<VV> [FC] Warning: vry dangerous invasive files NO CORVAIR

[Tony Underwood]

At 08:23 PM 4/28/2010, Steven wrote:
>It goes by a number of names including, XP Security Tool 2010, XP Defender
>Pro, and Vista Security Tool 2010.  This link helped guide me to getting out
>of my son's PC
>http://www.bleepingcomputer.com/virus-removal/remove-antivirus-vista-2010




This thing is like a root kit.   It's insidious and malicious and 
it's not going quietly.  You have to work to get rid of this 
mess.    Its originator had serious talent...  If the guy who cooked 
up this thing had spent the time making a real antivirus ap, he would 
have been able to sell it for serious money instead of trying to rip 
people off for this bogus trap.


If you see this thing or one of its clones pop up in your browser, 
the simplest and best thing to do is NOT try to click it off or 
cancel it... just close the browser.   Some variants have a bogus 
"OK" or "CANCEL" window that pops up which will load this crap onto 
your computer no matter which button you click.   I've seen another 
that simply won't let you close the window unless you click OK.

Just shut down the entire browser and remember not to go back to that 
site again.   ...unless of course you wanna spend 4 hours learning 
your operating system, its root, its registry, and its system32 file 
in minute detail.

And even then you may end up having to use System Restore to turn 
back the clock to before you got invaded by this mess... IF you are 
able to shut it down sufficiently to access the application to do 
so.   This mess disables most antivirus pgms (so far it doesn't kill 
Avast though)  and Task Manager and a few other utilities as soon is 
it finds its way into your hard drive.


I've had to remove it from several friends' computers... it's not any 
fun at all, usually takes a couple hours, more if it's your first 
time doing it and that's if you're familiar with registry editing and 
chasing malignant/bogus files in your WINDOWS folder.




tony..