AVCare

[TheIgster]

So, I recently turned on my monitor...the system was up and running and there was an AVCare icon on my desktop. It referenced a non-existant folder in Program Files, but it kind of shocked me that it was even there.

I've got ESET Nod32 running and Comodo Firewall. How the heck did this thing get in to actually create a desktop icon without being stopped? No nothing on my screen...no mention in Comodo or Nod32 about anything going on, on my system.

Anyone else get this icon on their desktop? I know that AVCare is a virus/spyware of some sort, but there is nothing else on my system other than this icon, which of course I deleted.

 

[VegasDen]

There probably is more on your system...you just might not see it.

What I would do is make sure NOD32 is updated...then do a full system scan. If it doesn't catch it (I think I saw a recent update that listed AVCare) then maybe go to this site. I am unsure of the "program" this site has for removal...but scroll to the bottom and they have what to do for manual removal.

After you are "clean" set NOD32 to auto update (if it isn't) and set a schedule to regularly scan your PC.

 

[Mercurial]

another useless topic by igter lol.

 

[Jacee]

Download Malwarebytes' Anti-Malware to your desktop
|MG| Malwarebytes Anti-Malware 1.40 Download
* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform full scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad. Please save it to a convenient location. Make sure all associated files and registry items have been removed.


Associated AVCare Files:

c:\Program Files\AV Care
c:\Program Files\AV Care\avc.ico
c:\Program Files\AV Care\AVCare.dat
c:\Program Files\AV Care\AVCare.exe
c:\Program Files\AV Care\AVCare.ini
c:\Program Files\AV Care\PP.exe
c:\Program Files\AV Care\Uninstall.exe
%UserProfile%\Desktop\AV Care.lnk
%UserProfile%\Start Menu\Programs\AV Care
%UserProfile%\Start Menu\Programs\AV Care\AV Care.lnk
​

Associated AVCare Windows Registry Information:

HKEY_LOCAL_MACHINE\SOFTWARE\AV Care
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AV Care
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "AV Care"

Restore your Hosts file:
Download the HostsXpert 4.3 - Hosts File Manager.

• Unzip HostsXpert 4.3 - Hosts File Manager to a convenient folder such as C:\HostsXpert
• Click HostsXpert.exe to Run HostsXpert 4.3 - Hosts File Manager from its new home
• Click "Make Hosts Writable?" in the upper right corner (If available).
• Click Restore Microsoft's Hosts file and then click OK.
• Click the X to exit the program.
• Note: If you were using a custom Hosts file you will need to replace any of those entries yourself.

 

[TheIgster]

another useless topic by igter lol.

What? WTF? :shock:

Is this some sort of personal attack? If so, why is this allowed? Mods?

I do have ESET set to scan every day as well as update every hour.

I also have Malwarebytes. Scanned several times and several things have been removed now.

I guess the question is with ESET Nod32 and Comodo Firewall installed, I'm really surprised that this thing got through.

The last thing I downloaded and installed was Windows 7 Codecs from Shark who posts on this forum. ESET does not like several things in the package and he has that posted on his forum. Malwarebytes doesn't like the package either.

I have since uninstalled it. I know that Shark says it's fine, but it's the only thing I've installed recently and my anti virus and ani malware both say it has issues.

 

[z3r010]

another useless topic by igter lol.

If you dont like them, then dont post in them!!

Warning given.

 

[Jacee]

Did you read this?

Wondering how AVCare ended up on your PC? If you’re infected with AVCare or other badware, perhaps you were using…

• Freeware or shareware: Did you download and install shareware or freeware? These low-cost or free software applications may come bundled with spyware, adware, or programs like AVCare. Sometimes adware is attached to the free software to “pay” developers for the cost of creating the software, and more often spyware is secretly attached to free software to harm your computer and steal your personal and financial information.
• Peer-to-peer software: Do you use a peer-to-peer (P2P) program or other application with a shared network? When you use these applications, you put your system at risk for unknowingly downloading an infected file, including applications like AVCare.
• Questionable websites: Did you visit a website that’s of questionable nature? When you visit malicious sites that are fishy and phishy, badware may be automatically downloaded and installed onto your computer, sometimes including applications like AVCare. I recommend you use Firefox web browser, if you don’t already.

 

[TheIgster]

Yes, of sourse surfing and whatever else can open you up to various things like this, but I was simply surprised that it managed to get on my system with things like Nod32 and Comodo running.

Like I said, I was away from my system, turned the monitor on and saw the icon on my desktop. It wasn't there previously when I left the computer for a bit and no one was doing anything on my system.

I felt pretty safe with Nod32 and Comodo and now, well, not so much. All the security in the world and this stuff still manages to leak through and install itself.

 

[iseeuu]

All the security in the world and this stuff still manages to leak through and install itself.

This article appeared in PC World:
Malware is Evading Detection, Researchers Say


It's like house cleaning, the job never stays done.

Robert

 

[TheIgster]

Thanks for posting that article. Interesting read.

 

[TGSoldier]

Download SuperAntiSpyware 4.27.1002 - Download - FileHippo.com

 

[Jacee]

SuperAntiSpyware doesn't work for everyone who has Win7. It causes an immediate BSOD on my system

 

[TheIgster]

SuperAntiSpyware doesn't work for everyone who has Win7. It causes an immediate BSOD on my system

Most likely because you are running build 7100.

Running the RTM here and it works just fine...scanning in the background right now.

Now I have Comodo Firewall, ESET Nod32, Malwarebytes and SuperAntiSpyware.

Isn't security fun?

 

[gamepro127]

So, I recently turned on my monitor...the system was up and running and there was an AVCare icon on my desktop. It referenced a non-existant folder in Program Files, but it kind of shocked me that it was even there.

I've got ESET Nod32 running and Comodo Firewall. How the heck did this thing get in to actually create a desktop icon without being stopped? No nothing on my screen...no mention in Comodo or Nod32 about anything going on, on my system.

Anyone else get this icon on their desktop? I know that AVCare is a virus/spyware of some sort, but there is nothing else on my system other than this icon, which of course I deleted.

I think what happened, the rogue got in (all rogue installers are randomized and hard for antivirus to detect)
Then it started, but ESET deleted its main .exe file (such as AVcare.exe)
so then the program wont run.
I recommend doing a scan with malwarebytes anti-malware