخلّص من [تروجن] [فيرنتيإكس]
- يدويّا أزلت [تروجن] [فيرنتيإكس] مع تعليمات [ستب-ب-ستب]
- [دوونلوأد] [سبور] دكتورة أن تلقائيّا أزلت [تروجن] [فيرنتيإكس]
- أنت تستطيع [دوونلوأد] [أورد-وينّينغ], [أنتي-بدور] برمجيّة [سبوردوكتور] أن بسهولة أزلت [تروجن] [فيرنتيإكس]. أردت أن يعرف لما أنا أحفر [سبوردوكتور]? قرأت مراجعاتي.
أنت تتلقّى [تروجن] [فيرنتيإكس]?
عندما أعديت أنت مع [بدور] - ما إذا هو [تروجن] [فيرنتيإكس], [سبور], [أدور], [تروجن], أو حمى - هناك [ا فو] أعراض أساسيّة. تتلقّى أنت يلاحظ…
- [كمبوتر برفورمنس] بطيئة: يحبّ هو لقطات صحيحة واحدة طفيلية [تروجن] [فيرنتيإكس] أن يتمهّل حاسوبك بشكل مثير. إن [بك] ك يأخذ طويلا من معتادة إلى [ربووت], أو إن ك إنترنت توصيل يكون بشكل غير عاديّ بطيئة, أنت يمكن كنت أعديت مع [تروجن] [فيرنتيإكس].
- طريق مختصر جديدة مكتبيّة أو يحوّل [هومبج]: [بدور] مثل [تروجن] [فيرنتيإكس] يمكن غيّرت ك إنترنت عمليّة إعداد أن يعيد [هومبج] ك إلى آخر موقعة. [بدور] يضيف علبة حتّى طريق مختصر مكتبيّة إلى [بك] ك.
- [بوبوبس] مزعجة: [بدور] يستطيع قصفت حاسوبك مع [بوبوب] [أد], [إفن وهن] ليس أنت متوفّر على شبكة الإنترنات. من خلال هذا [بوبوبس], أنت يمكن كنت خدعت داخل يجلب كثير [سبور].
كيف أن يزيل [تروجن] [فيرنتيإكس] يدويّا
![[تروجن] [فيرنتيإكس] إنذار](/images/warning.gif)
قبل أن يحصل نحن يبدأ, أنت سوفت نسخة احتياطيّة نظامتك وتسجيلك, لذلك هو سيكون يتيح أن يحيي حاسوبك إن أيّ شيء يذهب على نحو خاطئ.
أن يزيل [تروجن] [فيرنتيإكس] يدويّا, يحتاج أنت أن يمحو [تروجن] [فيرنتيإكس] مبارد. لا يوقن كيف أن يمحو [تروجن] [فيرنتيإكس] مبارد? Click here, and I’ll show you. Otherwise, go ahead and…
Stop Trojan Virantix processes:
Delete Trojan Virantix files:
%System%univrs32.dat
%CurrentFolder%delself.bat
Delete Trojan Virantix registry keys:
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun”WinAVX” = “%System%/WinAvX.exe”
HKEY_USERSS-1-5-21-1961063573-973683775-492528769-500SoftwareMicrosoftWindowsCurrentVersionRun”WinAVX” = “%System%/WinAvX.exe”
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon”Shell” = “Explorer.exe %System%/WinAvX.exe”
Trojan Virantix changes the following registry keys:
HKEY_USERSS-1-5-21-1961063573-973683775-492528769-500SoftwareMicrosoftInternet ExplorerMain”Enable Browser Extensions” = “yes”
HKEY_USERSS-1-5-21-1961063573-973683775-492528769-500SoftwareMicrosoftInternet ExplorerMain”Search Bar” = “http://www.google.com/ie”
HKEY_USERSS-1-5-21-1961063573-973683775-492528769-500SoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced”EnableBalloonTips” = “1″
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZones�”1208″ = “0″
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZones�”2500″ = “3″
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZones�”1201″ = “0″
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZones�”1804″ = “1″
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZones1″1208″ = “0″
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZones1″2500″ = “3″
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZones2″1208″ = “0″
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZones2″2500″ = “3″
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZones2″1201″ = “0″
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZones2″1804″ = “1″
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZones3″1208″ = “0″
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZones3″2500″ = “3″
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZones3″1201″ = “0″
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZones4″1208″ = “0″
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZones4″2500″ = “3″
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZones4″1200″ = “0″
