Duis mollis, est non commodo luctus, nisi erat porttitor ligula, eget lacinia odio sem nec elit. Sed posuere consectetur est at lobortis. Vestibulum id ligula porta felis euismod semper. Donec ullamcorper nulla non metus auctor fringilla. Aenean lacinia bibendum nulla sed consectetur. Cras justo odio, dapibus ac facilisis in, egestas eget quam. Cras mattis consectetur purus sit amet fermentum. Morbi leo risus, porta ac consectetur ac, vestibulum at eros. Sed posuere consectetur est at lobortis. Etiam porta sem malesuada magna mollis euismod. Cum sociis natoque penatibus et magnis dis parturient montes, nascetur ridiculus mus. Duis mollis, est non commodo luctus, nisi erat porttitor ligula, eget lacinia odio sem nec elit. Cras justo odio, dapibus ac facilisis in, egestas eget quam. Aenean eu leo quam. Pellentesque ornare sem lacinia quam venenatis vestibulum. Curabitur blandit tempus porttitor. Sed posuere consectetur est at lobortis.
XP Antiv Virus 2008 is a very nasty forum off malware. It attacks Internet Explorer ony and does this via a pop up tell you that "You have a Virus". Click here to remove. I highly recommend only using Firefox as a broswer. Also download Malware Bytes Anti Malware and run a full scan.
http://remove-malware.com/malware-warnings/271/
Have you tried to install Norton Antibot? That might help very well
Anti Bot is built into NIS but if you install Anti Bot as of now they dont get along. See here. See Tony's last post.
Hi
Is it "AntiVirus2008Pro" Which is different than AntiVirus2008XP, BUT is still a Rogue AntiVirus Program. Here's a Screenshot??
If so I will find the Registry Entries etc.
Quads
Hi Quads
Yes, this looks like it - inclduing the misspelling of "scanning"
Thanks
Mark
Hi Mark
Try Malwarebytes AntiMalware, it's a free download, if that doesn't work.
Use the Task Manager to find in the Processes list and of these
AntiVirus2008.exe
AntvrsInstall.exe
AntvrsInstall[1].exe
Antvrs.exe
And end those processes
Delete this Folder,
C:\WINDOWS\ProgramFiles\ANTIVIRUS 2008
Also any of these files
shlwapi.dll,
wininet.dll,
AntiVirus2008.exe,
Uninstall Antivirus.lnk,
AntiVirus 2008.lnk,
AntvrsInstall.exe,
AntvrsInstall[1].exe,
AntiVirus 2008.lic,
Antvrs.exe
Use Regedit to Delete these entries
HKEY_CURRENT_USER\Software\Antivirus
HKEY_LOCAL_MACHINE\SOFTWARE\Antivirus
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\”Antivirus” = “%ProgramFiles%\Antivirus 2008 Pro\Antvrs.exe”
Quads
Malwarebytes does find it in a scan as "Rogue.Antivirus2008"
Quads
What I do not understand is why all the suggestions here about using other software to fight this virus.
As if NIS 2009 is only optional (i.e. nice to have ) utility .
Dont you people shocked that NIS2009 did not stoped / cleaned this virus to begin with ???
Why are you so forgiving and tolerated towards NIS2009 performance ?
NO anti virus or anti spyware can catch everything. NIS 2009 can catch this malware but it is always good to use a back up scanner.Relying on just one scanner is not a good idea. Malware Bytes is a free on demand scanner so its a great idea to use it.
ace11 wrote:What I do not understand is why all the suggestions here about using other software to fight this virus.
As if NIS 2009 is only optional (i.e. nice to have ) utility .
Dont you people shocked that NIS2009 did not stoped / cleaned this virus to begin with ???
Why are you so forgiving and tolerated towards NIS2009 performance ?
Message Edited by ace11 on 10-02-2008 12:31 AM
This kind of malware works in many ways. It is not one file which can be send to Symantec so they can write a signature as well.
For some reason Malwarebytes and SuperAntispyware will detect these. They are more specialized in these kind of malware. It's no regular virus or spyware
This type of rogue program generally requires user intervention even if it was unknowing.
Even if a user does not click on anything, merely clicking on the "X" to exit may invoke the download, thereby implying consent to install the program.
