Thread: Xp Av 2009

  1. #1
    Unregistered User Yarin's Avatar
    Join Date
    Jul 2007
    Posts
    2,158

    Xp Av 2009

    A friend's computer got infected with XP Antivirus 2008 last year, after looking up on how to remove it, none of the registry keys or system-looking files that all the pages kept telling me to remove where there. Except for one class ID that would reappear every time the system started. To fix this problem, I made a "vundo patch" program that would remove it after startup, this prevented it from hooking IE, allowing for smooth surfing.

    But last week his infection grew to XP Antivirus 2009. I'm assuiming this is an invisible undate feature of vundo. Well, again, I looked up how to remove it, and the same problem. None of the keys or files where there, not only that, removing that class ID no longer did the trick.
    How do you remove a virus that "isn't there"!?

  2. #2
    Cat without Hat CornedBee's Avatar
    Join Date
    Apr 2003
    Posts
    8,895
    Reinstall.
    All the buzzt!
    CornedBee

    "There is not now, nor has there ever been, nor will there ever be, any programming language in which it is the least bit difficult to write bad code."
    - Flon's Law

  3. #3
    Unregistered User Yarin's Avatar
    Join Date
    Jul 2007
    Posts
    2,158
    I thought of that already, the problem is, it's XP which means my copy won't work on his computer. And he doesn't own a copy of his own.
    I'm looking for an alternitive to spending a bit of money.

  4. #4
    Hacker MeTh0Dz's Avatar
    Join Date
    Oct 2008
    Posts
    111
    Checking for rootkits seems like the next logical step.

  5. #5
    The Right Honourable psychopath's Avatar
    Join Date
    Mar 2004
    Location
    Where circles begin.
    Posts
    1,071
    The only way I've ever been able to remove Av 08/09 is with system restore or a complete reinstall. All the pages that appear online seem to be out of date, with respect to what to delete and where to find it. Although if you look in Program Files, I believe there is a key file in there somewhere. Should live in oddly named folder you don't recall installing.
    M.Eng Computer Engineering Candidate
    B.Sc Computer Science

    Robotics and graphics enthusiast.

  6. #6
    and the hat of sweating
    Join Date
    Aug 2007
    Location
    Toronto, ON
    Posts
    3,545
    Don't Antivirus programs find & clean it properly?
    "I am probably the laziest programmer on the planet, a fact with which anyone who has ever seen my code will agree." - esbo, 11/15/2008

    "the internet is a scary place to be thats why i dont use it much." - billet, 03/17/2010

  7. #7
    C++ Witch laserlight's Avatar
    Join Date
    Oct 2003
    Location
    Singapore
    Posts
    28,413
    It is malware masquerading as antivirus software.
    Quote Originally Posted by Bjarne Stroustrup (2000-10-14)
    I get maybe two dozen requests for help with some sort of programming or design problem every day. Most have more sense than to send me hundreds of lines of code. If they do, I ask them to find the smallest example that exhibits the problem and send me that. Mostly, they then find the error themselves. "Finding the smallest program that demonstrates the error" is a powerful debugging tool.
    Look up a C++ Reference and learn How To Ask Questions The Smart Way

  8. #8
    and the hat of sweating
    Join Date
    Aug 2007
    Location
    Toronto, ON
    Posts
    3,545
    Quote Originally Posted by laserlight View Post
    It is malware masquerading as antivirus software.
    Yes, and any respectable AV program should recognize that and be able to remove it.
    "I am probably the laziest programmer on the planet, a fact with which anyone who has ever seen my code will agree." - esbo, 11/15/2008

    "the internet is a scary place to be thats why i dont use it much." - billet, 03/17/2010

  9. #9
    Registered User
    Join Date
    Nov 2007
    Posts
    57
    Has he tried Spybot S&D?
    I think I got that once, and Spybot worked.

