*PSA* Antivirus 2009 is one nasty piece of malware, but I kilt it!

My son swears he didn't download anything, yeah right:eyes:, but somehow his PC picked up "Antivirus 2009". This program disguises itself as a "Windows Security Center", complete with Windows icons. At first it's just supremely annoying, but when you try to get rid of it, hoo boy the claws come out! I finally learned that Malwarebytes spyware/malware program was the way to go, and when I tried to download it, AV2009 went nuts! It started it's rampage by blocking me from downloading, even to the point of going to it's own "blue screen of death". Then, after I did get the program installed and started the system scan, it maximized the screen resolution and minimized MWB so that when I tried to restore MWB, it would just jump off the viewing area! I was eventually able to get Taskmanager up and locate AV2009 and stop the process, which enabled me to successfully run MWB and purge that nasty piece of crap.

I feel like I just went 10 rounds with Mike Tyson, complete with a bit off ear.
Here's to the good people at Malwarebytes for an excellent product.:toast:

I can't repeat in polite society what I think the assholes who wrote AV2009 should do.:grr:

Think I'll go have a drink now, and look through the Apple catalog. :crazy:

but congratulations :toast:

But if you push enough buttons you can fix anything on these here computin' machines!:silly:

Either that, or get a bigger hammer!

funny, it works to get out of speeding tickets, but I think the computer prefers blonds to redheads :P

you saw the word kilt...and had a flashback.... :rofl:

flashup?:rofl:

yeah yr right bro.. :rofl:

that's not how you spell Org... :P

Thats my girl... ILY :evilgrin:

He said:

blah, blah, blah, computer, hard drive, SOS, XO, OS, PMS, blah, blah, blah, mouse, monitor, something, turkey, Olive Garden, don't tutch the but, blah, blah, blah, computer, virus, virus, virus, kill, kill, kill.

Got it?

so the same things he usually says then? Thanks Midlo! :P

I got a two-fer for my DTM list!:rofl:

Having fought similar battles myself, I raise my glass to you!

I'm actually inclined to believe your son.

http://en.wikipedia.org/wiki/Rogue_software
http://en.wikipedia.org/wiki/Antivirus_2009

I've dealt with it a few times, and Malware Bytes is a kickass tool.

What was amazing though is how hard it fought to keep from getting terminated. Kinda spooky really.

No idea how I even got it, but it was at least an 8 hour job of working to get rid of that fucker. They can really dig in sometimes.

...it took me a good day to get rid of it...:mad:

It was a real pain in the ass though. Those virus and malware creators should be castrated.

but you should let it rust a little first...

Well played. That will do nicely.

My colleague at work has just deposited me with two computers that need "cleaning".

One so far in that you can't get to the desktop on XP, you just have your list of users, you click on it and it signs you right back out again.

The other has the infamous Blue Screen of Death.

The first one definitely has a virus on it (he didn't give me the power pack for it - a laptop - and my Antimalware disk cut off half way through scanning when the battery gave out). That's a bit of work but looks like it'll be OK. The second with the BSOD... probably a hardware failure first but then we'll see.

Again well done on kicking the malware! Definitely look at the Apple catalogue, and if you're broke, got spare time on your hands or just otherwise curious check out ubuntu.com and give it a whirl. It does take some getting used to, and if you got some must-have apps that's normally only available on a PC, well it's hard work but possible. (I got Internet Explorer 6 on my Ubuntu setup). (Ubuntu == Linux, if you didn't know already).

Regards, Mark.

I have a PC that is doing exactly what your first patient is doing. My daughter was using it until she got a Powerbook for school. As we have two other PCs running, and she's welded to the Powerbook now, I haven't been too motivated to tackle it.

I am getting sick of windows, so I just may look into converting. Thanks again! :hi:

After watching my kids' experiences with Mac, I finally decided to give Windows the ol' heave ho!

... shame they got rid of the cool names for the Ubuntu releases and went only to numbers.

Breezy Badger anyone? Hardy Heron?

My boss gave me a copy and it wiped it out. I was very happy about it.

I had one of these a year or so ago that claim they are an Anti-virus program for you to buy. They from popular websites :evilgrin: you get if you forgot to do MS Windowsupdate.com and get the patches. I haven't gotten one since that's a "rootkit". Thanks for the cure link.

I think it came with one of several emails I got from unknown sources recently.
I killed it with Comodo.

mark

Total pain.

Take heart though. Most malware writers are in it for kicks and are thus fairly anonymous. Those assholes are trying to make money with that scam and thus have assets to be seized, and criminal defense lawyers in their future.

1. Turn OFF system restore-If you don't, it will put the crap back on the next boot. Windows acts like
a virus at that point.
2. Reboot into Safe Mode.
3. I keep all the security applications on a flash drive, plug it in and install from there instead of
trying to get online-some of that malware blocks access to any security site.
3 After installing and running scans on all the spyware and antivirus apps, making sure it's gone, then
reboot into normal mode
4. After getting back to the regular desktop, rescan with everything-if the scans come out clean, turn
System Restore back on and reboot one more time.
5. So far this method has worked about 99.9% of the time, though I had a couple of nasties where I had
to use DOS editing commands to get rid of all the traces.
6. I tell people to quit using Internet Exploder. Every infected computer I've seen that is what people
where using. I prefer SeaMonkey which is an integrated browser from Mozilla.

i just started using that myself. for some reason my family was unable to do many things on the internet using ie (watch video, get on many safe sites)

You may have to install the Flashplayer plugin and tweak some of the settings but I haven't found any site that I can't use SeaMonkey on.

I just recommended it to another DUer yesterday.
http://www.democraticunderground.com/discuss/duboard.php?az=show_mesg&forum=105&topic_id=8439774&mesg_id=8439783

:thumbsup:

and when it's done, I tell them that if it looks like it's a Windows message, but it's inside a browser window, it's not a Windows message. Close the window - QED.

I'm not fucking kidding. Break their fingers first. Then cut their hands off. Then shoot them in the fucking head.

In fact, Billyskank is one speed camera away from writing Anti-Virus2010

system restore, can sometimes roll back to before you were infected (thus removing the program). This is losing its effectiveness though, as malware writers are starting to disable this feature.

Windows safemode often makes it easier to defeat the nasties as this mode often prevents the programs from being installed.