Search : in
By :

Joke-bluescreen.c and Antivirus XP 2008

Last answer on Feb 12, 2009 5:31:15 pm GMT LeeAnn, on Aug 12, 2008 2:00:27 am BST 
 Report this message to moderators

Hello,
My mother in law has now been infected on two seperate computers with the Antivirus XP 2008 virus. One computer we've unplugged and basically scrapped - the other one I installed Avast on it as soon as I got it up and running so I don't know how anything got through but first today she got joke-bluescreen.c and then right after I had her click the green download button for Malwarebytes' Anti-Malware 1.24 from your site she got the message that viruses were detected with Antivirus XP 2008 and it (the Antivirus XP 2008) is telling her she's got zillions of infected files.... but the Malwarebytes Anti-Malware 1.2 has been scanning for over 15 minutes and so far hasn't detected ANY infected files. I'm ready to cry (she's so new to computers that I'm the one trying to help her but I'm so frustrated I could KILL whoever is making these stupid viruses- do they not have anything better to do that mess with people???) Sorry - you understand this frustration...

Could you please help me help her? Why isn't this program we downloaded from Kioske finding and getting rid of these viruses or whatever they are?

Thanks,
LeeAnn O'Neil

Configuration: Windows XP
Internet Explorer 7.0

Best answers for « joke bluescreen.c and Antivirus XP 2008 » in :
NTLDR - Boot.ini - NTDETECT Missing (no Windows cd) ShowNTLDR - Boot.ini - NTDETECT Missing (no Windows cd) If you have the installation CD of Windows, see this tip. If you do not have it, then follow the procedure below: You have a message warning you that one of these files is missing: NTLDR...
XP antivirus 2008 ShowXP antivirus 2008 Issue Removing XP antivirus 2008 Using Malwarebytes' Anti-Malware Using SmitfraudFix Issue Xp antivirus 2008 is not an anti-virus but a rogue: Security software using deceptive means to settle and perform other...
Dual Boot Windows XP/Vista ShowDual Boot Windows XP/Vista Installing XP then Vista Installing XP over Vista If you don’t have the Vista Installation DVD If you have Vista Installation DVD Most new computers come with Windows Vista installed. Some users still...
Download Dev-C++ Show
Download Ad-aware 2008 free ShowAd-Aware 2008 free is an anti-spyware, this utility serves to clean your system of "spyware" and "malware" Ad-Aware 2008 free is a very practical utility scanning your RAM, Registry, hard drives, and external storage devices for known data-mining,...
File sharing in Windows XP ShowAdvantages File sharing involves making the content of one or more directories available through the network. All Windows systems have standard devices making it easy to share the content of a directory. However, file sharing may lead to security...
Ask your question Reply

1

truste1, on Aug 12, 2008 11:15:34 am BST

Hi there,

have you tried another antivirus scan on your pc ? if not i would recommend you to use zonealarm its a trial version but will help you for the time being to get rid of those viruses? but im asking myself if its not registry problems also ?
you can download a res=gistry fix have it install and then repair the registry try the two solutions ive given you and if its not good then rewrite here.

thank you

   
Reply to truste1

15

bh, on Jan 13, 2009 1:18:27 am GMT

Get a Apple Mac, virtually virus free.
Unless you install Windows then there are
security vulnerabilities
and you would need to buy
a antivirus software.

Wouldn't hurt to have 2 of them (if you go the Mac route)
1) for mac
1) for PC

   
Reply to bh

2

jovax, on Aug 13, 2008 7:50:14 pm BST

Hi! leeann i am experiences that kind of issue just try to remove ur anti-virus and replace kaspersky but it takes time to scan coz your PC is infected trojan.downloader and make sure disconnect your internet after that re scan on malware-bytes anti-malware in definitely remove malicious code on the registry....


regards,
jovax

   
Reply to jovax

3

mlpace, on Aug 14, 2008 9:26:58 pm BST

I use Avast. I sent an email to support@avast.com asking them to tell me how to remove AntiVirus XP 2008. They replied and below is the gist of it. It was not hard to do. I recommend you contact them.

