Hello all, I contracted the "Antivirus XP 2008" virus and after several scans, a geeksquad cd, and a guide found here http://amiworks.co.in/talk/gpeditmsc-missing/
I finally got it removed. However some setting must have been changed because I can't update any Antivirus/Spyware/Adware programs. Please help before I get worms
Try StreamFab Downloader and download from Netflix, Amazon, Youtube! Or Try DVDFab and copy Blu-rays! or rip iTunes movies!
+ Reply to Thread
Results 1 to 25 of 25
Thread
-
-
It's common with trojans to disable updates. Are you sure you got it all removed? But, if so, you may have to re-install your anti-malware programs. It that doesn't work, you may still be infected.
-
I haven't tried that yet but I will, thanks for the reply. I have installed a new anti-malware program after all of this and it won't let me update either. I tried to use Trend Micro's free online scan and it won't let me open the web page.
-
Can you visit the company websites of any of your AV/antispyware programs at all? If so, and they have manual update EXEs for the programs, can you download those?
I know, it's not a fix. But it sounds as if the malware put blocks in place to keep you from accessing those sites... possibly in the hosts file, though I don't know if there are other ways. Have you tried visiting those sites with a different browser (especially if you're using IE)?If cameras add ten pounds, why would people want to eat them? -
I haven't been able to get on Trend's site (that's the firewall/AV I use), haven't tried any other sites or browsers yet. And I use FireFox not IE
-
Here is a link to www.malwarebytes.org. Download the application, update, and run the scanner (full scan option). Hopefully, this will solve the problem.
http://www.malwarebytes.org/
Good Luck ! -
Definitely get the Malwarebytes prog, it is the only freebie I have found that can remove this SOB. Has cleaned a half-dozen or so, various manual removal methods all failed, also Trend, Panda, Norton, McAfee, Spybot, AVG, and a couple others.
This sucker is nasty and it does not sound like it has been fully removed yet. It has quite a number of interesting tricks.
You may need to run MABM in safe mode after the install and update. Several customers got BSOD when first attempting this in standard mode.
Don't forget to empty all your Temp directories and delete all the temporary internet files, as well. -
Kaspersky does a good job of getting rid of this. You can download a full function 30 day trail from their web site http://www.kaspersky.com/ It's also a good idea to run a registry cleaner AFTER you clean the system. It leaves a bunch of dangling crud in the registry.
-
I would second what wtsinnc says and also run super anti spyware as well making sure that you run them both in safe mode,it is also worth switching off system restore as it tends to invade that(downside is you loose all your restore points).
http://www.superantispyware.com/ -
I would try more than one scanner. Here is a good one I use often. (free)
http://www.ewido.net/en/ -
Whatever you use to scan, it must have the ability to flag offending system entries and remove them as part of a reboot. The good scanners do this by flagging infected modules during an initial scan and then loading during a very early phase of a reboot BEFORE the offending modules load. This is the only way to successfully remove this type of malware from your system. If your scanner can't do this, it will not be able to remove this type of malware. Once the malware loads, it reinfects the system no matter how many times you "remove" and scan. As I said above, Kaspersky will remove it and a 30-day full-function trail is free.
Be VERY careful about using a no-name virus scanner unless you know for sure that it is legitimate. These can be a virus themselves. In fact, these bogus Virus scanners are a favorite way for virus creators to spread their malware. If in doubt, Google it and do a thorough job of checking it out BEFORE you download it. -
If you are unsure about which apps to use try looking at widlers security forums,JollyJohns suggestion has now been taken over,it is now known as Avg Antispware as avg bought the company out a year or so ago.
hope you get it sorted. -
Did you try going to the HOSTS file in the windows/system32/drivers/etc/ folder and deleting everything bellow the line that reads:
127.0.0.1 localhost
Open the HOSTS file up in notepad and check it. Then back up that HOSTS file, finally delete anything bellow that line that you are unsure of and save the HOSTS file without any extension.
About a year ago I got some malware on my computer, and had the same problem you are having. What happened was it wrote all these exclusions to the HOSTS file so the Anti-Virus and Spyware programs couldn't phone home.
