XP Antivirus 2008 and Antivirus 2009 are evil!

June 29, 2008

This entry is part 1 of 6 in the series Removing Antivirus 2009

Wow! I just spent two hours on the phone and CoPilot with my dad to get one of his computers cleaned up. I’ve dealt with a couple of spyware infections in the past, but nothing as insidious as this. Fortunately my dad was suspicious enough to reach out for assistance before he really got took. Here is the re-cap:

I got this email from my dad earlier today:

Matt my desktop computer has been infected with Antivirus 2009.  Do you have a recommendation for software to remove it?  Spyware Hunter has been recommended but, at this point, I don’t trust anything.  Dad

I’m glad that he was suspicious. After a little Googling on the key words from his message, I was suspicious. Here was my reply:

Read more

Popularity: 65% [?]

Share This

Posted by Matt Smith | Filed Under General | 24 Comments 

XP Antivirus 2008 and Antivirus 2009 - Round 2

June 29, 2008

This entry is part 2 of 6 in the series Removing Antivirus 2009

OK, so it was a bit premature to declare victory over the XP Antivirus 2008 / Antivirus 2009 issues that my dad was facing. Here is the email I got this morning:

I ran the full scan over night which produced one more critical item and over a hundred cookies which were removed.  At first it seemed like there were no problems.  I switched to the non-admin account and started getting the same screens we had viewed last night.  Still in the this partition, I cranked up the full scan and after running a while the interference got worse by displaying two or three new screens predicting even more dire consequences. And, periodically going into what appears to be a  rebooting of the system following which the scan proceeded as normal.

I did a little more research using some of the keywords from last night’s screen shots and ran across this xp antivirus 2008 post in the Windows Live OneCare Anti-Virus forum. Looks like people started running across variations of the virus/spyware back in February. Since then there have been over 42,000 views and over 80 replies with varying degrees of success. Most people referred to a post by ’shecut’ on page 2 as having been successful. I decided that was what we were going to try.

We got on the phone and connected via Copilot again. Again, it was immediately apparent that there was something going on with his computer. Check out these screen shots:

Read more

Popularity: 46% [?]

Share This

Posted by Matt Smith | Filed Under General | 10 Comments 

Removing Antivirus 2009 - Round 3

July 5, 2008

This entry is part 3 of 6 in the series Removing Antivirus 2009

Despite my best efforts in XP Antivirus 2008 and Antivirus 2009 are evil! and XP Antivirus 2008 and Antivirus 2009 - Round 2 it appears that there might still be some residual infection on my Dad’s computer:

Last evening preparatory to shut down, that blue screen we saw last week-end popped up with the standard msg about having to shut down.  But this time, instead of going through the motion of shutting down and restarting, the system froze.  Finally pulled the plug and brought the system up in the admin account and started SpyBot.  It produced zero hits.

My latest round of advice is to try the following:

Read more

Popularity: 28% [?]

Share This

Posted by Matt Smith | Filed Under General | 5 Comments 

What is the difference between a computer virus and spyware?

July 6, 2008

This entry is part 4 of 6 in the series Removing Antivirus 2009

During this whole ordeal with my Dad’s Antivirus 2009 issues, a question that came up a couple of times that I didn’t have an answer to was "How come I need an anti-virus application and an anti-spyware application?" I’m vaguely aware of the history of each and how they evolved separately but I though that a quick refresher on each was in order.

Here are some definitions culled from Wikipedia:

Read more

Popularity: 13% [?]

Share This

Posted by Matt Smith | Filed Under General | 1 Comment 

Antivirus 2009 and browserprotectioncenter.com

July 8, 2008

This entry is part 5 of 6 in the series Removing Antivirus 2009

If you have been infected with the Antivirus 2009 spyware/malware, I’m sure that you have noticed that all of the links point to microsoft.browserprotectioncenter.com. Hopefully you haven’t visited the site and/or purchased their spamware/spyware/malware solution. So for the curious out there, here are some screen shots of what you would find on their site.

A couple of things to note:

  • All of the thumbnail/small images below are linked to the original images on my Flickr account. They DO NOT link to the original page. So you can click the images to view the full-size image on Flickr without fear.
  • They obviously spent a fair amount of money on making a site that is easy on the eyes and very inviting. I’ve seen plenty of legitimate businesses with hideous sites.
  • If you go to microsoft.browserprotectioncenter.com with Firefox, you get redirected to the Internet Explorer 7 download page. I guess they really want you to run IE so that they can take advantage of the less secure browser.
  • While I feel that I am providing a bit of a public service by publishing all of this information, the sad fact is that they could very easily set this whole scam up again at a different site/address/URL.

Here is what lives at browserprotectioncenter.com:

Read more

Popularity: 21% [?]

Share This

Posted by Matt Smith | Filed Under General | 1 Comment 

Antivirus XP 2008 and avxp2008.com

July 23, 2008

This entry is part 6 of 6 in the series Removing Antivirus 2009

I’ve been monitoring my traffic a fair amount over the past few weeks since I first published XP Antivirus 2008 and Antivirus 2009 are evil!. It looks like things were starting to taper off a little but has jumped up this week and in checking my Google Analytics Traffic Sources, I see that I am getting a bunch of hits from Google for the term ‘avxp2008′. Surprisingly, there were only 5 hits for that term, this site being one of them due to the mention in a comment from krisi on July 12th.

One of the search results had a vague mention of a web address of avxp2008.com. So I fired up Firefox and took a visit. While not quite as slick as the other site (see Antivirus 2009 and microsoft.browserprotectioncenter.com), they are definitely doing everything they can to try to lull you into their confidence and click on one of their download links. With most sites, you expect some kind of intermediate page once you click a download link where they will either provide some additional details or instructions or gather some information from you. Not here. They try right off the bat to get you to download a .exe file (AntivirusXP2008Installer.exe) in the hopes that you will click the Run button and install it.

If you are already infected, you should take a look at Removing Antivirus 2009 - Round 3 for how I was able to remove it from my Dad’s computer. In the next day or so I hope to post a quick article on how to avoid getting infected in the first place.

If anyone has any other advice or suggestions, please leave a comment for others to benefit from.

Popularity: 12% [?]

Share This

Posted by Matt Smith | Filed Under General | 2 Comments 

MyHomePoint

Having trouble keeping track of everything going on at home? Is the refrigerator organizer not cutting it anymore? We feel the same way...
Check out MyHomePoint »

Latest Blog Posts

Close
E-mail It