cancel
Showing results for 
Search instead for 
Did you mean: 

AntiVirus XP2008 - Warning!

Prod_Man
Grafter
Posts: 286
Registered: 04-08-2007

AntiVirus XP2008 - Warning!

This appears to be a very nasty "hoax" to sell an expensive removal system!
Installation happens like it or not (perhaps even as the result of a driveby / possibly from one of the CNN spams)
some symptoms include
False desktop - which has fake virus detected with pop up screen shot. -
Then a false screen saver installed which has a BSOD that looks like a hardware malfunction.
(tabs to access these disabled in registry)
Likewise services tab in task manager and system restore operation blocked.
Has anyone any experience with it and in particular how to prevent it installing, as many existing anti virus and firewalls do not recognise this.
Most internet sites lead back to the same few pieces of sotfware (and the major concerns do not seem to mention this nasty little blighter!)
Any help with known prevention and removal would be much appreciated
PM
34 REPLIES
Community Veteran
Posts: 38,310
Thanks: 972
Fixes: 57
Registered: 15-06-2007

Re: AntiVirus XP2008 - Warning!

Have a read here Sunbelt and here Sunbelt for a bit more information
minkey
Grafter
Posts: 386
Registered: 22-07-2007

Re: AntiVirus XP2008 - Warning!

Here also points to a free removal program
http://www.bleepingcomputer.com/malware-removal/remove-antivirus-xp-2008
(about 1/3 way down - not the ads at the top)
Jeff
Community Veteran
Posts: 18,553
Thanks: 195
Registered: 12-08-2007

Re: AntiVirus XP2008 - Warning!

Prod_man, is this initially distributed via an email?
Oldjim, Sunbelt seems an interesting site.  I've not come across it before.  Thanks.
Community Veteran
Posts: 38,310
Thanks: 972
Fixes: 57
Registered: 15-06-2007

Re: AntiVirus XP2008 - Warning!

Community Veteran
Posts: 18,553
Thanks: 195
Registered: 12-08-2007

Re: AntiVirus XP2008 - Warning!

Something else I've learned.  I know the dslreports site but not come across wildersecurity.com before. Thanks.
Prod_Man
Grafter
Posts: 286
Registered: 04-08-2007

Re: AntiVirus XP2008 - Warning!

@all
Not certain how it is distributed !  -  (Not knowingly downloaded or installed).
Most of these sites lead to very similar information, and I find I am rather cynical as to how some companies advertise full removal of this?
Not sure how long it has been around but my main concern it to prevent re-infection, so thanks for the different links etc. These are some of the ones I have looked at
http://www.xp-antivirus-removal.com.removal-instructions.com/removeXPAntivirus.html
http://www.2-viruses.com/remove-antivirus-xp
http://www.wiki-security.com/wiki/Parasite/Antivirus2008
Mick
Lucy
Grafter
Posts: 45
Registered: 06-04-2007

Re: AntiVirus XP2008 - Warning!

Mick, you may be right about the link between the CNN spams and this trojan.  Look at one of the last comments on this page:
http://news.cnet.com/8301-1009_3-10016461-83.html
Prod_Man
Grafter
Posts: 286
Registered: 04-08-2007

Re: AntiVirus XP2008 - Warning!

Along with changes to config and many registry entries the following trojans were also identified
VISS V.B
and
FakeAlert  see here for list of files it can affect
http://research.sunbelt-software.com/threatdisplay.aspx?name=Trojan.FakeAlert&threatid=43521
Mick
Community Veteran
Posts: 5,877
Thanks: 1
Registered: 05-04-2007

Re: AntiVirus XP2008 - Warning!

Moderators Note:
I've moved this to a more appropriate home in everything internet. Smiley
firefly2
Grafter
Posts: 265
Registered: 16-11-2007

Re: AntiVirus XP2008 - Warning!

re the .bin file missing... as the item is locked i  had the same msge and turned the pc off and on and it is now working okay and active ... sorry if pushed my nose in  incorrect topic  Lips are sealed
pierre_pierre
Grafter
Posts: 19,757
Registered: 30-07-2007

Re: AntiVirus XP2008 - Warning!

I take it you are talking about AVG, yes that's another thread
http://community.plus.net/forum/index.php/topic,67376.0.html
firefly2
Grafter
Posts: 265
Registered: 16-11-2007

Re: AntiVirus XP2008 - Warning!

whoops .. sorry. didn't realise that it was open  for the  topic... thanks.. Embarrassed
hootiegibbon
Grafter
Posts: 30
Registered: 24-06-2008

Re: AntiVirus XP2008 - Warning!


another good place for information about this type of malware is
http://www.spywarewarrior.com/rogue_anti-spyware.htm#products
which back in the days when I used windows was a agodsend.
along with wilders security (as per above) and castlecops http://www.castlecops.com/
and a good virus definitions database like http://www.sophos.com/security/analyses/viruses-and-spyware/
as for the malware mentioned here it sounds line the latest version of winantivirusgold which I had to clean off of a collegues laptop recently
when removing make sure you rescan for its presence at boot time and also get a good antivirus livecd like this http://www.f-secure.com/linux-weblog/2008/06/19/f-secure-rescue-cd-300-released/
or if you want be free of such nuisances try a Linux or a *BSD
Jase
Fantasticfourum
Aspiring Pro
Posts: 386
Thanks: 53
Registered: 01-08-2007

Re: AntiVirus XP2008 - Warning!

Help please i have manged to get this ******* thing on my computer even though i had AVG antispyware and AVG anti Virus running the upshot appears to be as soon as i try to go to any website that refers to spyware it takes me straight to Antivirusxp2008 however after reading the posts i did manage to download SpyHunter 3 which initially showed numerous parasites however during scan i got the dreaded blue screen of death but still managed to delete the parasites listed. I then did a further scan which shows my system clear but its not as soon as i rebooted up came the WARNING SPYWARE DETECTED Message and its still there !!!!!! and it wont let me go to a lot of the sites referred to in the message replys any ideas before i lob my comp out of the window ?