Jump to content

Antivirus 2008 removed - thank you!!


Recommended Posts

Thank you guys so much for having a program out there that could remove it!!!!!

A few observations from an amateur:

(1) You have to use the MalwareSuppot.com update mirror when you first get MalwareBytes, as the other mirror is blocked by the virus.

(2) McAfee gave the malware program permission to change my registry without asking my permission.

(3) Whenever getting a virus/trojan/malware, it seems to be very useful to do a file search on your system by time and note all the files that were written around when you think you got the infection. You can then google those file names to look for help. One problem here is some of the key ones (apart from A.exe) seemed to have randomized names.

(4) Try to note any other weird behavior/messages and google those. For instance, it helped when I noticed that Google (when doing the bogus searches) was visiting a site with google analytics mispelled. I found a lot of useful stuff when I googled the mispelled term.

It seems to me there has been a sharp uptick in people having this virus. Has anybody figured out or willing to fess where in the world they were exposed to this? I had jillions of firefox windows open at the time, so I am not sure.... I am pretty sure it was from a pop-up.

Link to post
Share on other sites

Hi xyz and welcome to Malwarebytes. There are 3 update sites. What one is blocked?

Thank you,

It was the default one that was blocked - malwareBytes.org. I did not try the third one after the MalwareSupport.com ibe worked.

Think there will be any way to track these guys down? I wish I had zipped up the infected files to give to somebody (law enforcement?). It was really a full-court press - disable your browser partly, put up fake blue screens of death as a screen saver, change your background to say you need to get the antivirus software, and block access to a lot of sites that could offer help. I had to actually download your program to another program and transfer it over with a key fob.

Link to post
Share on other sites

Got the antivirus remover 2008 virus from windows media player codec told me I didnt have the correct codec to play a legal dvd so I downloaded the one media player told me to and all hell broke lose in a matter of seconds. that awful thing blew right passed my virus scanner like nobodys business and I did scan the codec file before installing it and told me it was free from virus. This program was the only thing that would remove it the manual uninstall on the wiki fixed it for about 5 seconds. So thats my fess up lol.

Link to post
Share on other sites

Got the antivirus remover 2008 virus from windows media player codec told me I didnt have the correct codec to play a legal dvd so I downloaded the one media player told me to and all hell broke lose in a matter of seconds. that awful thing blew right passed my virus scanner like nobodys business and I did scan the codec file before installing it and told me it was free from virus. This program was the only thing that would remove it the manual uninstall on the wiki fixed it for about 5 seconds. So thats my fess up lol.

Thanks,

Now that you mention it, I might have been trying to play a video too, and trying to get a codec...hard to remember after all the excitement.

Link to post
Share on other sites

I've been analyzing supposed "codecs" which seem to create the a.exe I've seen mentioned here. It puts a little balloon window up telling me I need some antivirus, I have a security problem... (*grin* If I do this, firefox takes me to a website that insists I run the setupblah exe file...

Anyhow, it's spreading via codec downloads alot lately.

Link to post
Share on other sites

I've been analyzing supposed "codecs" which seem to create the a.exe I've seen mentioned here. It puts a little balloon window up telling me I need some antivirus, I have a security problem... (*grin* If I do this, firefox takes me to a website that insists I run the setupblah exe file...

Anyhow, it's spreading via codec downloads alot lately.

I guess you could put up some videos that asked for a nasty "codec"? So I guess you have to think twice before getting a random codec.

Anyhow, let me know if there is any way I can help. I zipped up the a.exe file if that is of use.

Thanks again for the awesome MalwareBytes software, I can't believe how fast it scans.

Link to post
Share on other sites

Using Firefox and the NoScript add-on can also help to reduce some malware downloads.

.

I do use firefox, but had not heard about the noScript add-on, I will check it out, thanks. Thank you also for your help in the other forum.

Link to post
Share on other sites

Wow! After 3 hrs of pulling my hair out i Thankfully found you guys,Antivirus?just smashed through my firewall,AVG anti-virus,My anti-adware,EVERYTHING!

It locked me out of my hotmail account,refused to let my find help via Google!-Luckily? i Had set up my older pc on broadband and WAS able to download and transfer THIS software! PHEW!!!!!!!!!!!

WHAT a Nightmare! Spybot etc?would ALL tell me it was there,but would`nt remove it,unless i registered! Right?so I KNOW my pc is infected,i`m hardly gonna type in my bank details,am i?

Where did i pick it up?By following a link on a PSP forum about getting psp gamesaves!!!!!!!!!!,next thing i know?utter chaos on my pc!!!!!!

Link to post
Share on other sites

I have been watching this malware for a long time now and am astounded at the number of ways it can get into your system . At the very least its these :

Multiple fake codecs (at least 3 families can end up with this as fallout)

Multiple browser exploits point to it

Multiple email spam campaigns (with very good social engineering)

Multiple cracks/keygen/serials/warez sites

Multiple file sharing services are seeded with installers

When I go malware hunting about 75% of the time I end up with this rogue as some part of the infection . All in all the guys behind this knew what they were doing and against the typical antimalware software the effects are obvious , they are not getting the job done . MBAM is unlike any antimalware software and its unique tech is designed to handle infections like this with ease . The whole idea behind MBAM and the research that drives its defs is based on detecting what antivirus software often fails to keep up with or lacks the tools to deal with .

I am glad to see MBAM helping so many people with this particular infection , its just to bad that so many people were affected . I am also a little annoyed that some of the major antivirus companies are claiming that the user has to deliberately get infected with this and that is why its not a high priority for them . The truth is that the bad guys have designed this malware to exploit the way traditional unpacking and decrypting is done and without tech improvements they have no way to 100% detect this .

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.