This is what I did as per instructions from Avast:
1. Turn off system restore: Start/Control Panel/System/System Restore and check "Turn off System Restore."
2. Schedule a boot time scan in Avast with the advanced option to move infected items to the chest:
start Avast, right-click in the main window, select Schedule Boot-time Scan, select advanced options and choose "Move to Chest."
3. Restart the computer when prompted. Avast will restart and do a boot-time scan.

After the scan has finished and moved any viruses to the chest, do the following:
4. Turn system restore back on.
5. Download and run the lastest version of AdAware (www.lavasoft.com).
6. Remove any threat it finds.
6. When prompted to create a restore point in AdAware do so.

This should fix your computer. This virus is everywhere. I have picked it up twice in the last week. The people at Avast saved me.</souligne></ital>

   
Reply to mlpace

4

tomalex1, on Aug 18, 2008 2:08:42 am BST

Hi LeeAnn,

In case you haven't found a workable a solution, here's another one. My son gave me a program called reanimator that can be downloaded from "http://www.greatis.com/security/download.htm" for free. It worked for me!
Best Wishes, Tom

   
Reply to tomalex1

5

CrimsonKissaki, on Aug 27, 2008 9:02:23 pm BST
  • +1

I'm the lead help desk tech for a nationwide advertising magazine, and we just had our entire Exchange Server network hit with the darn AVXP2k8 bug. Here is the fix we use to get it off the computer, and it only takes about 10 mins if you have a clue about what you're doing.

What the virus does:
- It places its core file in C:\Program Files\#randomname# - easy to spot. Usually something like rhcgsbj0elj0
- It removes access to the Desktop and Screen Saver tabs in the Desktop Properties window through registry changes.
- It places a .bmp and a .scr file in C:\Windows\system32 - easy to spot. Once you bring back the Desktop and Screensaver tabs you will see their names and can delete them if antivirus does not catch them first.



To fix quickly:

Use the registry fix I wrote to correct several changes that it makes.

- Brings back the Desktop and Screensaver tabs to desktop properties
- Fixes changes made to wallpaper and screensaver settings (allows the virus to re-propagate if not fixed asap)

Save the following text as a .reg file (you pick the name) and run it.
=--------------------=
Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion­\Policies\System]
"NoDispBackgroundPage"=dword:00000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"NoDispBackgroundPage"=dword:00000000
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"NoDispScrSavPage"=dword:00000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"NoDispScrSavPage"=dword:00000000
[HKEY_CURRENT_USER\Control Panel\Desktop]
"ConvertedWallpaper"="C:\\Windows\\Zapotec.bmp"
"OriginalWallpaper"="C:\\Windows\\Zapotec.bmp"
"SCRNSAVE.EXE"="C:\\WINDOWS\\system32\\sspipes.scr"
"Wallpaper"="C:\\Windows\\Zapotec.bmp"
=--------------------=

Now for some minor hunting ...

Navigate in regedit to HKEY_LOCAL_MACHINE\SOFTWARE\ and look for a random folder name, e.g. rhcgsbj0elj0, and delete the whole thing. The registry keys it holds all show links to the .bmp and .scr and other .exe nasties that the virus tossed out.

Navigate in regedit to --HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-- and look for several random items in there. They have nonsensical names and should be easy to spot. There are usually 3-4.
Examples: SMrhcgsbj0elj0, zjyacadj, lphclsbj0elj0

Once the registry is cleaned out removing the virus is made much easier.

Run Task Manager and find the random named .exe files that are running.

