Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Antivirus XP 2008
Threat Center- Spyware and Virus Removal ^ | 7/30/2008 | Webmaster

Posted on 08/17/2008 1:24:34 PM PDT by AZFolks

Antivirus XP 2008 By: webmaster | Under: Unwanted Programs 26

Jun

Updated: July 30, 2008

Antivirus XP 2008 is a bogus antivirus application for Windows that was promoted and downloaded automatically by redirecting users internet browser to its predefined website.

Aliases: Adware.AntivirusXP2008

Risk Level: Medium

File Size: Varies

Affected System: Windows

Common Symptoms: 1. Redirects web broswser and pop-up scan results. It will then prompt the user to buy the licensed software.


TOPICS: Computers/Internet
KEYWORDS: spyware
Navigation: use the links below to view more comments.
first previous 1-2021-4041-6061-8081-83 next last
To: AZFolks; rdb3; Calvinist_Dark_Lord; GodGunsandGuts; CyberCowboy777; Salo; Bobsat; JosephW; ...

21 posted on 08/17/2008 2:22:15 PM PDT by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Anitius Severinus Boethius

I update and run Spybot S&D and Lavasoft Ad-Adware about once a week, and run my Webroot Window Washer every night on 7-pass bleach. My “resident” AV programs are the McAfee that comes free with Comcast and Webroot Spysweeper.

I never have any problems.


22 posted on 08/17/2008 2:25:32 PM PDT by Lancey Howard
[ Post Reply | Private Reply | To 19 | View Replies]

To: AZFolks

Did you download and install the thing, or did you just get redirected to the website. I got the redirect, but I didn’t install the thing.


23 posted on 08/17/2008 2:27:21 PM PDT by Gondring (I'll give up my right to die when hell freezes over my dead body!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: AZFolks
The bugger disabled my system restore feature.

The list of thing it can disable includes:

These are just a few of the things I noticed. They can be fixed by editing the registry, but how do you know if you got them all? Time for a clean reinstall.
24 posted on 08/17/2008 2:28:42 PM PDT by js1138
[ Post Reply | Private Reply | To 18 | View Replies]

To: js1138; AZFolks
They can be fixed by editing the registry, but how do you know if you got them all? Time for a clean reinstall.

Not necessary to go through all of that. Try the Combofix utility linked in post 2.

25 posted on 08/17/2008 2:34:44 PM PDT by Riley (The Fourth Estate is the Fifth Column.)
[ Post Reply | Private Reply | To 24 | View Replies]

To: js1138

I usually am able to clean these off without much trouble but my son’s pc was infected with a variant of this XP Antivirus that required wiping the hard drive.
The computer was so compromised that it was easier to just reinstall windows. Could not access (directly) c:\; could not access control panel; system settings; all user accounts were restricted; run command and command prompt were blocked; blocked updates from legit spyware and antivirus scanners - this thing was NASTY!


26 posted on 08/17/2008 2:39:47 PM PDT by backspace (It took me a week to come up with this tag line - please don't laugh at it.)
[ Post Reply | Private Reply | To 24 | View Replies]

To: Riley

I’m dubious about the ability of any program to undo all the damage I saw. In a business environment is cheaper just to reinstall Windows. You know its clean when you’re done.

Next time I’ll have recent backups of the system state. Fortunately, mission critical documents are kept on the server and backed up.


27 posted on 08/17/2008 2:46:59 PM PDT by js1138
[ Post Reply | Private Reply | To 2 | View Replies]

To: Riley

By the way, how do you run your utility when drives don’t show up on Explorer?


28 posted on 08/17/2008 2:48:21 PM PDT by js1138
[ Post Reply | Private Reply | To 25 | View Replies]

To: js1138

Do you have a desktop- and can the unit download anything?

If no and no- download it on another machine and put it on a memory stick/thumb drive. Use CTRL+ALT+DEL to bring up the Task Manager. On the Applications tab, hit New Task and navigate to the utility, and run it from there.


29 posted on 08/17/2008 2:53:49 PM PDT by Riley (The Fourth Estate is the Fifth Column.)
[ Post Reply | Private Reply | To 28 | View Replies]

To: Riley

You didn’t read my list of things disabled. All drives are unavailable. You can’t run programs from the start menu. That’s also true in safe mode.

