August 16, 2008 · 12:50 pm

Antivirus 2009 – Five Removal Solutions

These days it seems, my email inboxes are overflowing with email scams, and no doubt you are seeing the same thing happening in your email inbox.

Email scams work because the cyber-crooks responsible for these scams are experts at using social engineering as the hook. They rely on the fact that we are a curious species on the one hand, and that we are easily frightened by the unknown, on the other hand.

Currently, rogue security developers (cyber-crooks), are combining both of these powerful persuaders, to convince unaware Internet users to download a harmful fake anti-virus/anti-spyware program, Antivirus 2009, which in reality causes the problem that it supposedly solves.

The very familiar bogus celebrity scandal email link is the teaser, which when activated launches a “your computer is infected with a virus” message screen. Clicking on the accompanying ad for a free anti-malware removal program, will download a Trojan horse which will install Antivirus 2009; rogue security software that launches fake malware detection warnings.

Rogue security applications, and there seems to be an epidemic of them on the Internet, including Antivirus 2009, have been developed to mislead uninformed computer users’ into downloading and paying for the “full” version of this bogus software, based on the false malware positives generated by the application.

The majority of typical Internet users, I speak with, are not aware that such a class of software even exists. But it does; and regrettably, it is becoming more widespread. An email scam is not the only method in which this parasitic software can be installed on a users system.

Just like its predecessor, Antivirus 2008, this particular rogue security software’s installer (ZLOB/MediaAccess Codec) can be found on adult websites, or it can be installed manually from rogue security software websites like antivirus-scanner.com, or antivirus2009.com.

If the full program fee is not paid, XP Antivirus 2009 continues to run as a background process incessantly reporting those fake or false malware detection warnings. To really try your patience, this rogue security software cannot be uninstalled using the Windows Add/Remove Programs tool. Unfortunately, even if an unaware user pays for this rogue security, the program will continue to run.

Here are some typical comments from a few of this Blog’s readers which will give you an indication of how destructive this rogue software is:

“My home computer is infected with the xp antivirus 2009 rogue software. It has grown like a cancer and has attacked my .dll files and I no longer can use my Internet Explorer to log on to the internet. I was told by a customer support person at Dell computer that eventually it will destroy all my files and I’ll have nothing but a blue screen. I’ve tried several removal tools that require you to buy their full program and since I can’t get on the internet I’m dead in the water. Is their any free program that actually works? I’ve tried PC Tools, Avira, Spy Hunter, a Squared & others. HELP!!!”

“I also purchased this software out of fear and they are continuing to bill my account for charges I did not authorize. I have called the billing company and emailed them without success. I just got off the phone with a foreign country who told me he couldn’t help me even though they say they can help 24-7. I contacted my bank 2 days ago and found out I had to wait till they received the order and I was charged (at that time the charges were pending). The charges were removed yesterday and back on today with additional charges. Anybody got any ideas how to stop this. I emailed the FTC and plan to call them tomorrow”.

“What an awesome page this is, thank you. Unbelievable what this thing did to my laptop. No access to task manager, no access to “my computer”. Pop-ups everywhere. Tried spybot, fixwareout, HijackThis to no avail. Might as well not have had Black Ice and Norton. Somehow I maintained the presence of mind to realize I was getting seriously bent over. I swear to God “breaking on the wheel” is a good punishment for these psychopaths. Luckily I keep most of the important stuff, including a script I’m writing, externally, so I re-formatted (2X). I know, NOT a good solution for people with all their stuff on the C drive. I’ll try the freeware, but basically I’m going to keep myself prepared as much as possible to have to scrub the hard drive at a moments notice. Bastards”.

Solutions:

Rogue Fix at Internet Inspiration

SmitFraudFix available for download at Geekstogo is a free tool that is continuously updated to assist victims of rogue security applications.

Bleeping Computer is a web site where help is available for many computer related problems, including the removal of rogue software.

Malwarebytes, a reliable anti-malware company has created a free application to help keep you safe and secure. RogueRemover will safely remove a number of rogue security applications.

If you are an advanced computer user, checkout “XP Antivirus 2008/2009 – Advanced User Removal Solution” on this Blog.

What you can do to reduce the chances of infecting your system with rogue security software.

  • An absolute necessity is to make sure that any security application you are considering installing is recognized as legitimate by industry experts. An excellent web site that will keep you in the loop, and advise you what products work and have a deserved reputation for quality performance is Spyware Warrior.
  • Be careful in downloading freeware or shareware programs. Spyware is occasionally concealed in these programs. Download this type of program only through reputable web sites such as Download.com, or sites that you know to be safe.
  • Consider carefully the inherent risks attached to peer-to-peer (P2P), or file sharing applications where exposure to rogue security applications is widespread.
  • Install an Internet Browser add-on that provides protection against questionable or unsafe websites. My personal favorite is Web of Trust, an Internet Explorer/FireFox add-on that offers substantial protection against questionable or unsafe websites.
  • Do not click on unsolicited invitations to download software of any kind.
  • Be kind to your friends, relatives, and associates and let them know that all of the above dangers are now epidemic on the Internet. In that way, it raises the level of protection for all of us

19 Comments

Filed under Anti-Malware Tools, Email, Firefox Add-ons, Freeware, Geek Software and Tools, Interconnectivity, Internet Explorer Add-ons, Internet Safety, internet scams, Malware Advisories, Online Safety, Rogue Software, Safe Surfing, Spyware - Adware Protection, System Security, trojans, Viruses, Windows Tips and Tools

Tagged as , , , , , , , , , , , , , , ,

19 responses to “Antivirus 2009 – Five Removal Solutions

  1. techpaul
    August 16, 2008 at 1:26 pm

    My spam filter stops most of the e-mailed attempts by the cyber-criminals, and if it doesn’t, it’s my policy to NEVER click on links in e-mails. I don’t visit “blue” websites and hacker forums.. I only surf to “well-known” websites.