Good luck.
--dES"You can observe a lot by watching." - Yogi Bera
http://www.areturningadultstudent.com -
Originally Posted by hech54
-
I am not laughing.
I had to reformat my friend's PC because it's a lot easier (in his case) than to figure out the solution. I mean he did not have that much programs to reinstall. The time I spent for the fix was much much more than reformat and OS reinstallation.
Yesterday, I've got four e-mails that look like they were from Microsoft asking me to click and install updates to antivirus and Windows XP. They even provide links to Microsoft sites at the bottom. When I checked the source/return path of these e-mails, they were from different obviously bogus addresses. I hate to think how many unsuspecting users clicked these "updates" thinking those were actually from Microsoft. -
Has anyone used Acronis or any similar HDD imaging software? They are designed to get you out of a shit hole when you need to. Otherwise if you didn't BACKUP... REFORMAT. Some of us learn the hard way.
-
I do not use Acronis to make an image to keep in the "Secure Zone" because of the possibility that the backup would be inaccessible in the event of a total HDD failure. I have, instead, used Acronis 9 to make a clone of my XP Home and XP Pro drives (Acronis 9 is not compatible with Vista). These clones include the os, drivers, to-date Microsoft updates that I download/install selectively, Adobe Reader, Adobe Flash, Java Runtime, and a few must-have third-party applications such as my DVD backup software, Win Patrol, CCleaner, Ad-Aware 2008, Malwarebytes, and online scanners from Avast, Eset, and Kaspersky but NO resident Antivirus or third-party firewall. Periodically, I install the HDDs back into my computer and perform Microsoft updating as well as those for a few programs. When necessary, I completely "zero-out" a drive I want or need to change, reformat, clone from the master HDD, then add whatever programs I want to try on the newly cloned drive. More volatile files/documents such as "favorites", recent photos and music, etc. are backed up using the Windows backup and recovery application and the backup is burned to CD. Following the HDD cloning process, XP backup and restore is again employed to add those files. I have also created a Vista Ultimate master HDD which can be cloned using the free Seagate "Discwizard" or Maxtor "Maxblast" disc cloning software available from the Seagate website.
Contrary to some others who've posted regarding problems, I have had no trouble cloning even to a smaller HDD and I recall only once when the cloning process went awry. Overall, I'd say that I've successfully cloned the XP HDDs more than sixty times and the process takes less than five minutes once the master is as you want it and the slave drive has been erased/formatted.
The clone process is the absolute best way to recover from a disaster in that it assures no remnants of what caused the problem will exist on the new incarnation or that remnants of "uninstalled" programs will negatively interact with new software. -
wtsinnc:
My son's PC was just infected with the antivirusxp2008 virus. He luckily was able to find this thread and your recommendation of the "Anti-Malware" application. I downloaded it for him (his PC was so screwed up, it wouldn't let him download anything), sent it to him via e-mail, and he thinks it has now fixed everything. He sent me this message:
"Please post a reply to that thread thanking the guy who suggetsted malwarebytes & a general kudos to the malwarebytes program for fixing a heck of a virus/malware thing. Worst I have had so far."
So, thank you very much.
I've also installed Anti-Malware on my PC, and will use it along with my other AV/anti-spyware apps.
Similar Threads
-
Question about how Antivirus software can repair severe virus infestation
By jimdagys in forum ComputerReplies: 3Last Post: 3rd Dec 2009, 06:59 -
Question about possible virus that won't allow seeing hidden files
By jimdagys in forum ComputerReplies: 24Last Post: 1st Dec 2009, 08:09 -
VIRUS,VIRUS, Getting blocked accessing antivirus sites
By G)-(OST in forum ComputerReplies: 11Last Post: 10th Apr 2009, 03:40 -
Anti-Virus Program Won't Update
By wulf109 in forum ComputerReplies: 8Last Post: 20th Dec 2008, 23:45 -
Active internet connection but antivirus can't connect to update
By mattman1968 in forum ComputerReplies: 12Last Post: 14th Nov 2008, 09:05