Posted on 08/17/2008 1:24:34 PM PDT by AZFolks
Antivirus XP 2008 By: webmaster | Under: Unwanted Programs 26
Jun
Updated: July 30, 2008
Antivirus XP 2008 is a bogus antivirus application for Windows that was promoted and downloaded automatically by redirecting users internet browser to its predefined website.
Aliases: Adware.AntivirusXP2008
Risk Level: Medium
File Size: Varies
Affected System: Windows
Common Symptoms: 1. Redirects web broswser and pop-up scan results. It will then prompt the user to buy the licensed software.
?
Also have you heard of SD Fix? That's another good app, I think. Do you like that one as well?
For anti-malware, I use AntiMalwareBytes; a new version just came out today, as a matter of fact.
Not in my environment, unfortunately. I was pretty much forced to get real good at removing this stuff.
Of course, its nice if you already have a recent backup of the drive and data in case something goes wrong.
We don't synch the user's data to the servers. The users are supposed to see to that themselves. Some of the conscientious ones do- but even they usually don't know things like where their PST files are located. A lot of our people are now working remotely, which compounds the problem.
We'd need a hell of a server farm to accomodate all of our user's data- it ain't a small company. I had a end-of-lease laptop swapout last week for a user who was pretty typical: programmer with about 20 GB on the machine that had to be moved. Most I've seen is about 80 GB on a single laptop.
I’ve done dozens of windows reinstalls with losing any data. why would you lose data? there’s no need to reformat. The installer deletes all the system files and the registry and reinstalls from scratch. The installs as clean as if you had reformatted, but it doesn’t delete stuff outside the Windows folder.
Your program installations are gone, but Office reinstalls in about ten minutes. Worst case, you have to copy the documents from the obsolete user folder to the new my documents folder. Five minutes.
Best case scenario, which I’ve used in all but three or four cases, you do a Repair reinstall. This works fine if a virus hasn’t hopelessly corrupted your registry. This takes about 20 minutes on a recent vintage machine. When it’s done you’re ready to go.
If Windows updates get uninstalled, the files are still downloaded. Windows update will find the downloads and install them.
When I wrote the company’s default workstation image- I put Recovery Console in- it’s quite helpful at times. Not the end of the world if you don’t have it- better if you do from a recovery perspective.
SDFix is good for certain infections. Malware Bytes I am experimenting with right now- I don’t have any significant experience with it. I saw it mentioned favorably at Spywarewarrior.com, so I DLed it.
Spywarewarrior.com’s forums by the way, are an absolute treasure trove. These are people who study malware in depth, and you’re not allowed to answer user’s questions as a volunteer unless you’ve been through their training. What it consists of I don’t recall- but I remember being suitably impressed. Good place to go if you have some kind of weird infection that’s stumping you- they’ll help (and they’re *very good*) for free.
If you allow users to accumulate personal music and images in their documents folder, then roaming profiles don’t work well.
I simply tell people they have to keep personal stuff out of My Documents. No one accumulates gigabytes of Word Documents. Not in my experience.
It isn’t Word documents- I’m dealing with programmers/developers. Of all of the data I have to move around, MS Office files are the least of it.
We used to be allowed by policy to ignore their personal data when reimaging a unit. That unfortunately, has changed.
Every system has different backup needs. My only point is that a windows reinstall, using the repair option, fixes most screw-up that can’t be fixed by system restore.
Mostly I am working on Windows XP Home systems and 9 times out of 10 reinstalling Windows will wipe the previous installation and with it all the personal data (referred to as a “Clean Install” as opposed to an “Install in Place”).
In the last two weeks I have done this three times. There was minimal data loss in each case as I was able to slave and retrieve their my docs/photos/psts. In the same period I have cleaned 5 systems of major virus/malware problems with no data loss.
If I could simply reinstall Windows with no data loss, I wouldn’t ever use Spybot S&D, Ad-Aware, Stinger, or have learned how to strip viruses out of the registry by hand.
I would just reinstall Windows everytime a hiccup happened.
But I don’t live in that reality.
huh?
You know, that's what FILEservers are for! No data; zero, zip, nada, should be stored on a users system. OS only.
When you get to repair one of the newer viruses that trashes the registry, you may reconsider. Unless the user has done a system state backup, I’m not sure how you “fix” a registry in which an unknown number of items have been modified or deleted.
Unless the infection vector is something that the user downloaded and executed, in which case it's sitting there waiting to be found and executed again.
Yes, they're expected -by policy- to do that. They often don't. They usually get religion after an incident that threatens or loses their data.
Users are users. The only place where I rarely saw data lost was a company I did a contract for, who automatically archived the user's data periodically, with no action from the user required.
No, actually, it's not. Whatever security software people who get this "crap" are running, it's obviously ineffecive. And the "reasonably savvy" would never click on some unknown downloader and expose their OS willingly.
The bottom line is to invest in some sort of "ghosting software" that will image your healthy drive (much faster than "backup" software), to an external drive. You then have to keep the image up to date (depending on how often you install/update programs, download new data files, etc.). If disaster happens, then you can relatively quickly re-format the main drive, re-install the image and be up and running again.
The initial expense would be quite a bit less than $300.
Sorry to be so blunt on this, but the more people who leave machines "exposed and neglected for years," the more of a national security threat it poses -- evidenced by the recent DDOS attacks on Georgia servers. All of the attacks weren't coming from conscious actors. It's estimated that a ridiculous amount of oblivious home users, worldwide, are running infected systems which are potentially attack vehicles for whomever happens to "pawn" their systems.
That's a possibility if you repair an installation, but the repair replaces all the system files. I've only seen a repair fail a couple of times, and both were last week with antivirus2008. If you get the system running and get the rootkits out, any competent virus scanner should be able to find dead virus files.
slightly off topic. Microsoft has discontinued support for Outlook Express and replaced it with Live Mail.
Live Mail stores emails as separate eml files. I suspect this is to make it easier for antivirus products to scan and disinfect them.
Thanks for the info. I have checked out Bleeping Computer and Geeks to Go but not Spywarewarrior.com. I appreciate the info.
Microsoft has discontinued support for Outlook Express and replaced it with Live Mail.
We don't use OE, and I don't at home. Any good?
Could not access (directly) c:\;
Have something similar going on for my windows ME system, sure glad I ran across this thread before spending too much time on it.
I was having trouble with AVG and couldn’t update. AVG told me why but I can’t remember anything but “bin missing”. I then went on Google and I read about avast. I went to the CNET site and downloaded this. After about an hour I just clicked on getting it to get rid of it. It charged me over $100 and I couldn’t get out. Then everything went to hell n a handbasket as it kept asking me to pay again and installing a lot of stuff I never heard of. My computer became non functional. I then went to spybot who found it but I’m not sure it got it all.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.