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZones4″1201″ = “0″
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZones4″1608″ = “0″
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsZones4″1804″ = “1″
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer”NoControlPanel” = “1″
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionpoliciessystem”DisableRegistryTools” = “1″
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionpoliciessystem”DisableTaskMgr” = “1″
HKEY_USERSS-1-5-21-1961063573-973683775-492528769-500SoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer”NoControlPanel” = “1″
HKEY_USERSS-1-5-21-1961063573-973683775-492528769-500SoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer”NoWindowsUpdate” = “1″
HKEY_USERSS-1-5-21-1961063573-973683775-492528769-500SoftwareMicrosoftWindowsCurrentVersionPoliciessystem”DisableRegistryTools” = “1″
HKEY_USERSS-1-5-21-1961063573-973683775-492528769-500SoftwareMicrosoftWindowsCurrentVersionPoliciessystem”DisableTaskMgr” = “1″
HKEY_LOCAL_MACHINESYSTEMControlSet001ServicesSharedAccessParametersFirewallPolicyDomainProfileAuthorizedApplicationsList”%Windir%system32winav.exe” = “%Windir%system32winav.exe:*:Enabled:@xpsp2res.dll,-22019″
HKEY_LOCAL_MACHINESYSTEMControlSet001ServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplicationsList”%Windir%system32winav.exe” = “%Windir%system32winav.exe:*:Enabled:@xpsp2res.dll,-22019″
HKEY_LOCAL_MACHINESYSTEMControlSet002ServicesSharedAccessParametersFirewallPolicyDomainProfileAuthorizedApplicationsList”%Windir%system32winav.exe” = “%Windir%system32winav.exe:*:Enabled:@xpsp2res.dll,-22019″
HKEY_LOCAL_MACHINESYSTEMControlSet002ServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplicationsList”%Windir%system32winav.exe” = “%Windir%system32winav.exe:*:Enabled:@xpsp2res.dll,-22019″
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyDomainProfileAuthorizedApplicationsList”%Windir%system32winav.exe” = “%Windir%system32winav.exe:*:Enabled:@xpsp2res.dll,-22019″
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplicationsList”%Windir%system32winav.exe” = “%Windir%system32winav.exe:*:Enabled:@xpsp2res.dll,-22019″
HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerMain”Default_Search_URL” = “http://www.google.com/ie”
HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerMain”Search Page” = “http://www.google.com”
HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerMain”Start Page” = “http://www.google.com”
HKEY_USERSS-1-5-21-1961063573-973683775-492528769-500SoftwareMicrosoftInternet ExplorerMain”Start Page” = “http://www.google.com”
HKEY_USERSS-1-5-21-1961063573-973683775-492528769-500SoftwareMicrosoftInternet ExplorerMain”Search Page” = “http://www.google.com”
HKEY_LOCAL_MACHINESOFTWAREClassesgophershellopencommand”@” = “”C:Program FilesInternet Exploreriexplore.exe” %1″
HKEY_LOCAL_MACHINESOFTWAREClassesHTTPshellopencommand”@” = “”C:Program FilesInternet Exploreriexplore.exe” %1″
HKEY_LOCAL_MACHINESOFTWAREClasseshttpsshellopencommand”@” = “”C:Program FilesInternet Exploreriexplore.exe” %1″
HKEY_LOCAL_MACHINESYSTEMControlSet001ServicesSharedAccessEpoch”Epoch” = “0×000027B0″
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessEpoch”Epoch” = “0×000027B0″
HKEY_LOCAL_MACHINESOFTWAREClasses.shtml”@” = “htmlfile”
Trojan Virantix adds this text to your %System%driversetchosts file:
192.168.200.3 ad.fastclick.net
192.168.200.3 ads.fastclick.net
192.168.200.3 ar.atwola.com
192.168.200.3 atdmt.com
192.168.200.3 avp.ch
192.168.200.3 avp.com
