CBRT has been

2008 Antivirus Alert

Need some help fixing a computer problem, or just want to share a link to a program? Do it hear... From the PC to the CB!!!
Post Reply
User avatar
North Texas Mudduck
Wordwide & Qualified
Wordwide & Qualified
Posts: 2,921
Joined: Sep 30 2006, 20:22
Contact:

2008 Antivirus Alert

#182691

Post by North Texas Mudduck »

anyone know how to get rid of the virus alert
it changes the desktop screen
changes the time clock in the bottom right corner to militarytime
where the time is located to the right of that it says VIRUS ALERT
it locks out the task manager
in the start then setting menu it clears that to only be able to see taskbar and menu

anyone got an idea how to kill it

and no stinger or avg wont even touch it
A gun in the hand is better than a cop on the phone
User avatar
TwentyTwo-Zero
Donor
Donor
Posts: 1,742
Joined: Oct 23 2007, 12:48

#182694

Post by TwentyTwo-Zero »

Maybe [Please login or register to view this link]?
It's one of the better antivirus programs on the market.
Save Your Money, Don't Go To The Show
And Don't You Eat That Yellow Snow...Frank Zappa
------------
WR0220 Washington State 38LSB
CPI • Cobra • Icom • Yaesu
User avatar
North Texas Mudduck
Wordwide & Qualified
Wordwide & Qualified
Posts: 2,921
Joined: Sep 30 2006, 20:22
Contact:

#182696

Post by North Texas Mudduck »

and i did forget to mention zonealarm
free version did not get it
A gun in the hand is better than a cop on the phone
User avatar
TwentyTwo-Zero
Donor
Donor
Posts: 1,742
Joined: Oct 23 2007, 12:48

#182699

Post by TwentyTwo-Zero »

Have you tried [Please login or register to view this link]?
Save Your Money, Don't Go To The Show
And Don't You Eat That Yellow Snow...Frank Zappa
------------
WR0220 Washington State 38LSB
CPI • Cobra • Icom • Yaesu
User avatar
Black Lightning
Wordwide & Qualified
Wordwide & Qualified
Posts: 599
Joined: Feb 20 2008, 21:46
Handle: Black Lightning
Real Name: Gary
Antenna: Super Penetrator
Radio: '78 Cobra 2000 GTL
Contact:

#182708

Post by Black Lightning »

TwentyTwo-Zero wrote:Have you tried [Please login or register to view this link]?
As a computer tech, I do not recommend Norton 360 to ANYONE. It has caused way, way more problems than it's helped - things such as complete lockout of the internet (something I call 'firewall disconnect'), absolute total hammering of the computer (all your resource are belong to us), things of that nature.

In response to the original poster, you got hit with one of the various Smitfraud rootkits. Godspeed in its removal, it's a tough one.

In the meantime, STAY AWAY from anything that calls itself "WinAntiVirus" or "XP AntiVirus Pro 2008" or any mixture of those two terms.
User avatar
ringer
Skipshooter
Skipshooter
Posts: 344
Joined: Jan 06 2008, 00:11

#182710

Post by ringer »

I pay for a full subscription of Spyware Doctor and Registry Mechanic. My machines all haul even after visiting the most unscrupulous websites.
User avatar
linx

#182711

Post by linx »

Hey NorthTexas,

That thing you are infected with is called Antivirus 2008. If you do a search on google, you will find a manual way to remove it. The only way to automatically remove it, is to pay for a removal program, that is probably made from the manufacturer. Adaware, Spybot, and all the ot her popular spyware removal tools will not remove this program. I'm "retired" from computer service, but still in the past few weeks I have repaired numerous computers infected with this crap. In a nutshell, you go to Program Files, delete the program, and then remove it from the registry and remove it from the start-up.

Good luck. If ya can't get it removed, shoot me a PM and I'll try to help more.
User avatar
North Texas Mudduck
Wordwide & Qualified
Wordwide & Qualified
Posts: 2,921
Joined: Sep 30 2006, 20:22
Contact:

#182714

Post by North Texas Mudduck »

ok just got back from store
got the
windows one care
got rid of alot of crap
but now the time still says 20:06 VIRUS ALLERT
A gun in the hand is better than a cop on the phone
User avatar
lonewolf
Wordwide & Qualified
Wordwide & Qualified
Posts: 692
Joined: Nov 11 2006, 19:20
Contact:

#182726

Post by lonewolf »

I picked up the xp antivirus 2008 myself last night. I tried Microsoft one care with no luck. I got rid of it with free avg and adware and spybot.
Stomping the mud ducks in northern Maine 285 standing by.

