Sign In
Create Account
2
hxxp://scanner.anvi-scanner.com/35/?advid=0000004683&B&
Everytime i try to install in Windows XP with vmware. I get a message about i need the newer version of Windows and it won't install. Anyone want to test the link on Vista. I couldn't get it to install. have fun
#1
Posted 15 July 2008 - 03:18 AM
-
- Experts
-
- 1,605 posts
Forum Deity
- Gender:Male
- Location:West Coast of Florida
Microsoft Valuable Professional---MVP Consumer Security 2007-2010
Windows 7 Ultimate 64bit
Gigabyte P55A-UD4P Motherboard Intel i5 750 G.SKILL Ripjaws Series 4GB DDR3 1333 1TB WD 32mb cache
60gb OCZ Vertex Turbo SSD (BOOT drive)Noctua NH-U12P SE2 HeatsinkAntec P183 Case
Windows 7 Ultimate 64bit
Gigabyte P55A-UD4P Motherboard Intel i5 750 G.SKILL Ripjaws Series 4GB DDR3 1333 1TB WD 32mb cache
60gb OCZ Vertex Turbo SSD (BOOT drive)Noctua NH-U12P SE2 HeatsinkAntec P183 Case
Back to top
#2
Guest_remixed_*
Posted 15 July 2008 - 02:19 PM
Guest_remixed_*
-
- Guests
#3
Posted 16 July 2008 - 01:28 AM
-
- Experts
-
- 1,605 posts
Forum Deity
- Gender:Male
- Location:West Coast of Florida
hmm i wonder if it installed the rogue or not. I did have that file on my computer, but the rogue wouldn't install. The file is pretty prevalent with this kind of infection, so i don't think that's the question. I still don't know if the rogue will install or not.
Microsoft Valuable Professional---MVP Consumer Security 2007-2010
Windows 7 Ultimate 64bit
Gigabyte P55A-UD4P Motherboard Intel i5 750 G.SKILL Ripjaws Series 4GB DDR3 1333 1TB WD 32mb cache
60gb OCZ Vertex Turbo SSD (BOOT drive)Noctua NH-U12P SE2 HeatsinkAntec P183 Case
Windows 7 Ultimate 64bit
Gigabyte P55A-UD4P Motherboard Intel i5 750 G.SKILL Ripjaws Series 4GB DDR3 1333 1TB WD 32mb cache
60gb OCZ Vertex Turbo SSD (BOOT drive)Noctua NH-U12P SE2 HeatsinkAntec P183 Case
#4
Posted 16 July 2008 - 02:53 AM
-
- Experts
-
- 795 posts
Elite Member
- Location:Blue Ridge, Va.
I have it on Vista now.
It installs files but want run when prompted.
I get the same alert.
a7.gif 21.64K
74 downloads
a6.gif 25.59K
48 downloads
It installs files but want run when prompted.
I get the same alert.
a7.gif 21.64K
74 downloads
a6.gif 25.59K
48 downloads
Member Since 2004
Calendar of Updates?
#5
Posted 16 July 2008 - 02:57 AM
-
- Experts
-
- 795 posts
Elite Member
- Location:Blue Ridge, Va.
Member Since 2004
Calendar of Updates?
#6
Posted 16 July 2008 - 06:24 AM
-
- Moderators
-
- 1,935 posts
Forum Deity
- Gender:Male
- Location:Phx. AZ. USA
- Interests:Formula 1 Auto Racing, Computer Security, Entertainment, Sci-Fi, SuperHeroes
Some more about this one, posted to SiteAdvisor after I installed it:
scanner.anvi-scanner.com
Current IP*: 91.208.0.252
Registrar: ESTDOMAINS, INC.
Whois Server: whois.estdomains.com
Referral URL: http://www.estdomains.com
Name Server: NS1.ANVI-SCANNER.COM
Name Server: NS2.ANVI-SCANNER.COM
Status: clientTransferProhibited
Updated Date: 14-jul-2008
Creation Date: 05-jul-2008
Expiration Date: 05-jul-2009
Installs Antivirus Master via the following:
hxxp://scanner.anvi-scanner.com/setup/file.php?xid=install_4683_MHwzNXwwfHx8fHx8fHw_
Result: 10/33 (30.30%)
Avast 4.8.1195.0 2008.07.15 Win32:FakeAV-M
AVG 7.5.0.516 2008.07.15 Downloader.Purityscan.AY
ClamAV 0.93.1 2008.07.15 Adware.Brasen-2
eSafe 7.0.17.0 2008.07.14 Suspicious File
F-Secure 7.60.13501.0 2008.07.15 FraudTool.Win32.UltimateAntivirus.m
GData 2.0.7306.1023 2008.07.15 Win32:FakeAV-M
Ikarus T3.1.1.26.0 2008.07.15 Virus.Win32.FakeAV.M
Kaspersky 7.0.0.125 2008.07.15 not-a-virus:FraudTool.Win32.UltimateAntivirus.m
Panda 9.0.0.4 2008.07.14 Suspicious file
Webwasher-Gateway 6.6.2 2008.07.15 Win32.Malware.gen (suspicious)
http://www.virustotal.com/analisis/fcd229e...ca235e5447414b6
Entries from HJT log:
O4 - HKLM\..\Run: [Antivirus] C:\Program Files\AVM\avm.exe
O4 - HKCU\..\Run: [Antivirus] C:\Program Files\AVM\avm.exe
O16 - DPF: {7545D8C8-F53C-4E2F-8FA0-D248EF4A6E61} -
hxxp://scanner.anvi-scanner.com/setup/setup.cab
details about avm.exe:
http://www.ca.com/securityadvisor/pest/pes...px?id=453137639
scanner.anvi-scanner.com
Current IP*: 91.208.0.252
Registrar: ESTDOMAINS, INC.
