Why Do You Need Anti Virus Software?

Over the years, countless electronics stores have heard the same question over and over again, “why do you need anti virus software?” It’s a legitimate question and it’s also one that gets asked quite a bit, even now. The truth is, you need anti virus software because, without it, you are leaving yourself open to things that can get into your computer and steal your personal information without a second glance.

If you are not protected from viruses, then you are likely to infect your computer with things that are irreversible and you may even have to take your computer back to the factory settings! This means that everything that was ever on your computer, aside from the things that it came with directly from the factory, are gone. All of your downloads, your music…everything will be gone! Some viruses can even damage your computer so completely that you can’t restore it at all. This means that you have to actually buy a whole new computer and that can set you back thousands of dollars once you’re done buying the software and the computer itself. I’d hope that the answer to “why do you need anti virus software?” is becoming clearer now.

There are other things that can infect your computer that don’t hurt the computer immediately. For example, keyloggers. In fact, keyloggers never harm your computer, just the information that you keep stored there. A keylogger is something or someone that can track every single button that you press on your computer keyboard. They are nearly impossible to trace, but anti virus software can keep them out of your computer for good! Without the software, though, you are leaving yourself wide open to them! So, next time someone asks you “why do you need anti virus software?”, spread the word. Tell them why it’s so important to protect their computer and their information.


New Rogue “Antivirus System” locks you out of safe mode

By Tyler Moffitt

Recently we’ve seen a new fake security product running around that has made improvements to the standard rogue. Typical rogues are annoying, but relatively easy to take care of. Previously, all you had to do was boot into safe mode with networking and remove the files and registry entries (or install Webroot). Support forums everywhere use safe mode with networking as the “go to” mode for virus removal as non-core components are not loaded at start up and it’s easier to isolate problems. In the vast majority of the rogues we see, they are not loaded in the few modules which start up in safe mode. Antivirus System does, however, and it also applies some new and improved social engineering tactics to fool you into thinking it’s a real program trying to help you.

Once loaded onto your system, any executable you try and launch will be stopped and flagged as malicious – pretty standard. Eventually the interface will come up and will start scanning. What’s unique about this variant is it does actually scan your system. I do not mean it removes malware or does anything beneficial, but the infections it reports are real files on your computer. This variant flagged Dell drivers that are exclusive to my laptop model and one of my chrome extensions. This indexing of real files is a big improvement over the transparently fake “scan” buttons on previous rogues that just lead to an animation of a loading bar along with a generic list system files. Antivirus System also has many “features” which appear on most legitimate security applications. It has Internet Security which is similar in description to Webroot’s Web Threat Shield. Their Personal Security attempts to spoof features like Webroot’s Identity Shield, and Proactive Defense fakes features similar to Webroot’s Real Time Protection. This rogue even has configuration settings like “Concede resources to other applications” alluding that it can lower how much of a resource hog it can be – if you pay for it. Of course none of these “features” do anything, and if you try and switch them on you’ll just be presented with their purchase screen.

Removal without Webroot installed

Most experienced users would immediately go into safe mode with networking after seeing this. This won’t work, as the rogue is attached to the explorer shell, which is a module loaded in safe mode, and it will lock you down after you launch any executable (regedit, task manager, standalone virus removal tools, ect.). This is probably the point where most people have run out of options and consider taking their PC to a 3rd party technician where you’ll likely pay double the ransom cost of the Rogue. There is no need to do this as there are plenty more tricks to get around these rogues.

  • Boot into Safe mode with Command Prompt (doesn’t launch explorer shell)
  • The first screen that comes up is cmd.exe, type: “control nusrmgr.cpl” to launch the user account screen
  • On the user account screen click on “Manage another account”
  • On the Manage Account screen click on “Create new account”
  • Call this account whatever you want and then create the account (just make sure it has administrator privileges)
  • Reboot the computer and then log into that new account (safe mode or normal mode)
  • This new account won’t have those policies the virus created and you should be able to use this account freely You can install Webroot to scan and remove the virus, or you can just delete the files and registry entries associated:
    C:\Users\All Users\pavsdata
    C:\Users\All Users\pavsdata\21.4.exe
    C:\Users\All Users\pavsdata\app.ico
    C:\Users\All Users\pavsdata\cache.bin
    C:\Users\All Users\pavsdata\support.ico
    C:\Users\All Users\pavsdata\uninst.ico
    C:\Users\All Users\pavsdata\vl.bin
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “avsdsvc” = “%CommonAppData%\pavsdata\21.4.exe /min”
    Default=”C:\\ProgramData\\pavsdata\\21.4.exe\” /ex \”%1\” %*
    Default=”%1\” %*

Removal with Webroot installed

If you already have Webroot installed, then you shouldn’t even have to scan as we should block this in real time.  If you happen to come across a new zero-day signature that doesn’t yet have a determination, then you should know about Webroot’s ability to remediate infections without a database determination. All you have to do is open your client, click the “System Tools” tab, and then click “Start” under Control Active Processes. You’ll then be presented with the screen below, which shows all the active processes that are running:

Anything running under the “monitor” column should be scrutinized. If you find anything randomly named under AppData or ProgramData, then you would set it to “block” and run a scan. Upon finishing the scan, Webroot will remove the file and roll back any changes made by the malware.

Webroot support is always more than happy to help with removal and any questions regarding infections.


Article Source: http://blog.webroot.com/2013/07/17/new-rogue-antivirus-system-locks-you-out-of-safe-mode/

5 Of The Best Free Antivirus Software You May Want To Go For

The internet is proving to be a dangerous place because of viruses, hackers, and spyware and phishing sites. Therefore, PC owners require reliable antivirus software to help them keep computers safe. However, it can prove expensive to keep the PCs safe, because you will need to keep updating the antivirus software every year. Fortunately, several top antivirus software available in the market makes it easy to keep your PC safe. These include:

1. Panda Cloud Antivirus

The Panda Cloud antivirus features a lightweight tool that offers real-time antivirus protection for free. The software can be used along other security programs without problems. It is a free version of the commercial product and therefore, it has several missing features. The “USB Vaccine” helps to reduce the risks of malware likely to infect the USB drive while the Pro-edition seeks to protect users on public Wi-Fi networks.

2. AVG Free Antivirus

The AVG Free Antivirus offers a solid package with a range of features including: an antivirus engine, identity theft protection, email scanner and a Link Scanner Surf-Shield that helps to ensure safety while you are online. The software features lots of buttons, tiles and menu entries, which make the program to look more complex.

3. A vast Free Antivirus

The A vast Free Antivirus is considered one of the most popular softwares. The program can be installed easily because it features a straightforward interface that is easy to use. Performing a quick scan can help you identify potential threats on the PC. All this offers a minimal impact on the performance of the system. Independent testing of the software has found the program good. The Avast Free features useful extras include a software updater that alerts you to update the program.

4. Zone Alarm Free Antivirus + firewall

The main concern about the Zone Alarm Free Antivirus + Firewall are that it is updated daily (the hourly updates are normally reserved for the commercial-version). The daily updates leaves the PC exposed to the latest threats. Nevertheless, the software offers plenty of functionality (with a capable AV Test certified antivirus engine), some browsing protection and easy-to-use firewall.

5. Emsisoft Emergency Kit

Other antivirus programs do not come with guaranteed 100% rate of detection. As a result, malware is likely to slip through the defenses. Therefore, it is important to have in place a second tool such as the Emsisoft Emergency Kit. The program operates without requiring to be installed. This reduces chances of conflict with other existing antivirus packages.