Open --C:\Program Files-- and look for the random folder name that holds the virus, e.g. --rhcgsbj0elj0--. There are 2 files you can delete from it immediately, a .dat and a --license-- file. Make note of the name of the .exe file in the folder so you know which application to end task on first. You will have to end task on the random .exe file in Task Manager, then QUICKLY switch over to the other window to delete the virus file before it can toss out another thread and you get those lovely --cannot delete file because it is already in use-- errors. Once the .exe part of the virus is gone, the folder the rest of it is in can be removed easily and you can end task on the remaining virus files. This usually keeps the virus off permanently.

Once this is done it is highly recommended that you update your anti-virus software and perform a full scan on the computer. If you don't have any try AVG Free from Grisoft. It's pretty good and we use it on folks who have personal computers used for business purposes.

   
Reply to CrimsonKissaki

9

Sansmayhem, on Sep 21, 2008 6:42:51 pm BST

Thank you so much for this post - I had used ad/spyware apps and my virus app to hunt down this nasty bit of work and been minimally successful in killing it. I just couldnt get rid of the blasted tweaks it did to the control panel etc. Your reg-edit fixes were perfect and while I was in there looking I found a few other darlings like WinIFixer that I had gotten rid of with the tools but kept coming back.

Thanks again - this was a great post and now I have a functional laptop again - woohoo.

Gigi

   
Reply to Sansmayhem

6

Dave, on Sep 7, 2008 1:34:27 pm BST

You may want to try setting up your anti-virus software to check the root kit of the PC. I've caught 16 virus' and spyware hidding out thanks to webroot anti-virus/spysweeper. Sure it coast 29 bucks a year for virus updates but usually on one or two traces of virus or adware will make it on to my PC...where it meets up with my friend mr quarantine. :).

   
Reply to Dave

7

K B, on Sep 17, 2008 9:15:21 pm BST

Use the latest version of maleware bytes... it got rid of 2008 and 2009 that infected my computer after that install and run spybot search and destroy and run that it should get any thing left over... make sure you update them both first.. run full scan with both start with malewarebytes then use spybot... hope this helps!!!

   
Reply to K B

8

mike, on Sep 18, 2008 2:45:22 am BST

http://www.freepchelp.co.uk/...


this link will clear up problem it worked for me scroll down and follow the instructions

   
Reply to mike

10

rohit, on Oct 8, 2008 3:51:36 pm BST

Thnx crimsonkissaki....ur comment was really imo for me

   
Reply to rohit

11

X_Spec, on Oct 20, 2008 5:17:12 pm BST

The fake blue screen log on is not a virus thus rendering your Anti-Virus inept
try using combofix to get rid of this problem and in future be wary of what you download
or even the sites you visit i recommend using kaspersky internet security 2009!

Visit combofix's home here>

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Its free.

X_Spec

   
Reply to X_Spec

12

Angela, on Oct 22, 2008 6:29:14 am BST

Installing more free 'antivirus' software is only going to aggravate your problem.

I'd suggest putting all of your files onto a USB (you said her computer was new, so probably not too much trouble)

Reinstall OS and drivers (It should get rid of all the viruses, even the ones lurking in the system files)

Install Norton or McAfee- stick to the well known.

Always update!!

Hope this helps!

   
Reply to Angela

17

 X_Spec, on Feb 12, 2009 5:31:15 pm GMT

ignore her obviously hasn't got a clue when recommending norton
stick to what i said and combofix isn't an anti-virus programme!
it just a virus remover!

   
Reply to X_Spec

13

Tim, on Oct 31, 2008 7:03:48 pm GMT

Hi,
I can help you. Antivirus 2008 is actually spyware. It is not a real antivirus program. Malwarebytes Antimalware should get rid of it and if id does not, then you may need some other tools I use antimalware and it gets rid of it. I have a business in computers. Let me know if that does not work.

   
Reply to Tim

14

kat, on Dec 7, 2008 12:37:13 pm GMT

I can't get my wallpaper to come up on my screen it's just blue,it lets me change the colors but won't let me have my wallpapers,can you tell me why?It's driving me nuts.Thank you,Kat

   
Reply to kat
Ask your question Reply
They need your help