Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Removing XP Antivirus 2008


  • This topic is locked This topic is locked
7 replies to this topic

#1 falconfixer86261

falconfixer86261

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:11:28 PM

Posted 16 September 2009 - 08:51 AM

Someone in our household (not me) downloaded XP Antivirus 2008 to our laptop. Or at least it it looks like XP AV 2008 to me. I've tried to download and run the major approved antidotes (MalwareBytes included) and the computer won't let them execute. I've even started in safe mode and it behave the same way. The malware also prevents me from opening regedit and file search. I have also loaded antidotes onto a thumb drive and tried to execute from there and the malware blocks that too. It also redirects IE searches away from virus protection sites. Any help is greatly appreciated.

Dave

BC AdBot (Login to Remove)

 


#2 Eric RBA

Eric RBA

  • Members
  • 252 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:State College, PA
  • Local time:10:28 PM

Posted 16 September 2009 - 09:29 AM

Dave,

It might be tough to get the ball rolling on the removal, but once you get it rolling this should be removable. One thing you should try, if you haven't already, is to get Malwarebytes on your thumb drive but rename the file to something else, such as game.exe or something that doesn't reflect a removal tool. You might have better luck getting it to run as a different name. If it won't work in Normal bootup like that, try it with Safe Mode. If it still won't work, then repost your problem in this forum after reading the information and topics at the top of that page.

Best of luck!
I would never ask a person to do something that I wouldn't do myself.

#3 falconfixer86261

falconfixer86261
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:11:28 PM

Posted 16 September 2009 - 09:35 AM

Thanks Eric. I'll do that tonight.

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:28 PM

Posted 16 September 2009 - 10:36 AM

Hello and welcome.. I am suspecting from your sysmptoms a serious malware.
I am moving this to the Am I Infected forum.

Can you do this from the thumb drive. First clean that thumb drive and any PC's it's contacted with....

Please download Flash_Disinfector.exe by sUBs and save it to your desktop.
  • Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear.
  • The utility may ask you to insert your flash drive and/or other removable drives. Please do so and allow the utility to clean up those drives as well.
  • Hold down the Shift key when inserting the drive until Windows detects it to keep autorun.inf from executing if it is present.
  • Wait until it has finished scanning and then exit the program.
  • Reboot your computer when done.
Note: As part of its routine, Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive that was plugged in when you ran it. Do not delete this folder...it will help protect your drives from future infection by keeping the autorun file from being installed on the root drive and running other malicious files.

Now you will need to run HJT/DDS.
Please follow this guide. go and do steps 6 thru 8 ,, Preparation Guide For Use Before Using Hijackthis. Then go here HijackThis Logs and Virus/Trojan/Spyware/Malware Removal ,click New Topic,give it a relevant Title and post that complete log.

Let me know if it went OK.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 falconfixer86261

falconfixer86261
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:11:28 PM

Posted 16 September 2009 - 10:43 AM

Thanks for the help - I'll do that this evening.

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:28 PM

Posted 16 September 2009 - 10:46 AM

You're welcome!
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 falconfixer86261

falconfixer86261
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:11:28 PM

Posted 17 September 2009 - 09:25 AM

Logs posted yesterday in requested area.

Thanks,
Dave

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:28 PM

Posted 17 September 2009 - 10:04 AM

OK,Looks good there.
Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a HJT Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the HJT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the HJT Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the HJT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond.

To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users