192.168.200.3 avp.ru
192.168.200.3 awaps.net
192.168.200.3 banner.fastclick.net
192.168.200.3 banners.fastclick.net
192.168.200.3 ca.com
192.168.200.3 click.atdmt.com
192.168.200.3 clicks.atdmt.com
192.168.200.3 customer.Symantec.com
192.168.200.3 dispatch.mcafee.com
192.168.200.3 download.mcafee.com
192.168.200.3 download.microsoft.com
192.168.200.3 downloads-us1.Kaspersky-labs.com
192.168.200.3 downloads-us2.Kaspersky-labs.com
192.168.200.3 downloads-us3.Kaspersky-labs.com
192.168.200.3 downloads.microsoft.com
192.168.200.3 downloads1.Kaspersky-labs.com
192.168.200.3 downloads2.Kaspersky-labs.com
192.168.200.3 downloads3.Kaspersky-labs.com
192.168.200.3 downloads4.Kaspersky-labs.com
192.168.200.3 engine.awaps.net
192.168.200.3 f-secure.com
192.168.200.3 fastclick.net
192.168.200.3 ftp.avp.ch
192.168.200.3 ftp.downloads1.Kaspersky-labs.com
192.168.200.3 ftp.downloads2.Kaspersky-labs.com
192.168.200.3 ftp.downloads3.Kaspersky-labs.com
192.168.200.3 ftp.f-secure.com
192.168.200.3 ftp.kasperskylab.ru
192.168.200.3 ftp.sophos.com
192.168.200.3 go.microsoft.com
192.168.200.3 ids.Kaspersky-labs.com
192.168.200.3 Kaspersky-labs.com
192.168.200.3 Kaspersky.com
192.168.200.3 liveupdate.Symantec.com
192.168.200.3 liveupdate.symantecliveupdate.com
192.168.200.3 mast.mcafee.com
192.168.200.3 mcafee.com
192.168.200.3 media.fastclick.net
192.168.200.3 microsoft.com
192.168.200.3 msdn.microsoft.com
192.168.200.3 my-etrust.com
192.168.200.3 nai.com
192.168.200.3 networkassociates.com
192.168.200.3 Norton.com
192.168.200.3 office.microsoft.com
192.168.200.3 pandasoftware.com
192.168.200.3 phx.corporate-ir.net
192.168.200.3 rads.mcafee.com
192.168.200.3 secure.nai.com
192.168.200.3 securityresponse.Symantec.com
192.168.200.3 service1.Symantec.com
192.168.200.3 sophos.com
192.168.200.3 spd.atdmt.com
192.168.200.3 support.microsoft.com
192.168.200.3 Symantec.com
192.168.200.3 trendmicro.com
192.168.200.3 update.Symantec.com
192.168.200.3 updates.Symantec.com
192.168.200.3 updates1.Kaspersky-labs.com
192.168.200.3 updates2.Kaspersky-labs.com
192.168.200.3 updates3.Kaspersky-labs.com
192.168.200.3 updates4.Kaspersky-labs.com
192.168.200.3 updates5.Kaspersky-labs.com
192.168.200.3 us.mcafee.com
192.168.200.3 vil.nai.com
192.168.200.3 viruslist.com
192.168.200.3 viruslist.ru
192.168.200.3 virusscan.jotti.org
192.168.200.3 virustotal.com
192.168.200.3 windowsupdate.microsoft.com
192.168.200.3 www.avp.ch
192.168.200.3 www.avp.com
192.168.200.3 www.avp.ru
192.168.200.3 www.awaps.net
192.168.200.3 www.ca.com
192.168.200.3 www.f-secure.com
192.168.200.3 www.fastclick.net
192.168.200.3 www.grisoft.com
192.168.200.3 www.Kaspersky-labs.com
192.168.200.3 www.Kaspersky.com
192.168.200.3 www.Kaspersky.ru
192.168.200.3 www.mcafee.com
192.168.200.3 www.microsoft.com
192.168.200.3 www.my-etrust.com
192.168.200.3 www.nai.com
192.168.200.3 www.networkassociates.com
192.168.200.3 www.pandasoftware.com
192.168.200.3 www.sophos.com
192.168.200.3 www.Symantec.com
192.168.200.3 www.Symantec.com
192.168.200.3 www.trendmicro.com
192.168.200.3 www.viruslist.com
192.168.200.3 www.viruslist.ru
192.168.200.3 www.virustotal.com
192.168.200.3 www3.ca.com
Note: In any Trojan Virantix files I mention above, “%UserProfile%” is a variable referring to your current user’s profile folder. If you’re using Windows NT/2000/XP, by default this is “C:\Documents and Settings\[CURRENT USER]” (e.g., “C:\Documents and Settings\JoeSmith”). If you have any questions about manual Trojan Virantix removal, go ahead and leave a comment.
