PDA

View Full Version : XPAntivirus 2008



Big Dummy
2008-08-10, 06:01
FYI...

Bogus CNN Custom Alerts
- http://securitylabs.websense.com/content/Alerts/3154.aspx
08.08.2008 - " Websense... has discovered replica CNN Custom Email Alerts being sent out via spam emails. These emails contain links to a legitimate news page, but have been designed to encourage users to download a malicious application posing as a video codec. Over the last few days, the ThreatSeeker Network has seen huge volumes of spam wrapped up in CNN-themed templates - most recently email alerts listing the Daily Top 10 Stories and Videos, which also encouraged users to download a video codec (again a malicious file)... The malicious payload is only accessed when the user clicks on the ‘FULL STORY’ link - the first link behind the story title leads to a legitimate news page hosted on CNN. The news story is a recent article centered around the Beijing Olympics. The ‘FULL STORY’ link takes users to a Web page by the name of cnn****.html. This issues a pop-up encouraging users to download a ‘missing’ video codec, a file called adobe_flash.exe... Our Security Labs have also seen evidence of this campaign and recent others being distributed via blog spam to further increase the chance of success..."

(Screenshots available at the URL above.)

:fear::mad::fear:

OK. I fell for this and now have some weird virus called "XPAntivirus 2008" on my computer. I've tried running Vundo and Smitfraud along w/ McAfee & Malwarebytes' Anti-Malware which has only succeeded in partially removing the problem. Every time I try to run Ad-Aware my computer crashes. Also, I can't remove an entry "Adware & Spyware" from my programs list. Ugh.

EDIT: Oh wait. let me try searching for a thread on "XP Antivirus"...... DUH!

tashi
2008-08-10, 09:03
Hello Big Dummy,

Please follow the procedure in this link: "BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance) (http://forums.spybot.info/showthread.php?t=288)

Then start your own thread in the Malware Removal Forum (http://forums.spybot.info/forumdisplay.php?f=22) where a helper will advise you as soon as available.

Regards. :)