Wednesday, January 21, 2009

Antivirus XP 2009

XP antivirus 2009 is a fake antivirus software that has infected quite a few of our clients. After it is installed, they try to convince you that you have a virus on your system and that if you pay them $50, they can remove it and keep your system protected. It is very easy to remove, and below we will describe how to go about removing it.

The program is only caught occasionally by antivirus scanners. The (bastard) authors change the name of the file, and it seems to slip right past most scanners.

Fortunately, it is very easy to remove using combofix if you have an uninfected computer: Follow the steps below or go to http://www.bleepingcomputer.com/combofix/how-to-use-combofix for additional information.

How to remove Antivirus XP 20009

  1. Find an uninfected computer. Open internet explorer
  2. Download Combofix (You can google combofix to find it)
  3. Copy the file to a USB flash drive or burn the file to CD
  4. Plug in the flash drive or CD in the infected computer
  5. Close all internet explorer windows and anything else you may have running
  6. Double click on Combofix
  7. Agree to the prompts in the combofix windows
  8. Wait 5-10 minutes for the scanner to finish. It may restart your PC

More information about how to avoid getting Antivirus XP 2009:
http://www.theregister.co.uk/2008/08/22/anatomy_of_a_hack/print.html
at 2 comments:
Subscribe to: Posts (Atom)