Not sure if you have seen it, but a few of our machines at my company have been hit with different variants of Antivirus XP, Antivirus 2008 or Antivirus 2009. It comes in many other forms and names. Basically what this little bit of nasty does is installs itself, then plagues the victim with pop ups asking for them to buy a full version of the software.
We use McAfee Virus scan with Anti spyware version 8.5 and guess what, it does NOTHING to stop this nuisance. I checked McAfee's site and they know about it, and all they say is to make sure our definitions are up to date (They are by the way).
I installed Spybot on the infected machines, and that cleaned up some of it but not all. I did however find a really cool tool that completely eradicates this nasty bastard. It is called Malwarebytes Anti-Malware!
After running McAfee, Spybot, Adaware, Clamwin and AVG, Malwarebytes still picked up 42 instances of Antivirus XP/2008/2009 and other little bits of nasty! After a reboot and a second scan, it picked up another 6 before everything was back to normal.
On one of the machines infected with Antivirus 2009, it locked down all internet connections except to the bogus sites it forwards you to to buy the full version. So I had to download Malwarebytes to a thumb drive, as well as the manual updater located here (Malwarebytes manual updater). That way I was able to install Malwarebytes on the infected machine, and update it with the manual update, and get rid of that.
I HAVE EXORCISED THE DEMON! THIS PC IS CLEAR!
Malwarebytes Anti-Malware is free to use. If you want on-access protection, automatic updates, and scheduled scans you need to buy their full version. Here is a list of some key features from Malwarebytes.org:
- Support for Windows 2000, XP, and Vista.
- Light speed quick scanning.
- Ability to perform full scans for all drives.
- Malwarebytes' Anti-Malware Protection Module. (requires registration)
- Database updates released daily.
- Quarantine to hold threats and restore them at your convenience.
- Ignore list for both the scanner and Protection Module.
- Settings to enhance your Malwarebytes' Anti-Malware performance.
- A small list of extra utilities to help remove malware manually.
- Multi-lingual support.
- Works together with other anti-malware utilities.
- Command line support for quick scanning.
- Context menu integration to scan files on demand.
Have you ran into this malware? What did you use to remove it? Hit me up in the comments.