Vision without action is a daydream. Action without vision is a nightmare.
Image
User avatar
North Texas Mudduck
Wordwide & Qualified
Wordwide & Qualified
Posts: 2,921
Joined: Sep 30 2006, 20:22
Contact:

#182734

Post by North Texas Mudduck »

and i ran the spybot first thing then the stinger then avg free edition
then went and got windows 1 care and it really made it mad and then rebooted then it
shut it down
but now just working with the 22:16 VIRUS ALERT

and the desktop issue
A gun in the hand is better than a cop on the phone
User avatar
lonewolf
Wordwide & Qualified
Wordwide & Qualified
Posts: 692
Joined: Nov 11 2006, 19:20
Contact:

#182736

Post by lonewolf »

Check out kim kommando's website search for antivirus. She also has lots of neat stuff on there too.
Stomping the mud ducks in northern Maine 285 standing by.

Vision without action is a daydream. Action without vision is a nightmare.
Image
User avatar
causmik
Donor
Donor
Posts: 851
Joined: Oct 04 2006, 07:21
Contact:

RE 2008 Antivirus Alert

#182757

Post by causmik »

North Texas Mudduck wrote:anyone know how to get rid of the virus alert
it changes the desktop screen
changes the time clock in the bottom right corner to militarytime
where the time is located to the right of that it says VIRUS ALERT
it locks out the task manager
in the start then setting menu it clears that to only be able to see taskbar and menu

anyone got an idea how to kill it

and no stinger or avg wont even touch it
I had a similar situation. I kept getting a notification similar to what you are describing. It is a spyware/malware virus. Mine kept prompting me to get a free pc check-up for virus and when one does the spy/malware was installed. I had to spend lots of time removing the installed junk daily until I took my pc to a tech. I have all the goodies to protect against such junk but it still got by. I had to take my pc to a shop where they have the appropriate removal system.

The prompt-alert is the virus.

Mike
User avatar
Av8r1
Donor
Donor
Posts: 285
Joined: Aug 15 2006, 21:57
Real Name: Bill
Radio: Kenwood TS-530s
Contact:

#182758

Post by Av8r1 »

You need to get a free program called HiJackthis. Run it and look for suspicious entries and delete them. Also run AVG antispyware and anti virus. Also get free antispyware Spybot.

Hope that works,let us know. :lol:
User avatar
Falcon99V
6 PILL USER
6 PILL USER
Posts: 64
Joined: May 17 2008, 14:20
Real Name: Bill
Antenna: Smokin Joe Gun II
Radio: Galaxy 2517
Contact:

#182763

Post by Falcon99V »

Linx said it best:
If you do a search on google, you will find a manual way to remove it.

Try this before you go spend your money.
Good luck!
User avatar
HI-TECH

#182768

Post by HI-TECH »

i got 2007 man it took no more then 10 mins before i popped my full install disk in and formatted, first link on google i read how bad it was corrupting your registry and how hard it was to remove... easier on my nerves and time to just format when you get hit hard.
User avatar
TwentyTwo-Zero
Donor
Donor
Posts: 1,742
Joined: Oct 23 2007, 12:48

#182773

Post by TwentyTwo-Zero »

Black Lightning wrote: As a computer tech, I do not recommend Norton 360 to ANYONE. It has caused way, way more problems than it's helped - things such as complete lockout of the internet (something I call 'firewall disconnect'), absolute total hammering of the computer (all your resource are belong to us), things of that nature.

In response to the original poster, you got hit with one of the various Smitfraud rootkits. Godspeed in its removal, it's a tough one.

In the meantime, STAY AWAY from anything that calls itself "WinAntiVirus" or "XP AntiVirus Pro 2008" or any mixture of those two terms.
Being a computer tech, then you should also be aware of the fact that these issues were resolved with the release of 360 2.0. It consumes LESS resources then either MacAffee or One Care, doesn't slow your computer down as much as either of those programs and is updated multiple times a day with the most current virus definitions making it a better choice if you are serious about protecting your computer from viruses/trojans and online attacks.

