I got hit with some sort of adware / spyware/ malware that keeps popping up a task bar icon telling me i have security problem and then it keeps trying to download XPAnti-virus or some other type of spyware blocker. I have MacAfee, Windows Defender, Ad-Aware, and Spybot S&D all loaded in my machine, yet I can’t seem to get rid of this problem. It keeps popping up every 5 to 10 seconds, making doing ANYTHING almost impossible. I have even tried to do a system restore, and I can’t do that either. Any suggestions?
I’m actually starting to hear this a lot more frequently in recent days.
As always, it’s the never-ending race between the malware creators and the anti-malware tool creators.
If I found myself in your shoes, there are a few things I would look into.
The single, first and most important thing I would make sure of is that the anti-spyware and ant-virus software you are running is up-to-date. By that I don’t necessarily mean that the program versions are the latest and greatest, though that’s also a good thing. I mean instead that the databases of information they use to identify malware are as up-to-date as possible.
Most anti-malware programs have the ability to update their databases of information automatically, and you should make sure that’s enabled. Updating daily is recommended, and that’s no joke: new malware is being created every day. If the databases are out of date then the anti-malware tools you have won’t be able to detect and deal with the latest threats.
(I’ll also mention that running at least three, if not more, anti-spyware programs simultaneously concerns me. If the real time components for all are enabled, it’s possible that they could conflict with each other in odd ways.)
System restore was a good idea, even though I’m not a huge fan of it. It doesn’t restore everything most people think it does. It’s worth a try, though it’s important to realize that chances are even if it does make the problem go away, the infected files that lead to the problem in the first place are likely still around.
My next step would be to look for information specific to the product or threat that you’re experiencing. Google is your friend, and searching for specific terms, names and messages that you might be experiencing can often lead you to resources and solutions.
As it turns out “XP Antivirus”, “Antivirus XP 2008”, “Antivirus XP 2009” are apparently relatively new, very annoying, and very difficult to remove. Anti-malware vendors are struggling to keep up, but this is clearly a case where keeping your anti-malware software up-to-date as mentioned above is a critical first step.
There are also various sites that list step-by-step manual removal procedures, or have tools specifically for this threat. My earlier article How can an infection like Antivirus XP 2008 happen? has links to some of the more reputable sources.
Finally, with increasing levels of severity, I would try:
- The System File Checker – in case the malware affected system files that can be repaired or replaced.
- A Repair Install of Windows – which would, essentially, replace all of Windows system files and Windows registry entries.
- A reformat and reinstall of Windows from scratch.
Yep, that last one’s pretty painful. Unfortunately, in the very strictest sense, it’s the only solution that is guaranteed to rid you of any and all pests. In fact, there’s a philosophy that that says once you’ve been infected by anything it’s not your machine any more – no matter what you do you have no idea what the infection left behind. You don’t know that the anti-malware tools you may have run have cleaned it off, because malware’s very purpose is to avoid detection. Once infected the only way to be 100% sure that you’re clean is to erase everything and start from scratch.
As you might imagine, that’s not a particularly practical solution in many cases, and most people are satisfied to live with the risk of simply letting anti-malware tools do their job and assume that they are successful.
But it’s also perhaps the biggest argument for prevention being much more important than most people realize.
Go through all the steps on this list:
http://forums.majorgeeks.com/showthread.php?t=35407
It will remove virtually anything “mal” from your computer.
good luck!
Go to http://www.bleepingcomputer.com/malware-removal/remove-xp-antispyware-2009 and scroll down to the link for Malwarebytes Anti-malware. It will remove this particular infection quite nicely. My wife uses this to remove it from the students’ computers are a local college.
I used Bit Defender (free version) to remove this problem from a frien’s computer last week.
Here’s a program that’s free and it clean up some nasty stuff for me that several other programs missed. http://www.download.com/Trojan-Remover/3000-2239_4-10038982.html
I agree with Ken B.. Malwarebytes does the job very quick and easy. I have been seeing this alot on computers that download a lot of music.
I have used Malwarebytes Anit-malware on several computers and it worked very well. On the Home page, navagate thru the adversitising and look for the free malwarebytes pages. Update and Run it often, at least once a week.
I had the same thing and Malwarebytes got rid of it. I bought the program just to say “Thanks!”
As an IT Manager, I’ve seen lots of the XP Antivirus on our system. Malwarebytes is the solution I have reached for again and again. It has always gotten rid of this annoying pest of a problem.
I agree with Ken, Steve, Greg and Ron… I had the antivirus 2008 virus and Malawarebytes, not only found it ( it was being quarintined by windows defender) it ripped it out of quarintine and deleted it, something other programs I tried could not do….one powerful program…try it !!!!!
Superantispyware also removes this junk as well as Smitfraud fix and malwarebytes. The old stand-by adaware doesn’t seem to get some of these new threats.
Malwarebytes, as recommended. I had this. Tried the complicated manual instructions variously suggested, but Malwarebytes finally got it.
If you have icons missing, this malware moves and hides them, different folders on different infections. You just have to look/search for them.
In addition to regular scanning by various up to date prevention programs I run a weekly automated backup using Acronis TrueImage, so that the latest available image is never more than a few days old and slightly older versions are also available should the infection have arrived a while ago. Sometimes restoring a backup image is quicker and easier than routing out a pest, and certainly quicker and simpler than reinstalling Windows. Restoring from a clean image file also ensures that all traces of the pest are gone.
I run SpybotSD, Avast corporate edition,and use Spyware blaster,rogue remover and Malwarebytes. So far they have clobbered anything the net throws at me,I use memeo auto sync and Active disk image [ a heap easier to use than Acronis – which is a technicians nightmare]
I find that Spyware Blaster is the best thing to use. I used to also use Lavasoft’s Adaware and Spybot Search & Destroy, but for years all they found were cookies. I came to realize that Spyware Blaster was doing the job, and I’ve been using it with a good firewall (hardware & software) and antivirus for about 3 years now with not a single problem. I have the newest version of AVG and it has some antispyware components and it hasn’t found anything yet. Not even a virus.
Boot into safe mode before running / installing spybot. It will take care of the problem. I know for a fact…I had the same issue. My infection came from a fake flashplayer link.
i want to get rid of tyhat anti virus 2009 thing.it keeps popping up.and i hate it n.willl someone help me
08-Nov-2008
It seems u r nt benifitted wid the Antispywares u are using,so try some other gud antispyware.
I work on many OS Vista , Win 7,XP and have installed the combo of Macfee & Advanced System Protector , the reason of using Advanced System Protector is that it not only blocks the spyware b4 it can enter your system, will also clean the infections if any and it gives routine updates of the latest definitions and is very easy to use.
The On Execution Scanner & Alert Shields make it more efficient in the case of internet access. free version of ASP is also available which provides free scanning and cleaning.
Try this.
http://www.systweak.com/AntiSpyware/Download/