Now I’m sure there’s a way to get something done from the command line, but if you are supporting a business and people are standing over your shoulder, you do what you know will get the job done without experimenting.

a windows reinstall deletes and replaces all system files and rebuilds the registry from scratch. The bad side effect is you have to reinstall all your programs. In a business environment that mostly means Office, which takes about ten minutes.


30 posted on 08/17/2008 2:59:07 PM PDT by js1138
[ Post Reply | Private Reply | To 29 | View Replies]

To: AZFolks

Hah, sounds like you got hit by a rootkit trojan. I got infected by one a few weeks ago. I downloaded and ran SDFix to remove it.


31 posted on 08/17/2008 3:10:14 PM PDT by Justa (The media lied while Americans died.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: js1138

At my business, it is simply a matter of restoring from an image. No reinstallation needed.

But we are talking about home and personal machines here, and a reinstall is burning down the house to get rid of the mice.


32 posted on 08/17/2008 3:25:36 PM PDT by Anitius Severinus Boethius
[ Post Reply | Private Reply | To 30 | View Replies]

To: Anitius Severinus Boethius

Nothing is burned down. Have you looked at the list of things disabled by the latest pest? Walk me step by step through disinfecting a computer on which the start menu is gone, task manager is disabled and disk drives are not showing. We are talking here about a rootkit.


33 posted on 08/17/2008 3:34:48 PM PDT by js1138
[ Post Reply | Private Reply | To 32 | View Replies]

To: js1138

Step 1: Slave the drive to another system.


34 posted on 08/17/2008 3:36:35 PM PDT by Anitius Severinus Boethius
[ Post Reply | Private Reply | To 33 | View Replies]

To: Anitius Severinus Boethius

And this is going to save time? How?

I can do all those things, but a business computer has Windows, documents, Acrobat, and perhaps one or two specialized programs. Windows and the programs can be reinstalled in an hour without any special settings. When you’re done everyything is clean and working. If you use the default folders, all the documents are in place.

Now, the correct thing is to have good backups.


35 posted on 08/17/2008 3:42:20 PM PDT by js1138
[ Post Reply | Private Reply | To 34 | View Replies]

To: js1138
I’m dubious about the ability of any program to undo all the damage I saw. In a business environment is cheaper just to reinstall Windows.

It depends on the specific damage this case- but in general, I disagree. I too do this stuff in a business environment- I specialize in malware eradication for an IT multinational. I typically remove this and all its rider subinfections in 2-3 hours. If I have to reimage a typical unit, with gigs of un-backed up data on it, I have to:


36 posted on 08/17/2008 3:44:10 PM PDT by Riley (The Fourth Estate is the Fifth Column.)
[ Post Reply | Private Reply | To 27 | View Replies]

To: saltnlemons

Ouch! It’s all too easy for even reasonably savvy users to get nailed by this crap. Most insidious are the official-looking dialog boxes that don’t close when you pick the “Close” button, but are actually links to somewhere you don’t wanna go.

$300 seems like a lot to spend to have cleanup work done, but if I were to charge for the time I put into some of these clobbererd-up machines, it would often reach that or more. It takes a long time to root out some of these problems and then update insecure software on a machine that’s been exposed and neglected for years.


37 posted on 08/17/2008 3:46:35 PM PDT by DJ Frisat (SPAM: best in the can and in sammiches -- not for use on computers.)
[ Post Reply | Private Reply | To 13 | View Replies]

To: js1138

Again, this is a personal computer. We aren’t trying to save time, we are trying to save data.

Even someone who keeps good backups will have a good amount of data loss on a complete reinstall.

Businesses are different.


38 posted on 08/17/2008 3:53:51 PM PDT by Anitius Severinus Boethius
[ Post Reply | Private Reply | To 35 | View Replies]

To: Riley

My method is faster and simpler. Of course, it’s nice if you already have a recent backup of the drive and data in case something goes wrong.

The problem I encountered last week was on a network without a domain controller. At my site that has a domain controller, I can substitute a spare machine. When the user logs on, all the documents and email are synchrionized from the server. Five or ten minutes.

The infected machine can then be fixed at leisure.


39 posted on 08/17/2008 3:54:47 PM PDT by js1138
[ Post Reply | Private Reply | To 36 | View Replies]

To: Anitius Severinus Boethius
Even someone who keeps good backups will have a good amount of data loss on a complete reinstall.

Reinstalling Windows doesn't lose any data.

40 posted on 08/17/2008 3:55:57 PM PDT by js1138
[ Post Reply | Private Reply | To 38 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-2021-4041-6061-8081-83 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson