Virus blocked: XP Antivirus 2008 is evil
Written by Ingo in Computer , tags: analytic-checks.google.com , Virus , XP Antivirus 2008Recently one of my PCs has caught a nasty virus: the middle of the surf beat Antivir alert that a file in the 'Temporary Internet Files (files that end up in the cache while browsing the PC) has the signature of a virusses. Well, thought nothing of it (well done, Antivir) refuse access and can continue to surf finish, surf, and lo and behold ...
... My desktop had been destroyed! Instead of my desktop picture I had a white background and in the middle of a reference (which was part of a bitmap, which had a surface made encouraging wide) that my computer is infected and that I should "XP Antivirus 2008 Install. And you start from nothing a setup dialog of the Anti Virus 2008, which only had a single button: "Install now" (not even the top right corner x to close the window).
Ok, am not so stupid down the famous three buttons in the Task Manager shot that thing. So, now to my desktop: Right click on the surface for the display properties, and ... what is it? ... Because it was smooth the whole page 'Desktop' and 'screen saver' disappeared from the dialogue. Hmmm, that's crap!
So google the first time what is the point: Google was slow and also some of the striking results from this site looked strange, and then I was looking for but do not! In the bottom left corner of the browser was Googling for "wait for analytic-checks.google.com" that stood there but not otherwise ..
So what do you do, clear, release the complete battery of anti-Destroy-thingy software, which is found somewhere on my computer. Let's start with Spybot-Search & Destroy. Since I have not been used, first an update of the malware database seemed reasonable to yet - it could not, no connection to the server? The stupid virus blocked all calls to pages with anti-malware programs. Gradually it gets real bad ...
What ultimately helped: Some items I removed by hand, sought to initially file with most recent file date and some of them and can identify and delete. Others could not be deleted because they were being used. Then as far as suspicious processes in Task Manager stopped until they cancel could connect the calls to these processes deleted in the registry.
Spybot-Search & Destroy managed then (after I had loaded a new setup with another computer), get my desktop back in order to eliminate not the Google hijacking. This became possible with malware bytes anti-virus. Could happen all apparently, I was probably in error when Rumkonfigurieren on my router for a certain period of time without a firewall. Well, now everything is back to palletized.
Maybe this will help you review, if you even get caught. Detailed removal instructions found on the net enough, but I managed with any of them to eliminate everything, only the combination described here helped.
