You are here: Home > Antivirus XP 2008 – Rogue AntiVirus

Antivirus XP 2008 – Rogue AntiVirus

By on July 28, 2008 in Anti-Malware HowTo, Post Malware Cleanup, Rogue Anti-Malware

I discovered a new rogue on Saturday over at a clients house (Barb S.).

This looks a lot like Windows Defender doesn’t it? Anyway, Barb had Trend Micro 2006 (which was working and updated) however Trend was completely unaware that there were applications like this running +40 pieces of malware hiding in System32.

Removal:

First I removed Trend (since it wasn’t doing anything anyway), next I installed Spyware Doctor with Antivirus (the new version 6) and did a full scan. One hour later we have 54 threats that were completely removed after a reboot.

Barbs computer still had a lot of system modifications made by the malware…these had to go! Combofix is just amazing tool for undoing the changes the malware has made. Here are just a few examples of what Combofix can fix:

-broken tcp/ip stacks

-unable to modify the desktop

-unable to load the registry editor

-unable to right click on my computer

-no access to the control panel

-no start—run menu

When you run combofix remember to disable your anti-malware until combofix has finished.

Please +1 this post if you like me :)

About malwarekilla

View all posts by malwarekilla

, , , ,

  • Sasha

    Hi all Ok
    I just got antivirus 2008 on my computer so I ran combofix and it found it got rid of parts of it but said it found a rootkit and had to reboot. So it rebooted over and over again. After that I booted up off a bart dist and amnualy removed the files. The i had to repair install my os now it randomly locks up my computer and i still think it had xp antivirus 2008. What can i do to get rid of it??? Any help is needed.

  • malwarekilla

    Hi Sasha, I feel your pain there. The best suggestion that I can give you is to scan with ubcd4win (bootable rescue cd). In that rescue cd you can use the avira anti-malware scanner which will find any rootkit and kill it.

  • dude

    i’ve caught it up once, could be easily removed by spyware doctor, spybot:search and destroy and other such programs. Most Antiviruses don’t bother with such things because they’re just rogue adware and making only annoying fake pop-ups they don’t actually make harm to computer and do not steal info, but they reeeeeeeeeally freak out!!!!


Remove-Malware Traffic Stats