How Do You Remove Trojan Virantix Files?
Need help figuring out how to delete Trojan Virantix files? While there’s some risk involved, and you should only manually remove Trojan Virantix files if you’re comfortable editing your system, you’ll find it’s fairly easy to delete Trojan Virantix files in Windows.
How to delete Trojan Virantix files in Windows XP and Vista:
- Click your Windows Start menu, and then click “Search.”
- A speech bubble will pop up asking you, “What do you want to search for?” Click “All files and folders.”
- Type a Trojan Virantix file in the search box, and select “Local Hard Drives.”
- Click “Search.” Once the file is found, delete it.
How to stop Trojan Virantix processes:
- Click the Start menu, select Run.
- Type taskmgr.exe into the the Run command box, and click “OK.” You can also launch the Task Manager by pressing keys CTRL + Shift + ESC.
- Click Processes tab, and find Trojan Virantix processes.
- Once you’ve found the Trojan Virantix processes, right-click them and select “End Process” to kill Trojan Virantix.
How to remove Trojan Virantix registry keys:
Because your registry is such a key piece of your Windows system, you should always backup your registry before you edit it. Editing your registry can be intimidating if you’re not a computer expert, and when you change or a delete a critical registry key or value, there’s a chance you may need to reinstall your entire system. Make sure your backup your registry before editing it.
- Select your Windows menu “Start,” and click “Run.” An “Open” field will appear. Type “regedit” and click “OK” to open up your Registry Editor.
- Registry Editor will open as a window with two panes. The left side Registry Editor’s window lets you select various registry keys, and the right side displays the registry values of the registry key you select.
- To find a registry key, such as any Trojan Virantix registry keys, select “Edit,” then select “Find,” and in the search bar type any of Trojan Virantix’s registry keys.
- As soon as Trojan Virantix registry key appears, you can delete the Trojan Virantix registry key by right-clicking it and selecting “Modify,” then clicking “Delete.”
How to delete Trojan Virantix DLL files:
- First locate Trojan Virantix DLL files you want to delete. Open your Windows Start menu, then click “Run.” Type “cmd” in Run, and click “OK.”
- To change your current directory, type “cd” in the command box, press your “Space” key, and enter the full directory where the Trojan Virantix DLL file is located. If you’re not sure if the Trojan Virantix DLL file is located in a particular directory, enter “dir” in the command box to display a directory’s contents. To go one directory back, enter “cd ..” in the command box and press “Enter.”
- When you’ve located the Trojan Virantix DLL file you want to remove, type “regsvr32 /u SampleDLLName.dll” (e.g., “regsvr32 /u jl27script.dll”) and press your “Enter” key.
That’s it. If you want to restore any Trojan Virantix DLL file you removed, type “regsvr32 DLLJustDeleted.dll” (e.g., “regsvr32 jl27script.dll”) into your command box, and press your “Enter” key.
Did Trojan Virantix change your homepage?
- Click Windows Start menu > Control Panel > Internet Options.
- Under Home Page, select the General > Use Default.
- Type in the URL you want as your home page (e.g., “http://www.homepage.com”).
- Select Apply > OK.
- You’ll want to open a fresh web page and make sure that your new default home page pops up.
Trojan Virantix Removal Tip
Is your computer acting funny after deleting any Trojan Virantix files? I recommend using a program like File Recover from PC Tools. File Recover saves deleted files that otherwise can’t be recovered by Windows operating sytem.
Want to save time finding Trojan Virantix files? Download Spyware Doctor, let it find the Trojan Virantix files for you, and then manually delete Trojan Virantix files.
How Did You Get Trojan Virantix?
Wondering how Trojan Virantix ended up on your PC? If you’re infected with Trojan Virantix or other badware, perhaps you were using…
- Freeware or shareware: Did you download and install shareware or freeware? These low-cost or free software applications may come bundled with spyware, adware, or programs like Trojan Virantix. Sometimes adware is attached to the free software to “pay” developers for the cost of creating the software, and more often spyware is secretly attached to free software to harm your computer and steal your personal and financial information.
- Peer-to-peer software: Do you use a peer-to-peer (P2P) program or other application with a shared network? When you use these applications, you put your system at risk for unknowingly downloading an infected file, including applications like Trojan Virantix.
- Questionable websites: Did you visit a website that’s of questionable nature? When you visit malicious sites that are fishy and phishy, badware may be automatically downloaded and installed onto your computer, sometimes including applications like Trojan Virantix. I recommend you use Firefox web browser, if you don’t already.
