windows antivirus 2008 anti virus

**zzzzz** · 12-08-08, 12:06 PM

HELP HELP any members got an answer to get rid of windows antivirus 2008 as all my computers have been infected big time ,,do run AVAST on all of them

please please help this poor old pom out

**SPLog** · 12-08-08, 12:22 PM

Could it be the same as what best4less posted about.
Antivirus XP 2008

**zzzzz** · 12-08-08, 02:24 PM

Quote:

Originally Posted by SPLog

Could it be the same as what best4less posted about.
Antivirus XP 2008

thanks for that now i am a happy little pom

**Sanity** · 12-08-08, 03:41 PM

Its doing the rounds at the moment , I have had to remove it from a couple of computers.

**zzzzz** · 12-08-08, 03:49 PM

Quote:

Originally Posted by Sanity

Its doing the rounds at the moment , I have had to remove it from a couple of computers.

its a shame we cant track these little bas**eds down and show them the damage they cause perhaps then after a little bit of forcefull encouragement they will learn

**Sanity** · 12-08-08, 04:29 PM

I am pretty sure this is where the program sends you. The site looks exactly like the program screens.
Antivirus 2008 anti-spyware anti-malware complete solution software

You then have to pay them.

* DONT CLICK ANYTHING ON THAT SITE !!!

**Globe** · 12-08-08, 04:54 PM

It's a ppi (pay per install). Black hatters upload torrents of useful programs with this insidious rubbish "wrapped" around them, and then suckers (me included) download the programs, install it and spend the best part of a day figuring out how to get rid of it.

Meanwhile the black hatter gets a % of every dollar each poor sucker who buys this rubbish (supposedly to get rid of what caused the problem in the first place).

Edit: Geez Sanity, that site looks legit doesn't it, they are getting very clever!!

**Sanity** · 12-08-08, 05:01 PM

Yeah , its one friggin annoying program. You can pick it up anywhere , both computers I removed it from dont surf " dubious " sites so I am not sure how they got it.

I had it jump up on my screen the other week , but I didnt take the bait and click anything. I tried to close the windown but couldnt , so I had to close it via task manager. You can imagine how many non tech type people must be getting caught up with this one.

$30 to remove something that isnt here in the first place.

**BenM** · 13-08-08, 07:40 PM

I heard that malwarebytes download program should find and remove this program. May need to restore your registry as it attaches it self to security centre. Hope this helps

**Sanity** · 13-08-08, 08:00 PM

Quote:

Originally Posted by BenM

I heard that malwarebytes download program should find and remove this program.

Sure does , probably the easist method.

**therufus** · 15-08-08, 08:26 PM

I've heard that this sh1t can also creep in via an attack on old versions of Sun Java. Apparently, there is an exploit that can drive-by-install this on your PC if you use MSIE and have an older version of Java.

So, just to be sure, head to java.com: Java + You

**Woodstock** · 18-08-08, 02:34 PM

sneaky buggers change files and MalwareBytes not picking up on it ...
had manually remove like below link refers to:
Remove Antivirus 2008 Pro Fake Antivirus - MS Windows Vista Compatible Software

**biggeorge** · 18-08-08, 03:03 PM

My neighbour had the Antivirus 2009 the other day.

A couple of things I found were:
1. It sent you to a site called something like ht tp : // microsoft.antivirus2009.com/buy or similar.
It looked like it was run by microsoft if you were to just look at the url briefly and not know how a url is structured.
2. It did NOT attach to the security centre, a quick look thru the task monitor showed me that it was an almost identical clone of it. The giveaway was a spelling error in the cloned version.
3. It hijacked the browser. Google would load, but when you search you get redirected to a very legitimate looking microsoft.antivirus2009.com type of url telling you your antivirus is not working and to buy the antivirus 2009 version from them for $49.95
4. It also loaded in some google like toolbars and a few other things into IE's Manage Add-ons list. One was called "Research". If that one is in there you got problems...

Anyhow, to kill it I stopped all Add-ons in internet explorer. Then I killed the tasks in task manager that were related to the google toolbars and the fake security centre.
Then I updated Ad-Aware, and did a scan with it, picked it all up and cleaned it all out.

GONE!!!!!!!

You think the 2008 one is nasty, the 2009 one is slightly cleverer. It almost had me fooled except that I am the dude who always fixes the neighbours computer so I know that it had an antivirus program in it and it wasnt called "antivirus 2009". And the spelling error.

If anyone wants to really track down these buggers the way to do it is to pay the ransom and trace the money. The money always ends up in the REAL hacker's hands somehow. They don't do it for sport.
For the layperson thats impossible.

So the next best thing is to use a number generator to buy their software and have some fun with them.

I can randomly generate you a number if you PM me.

**viewer** · 23-08-08, 02:54 PM

Quote:

Originally Posted by BenM

I heard that malwarebytes download program should find and remove this program. May need to restore your registry as it attaches it self to security centre. Hope this helps

Thanks BenM,

Wife was on the pc this morning and got the virus.
Was trying avg and spybot but not suceeding.
Fired up the lappy, read this thread, downloaded malwarebyte, and all is now fixed.

As I continue to say...this is a good place to come for help!

Thanks mate.....