Whois Server: whois.estdomains.com
Referral URL: http://www.estdomains.com
Name Server: NS1.ANVI-SCANNER.COM
Name Server: NS2.ANVI-SCANNER.COM
Status: clientTransferProhibited
Updated Date: 14-jul-2008
Creation Date: 05-jul-2008
Expiration Date: 05-jul-2009
Installs Antivirus Master via the following:
hxxp://scanner.anvi-scanner.com/setup/file.php?xid=install_4683_MHwzNXwwfHx8fHx8fHw_
Result: 10/33 (30.30%)
Avast 4.8.1195.0 2008.07.15 Win32:FakeAV-M
AVG 7.5.0.516 2008.07.15 Downloader.Purityscan.AY
ClamAV 0.93.1 2008.07.15 Adware.Brasen-2
eSafe 7.0.17.0 2008.07.14 Suspicious File
F-Secure 7.60.13501.0 2008.07.15 FraudTool.Win32.UltimateAntivirus.m
GData 2.0.7306.1023 2008.07.15 Win32:FakeAV-M
Ikarus T3.1.1.26.0 2008.07.15 Virus.Win32.FakeAV.M
Kaspersky 7.0.0.125 2008.07.15 not-a-virus:FraudTool.Win32.UltimateAntivirus.m
Panda 9.0.0.4 2008.07.14 Suspicious file
Webwasher-Gateway 6.6.2 2008.07.15 Win32.Malware.gen (suspicious)
http://www.virustotal.com/analisis/fcd229e...ca235e5447414b6
Entries from HJT log:
O4 - HKLM\..\Run: [Antivirus] C:\Program Files\AVM\avm.exe
O4 - HKCU\..\Run: [Antivirus] C:\Program Files\AVM\avm.exe
O16 - DPF: {7545D8C8-F53C-4E2F-8FA0-D248EF4A6E61} -
hxxp://scanner.anvi-scanner.com/setup/setup.cab
details about avm.exe:
http://www.ca.com/securityadvisor/pest/pes...px?id=453137639
#7
Posted 07 August 2008 - 03:53 PM
-
- Members
-
- 6 posts
New Member
This is the one I have I think... The two sites it's tried to take me to are scanner.shredder-scan.com and scanner.anvi-scanner.com...
I can't wait for Malwarebytes to kick its a$$!!!!
I can't wait for Malwarebytes to kick its a$$!!!!
#8
Posted 07 August 2008 - 04:18 PM
-
- Honorary Members
-
- 3,867 posts
Delete this account!!
- Interests:would love to see some honesty around this site.
SpywareSux, on Aug 7 2008, 09:53 AM, said:
This is the one I have I think... The two sites it's tried to take me to are scanner.shredder-scan.com and scanner.anvi-scanner.com...
I can't wait for Malwarebytes to kick its a$$!!!!
I can't wait for Malwarebytes to kick its a$$!!!!
MBAM does get the one mentioned. If you are using it and do have it, then it should get removed. If your infected you should follow the instructions here http://www.malwareby...?showtopic=2936
#9
Posted 08 August 2008 - 04:17 AM
-
- Experts
-
- 1,549 posts
Malware Researcher
- Gender:Male
- Location:United States
sjpritch25, on Jul 14 2008, 11:18 PM, said:
hxxp://scanner.anvi-scanner.com/35/?advid=0000004683&B&
Everytime i try to install in Windows XP with vmware. I get a message about i need the newer version of Windows and it won't install. Anyone want to test the link on Vista. I couldn't get it to install. have fun
Everytime i try to install in Windows XP with vmware. I get a message about i need the newer version of Windows and it won't install. Anyone want to test the link on Vista. I couldn't get it to install. have fun
Works fine under SandBoxie v3.29.16
Drops the following two executable files:
avm.exe in program files\avm
avm.cpl in \windows\system32
Runs in the background. keeps a windows like alert balloon beside your clock as long as avm.exe is running.
makes a few registry changes, startup.
Fairly easy to kill.
#10
Posted 11 August 2008 - 03:14 PM
-
- Members
-
- 5 posts
New Member
More info hxxp://cleanthe.net/2008/07/23/antivirus-master/
Edited by JeanInMontana, 21 August 2008 - 06:04 PM.
link spamming
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users