When an ad like this appears, the best practice is to use "Alt + F4" to exit. If that does not work, use "Ctrl + Alt + Delete" and use task manager to end the application.
" ....For some reason Malwarebytes and SuperAntispyware will detect these .... "
I expect a respected Security Suite like NIS2009 to be able to match the performance of Malwarebytes :)
But you know, guys, the question is still valid: Why doesn't Norton tell us anything at all? If malwarebytes or some other software can pick up the invasion, then obviously it is detectable, so why isn't it being detected?
There are three possible answers, and only one of them is reasonable.
1. Norton doesn't tell us because these other companies happened to find it first. That is acceptable ONLY if within twenty-four hours of the virus data being published, Norton has updated its database to find it, too. There is an international database of viruses and within 5 minutes of the information becoming public, every single security company should be working on their own signature detections.
I am not asking Norton to fix the infection if it requires user intervention, but it should at least notify us of the problem and direct us toward the appropriate solution.
2. Norton doesn't tell us because it is slow in responding to new security problems. Wow, if that were true, I wouldn't even want to go there. I am counting on Norton's responsiveness and if I were ever to learn otherwise ....
3. Norton doesn't tell us because it doesn't have the mechanism to detect certain kind of malware. That MIGHT be acceptable in a product such as NAV since some malware and invasion are not actually viruses or delivered by viruses.
But it would be totally unacceptable in a product labeled as Norton Internet Security. Security is security is security. The "internet" part of that might be a fudge factor (well, it doesn't affect internet behavior, it just eats up your computer and shares your passwords with the universe); but it seems to me that "security" implies your computer is secure from anything except someone breaking into your office or home or computer physically.
So, I would too would like to know the answer to the question (why didn't Norton warn about this infection?) and which of the above categories the answer would go in. If I need (as opposed to it would be nice to have) supporting software such as malwarebytes, then I should be informed of this.
I just infected my pc under a Sandbox and surfed with IE. I picked up on the XP Anti Virus 2008 and The Pro Anti Virus. NIS 2009 did detect them. Even the bets av in the world (Avira) cannot find eveything. Any security expert will tell you not to rely on just one scanner. One real time scanner, yes but on demand you can always use those.
Removal instructions for AntiVirusPro: http://www.symantec.com/en/security_response/writeup.jsp?docid=2007-100119-4941-99&tabid=3.
Removal instructions for AntiVirusXP2008: http://www.symantec.com/security_response/writeup.jsp?docid=2008-071613-4343-99&tabid=3.
Removal instructions for AntiVirusPro: http://www.symantec.com/security_response/writeup.jsp?docid=2007-100119-4941-99&tabid=3.
Hi all
Thanks for all the suggestions - as I mentioned I can only get onto this forum through my work PC, so many of your messages I have only just read (it's morning here in Australia). Since my last post (reply to Quads) I left my PC disconnected from the net, undid my previous System Restore (so everything was back to when I had all the problems), entered Safe Mode and ran a full scan, which found only 1 low risk tracking cookie. This morning I started a System Restore to just before the problem hit, but it hadn't finished by the time I had to leave.
I expect I will still have the problem I had yesterday, which is that I can't connect to the internet via my modem. I will download the malware and save it to CD or flashdrive to run on the PC, then try to get the modem issue sorted out from there.
Thanks
Mark
Greetings,
Have you had a look at the Web Links I provided? I would maybe suggest doing these and, if you have a the problem still, try other suggestions suggested here. Just print these off at work. :)
Hi All,
If you're running into problems with Norton Internet Security not detecting threats that are on your system, try enabling Aggressive Heuristic Protection.
To do this, simply launch the Norton Internet Security Main User Interface, click on Settings next to Computer, then locate the Advanced Heuristic Protection option, and set it to Aggressive. This may assist in locating and resolving existing threats on your system. After the threats have been resolved, you may change the option back to Automatic if you wish.
To better assist us in analyzing the threat and improving our overall detection, be sure to launch the Quarantine from the Main User Interface. Then select the new threat found and click on More Details. Finally, click on Submit to Symantec.
Our Heuristic Protection allows us to detect threats that may not have a static signature. The protection will look at the way software behaves, and quarantine if it feels that something is misbehaving. Setting the option to Aggressive will cause Norton Internet Security to be less tolerant of programs or processes that may be suspicious.