  10. #10
    Unregistered User Yarin's Avatar
    Join Date
    Jul 2007
    Posts
    2,158
    I haven't talked to him in few days, so I dunno if his newly-bought ZA will work or not.

    Spybot: Aren't they another one of those "you can scan for free", but "register to remove the infection" programs?

  11. #11
    C++まいる!Cをこわせ!
    Join Date
    Oct 2007
    Location
    Inside my computer
    Posts
    24,654
    Quote Originally Posted by Yarin View Post
    Spybot: Aren't they another one of those "you can scan for free", but "register to remove the infection" programs?
    No, it is 100% free.
    Quote Originally Posted by Adak View Post
    io.h certainly IS included in some modern compilers. It is no longer part of the standard for C, but it is nevertheless, included in the very latest Pelles C versions.
    Quote Originally Posted by Salem View Post
    You mean it's included as a crutch to help ancient programmers limp along without them having to relearn too much.

    Outside of your DOS world, your header file is meaningless.

  12. #12
    Devil's Advocate SlyMaelstrom's Avatar
    Join Date
    May 2004
    Location
    Out of scope
    Posts
    4,079
    Quote Originally Posted by michaelp View Post
    Has he tried Spybot S&D?
    I think I got that once, and Spybot worked.
    I haven't touched Spybot in a while. I downloaded it when it first came on the scene and loved it. Then all the sudden it appeared to start falling behind on its updates and wasn't getting all of the spyware on the disk. I then switched to Ad-Aware and have since then started subscribing to Norton Internet Security which has given me no reason to look back thus far. The new Norton is even good on resources.
    Sent from my iPadŽ

  13. #13
    C++まいる!Cをこわせ!
    Join Date
    Oct 2007
    Location
    Inside my computer
    Posts
    24,654
    Ad-aware is typically inferior to Spybot in all of my tests that I have done, though (it fails to detect a lot of things).
    Quote Originally Posted by Adak View Post
    io.h certainly IS included in some modern compilers. It is no longer part of the standard for C, but it is nevertheless, included in the very latest Pelles C versions.
    Quote Originally Posted by Salem View Post
    You mean it's included as a crutch to help ancient programmers limp along without them having to relearn too much.

    Outside of your DOS world, your header file is meaningless.

  14. #14
    Registered User
    Join Date
    Aug 2003
    Posts
    1,218
    I have always found that there is no one malware remover that catches them all. I suggest you use both Ad-Aware and Spybot to search for it and others. In my experience they both find a little different things and together they are good ways of having a clean system.

  15. #15
    Devil's Advocate SlyMaelstrom's Avatar
    Join Date
    May 2004
    Location
    Out of scope
    Posts
    4,079
    Quote Originally Posted by Elysia View Post
    Ad-aware is typically inferior to Spybot in all of my tests that I have done, though (it fails to detect a lot of things).
    Perhaps now, but for a while it was no contest. As implied, I haven't used either of the products in quite a while now. Spybot may have improved and/or Ad-Aware might have degraded.

    Anyway, regardless... the threat in question is fairly old news and, as said above, any Anti-Virus or Anit-Spyware application worth its weight should be able to remove it completely.
    Last edited by SlyMaelstrom; 11-15-2008 at 04:01 PM.
    Sent from my iPadŽ

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Replies: 8
    Last Post: 05-07-2009, 11:31 AM
  2. Trying to Install XP over Vista with SATA HD
    By Shamino in forum Tech Board
    Replies: 2
    Last Post: 12-13-2008, 06:56 PM
  3. Need help with program
    By HAssan in forum C Programming
    Replies: 8
    Last Post: 06-10-2007, 08:05 PM
  4. Question..
    By pode in forum Windows Programming
    Replies: 12
    Last Post: 12-19-2004, 07:05 PM
  5. Windows XP regression over time
    By DavidP in forum A Brief History of Cprogramming.com
    Replies: 15
    Last Post: 12-17-2002, 10:49 AM