12-08-08, 12:06 PM	#1 (permalink)
zzzzz Premium Member iTrader: (8) Join Date: Jan 2008 Location: passed the black stump Posts: 202 Spent time on board: 2 Weeks, 3 Days and 9:37:48	windows antivirus 2008 anti virus HELP HELP any members got an answer to get rid of windows antivirus 2008 as all my computers have been infected big time ,,do run AVAST on all of them please please help this poor old pom out

18-08-08, 02:34 PM	#12 (permalink)
Woodstock Senior Member iTrader: (14) Join Date: Jan 2008 Location: Mt Gambier Posts: 727 Spent time on board: 2 Weeks, 4 Days and 9:46:56	sneaky buggers change files and MalwareBytes not picking up on it ... had manually remove like below link refers to: Remove Antivirus 2008 Pro Fake Antivirus - MS Windows Vista Compatible Software __________________ Trust thyself only, and another shall not betray thee.

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

12-08-08, 12:22 PM	#2 (permalink)
SPLog Premium Member iTrader: (1) Join Date: Jan 2008 Location: QLD Posts: 86 Spent time on board: 1 Week, 0 Days and 2:22:46	Could it be the same as what best4less posted about. Antivirus XP 2008

12-08-08, 03:41 PM	#4 (permalink)
Sanity Super Moderator iTrader: (5) Join Date: Jan 2008 Location: Victoria Posts: 2,904	Its doing the rounds at the moment , I have had to remove it from a couple of computers.

12-08-08, 04:29 PM	#6 (permalink)
Sanity Super Moderator iTrader: (5) Join Date: Jan 2008 Location: Victoria Posts: 2,904	I am pretty sure this is where the program sends you. The site looks exactly like the program screens. Antivirus 2008 anti-spyware anti-malware complete solution software You then have to pay them. * DONT CLICK ANYTHING ON THAT SITE !!!

12-08-08, 04:54 PM	#7 (permalink)
Globe My Member is Premium. iTrader: (2) Join Date: Jan 2008 Posts: 171 Spent time on board: 4 Days and 9:09:24	It's a ppi (pay per install). Black hatters upload torrents of useful programs with this insidious rubbish "wrapped" around them, and then suckers (me included) download the programs, install it and spend the best part of a day figuring out how to get rid of it. Meanwhile the black hatter gets a % of every dollar each poor sucker who buys this rubbish (supposedly to get rid of what caused the problem in the first place). Edit: Geez Sanity, that site looks legit doesn't it, they are getting very clever!!

12-08-08, 05:01 PM	#8 (permalink)
Sanity Super Moderator iTrader: (5) Join Date: Jan 2008 Location: Victoria Posts: 2,904	Yeah , its one friggin annoying program. You can pick it up anywhere , both computers I removed it from dont surf " dubious " sites so I am not sure how they got it. I had it jump up on my screen the other week , but I didnt take the bait and click anything. I tried to close the windown but couldnt , so I had to close it via task manager. You can imagine how many non tech type people must be getting caught up with this one. $30 to remove something that isnt here in the first place.

13-08-08, 07:40 PM	#9 (permalink)
BenM Junior Member iTrader: (0) Join Date: Jun 2008 Posts: 5 Spent time on board: 0:15:42	I heard that malwarebytes download program should find and remove this program. May need to restore your registry as it attaches it self to security centre. Hope this helps

15-08-08, 08:26 PM	#11 (permalink)
therufus Senior Member iTrader: (0) Join Date: Jan 2008 Location: Cranebrook, NSW Posts: 100 Spent time on board: 17:05:17	I've heard that this sh1t can also creep in via an attack on old versions of Sun Java. Apparently, there is an exploit that can drive-by-install this on your PC if you use MSIE and have an older version of Java. So, just to be sure, head to java.com: Java + You

18-08-08, 03:03 PM	#13 (permalink)
biggeorge Huge Member iTrader: (0) Join Date: Jan 2008 Location: Super Duper Secret Members Forum Posts: 278 Spent time on board: 1 Day and 14:35:16	My neighbour had the Antivirus 2009 the other day. A couple of things I found were: 1. It sent you to a site called something like ht tp : // microsoft.antivirus2009.com/buy or similar. It looked like it was run by microsoft if you were to just look at the url briefly and not know how a url is structured. 2. It did NOT attach to the security centre, a quick look thru the task monitor showed me that it was an almost identical clone of it. The giveaway was a spelling error in the cloned version. 3. It hijacked the browser. Google would load, but when you search you get redirected to a very legitimate looking microsoft.antivirus2009.com type of url telling you your antivirus is not working and to buy the antivirus 2009 version from them for $49.95 4. It also loaded in some google like toolbars and a few other things into IE's Manage Add-ons list. One was called "Research". If that one is in there you got problems... Anyhow, to kill it I stopped all Add-ons in internet explorer. Then I killed the tasks in task manager that were related to the google toolbars and the fake security centre. Then I updated Ad-Aware, and did a scan with it, picked it all up and cleaned it all out. GONE!!!!!!! You think the 2008 one is nasty, the 2009 one is slightly cleverer. It almost had me fooled except that I am the dude who always fixes the neighbours computer so I know that it had an antivirus program in it and it wasnt called "antivirus 2009". And the spelling error. If anyone wants to really track down these buggers the way to do it is to pay the ransom and trace the money. The money always ends up in the REAL hacker's hands somehow. They don't do it for sport. For the layperson thats impossible. So the next best thing is to use a number generator to buy their software and have some fun with them. I can randomly generate you a number if you PM me.

Sponsored Links

Sponsored Links

Sponsored Links

Sponsored Links