VideoHelp Forum
+ Reply to Thread
Results 1 to 25 of 25
Thread
  1. Member
    Join Date
    Feb 2008
    Location
    United States
    Search Comp PM
    Hello all, I contracted the "Antivirus XP 2008" virus and after several scans, a geeksquad cd, and a guide found here http://amiworks.co.in/talk/gpeditmsc-missing/
    I finally got it removed. However some setting must have been changed because I can't update any Antivirus/Spyware/Adware programs. Please help before I get worms
    Quote Quote  
  2. Member wtsinnc's Avatar
    Join Date
    Nov 2006
    Location
    United States
    Search Comp PM
    Is there a doctor in the house ???
    Quote Quote  
  3. Mod Neophyte Super Moderator redwudz's Avatar
    Join Date
    Sep 2002
    Location
    USA
    Search Comp PM
    It's common with trojans to disable updates. Are you sure you got it all removed? But, if so, you may have to re-install your anti-malware programs. It that doesn't work, you may still be infected.
    Quote Quote  
  4. Member
    Join Date
    Feb 2008
    Location
    United States
    Search Comp PM
    I haven't tried that yet but I will, thanks for the reply. I have installed a new anti-malware program after all of this and it won't let me update either. I tried to use Trend Micro's free online scan and it won't let me open the web page.
    Quote Quote  
  5. VH Wanderer Ai Haibara's Avatar
    Join Date
    Jan 2006
    Location
    Somewhere on VideoHelp...
    Search Comp PM
    Can you visit the company websites of any of your AV/antispyware programs at all? If so, and they have manual update EXEs for the programs, can you download those?

    I know, it's not a fix. But it sounds as if the malware put blocks in place to keep you from accessing those sites... possibly in the hosts file, though I don't know if there are other ways. Have you tried visiting those sites with a different browser (especially if you're using IE)?
    If cameras add ten pounds, why would people want to eat them?
    Quote Quote  
  6. Member
    Join Date
    Feb 2008
    Location
    United States
    Search Comp PM
    I haven't been able to get on Trend's site (that's the firewall/AV I use), haven't tried any other sites or browsers yet. And I use FireFox not IE
    Quote Quote  
  7. Member wtsinnc's Avatar
    Join Date
    Nov 2006
    Location
    United States
    Search Comp PM
    Here is a link to www.malwarebytes.org. Download the application, update, and run the scanner (full scan option). Hopefully, this will solve the problem.

    http://www.malwarebytes.org/

    Good Luck !
    Quote Quote  
  8. Definitely get the Malwarebytes prog, it is the only freebie I have found that can remove this SOB. Has cleaned a half-dozen or so, various manual removal methods all failed, also Trend, Panda, Norton, McAfee, Spybot, AVG, and a couple others.

    This sucker is nasty and it does not sound like it has been fully removed yet. It has quite a number of interesting tricks.

    You may need to run MABM in safe mode after the install and update. Several customers got BSOD when first attempting this in standard mode.

    Don't forget to empty all your Temp directories and delete all the temporary internet files, as well.
    Quote Quote  
  9. Member
    Join Date
    Oct 2004
    Location
    United States
    Search Comp PM
    Kaspersky does a good job of getting rid of this. You can download a full function 30 day trail from their web site http://www.kaspersky.com/ It's also a good idea to run a registry cleaner AFTER you clean the system. It leaves a bunch of dangling crud in the registry.
    Quote Quote  
  10. Member fatbloke88's Avatar
    Join Date
    May 2006
    Location
    United Kingdom
    Search Comp PM
    I would second what wtsinnc says and also run super anti spyware as well making sure that you run them both in safe mode,it is also worth switching off system restore as it tends to invade that(downside is you loose all your restore points).

    http://www.superantispyware.com/
    Quote Quote  
  11. joollyjohn jollyjohn's Avatar
    Join Date
    Mar 2005
    Location
    Sydney Australia
    Search Comp PM
    I would try more than one scanner. Here is a good one I use often. (free)
    http://www.ewido.net/en/
    Quote Quote  
  12. Member
    Join Date
    Oct 2004
    Location
    United States
    Search Comp PM
    Whatever you use to scan, it must have the ability to flag offending system entries and remove them as part of a reboot. The good scanners do this by flagging infected modules during an initial scan and then loading during a very early phase of a reboot BEFORE the offending modules load. This is the only way to successfully remove this type of malware from your system. If your scanner can't do this, it will not be able to remove this type of malware. Once the malware loads, it reinfects the system no matter how many times you "remove" and scan. As I said above, Kaspersky will remove it and a 30-day full-function trail is free.

    Be VERY careful about using a no-name virus scanner unless you know for sure that it is legitimate. These can be a virus themselves. In fact, these bogus Virus scanners are a favorite way for virus creators to spread their malware. If in doubt, Google it and do a thorough job of checking it out BEFORE you download it.
    Quote Quote  
  13. Member fatbloke88's Avatar
    Join Date
    May 2006
    Location
    United Kingdom
    Search Comp PM
    If you are unsure about which apps to use try looking at widlers security forums,JollyJohns suggestion has now been taken over,it is now known as Avg Antispware as avg bought the company out a year or so ago.
    hope you get it sorted.
    Quote Quote  
  14. joollyjohn jollyjohn's Avatar
    Join Date
    Mar 2005
    Location
    Sydney Australia
    Search Comp PM
    Best remedy, reformat.
    Quote Quote  
  15. Did you try going to the HOSTS file in the windows/system32/drivers/etc/ folder and deleting everything bellow the line that reads:
    127.0.0.1 localhost

    Open the HOSTS file up in notepad and check it. Then back up that HOSTS file, finally delete anything bellow that line that you are unsure of and save the HOSTS file without any extension.

