Results 1 to 6 of 6
  1. #1
    Kawaii Poster ShiFeiEr's Avatar
    Join Date
    Aug 2007
    Location
    H.o.m.e.L.a.n.D
    Posts
    294
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Points
    280 (0 Banked)
    vBActivity - Stats
    Points
    280
    Level
    6
    vBActivity - Bars
    Lv. Percent
    16.44%
    Daily Activity
    0%
    Weekly Activity
    0%
    Monthly Activity
    0.01%

    Post Beware Of Antivirus XP 2008

    Source 1: http://www.symantec.com/security_res...343-99&tabid=2

    Source 2: http://www.download.com/8301-2007_4-...in;contentBody





    Antivirus XP 2008 is back, unfortunately. It's not an antivirus app, but a cleverly disguised rogue security application that tries to get you to buy the non-existent "security" it's selling. Advertised using the common tricks of Trojans and faux security alerts, this nasty piece of malware can take over your desktop settings to mimic safe mode, display fake virus detections, and opens a faux Internet Explorer window stating that Google has detected a malware infection.

    Yeah, Google.

    Apparently, though, the virus is now being spread in more insidious ways, and numerous people who claim safe browsing habits and up-to-date security definitions are being infected--including two of my friends.

    In helping them remove it, I discovered an excellent post on the CNET Forums that explained a detailed and accurate method of removal. I've retyped it below with more detail in case you're not able to get to the forums. It's not particularly complicated, but if you're not comfortable with advanced settings, I'd recommend proceeding cautiously or get a friend to help.

    A warning before we begin: do not boot your computer into safe mode. Leave it running as you normally would. I tried restarting into safe mode, and the malware was prepared for that--its folders and files became undetectable.

    First, in the Start menu, click on Run. If you can't find the Run option, hit WIN+R. (That's the key with the Windows icon on it.)

    Type in msconfig, and go to the Startup tab. You're looking for two files. One begins with the string of letters "lph," and the second begins with "rhc". The examples provided are longer strings, "lphc35dj0e1an" and "rhc75dj0e1an", but after the first three letters, the strings are known to change on different computers. Uncheck the boxes next to both of them, then click on Apply and OK or Close at the bottom of the window.

    Restart your computer normally. You'll notice that the background hasn't changed. To restore your desktop settings, you'll need to go to Start > Run again, or Win+R. This time, type in Gpedit.msc. On the left nav, look for User Configuration near the middle. Navigate through Administrative Templates, then Control Panel, and finally Display. When you click on display, you'll see a list of options open in the central pane. Right click on "Remove Display in Control Panel," and click "Properties." Then choose "Disabled."

    Repeat those same steps for the following attributes: Hide Desktop, Prevent changing wallpaper, Hide Appearance and Themes, Hide Settings, and Hide Screen Saver. Change all to "Disabled," then hit Apply, OK, and restart your computer.

    You will still see the Antivirus XP 2008 desktop "theme", but now you can change it. Anywhere on your desktop, right-click and select properties. The first tab that opens should allow you to change your theme. If you also suffer from massive icons, use the last tab on the right, Settings. In the middle of that tab's window you'll see a Screen Resolution option, most likely set to 800x600. Move the slider to the left to choose a more aesthetically appealing resolution.
    【这里的人都爱问候妈妈..幼稚...】

  2. #2
    Astro Boy Vectors's Avatar
    Join Date
    Jul 2007
    Posts
    12,579
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Points
    280 (0 Banked)
    vBActivity - Stats
    Points
    280
    Level
    6
    vBActivity - Bars
    Lv. Percent
    16.44%
    Daily Activity
    0%
    Weekly Activity
    0%
    Monthly Activity
    0.01%

    Default

    aiya NOD32 best in market le...dunnid anything else...if you can spend 1k++ on a com why not $33 on an anti-virus....

  3. #3
    Post Bomber!!! OzoRA's Avatar
    Join Date
    May 2008
    Location
    look up at the sky and u see where i stay
    Posts
    51,308
    Thanks
    5
    Thanked 4 Times in 4 Posts
    Points
    478 (0 Banked)
    vBActivity - Stats
    Points
    478
    Level
    7
    vBActivity - Bars
    Lv. Percent
    87.78%
    Daily Activity
    0%
    Weekly Activity
    0%
    Monthly Activity
    0.01%
    Achievements Happy Anniversary!vB Fast TrackI Survived a Month!No Longer a NewbieNewblood

    Default

    anyway i did try to clear this virus it is a pain...

    it not just a virus wif windows antivirus face it als contain trojan downloader...

    For me: msconfig disable the xp 2008 first
    how do u noe it has been disabled???
    the antivirus 2008 has a tray icon so just uncheck till it is gone one by one restarting the pc again and again...

    next control panel uninstall it if can if not just delete from the programm file it should be able to delete...

    lastly delete from the registry.... how to noe wad to delete msconfig will tell you they got the path on the registry just do a search in the registry....

    anyway i do it this way... cos my company kana afew pc so i have to do it myself

    if like end user that dunno this they will just restore the pc or format it
    When you loses hope, you let others decide your hope.

  4. #4
    Timid Typist LoCoS1nG's Avatar
    Join Date
    Mar 2008
    Location
    Singapore
    Posts
    69
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Points
    280 (0 Banked)
    vBActivity - Stats
    Points
    280
    Level
    6
    vBActivity - Bars
    Lv. Percent
    16.44%
    Daily Activity
    0%
    Weekly Activity
    0%
    Monthly Activity
    0.01%

    Default

    Thanks got the note. I've added it onto my 'watch-out' list
    From past experiences, rogue programs are known to be much more of a problem to remove from your pc. I gave it a 2 tier removal process which includes,
    1) Disabling the "antivirus" program.Which i manually delete through safe mode.
    2) Further removing malwares and trojan which was installed by the rogue app.

    Another example of a rogue app is the MalwareWipe program.
    Netgame CloudNine Player (Primus union)
    Rogue: Level 62
    Warrior: Level 61

  5. #5
    your mom ElleLawliet's Avatar
    Join Date
    May 2007
    Location
    In a pie that is 22/7
    Posts
    11,815
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Points
    290 (0 Banked)
    vBActivity - Stats
    Points
    290
    Level
    6
    vBActivity - Bars
    Lv. Percent
    26.06%
    Daily Activity
    0%
    Weekly Activity
    0%
    Monthly Activity
    0.01%
    Achievements Happy Anniversary!vB Fast TrackI Survived a Month!No Longer a NewbieNewblood

    Default

    use AVG and spybot enough le...

  6. #6
    Posting Sempai Zich's Avatar
    Join Date
    Oct 2003
    Location
    Brothel-Zich
    Posts
    9,495
    Thanks
    0
    Thanked 1 Time in 1 Post
    Points
    306 (0 Banked)
    vBActivity - Stats
    Points
    306
    Level
    6
    vBActivity - Bars
    Lv. Percent
    40.96%
    Daily Activity
    0%
    Weekly Activity
    0%
    Monthly Activity
    0.01%
    Achievements Everybody Loves Me!The Popular OneParty of FiveI Don't Pay For FriendsI'm Not Alone!

    Default

    rudra

    ~iCat~ |Announcement: Looking for co-writers to work on EOS| ~Moral Conflicts~| CR Fanatic: "We die for chicken rice!"| Many thanks to szelin for the avatar

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •