Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

XP Antispyware 2009-


  • Please log in to reply
5 replies to this topic

#1 darco

darco

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:44 AM

Posted 02 November 2008 - 12:36 PM

I see that this latest/greatest virus is hitting pc users big time. I would like to know from any user who is infected on how they became infected. Do you think it was from an email,a website or something else? I just want to warn some of my friends about this.
thxs
darco

Edited by garmanma, 02 November 2008 - 03:43 PM.
Moved to appropriate forum


BC AdBot (Login to Remove)

 


#2 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:44 AM

Posted 02 November 2008 - 06:30 PM

Hi Darco and welcome to BC. :thumbsup:

I never got infected by Anti-virus XP 2008 before, because I know it is a rogue programs so I never download/install them
I usually find them in "random" websites. What I mean by that is sites that you will never expect a rogue program redirect.
I went to this website related to an article and then it redirected me to the Rogue Anti-virus 2008 site. Which I closed because I knew it was bad.

I also have experienced it through e-mail, but very rarely. My mom was opening this attachment and then my AVG security program said it was a "Trojan.Fake Alert".
Not sure if its related to XP Anti-virus 2008 but its probably a rogue program of some sort. Which my mom deleted afterwards.

You can read more about this program here

Haven't experienced it from anywhere else yet. Maybe others have?

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#3 darco

darco
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:44 AM

Posted 05 November 2008 - 07:53 PM

Hi Darco and welcome to BC. :thumbsup:

I never got infected by Anti-virus XP 2008 before, because I know it is a rogue programs so I never download/install them
I usually find them in "random" websites. What I mean by that is sites that you will never expect a rogue program redirect.
I went to this website related to an article and then it redirected me to the Rogue Anti-virus 2008 site. Which I closed because I knew it was bad.

I also have experienced it through e-mail, but very rarely. My mom was opening this attachment and then my AVG security program said it was a "Trojan.Fake Alert".
Not sure if its related to XP Anti-virus 2008 but its probably a rogue program of some sort. Which my mom deleted afterwards.

You can read more about this program here

Haven't experienced it from anywhere else yet. Maybe others have?

With Regards,
Extremeboy



I have not experienced it first hand , only the aftermath. Of course the user had "no idea" had it got installed. I was hoping other infected users here at this forum could say how they encountered it...

darco

p.s. check your link :flowers:

Edited by darco, 05 November 2008 - 07:54 PM.


#4 Animal

Animal

    Bleepin' Animinion


  • Site Admin
  • 34,828 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:05:44 AM

Posted 05 November 2008 - 10:33 PM

What this programs does:

Antivirus XP 2008 is a new rogue anti-spyware program that is advertised through Trojans and other malware. It is advertised in the form of fake security alerts and warnings on web sites that state you are infected with malware or are being attacked in some manner. When you click on these ads, it will automatically download the installer for Antivirus XP 2008 and install it on your machine. In some cases, this program is installed without any intervention at all from you.

Once installed, AntivirusXP 2008 will scan your computer and display a variety of security risks found on your computer that can only be removed if you purchase a license of the software. These risks, though, are all fake and are only being displayed to scare you into thinking you are infected and thus purchase their software. Another tactic that AntivirusXP 2008, and the accompanied malware, uses is to change your desktop background to be a message stating you are infected, popups and fake alerts stating your computer is being attacked, and a fake Internet Explorer page that states Google has found your computer to be infected. All of these are further scare tactics and should be ignored. These methods are all illustrated in the images below.


The above quote taken from: How to remove Antivirus XP 2008 (Uninstall Instructions)

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)


A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)


"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)


Follow BleepingComputer on: Facebook | Twitter | Google+

#5 Queen-Evie

Queen-Evie

    Official Bleepin' G.R.I.T.S. (and proud of it)


  • Staff Emeritus
  • 16,485 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:My own little corner of the universe (somewhere in Alabama). It's OK, they know me here
  • Local time:07:44 AM

Posted 06 November 2008 - 12:01 AM

It's possible to become infected by a simple "drive by"-meaning you click on a link that looks like something legitimate, but in reality is a page set up to entice you into downloading Antivirus 2009.
IF you find yourself in that situation, the best thing to do is use task manager to close out the page.
NEVER click on the X to close out the warning-usually it won't work.
Some people are savvy enough to realize this is a dangerous warning, others will panic and actually fall for the trap it has set.
If you want to know more about "scareware" the following article is very informative:

http://www.informationweek.com/blog/main/a...curity_sca.html

Here is another which is an interesting read:
http://www.theregister.co.uk/2008/08/22/an...hack/print.html

While it pertains to links from blogs, there are pictures and descriptions of what XP Antivirus looks like when it pops up on your screen.

It shows and tells HOW to distinguish the the real Windows security center from the fake one.

Particularly interesting to me is the first paragraph under Figure 10-"other sites" (stay away from them) and the warning in the 3rd paragraph under Figure 21. In a perfect world, all computer users would realize the truth of paragraph 3.

#6 Teach2reach

Teach2reach

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:08:44 AM

Posted 07 November 2008 - 09:45 AM

Hi. I am new to the boards and came here specifically because I got this virus last night. It was a persistent pest for the entire evening until I ran MalwareBytes and another from here, ComboFx.

I have no idea how I caught it, as I have AVG, other viruses from my ISP carriers and emails, do not open suspicious emails, do not file share or download nasties. I run what I thought was a clean house. Now I feel dirty.

I would love to know myself another way it could enter. I am a teacher and a grad student with way too much on my PC to lose it all.

One change that I am wondering whether or not was caused by the virus, was that my Control Panel has completely changed. It is not going to the original formatting of the blue background. It is going to the white screen and icons like when going through the C drive. Also, when trying to fix things before using Malware, I noticed that System Restore could not work anymore, and somehow my firewall was turned off. I NEVER have it off, so am curious to see if the virus is capable of this.

Things seem ok for now. I have not had the pop ups, computer is running well, I do not appear to have lost anything though the Control Panel is still screwed up. My firewall is turned on.

Ideas and advice would be great. You do a super service for people. I for one really appreciate it. :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users