    So.. I’m safe from this, right?

    Wrong, cyber-criminals are “infecting” legitimate websites with this stuff too. You can have a window pop open, “Warning! Malware has been detected on your computer!” just about any time (because the Internet is broken, folks) and anywhere.
    These warnings are never legit.

    “Broken on the wheel”? I’ve got a more effective solution…

  2. Pingback: » Antivirus 2009 - Five Removal Solutions nortonremovaltool.net:

  3. Rob Dieks
    August 19, 2008 at 3:45 pm

    You can try online scan by http://www.eset.com,and you can install a trial version or you can buy Eset smart security,I have installed smart security from Eset,and it works fine.

  4. Pingback: celebrity

  5. Pingback: trojan

  6. LukeAir08
    August 26, 2008 at 10:58 am

    Yes, ended up with this junk on my laptop. Followed Bill’s shortcut to Malwarebytes site. downloaded their free software and within minutes they had detected 7 infected files and then removed them! Brilliant. Makes you wonder whats the point of having Norton etc. I had previously scanned my laptop and even with the Virus 2008 trojan flashing up its warning Norton told me I was fine??

  7. Jack Holtman
    September 19, 2008 at 10:08 pm

    THANK YOU! My computer was attacked by Antivirus 2008 and recently by Virus Response Lab 2009. I was at a loss as to what to do until I found your site. I followed your instructions and used Malwarebytes to remove both of them. I am very grateful of you and your work to help people with these kinds of problems. Please take care…Jack

  8. MalwareOUCH
    November 10, 2008 at 1:35 am

    Wow….. I just clicked a link, it said something, and I pressed accept…. and all this happened. Spybot Search&Destroy is currently detecting malware, and I’m using malwarebytes at the moment as well. Wish me luck!

  9. Pingback: Virus Trigger (VirusTrigger) - Removal Instructions « Bill Mullins’ Weblog - Tech Thoughts

  10. frank back
    November 30, 2008 at 4:25 pm

    having triuble fighting off 2009 anti virus. please help

  11. frank back
    November 30, 2008 at 6:57 pm

    how cani delite this anti virus

    • billmullins
      November 30, 2008 at 7:16 pm

      If you have tried the suggested solutions and you still cannot remove,
      you’re alternatives include a HD reformat and reinstall or contacting a
      professional like TechPaul , at Aplus Computer Aid, to
      assist.

      Bill

  12. Pam
    December 14, 2008 at 10:39 pm

    I used the Malwarebytes but now I can not connect to the internet. I have two computers that are infected.

  13. Paymon Behmand
    December 22, 2008 at 8:25 pm

    Thank you bill, you save my PC with the knowledge you put out for others to see. Thanks a lot.

  14. www.JoeLevi.com
    February 13, 2009 at 1:25 pm

    My mother-in-law just emailed me with a “scare-tactic” email saying you should immediately press Alt-F4 (to close the browser window), shut down your computer, unplug it from the internet, put on your tin-foil hat, and hide in the closet for two days before you reboot again…

    Okay, so it wasn’t THAT bad, but it preys on people who just don’t know better… (the email AND the infection mechanism).

    Here’s the advice I gave her:

    The only time you’ll see these ads is if you’re surfing web sites that are “higher risk,” sites that advocate illegal or immoral activity. Only webmaster that have loose morals (and are more interested in money than their viewer’s safety) team up with advertisers who accept ads from programs such as this one.

    The best defense:

    1) Make sure your computer’s operating system is up-to-date (Windows Update if you’re running Windows)

    2) Make sure you have a good antivirus program and that it’s up-to-date (OneCare, Norton, McAfee)

    3) Don’t go places that you shouldn’t

    4) Don’t install any software without reading and UNDERSTANDING the EULA (if you don’t read it or don’t understand it, don’t install it)

    Follow those simple rules and you’ll be just fine.

    – Joe Levi

  15. Pingback: Antivirus 2009 nasty malware attack on a Windows laptop « Reformed Musings

  16. Ian Wingrove
    May 19, 2009 at 6:02 am

    privacy centre malware has shut down my computer just left with a black screen any sugestions cannot do anything

    • Bill Mullins
      May 19, 2009 at 10:51 am

      Ian,

      It seems to me you have 3 choices at this point.

      1) Take your machine to a certified repair tech.

      2) Reformat your HD and reinstall your OS.

      3) Use another computer and download the appropriate tools from the Internet.

      Frankly, I would reformat and reinstall. I assume you have a good backup plan in place. If not, a certified tech should be able to recover your data.

      Not great news but…….

      Bill

  17. Pingback: You Have a Security Problem « ThreatFire Research Blog