If you go [Please login or register to view this link] you can run a free virus scan on your computer. If you have pop=ups blocked allow them on this site and select "Virus Detection". After the scan is complete you will be instructed on how to remove any/all viruses/trojans/malware that is found. Best of all it is provided by the LEADER in antivirus software - and it is FREE. :wink:

Here is the url in case it didn't come through above:

[Please login or register to view this link]
Save Your Money, Don't Go To The Show
And Don't You Eat That Yellow Snow...Frank Zappa
------------
WR0220 Washington State 38LSB
CPI • Cobra • Icom • Yaesu
User avatar
NCMidnight

#182785

Post by NCMidnight »

I also have 15 years experience in the PC world.. Smitfraud rootkits is the answer to your problem, and it is a very common one.. When you open your browser does it take you to the same bunk virus scan page?? if so its a hijacker and smithfraud will take care of it.. Good luck.. 76 out..
User avatar
KI4MSJ
Donor
Donor
Posts: 668
Joined: Nov 09 2006, 10:57
Handle: Barnstormer
Real Name: SCOTT
Radio: ICOM 7000
Contact:

#182790

Post by KI4MSJ »

I use AVG and TuneUp Utilities 2008
ICOM 7000/7"monitor
YAESU 901DM,FC-901,SP-901P
Multiband Dipole,IMAX 2000
Image
User avatar
Black Lightning
Wordwide & Qualified
Wordwide & Qualified
Posts: 599
Joined: Feb 20 2008, 21:46
Handle: Black Lightning
Real Name: Gary
Antenna: Super Penetrator
Radio: '78 Cobra 2000 GTL
Contact:

#182821

Post by Black Lightning »

What NCMidnight is referring to is a removal tool called "SmitRem" or "Smitfraud Remover". Smitfraud is the malware itself. These latest versions don't go away simply with Smitrem. In my experience, the only way to get rid of it without referring to the 'nuclear option' of reformatting and reinstalling, is to use a BartPE disk of some sort. I use "The Ultimate Boot CD for Windows". You boot the system to that, which is in effect a Windows XP live CD, and the hard drive is not locked by the OS. Also, since you're running a clean copy of XP that cannot be infected (Closed CD-ROMs cannot be written to), you can find the stealth components of the infection which exist in various areas of the system.

XPAntiVirus2008 installs itself into the registry in the following keys:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run,
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\Winlogon Shell
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\Winlogon\Notify

as well as various named services under

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet00x\Services (where the 00x in ControlSet00x refers to the most recent one).

It also manipulates registry keys that prevent the user from running regedit or ctrl-shift-esc or ctrl-alt-del to access the task manager. There are registry access tools that you can obtain in order to repair the registry so you can access it with regedit (these tools will not work if the malware is running, however).

With a BartPE CD, you can use the command prompt to delete random filenames in the \windows\system32 directory, files that are usually dated the current date or within the time the computer has been infected. Files with .exe and .dll extensions, as well as any .htm or .html file in the system32 dir. Some variants also create 'INI' files in the system32 dir as well. These are easy to spot however; they're usually large compared to real INI files (e.g. 161,200 bytes) and when you attempt to read them, they're binary and not text. Any filename ending in .ini2 or .ini.bak can safely be deleted. You can use RegEditPE to load the remote registry (the registry on the infected computer) to fix keys in there.

Twenty-Two Zero - I'd love to believe that, however I was dispatched last week to fix someone's computer which had pretty much hard locked from CPU load. The installed Norton 360 2.0 was the culprit. A quick run of the symnrt tool from Symantec fixed it by deleting the software. Symantec software has not been good now for a number of years. The only thing they make that I find useful is Ghost.
User avatar
PONY EXPRESS
Wordwide & Qualified
Wordwide & Qualified
Posts: 986
Joined: Aug 09 2007, 21:04
Radio: GOLDEN EAGLE Mark IV
Contact:

Good Luck

#182827

Post by PONY EXPRESS »

Hope you solve your problem .We use Norton 360 but we can't recommend it it doesn't catch all spy ware according to spy-bot
Post Reply