-
Antivirus XP 2008 / 2009
There is a lot of it about at the moment and if you look on YouTube you will see various explanations of how to remove it, unfortunately they are mainly stupid and may leave you worse off than you started as they only address a small part of the problem.
I know those people are trying to help folks but they are obviously not qualified to do so. The malware programs in question Antivirus XP 2008 /2009 will download other stuff to your computer and they do not always do the same thing so deleting a couple of files and a folder or two isn't going to help you - for long.
It seems that both Malwarebytes AntiMalware (free version) and SuperAntiSpyware (free version) both now have removal scripts that work so if you are willing to install a program temporarily to remove the problem these two will address both the fake antivirus and any downloaded crapware that it has further infected your computer with. They should also fix the Policies that the infection adds (can't change desktop/open regedit/open task manager).
There is also a useful script for these types of infections maintained by a guy at internetinspiration http://www.internetinspiration.co.uk/roguefix.htm which will help you if you have an alternate antispyware that hasn't yet added defs for the Antivirus XP 200x.
-
right on Bro.....:goodpost:
-
I've always battled with this malware... very persistent bug! Thanks for the scripts, better than continually formatting!
-
Yes, good post.
I can back up what curio says.
I use MBAM & SAS to clear this infection out of many people's systems.
Both are great free programs and welll worth installing. Even if you are not infected now. I use them both on all our PCs here (all on XP).
You should install both, update them regularly and scan your systems with them from time to time. It will help keep infections at bay.
Good luck.
-
Just as I wrote my post, I got a call from my cousin who just got infected with the latest Vundo.Trojan and continual pop-ups, DDoS and crawling CPU!
I'm keen to try the above free apps, which would be most suitable?
-
Your cousin can try both MBAM & SAS but they may not fix it.
If they don't work then follow these instructions ......
http://www.bleepingcomputer.com/malw...ndo-virtumonde
Let us know whether or not something here worked and, if so, which one.
Again, good luck.
-
I just had to deal with this bug. The only one that saw it and was able to get rid of it was the malwarebytes. Cheers to freeware.
-
Thanks, I'll give Malwarebytes a go, i've dedicated a few hours on Saturday to try and fix it, else... Format Time :-)
-
Quote:
Originally Posted by
cash_site
else... Format Time :-)
Have faith. You shouldn't need to reformat.
Like we all say .... MBAM first, next SAS then, if not fixed, the big guns .... the Bleeping Computer tutorial. If nothing else works the BC fix will do it.
Let us know how you get on.
Good luck.
-
I've used SAS & MBAM since their beginnings, both do a great job :)
-
**this is important**
DISCONNECT THE PC FROM THE INTERNET
The malwares in question usually re-download themselves from the interweb if any part of them successfully start - so it looks fine one minute then all of a sudden it is re-infected. As they also install layers of startups you need to run several tools to be happy before you reconnect.
The roguefix script is a very good starting place as it is comparatively quick to run and will drastically cut down the poot from your PC enabling the other tools to run faster so we get to the end result (cleaned PC) faster.
:)
-
Thanks for the Info. Turned out Malwarebytes is a fantastic app to remove Vundo trojans. Very quick scanning, and quick removal scripts. Just stuck with Free Version, and will do manual scans at different times.
Definitely recommended, however, I think prevention is the best method. Keep Windows and Java always updated!!
-
Congratulations & well done. We assume that your cousin's PC is now disinfected. :D
Yes, prevention is better than cure but, like I said in post #4, keep MBAM updated and always readily to hand.
Scan all systems with it on a regular basis to help keep away malware. Even if you think you are clean.
MM
-
Yep Musicman, disinfected (as of when I left it!)... however there is still still a problem with TaskManager not running (not sure if it's a corrupted DLL due to the virus)... google doesn't answer many questions.
But I will be installing MBAM on my other PCs as a handy tool in the IT-Pack :-)
-
OK so what happens exactly? When he/she gives the 3-fingered salute, for example, does your cousin get the task manager or not? If not ... what happens?