Understanding Trojan Virantix
If you’re infected with Trojan Virantix, you should know what you’re fighting. I’ll explain some definitions related to Trojan Virantix.
Trojan Virantix May Be a Trojan
Trojans install themselves secretly onto your computer, most often through your downloading a simple email attachment (often Trojans pose as harmless pictures). Most Trojans are able to gain complete control over your PC after installation. With this control, the Trojan and the hacker behind it may change your system settings, delete important files, steal your passwords, and watch your computer acitivity.
Infection Methods of Trojan Virantix and Other Trojans
Most Trojans infect your computer by tricking you into launching an infected file. This poisoned file could disguised as a small file, such as a jpeg or other email attachment, or it might be downloaded via a website or FTP.
- Email: Your PC may be infected with a Trojan when you download infected email attachments, or sometimes even when you simply open an email. Many Trojans exploit security holes in Microsoft Outlook. You may be able to reduce your chances of getting infected by a Trojan by using a spam-blocking software.
- Websites: Your PC may be infected with a Trojan when you visit a rogue site. Many Trojans exploit security holes in Internet Explorer web browser so that by simply visiting a website you may unknowingly download a Trojan.
- Open ports: If your computer runs programs that provide file-sharing functions – such as AOL Instant Messenger (AIM), MSN Messenger, and more – you may open your computer up to vulnerabilities. Using file sharing through these applications may create a network that gives attackers the opportunity to remotely access your computer.
Trojan Virantix May Be Rogue Anti-Spyware
Rogue anti-spyware refers to anti-spyware/antivirus software of questionable value. Rogue anti-spyware may not be proven to protect your computer from spyware, may popup fake alerts or create many false positives about your PC being infected, or may use scare tactics to try to get you to purchase the application. Rogue anti-spyware software may be installed by a Trojan, come bundled with other software, or install itself through web browser security holes. While it is fairly rare, some rogue anti-spyware is created and distributed by known spyware or adware companies, and the rogue anti-spyware may install spyware or adware itself.
Often when you’re infected with rogue anti-spyware like Trojan Virantix, you’ll see a false popup security alert like this:
Rogue Anti-Spyware Tactics
Typically, rogue anti-spyware such as Trojan Virantix has one or more of the qualities listed below, which is why rogue anti-spyware is considered anti-spyware software of questionable value.
- False positives/fake alerts: Rogue anti-spyware may produce a large number of false positives or use fake alerts, noting that your computer is infected with spyware parasites or other threats that do not really exist.
- Copycat looks: Rogue anti-spyware may copy the look and feel of other legitimate or rogue anti-spyware applications. Often, rogue anti-spyware applications may appear as close clones of other rogue anti-spyware software.
- High pressure marketing: Rogue anti-spyware may use scare tactics or other aggressive advertising and marketing tactics to try to trick you into buying the rogue anti-spyware application. Often, rogue anti-spyware may produce false positives and fake alerts about your computer being infected.
- Poor detection/scan reporting: Rogue anti-spyware may produce poor reports when it scans your PC. For example, rogue anti-spyware may say your computer is infected 11 parasites, but not specify which spyware parasites or what type of parasites. Rogue anti-spyware may also report that your PC is infected with SafeAndClean, but not tell you which related files, DLLS, etc. were found on your computer.
- Weak scanning/detection: Rogue anti-spyware may not only poorly report on computer infection, but rogue antispyware may also poorly scan your PC. Rogue anti-spyware may skip over important folders and files of your computer that should be scanned to detect spyware.
Did Trojan Virantix use these tactics to trick you into buying Trojan Virantix?
Trojan Virantix May Be a Backdoor
“Backdoor” describes a parasite that gets past your system’s normal means of authentication, remotely accesses your PC, or otherwise enters your system without being detected. Trojans and worms often use backdoor methods to access your computer and steal your personal and financial information and/or install more malware into your PC.
Categories: Trojans
If you get this Trojan with the red X and the pop-up message, do NOT click on the red X. If you have already done that, it will download more stuff onto your computer while pretending to scan it for viruses. If you have already clicked it, do a system restore from the day before and all the stuff they downloaded with the fake scan will be gone, but you’ll still have the red X with the warning. You can then start from there to get rid of it. I’m at that stage now.
by Robert on Nov 18, 2008 at 3:48 am