Antivirus2009 infection and re-infected again

  Fried~Chips 14:20 28 Aug 2008

Recently had machine infected with this infection which comes with fake malware & Spyware & viruses calling itself Antivirus2009 & previously calling itself antivirus XP, Vista, 2007 & 2008.

Ok, had WinXP Clean installed and installed with SP3 all new updates like IE7, Media player etc, running kaspersky internet security on AOL software version 9vr.

This infection even after having windows SP3 installed clean has become infected around a week after repair. Family member has not downloaded any software other than microsoft windows updates, Java & Adobe.

Could anyone sugest how this infection can get back into the system please. Router is a netgear but not wireless.


  hiwatt 14:34 28 Aug 2008

I'm not sure how you got re-infected.A clean install should have got rid of it though.Here's instructions on how to remove it though.After running malware bytes you could also run super antispyware click here (free edition)Run them in safe mode.Then run ccleaner to get rid od any leftovers in the registry.

  hiwatt 14:36 28 Aug 2008

Forgot to post the link to the removal instructions.
click here

  rdave13 15:28 28 Aug 2008

Some info here on how devious these trojan makers are. Scroll down to the AV2009 section; click here

  hiwatt 15:57 28 Aug 2008

Is there no way these animals can be traced via the address they want to get paid through?How would they get their money if some poor sod actually pays them?

  kalignorgna 16:19 28 Aug 2008

there is a chance that it was not full removed when u reinstalled windows i'm guessing u did a full format when u reinstalled however there is somthing u may not no when u format most the data stays on the hdd so if u had a program to resotre deleted work u can resore the intire hdd back to what it was before hand, the only way to wipe ur disk compltley is with a program like Darik's Boot and Nuke (DBAN) which is a high level formating tool that works the same way as goverment formating tools used for data protection the only draw back is theres a chance that your hdd will be damaged in the process of wipeing it

  Fried~Chips 23:17 28 Aug 2008

Nasty stuff I know, I am aware this infection malware shows itself in about 5 different formats.
It has damaged the display properties, removed the C: hdd from being visable & Programmes with Control panel & even run command all gone !.

Even though trying to remove would the damge left by it be returnable back so windows operates correctly again or FDisk & formatt way to proceed ?
I know also smartfix tool in safe mode works but never used it.

will look over the above options and read more before helping her out but she will have to wait if she wants me to do it for her.

  woodchip 23:25 28 Aug 2008

Did you load any backups after clean install?

  rdave13 23:29 28 Aug 2008

Download malwarebytes' antimalware; click here the free version. Update the program.

Download superantispyware, again the free version, and update.
click here

In my opinion I'd run Malwarebytes first then SAS in safe mode.
Once downloaded and updated restart the PC and tap F8 or on some PCs tap F5. You should boot to a window that will give you the option to boot to safe mode (without internet connection).
Run malwarebytes program first then SAS.

  rdave13 23:42 28 Aug 2008

Once you're free from the infections then it might be possible to run sfc /scannow. Its self not without problems.
click here . A long read but worth it.

Good luck.

  Fried~Chips 01:17 29 Aug 2008

I have found out thanks to PrevX this infection logs the http. Wonder can it also log your IP address for you internet connection and then come back later when it likes ?

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Fujitsu Lifebook P727 laptop review

11 best portfolio websites for designers and artists

Office for Mac buying guide: Price, Office 2017 rumours & new features

Comment désactiver les programmes qui s'exécutent au démarrage de Windows 10 ?