[ale] XP Malware - XP Security Center

Van Loggins vanloggins at gmail.com
Thu Jul 3 08:58:57 EDT 2008 

Daniel you might want to try PC Tools Alternate Operating system Scanner

http://www.pctools.com/aoss/


Then after this has removed anything it finds try scanning it with the free
version of superantispyware

http://www.superantispyware.com/


also a tool you can try that will let you see what's being loaded on startup
which might help you track down what keeps reinstalling it is hijackthis

http://www.download.com/Trend-Micro-HijackThis/3000-8022_4-10227353.html


Hopefully this will help you out. I had a particularly nasty trojan that
kept reinfecting one of my windows workstations at work and using a
combination of these tools and using some of the antivirus and spyware
removal tools found on the ultimate bootdisk for windows CD to remove it for
good.

The ultimate bood cd for windows can be made using tools from this website.

http://www.ubcd4win.com/

hopefully these will help you get that nasty bit of code off of your system.

good luck, let us know if you're successful with cleaning it off.

Van





> Message: 7
> Date: Thu, 03 Jul 2008 00:35:51 -0400
> From: Daniel Howard <dhhoward at comcast.net>
> Subject: [ale] XP Malware - XP Security Center
> To: Atlanta Linux Enthusiasts <ale at ale.org>,    "James P. Kinney III"
>       <jkinney at localnetsolutions.com>
> Message-ID: <486C5727.2040708 at comcast.net>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>
> Short question: do you have a win XP malware removal tool you recommend?
>
> Long version:
>
> I've googled myself to death on this one.  I've tried everything so far
> except purchasing a new Windows antimalware program (currently use
> ClamAV and Spybot SD).  I've somehow picked up a malware program that
> puts a red circle with a white X in it in the task tray that keeps
> trying to get me to buy some rogue antispyware program called XP
> Security Center.  I researched it, sure enough it's malware (rogue
> antispyware), found the names of the files used (winivstr.exe and
> braviax.exe) and couldn't delete them due to being in use, so I booted
> my XP install disk in recovery mode, and deleted the files from all
> locations found from searching (in the WINDOWS and SYSTEM32
> directories), and dang if they still don't get replaced on reboot.
>
> So, I probably need to purchase a better tool for removal, but there's
> so much crap out there that poses as malware removal that is likely yet
> another malware package.  Is there a good malware removal package that
> would work on beasties like this one?
>
> Thanks, Daniel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.ale.org/pipermail/ale/attachments/20080703/9cee28da/attachment.html

More information about the Ale mailing list