XPAntivirus 2009.. This will be anyone's nightmare.. I think this is the 2nd or 3rd time this year I got this virus. =.= I was searching a sound card driver update. Search search search. Arrived at Yahoo! answers. Got me to a link where there are 2 downloads available. One is the update I wanted and the other one is an extra program that sounds extra extra convincing called "Uniblue UpdateItAll" or something like that.
It's said so that it help you check your computer's system and see if you have the latest software installed. And so I installed it, and ran a checkup. Found 2 programs out of date. One of them is my PS2 mouse driver which I don't think I'm using and the other one outdated is my IDE bus driver. I only updated the mouse driver.
After that installation, saw at the main page that there is this bundle software that comes along with it which is damn convincing as well. The bundle software are the "SpeedYouPCup" and "registry somthing". All three programs by Uniblue. I even went and download the serial numbers for the program.
Who the hell knows, when I was installing the speedyourpcup trojan threats started popping up. It was installing a networkframe 3.5 and all the trojans popped out. Scared me to hell. Immediately ran a internet checkup for Uniblue trojan. Pukimak.... Those are damn viruses. =.= When you have started installation of the Uniblue softwares, you have no turning back but to continue installing the trojans and remove them later. I think if you stop the installation halfway, your system will be hanging halfway stuck without any way to remove the small bits of the virus.
This virus will then lead you to downlaod more spywares. The main addware is the XPAntivirus 2009. It's another convincing program that prompts computer-noobs to click and install. For those who don't know how these stuffs work, they'll panic and simply install any programs that first pops out. Users that install that XPAntivirus2009 are in deep shit. Thats all I can say. You have to immediately disconnect from the internet and run a full system scan with MalwareBytes's Antimalware. This scan will take about 30mins plus for a system with almost alot of files. But it's worth the wait. That program is not another malware. It's a software that is free to use. You can register for it as well if you want. Removes spywares, viruses, and addwares from your registry, system folders and any hidden folders. Great program.
What does the XPAntivirus2009 do to your system? For those who don't update their antivirus, firewall and anti spywares, your system will say bye bye instantly. Backdoor trojan will instantly destroy your system32 files. For those who update their anti-malwares, your system will be blocked. You are no longer the admin of your computer. Your system will lag, task manager disabled, Display properties disabled, start menu's program files disabled, screen scaver becomes a blue screen with error message and your desktop wallpaper will be a nice white background with an image of a window in the middle saying that your system is infect with serious trojans and all your anti-virus will be disabled. Last of all, there will be a message popping up from time to time telling the obvious, which is, your computer is infected with many spywares.
Thats about it that the trojan can do to you. =)
And what will happen if you are still connected to the internet? Simple la. Your computer wil be filled with more and more trojans, worms, viruses, spywares, and addwares. And erm.. most of your desktop shortcuts will be deleted as well when the XPAntivirus2009 is running.
The main file that is making all this a nightmare is a file in the system32 folder named brastk.exe. This is the file that is responsible for the pop up on the task bar. Other harmful files include blphcn1sj0er5n.scr and blphcn1sj0er5n.exe These are the files that are responsible for changing the background. It can easily be deleted directly from your system32 folder.
There is one .dll file which I'm not sure if it's involved in the virus. Can't seem to google anything out about this file as well.
Now my computer is almost all recovered up. Nothing seems to be wrong now. I'm still blocking Internet Explorer's access to internet. =\ There are still poping up of messages asking me to allow internet access when I'm not connected to the internet and no program is runnig. =( So now, I can't sign in to MSN. T_T
Hope all goes well la. I dun wan anymore backfire of the virus. x_X removing the files are just simply time waisting la.. Each scan 30mins. After first scan, have to restart comp, run 2nd scan to let the antivirus delete some infected files again. One system clean up takes about 90mins la. x_x
My word of advice, DON'T INSTALL PROGRAMS THAT YOU HAVE NEVER HEARD OF, SUSPECIOUS SOFTWARES, RECOMMENDED BY POP UP OR ANY PROGRAMS THAT IS BEING ADVERTISED AND GIVING TOO MUCH ADVANTAGE OF. Even if these program needs to be registered, they still have the risk of infecting your system.
Uniblue is signed to Microsoft and they are paying Microsoft to let them publish this program. And yet, they are releasing trojans to users. Fucktards. =.= And don't ever ever install any program by Uniblue and another program that you should not touch is RunReg i think. It leads to the AntiVirus malware as well.
0 Thoughts:
Post a Comment