Kudos0

Malware AntivirXP08

Just an FYI, per the Norton instructions you get when you search on this site for "antivirxp08",  this sucker DOES use random filenames.  They appear to be gibberish, but you can see them running in the task manager.  If you think the process running is a virus, Google the filename.  If it's a legitimate windows file or belongs to another legitimate program, it will most likely have definitions on some of the file sites.  If nothing comes up, that's a clue!   The file/registry entries it used on me included "antivirxp08", "phc7d7j0er3t", "pphc7d7j0er3t", and "rhc3d7j0er3t".   When searching the registry using the regedit find feature, remember to go all the way to the top where it says my computer, and close everything beneath it to have it search from the top down for each search.  Once it finds one entry, delete it, and then hit F3 to move on to the next instance.  Once it's done searching for that name, go back to the top, and search for the next one.    I also had to enable the display properties tabs for screensaver and themes in the registry, because the malware (is this thing a virus, spyware, all the above!?) disabled them.

This sucker is a time waster.  Tip:  Don't do as I did and let your NIS expire!  Renew it right away!  I shoulda knowed better  :(

Good luck to all!

Replies

Kudos0

Re: Malware AntivirXP08

Thank you dokter.

So I guess you are safe?

"All that we are is the result of what we have thought"
Kudos0

Re: Malware AntivirXP08

OK, so to remove this, I have to delete each reg and file individually?? My NIS has expired and I have no funds at this time to renew. I am assuming that this thing is the reason for my multitude of problems that came about around the same time as this popped up. I don't knw how it got installed on my comp or how to get rid of it, but when it came I also started getting fake alerts. My comp will go to the blue screen and say it is shutting down to protect my comp and then will go to windows startup screen. However, this is a loop and can be exited by pressing f4. When it clears, all docs and web pages are still there and the way I left them. It makes my comp freeze a lot too. Are all these symptoms of this one program?
Kudos0

Re: Malware AntivirXP08

"All that we are is the result of what we have thought"
Kudos0

Re: Malware AntivirXP08

thank you so much! I am running it now. We will see if it fixes the problem...
Kudos0

Re: Malware AntivirXP08

Hi

Please keep us posted

"All that we are is the result of what we have thought"
Kudos0

Re: Malware AntivirXP08

Ok, well I installed and ran the antibot, but it only found and removed 1 problem. I was hoping this would be the one, but after letting my comp sit for about 15 min the blue screen was back. Have you got any idea what is causing this? Should I start a new thread t find this answer? Maybe it has nothing to do with the antvirxp08 prog... Hmmm.... Grrrrrrr! Now it's playing hip hop music at me and there is no music player running and I can't find any open pop ups or pop unders. Man! I have some real issues here! Any recommendations, short of throwing this thing out the window?
Kudos0

Re: Malware AntivirXP08

Dr_Frank,

Obviously part of the problem you appear to have is not being able to scan with the latest Virus Definitions since you subscription expired some time ago. One solution is to do an on-line scan using Symantec's free service. Go to the following URL and select Virus Detection.

Hope this helps.

We look forward to the time when the Power of Love will replace the Love of Power. Then will our world know the blessings of peace. ~William Ewart Gladstone
Kudos0

Re: Malware AntivirXP08

We look forward to the time when the Power of Love will replace the Love of Power. Then will our world know the blessings of peace. ~William Ewart Gladstone
Kudos0

Re: Malware AntivirXP08

Please do.

Also please post a link to this thread. Is easier to find back

"All that we are is the result of what we have thought"
Kudos0

Re: Malware AntivirXP08

That Online Scan will only Detect that Internet Threat on your computer.
Thursday, November 21, 2013: The THREATCON was changed to Level 1: Normal | Tue., Nov. 05, 2013: Zero-Day Vulnerability: Microsoft Security Advisory 2896666 | Saturday, November 09, 2013: Cyber-Criminals Serve Up A Veritable Smorgasbord Of Threats For South Koreans | Wednesday, October 09, 2013: New Internet Explorer Zero-Day Targeted In Attacks Against Korea And Japan [C.V.E.-2013-3897]
Kudos0

Re: Malware AntivirXP08

Safe!!??  Lol, not safe, but I think I killed it!  Only time will tell......  :)
Kudos0

Re: Malware AntivirXP08

I tried the online scan, but it never finished. It just keeps asking me if I want to install the detection tools. I click install and 20 minutes later it asks again, but never scans anything. I guess that isn't gonna do it. Does anyone know a name for this issue or for this collection of issues, I should say. I don't know what to do. Someone on yahoo answer seems to think it is a worm, but everybody just sees the part about the blue screen and forgets about the part where it is a fake alert and I can exit it using f4. I am at a loss for what to do. I am usually pretty good at figurung out how to cure our little ailments here, but this one has me stumped.
Kudos0

Re: Malware AntivirXP08

Hey Doc! Sorry I butted in on your thread and kinda took over. I saw the subject and hoped someone here could help me out. Please forgive me for my rudeness. No harm intended.
Kudos0

Re: Malware AntivirXP08

Hi bwalk

I guess the virus is still alive?

have you been able to send a sample to Symantec? That way Symantec can take care of things

"All that we are is the result of what we have thought"
Kudos0

Re: Malware AntivirXP08

yep - alive and well, unfortunately. I think it is affecting other things too now, but not sure. Could just be too much in my system. Anyhow... I have no idea how to send a sample and with my subscription being out, don't know if they will help me. I have tried all that has been offered, with no luck.
Kudos0

Re: Malware AntivirXP08

If you have a sample you would be able to send it to Malware Submission

Besides that have you tries SuperAntspyware or Malwarebytes?

A lot of people were helped out that way 

"All that we are is the result of what we have thought"
Kudos0

Re: Malware AntivirXP08

I saw the malwarebytes thing in another thread I was browsing and followed it to see but it said somthing about paying so I left. I have no spare funds at all right now so I didn't try it. Does it have a trial period or did I miss something?
Kudos0

Re: Malware AntivirXP08

O! And how do I send a sample? How do I get one, I guess is the first question.
Kudos0

Re: Malware AntivirXP08

Any files that you believe may be malicious can be submitted through the following link.  You will simply want to select the file(s) to be submitted and you will get an email response in return with a submission tracking number.  If the files are indeed malicious, the auto scanners from the submission process will email you telling you they're bad.

https://submit.symantec.com/websubmit/retail.cgi

Kudos0

Re: Malware AntivirXP08

Hi,

Sorry to hear about your problem. Please follow the directions NateR the Symantec Employee gave you on how to send the upload and send the file. By the way, Malwarebytes' Anti-Malware is free, what you saw is a little ad on their homepage pointing out that if you want better protection you have to pay. However, in this case, use the free version.

Also, upload the suspected file to virustotal.com to see how many AV scan engines detect it as a threat and are willing to remove it, or if it's a false possitive.

Some good free AV's and Anti-Spywares/firewalls that might be able to help you are: Malwarebytes' Anti-Malware, SpyBot- Search and Destroy, SuperAntiSpyware, ClamWin/ClamAV, Spyware Terminator, Kaspersky Free Online Scan, Panda Free Online Scan, avast!, AVG Free Edition.

I can provide links to any of these if you need them. Good luck!

This thread is closed from further comment. Please visit the forum to start a new thread.