    About a year ago I got some malware on my computer, and had the same problem you are having. What happened was it wrote all these exclusions to the HOSTS file so the Anti-Virus and Spyware programs couldn't phone home.

    Good luck.

    --dES
    "You can observe a lot by watching." - Yogi Bera
    http://www.areturningadultstudent.com
    Quote Quote  
  16. Member hech54's Avatar
    Join Date
    Jul 2001
    Location
    Yank in Europe
    Search PM
    Originally Posted by jollyjohn
    Best remedy, reformat.
    Complete horseshit.
    Quote Quote  
  17. Member JimmyJoeBob's Avatar
    Join Date
    Oct 2005
    Location
    Gun Barrel City, TX
    Search Comp PM
    Originally Posted by hech54
    Originally Posted by jollyjohn
    Best remedy, reformat.
    Complete horseshit.
    Agree, all this crap can be fixed if you use the proper tools.
    Quote Quote  
  18. Member wtsinnc's Avatar
    Join Date
    Nov 2006
    Location
    United States
    Search Comp PM
    OK 12gage; how's the spyware removal going ?
    Quote Quote  
  19. looks like the dude formatted his HD .lol
    Quote Quote  
  20. Member
    Join Date
    Sep 2005
    Location
    LOST in the USA
    Search Comp PM
    I am not laughing.

    I had to reformat my friend's PC because it's a lot easier (in his case) than to figure out the solution. I mean he did not have that much programs to reinstall. The time I spent for the fix was much much more than reformat and OS reinstallation.

    Yesterday, I've got four e-mails that look like they were from Microsoft asking me to click and install updates to antivirus and Windows XP. They even provide links to Microsoft sites at the bottom. When I checked the source/return path of these e-mails, they were from different obviously bogus addresses. I hate to think how many unsuspecting users clicked these "updates" thinking those were actually from Microsoft.
    Quote Quote  
  21. joollyjohn jollyjohn's Avatar
    Join Date
    Mar 2005
    Location
    Sydney Australia
    Search Comp PM
    Has anyone used Acronis or any similar HDD imaging software? They are designed to get you out of a shit hole when you need to. Otherwise if you didn't BACKUP... REFORMAT. Some of us learn the hard way.
    Quote Quote  
  22. Member wtsinnc's Avatar
    Join Date
    Nov 2006
    Location
    United States
    Search Comp PM
    I do not use Acronis to make an image to keep in the "Secure Zone" because of the possibility that the backup would be inaccessible in the event of a total HDD failure. I have, instead, used Acronis 9 to make a clone of my XP Home and XP Pro drives (Acronis 9 is not compatible with Vista). These clones include the os, drivers, to-date Microsoft updates that I download/install selectively, Adobe Reader, Adobe Flash, Java Runtime, and a few must-have third-party applications such as my DVD backup software, Win Patrol, CCleaner, Ad-Aware 2008, Malwarebytes, and online scanners from Avast, Eset, and Kaspersky but NO resident Antivirus or third-party firewall. Periodically, I install the HDDs back into my computer and perform Microsoft updating as well as those for a few programs. When necessary, I completely "zero-out" a drive I want or need to change, reformat, clone from the master HDD, then add whatever programs I want to try on the newly cloned drive. More volatile files/documents such as "favorites", recent photos and music, etc. are backed up using the Windows backup and recovery application and the backup is burned to CD. Following the HDD cloning process, XP backup and restore is again employed to add those files. I have also created a Vista Ultimate master HDD which can be cloned using the free Seagate "Discwizard" or Maxtor "Maxblast" disc cloning software available from the Seagate website.

    Contrary to some others who've posted regarding problems, I have had no trouble cloning even to a smaller HDD and I recall only once when the cloning process went awry. Overall, I'd say that I've successfully cloned the XP HDDs more than sixty times and the process takes less than five minutes once the master is as you want it and the slave drive has been erased/formatted.

    The clone process is the absolute best way to recover from a disaster in that it assures no remnants of what caused the problem will exist on the new incarnation or that remnants of "uninstalled" programs will negatively interact with new software.
    Quote Quote  
  23. Member
    Join Date
    Jan 2004
    Location
    Iowa, USA
    Search Comp PM
    wtsinnc:
    My son's PC was just infected with the antivirusxp2008 virus. He luckily was able to find this thread and your recommendation of the "Anti-Malware" application. I downloaded it for him (his PC was so screwed up, it wouldn't let him download anything), sent it to him via e-mail, and he thinks it has now fixed everything. He sent me this message:
    "Please post a reply to that thread thanking the guy who suggetsted malwarebytes & a general kudos to the malwarebytes program for fixing a heck of a virus/malware thing. Worst I have had so far."
    So, thank you very much.
    I've also installed Anti-Malware on my PC, and will use it along with my other AV/anti-spyware apps.
    Quote Quote  
  24. Member wtsinnc's Avatar
    Join Date
    Nov 2006
    Location
    United States
    Search Comp PM
    Thanks for that CSULB71; I'm glad the problem has been solved.
    Quote Quote  
  25. VH Veteran jimmalenko's Avatar
    Join Date
    Aug 2003
    Location
    Down under
    Search PM
    This one is nasty ... saw it on an employee's PC. They bought it in for a "replacement because it had given up the ghost and ceased to work" quote unquote.

    ... but another vote for malwarebytes here - did the trick nicely.
    If in doubt, Google it.
    Quote Quote  



Similar Threads

Visit our sponsor! Try DVDFab and backup Blu-rays!