1 Reply Latest reply on Apr 28, 2011 9:04 PM by Hayton

    How to detect Antivirus 2010

    rdefino

      We are running 8.7i with spyware modeule. But many of our systems still get crippled with antivirus 2010. Now is this a malware, virus or what? also, how can we protect ourshelves from this?

       

      thanks for any help

        • 1. Re: How to detect Antivirus 2010
          Hayton

          To anyone who wonders where the previous reply has gone : I reviewed the reply and decided that the advice as given was probably not suitable for a corporate customer.

           

          Antivirus 2010 is a fake AV program, which has been known since 2008. It belongs to a class of malware generically known as scareware, and McAfee detects and cleans some but not all of the items in this class. Most of these fake AV's require an initial user action to download them, but most of them are relatively straightforward to remove. Antivirus 2010 is more difficult to remove than many since it has a rootkit component, making full removal a more complicated process.

           

          McAfee's Getsusp tool might be able to deal with this fake AV. If you join the Getsusp group you will be able to download it, but you have to request it since it's still only a beta tool. There is a product guide and installation guide here.

           

          If Getsusp can't cope with a rootkit element of Antivirus 2010, there is a removal guide at bleepingcomputer.com which specifies a tool not generally recommended to corporate users but which is otherwise known to be effective.

           

          Message was edited by: Hayton on 29/04/11 03:03:30 IST

           

          Message was edited by: Hayton on 29/04/11 03:04:27 IST