posted
Soooo... I just ran an update on AVG (Grisoft's free antivirus software), which insisted on a reboot to complete the installation of the new version. On reload, I received what appeared to be Windows Genuine Advantage demanding I validate my copy of XP (which, of course, was done months earlier...) I attempted to do so, and it claimed to be unable to contact MS and logged me off.
Frustrated and confused, I powered down the system and then powered it back on. Now, it loads just fine... But a quick poke around on Google suggests that there are viruses masquerading as MS's validation checker, which has me nervous.
Does anyone happen to know anything about such viruses, or more specifically, AVG's vulnerabilities to the same? The fact that this popped up *after* updating AVG has me somewhat skeptical about its ability to treat the problem, if that is indeed what the problem is. And my proddings into Grisoft's forum haven't yet proved terribly helpful.
Posts: 3826 | Registered: May 2005
| IP: Logged |
posted
I did a little research and found a virus cauled Cuebot-K that spreads through AOL Instant Messenger. It isn't really a new virus, either. The earliest dates I saw put it's zero-day somewhere in the middle of 2006. Basically, if you have a process running on your computer that is called "wgavn" (or wgavn.exe, or what have you) you are infected with it. If you *do* have that in your processes list (open the task manager by hitting ctrl-alt-del) or if you have "Windows Genuine Advantage Validation Notification" listed in your services list (right click "My Computer", click manage, click "Services and Applications" and then click "Services"), first run a full virus scan. If it doesn't find the virus, then you can try downloading a free-trial of another antivirus suite to test (I like Kaspersky Antivirus ). If that still doesn't work, let me know and I'll give you some instructions from there. It's an old virus, so I don't see why it wouldn't be detected and removed by just about any anti-virus suite.
If you don't have the wgavn thing listed, you're likely experiencing one of the many bugs associated with Windows Genuine Advantage (I must admit, though, that your experience seems sketchy to me, since I've never seen WGA pop up with anything unless it decides you're not running a genuine version of Windows. And even then it'll be really annoying if it does decide you're not genuine, since it requires a 5 second wait for you to log in and has a giant message in the lower right corner that calls you a dirty rotten pirate.)
I should mention that the free version of AVG has been crippled much more in its latest versions that it was when it first came out. It's free, so don't expect it to be completely perfect (I've actually started moving more towards Kaspersky myself, even though it's much more spendy). AVG Free offers no active virus protection whatsoever. Meaning that your computer will get viruses and AVG won't do much to stop it. It will, however, do an excellent job at detecting and removing any viruses you have, but you'll have to initiate a scan either by telling the software to scan your computer, or by making sure the computer is on at the scheduled scan time (Default is 8AM).
Anyway, let me know what you come up with.
Posts: 3003 | Registered: Oct 2004
| IP: Logged |
posted
No wgvan (not surprising, as I've never used AOL.) AVG, Spybot Search & Destroy and Ad Aware all come up with nothing. I'm beginning to think this is a Genuine Windows Advantage Bug (tm). Which doesn't exactly make me click my heels with glee, but at least it hasn't crippled my computer (yet.)
It's perplexing that this occurred after updating AVG. But it may just be one more of those things that goes wrong in a slowly aging laptop that's gotten far more use in the last six months than it did in the previous year.
If MS wants to get annoyed with me, I do have my little sticker saying that my Windows is the real thing. I am, however, again somewhat perplexed that the computer wouldn't be able to contact Microsoft. Calling them from New Zealand might prove complicated. Hopefully it won't come up again (knock wood.)
Thanks for the warning about recent versions of AVG and the Kaspersky suggestion. Here's hoping the laptop doesn't start shooting sparks. Posts: 3826 | Registered: May 2005
| IP: Logged |
Printer-friendly view of this topic
![[Smile]](smile.gif)
