AntiVirus XP2008 - Warning!
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Other forums
- :
- Tech Help - Software/Hardware etc
- :
- Re: AntiVirus XP2008 - Warning!
Re: AntiVirus XP2008 - Warning!
22-08-2008 12:48 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: AntiVirus XP2008 - Warning!
22-08-2008 2:24 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Don't know how it got there, I only casually browse on the internet now and again. My sister uses it more than me and claims she didn't click anything dodgy, but believe that and you'll believe anything
Tried to remove it manually, with limited success. Also tried some spyware removers and the latest AVG with none at all. AVG took 2.5 hours to scan the PC and not find anything - so I decided to rebuild the laptop. Bit extreme I know, but I figured rather than waiting 2.5 hours for something which might fix it, I may as well fix it
That doesn't help the people who want to remove it I know, and I don't know how to manually do it.
Hopefully AVG has caught up with it now (whatever it was) and will remove it.
The latest psychological trick of the scammers is to make a fake virus checking app, which gives fake warnings about the PC (unless it warns about itself, which would be genuine), in the hope you'll either buy something or apply a 'fix' which would be more of the same I guess.
Re: AntiVirus XP2008 - Warning!
22-08-2008 2:57 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: AntiVirus XP2008 - Warning!
22-08-2008 4:52 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
He had all the latest security up to date so I dont know how he ended up with it.
regards
jono
jono
Re: AntiVirus XP2008 - Warning!
22-08-2008 5:31 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: AntiVirus XP2008 - Warning!
22-08-2008 5:41 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: AntiVirus XP2008 - Warning!
22-08-2008 7:31 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: AntiVirus XP2008 - Warning!
22-08-2008 8:11 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: AntiVirus XP2008 - Warning!
22-08-2008 8:59 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Search Results
1.
AntiVirusXP2008 - Symantec.com
16 Jul 2008 ... Behavior. AntiVirusXP2008 is a misleading application that may give exaggerated reports of threats on the computer. ...
www.symantec.com/security_response/writeup.jsp?docid=2008-071613-4343-99 - 28k - Cached - Similar pages
2.
AntiVirusXP2008 - Symantec.com
16 Jul 2008 ... Symantec Security Response: comprehensive, global, 24x7 internet protection expertise to guard against complex threats, including virus, ...
www.symantec.com/security_response/writeup.jsp?docid=2008-071613-4343-99&tabid=2 - 30k - Cached - Similar pages
3.
Remove AntivirusXP2008
AntivirusXP2008 (or Antivirus XP 2008, AntiVirXP08, AntivirusXP 2008,
www.pcthreat.com/parasitebyid-6953en.html - 28k - Cached - Similar pages
4.
Remove Antivirus XP 2008 ( AntivirusXP2008 Removal Instructions ...
Antivirus XP 2008 ( AntivirusXP2008 ) is a rogue anti-spyware application that is promoted and installed by trojan. Once inside...
www.removeonline.com/remove-antivirus-xp-2008-antivirusxp2008-removal-instructions/ - 42k - Cached - Similar pages
5.
Antivirus XP 2008 or AntivirusXP2008 :: Antivirus XP 2008 Removal ...
Antivirus XP 2008 Description and Removal Instructions. Find and Detect Antivirus XP 2008 on your PC. Remove, Uninstall and Get Rid of Antivirus XP 2008.
www.spywareremove.com/removeAntivirusXP2008.html - 37k - Cached - Similar pages
6.
RogueAntiSpyware.AntivirusXP2008 - Threat Details
Information and removal instructions for the RogueAntiSpyware.AntivirusXP2008 infection, this infection can be detected and cleaned using Spyware Doctor.
www.pctools.com/mrc/infections/id/RogueAntiSpyware.AntivirusXP2008/ - 29k - Cached - Similar pages
Re: AntiVirus XP2008 - Warning!
22-08-2008 9:39 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: AntiVirus XP2008 - Warning!
22-08-2008 9:39 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
You need to remove spyhunter3 it may be a 'rouge' possibly downloaded by a link supplied by antivirus xp 2008 (it may have downloaded it itself also as part of this type of malware is a downloader trojan that just keeps all the nasties alive, chances are it had infected the restore point system also.
PrevX (used to be a great free icm program - has this to say about spyhunter3 http://www.prevx.com/filenames/112290380643721532-0/SPYHUNTER3.EXE.html its not a nice product.
Keep to the stable diet of using SpyBot S&D (free), A² Free(again a very good malware removal app), SpywareDoctor (free as part of the googlepack) use either AVG or Avast.also try looking at add remove programs and try uninstalling them it may work, you may find you need to turn off the restore points for them to actually be removed.
The issue you now have is that the envronment that you need to use these products in is 'infected' and if winantivirus xp is a clever sort it will have protected itself by blocking the instalation of other applications or hinder them working, so you may need to run scans from outside of the install it self
You can do this by using a LiveCD either the FSecure one here http://www.f-secure.com/weblog/archives/00001474.html or by getting another LinuxLive CD with either Clam/Fprot antivirus and perhaps RKhunter (hunts down rootkits) you can also use the livecd to safely transfer any important documents and files to an external usb drive prior to cleaning to make sure that the data is recoverable.
The most important thing to remember is not to panic.
Try the windows native stuff first (as per the third paragraph above)
Hope this helps and good luck
EDIT just noticed that prevx still offers a free scan may be worth a try
Jase
Re: AntiVirus XP2008 - Warning!
22-08-2008 9:52 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: AntiVirus XP2008 - Warning!
31-08-2008 12:24 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
It went away .. for a while.
Started blasting AntiVirus XP2009...
Found out that the thing had got to a few other places.
Infected the following places:
- System Volume Information/Restore - C:\System Volume Information\_restore{D8AD0B03-64D3-4D49-ABED-F6AC8C1C4873}\RP6
- C:\System Volume Information\_restore{D8AD0B03-64D3-4D49-ABED-F6AC8C1C4873}\RP5\A0002373.exe
- User's Temporary Directory - C:\Douments and Settings\Username\Local Settings\Temp\_A00F80C11E.exe
It had also (apparnetly) overwritten/modified System DLLs:
- %System32%\wsock.dll
- %System32%\wsock32.dll
- %System32%\kernel32.dll
Using Avast to "Scan on Startup", it found these.
Using Security Task Manager I was able to find the root cause and Dr Delete to remove this file:
- System32 - %System32%\__c00A666F.dat
The __c00A666F.dat file was actually a DLL being used as a Module in both Explorer and IExplore.
Upon renaming the extension to .EXE it had the same Icon as - Username\Local Settings\Temp\_A00F80C11E.exe.
I even went to the trouble of dissassembling these files which I had access to.
The thing was packed by some means, so I couldn't get anymore information out about what it might have been doing.
PSTools - ProcMon, confirmed that the file was being loaded as a Module,
as you can view the Modules loaded by any process with it.
You could throw bloatware which claims to fix thes these things all day and they'll not help you at all.
You just need Tools and some basic idea of whats what.
Hope this helps anyone with the same problems!
Jim,
Re: AntiVirus XP2008 - Warning!
04-09-2008 8:03 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Try it before looking elsewhere - www.malwarebytes.org
Re: AntiVirus XP2008 - Warning!
04-09-2008 10:47 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Other forums
- :
- Tech Help - Software/Hardware etc
- :
- Re: AntiVirus XP2008 - Warning!