Lately, my clients have been getting the dreaded malware from Antivirus 2009 or Antivirus 360 which is causing havoc on their computers. The official name for this malware is the zlob trojan which has been around for years in different forms. I have seen other variations of this like Antivirus 2008, and Defender 2009. At first glance, It looks like a very legit application using a Windows XP’ish style interface. It quickly runs through a supposedly quick scan of you computer and then reporting numerous infections. But, What it is actually trying to do is scare the user into buying their software to remove the infection it has obviously caused.

Luckily, I have found a product called Malwarebytes Anti-Malware that has done a great job at removing all the variations of this malware as well as others like the nasty adware Vundo. It is free to scan and remove the infections automatically but they also offer a paid version ($24.95) to continue and monitor your computer against future threats.

One thing to note as of late, they seem to be getting more crafty by blocking Malwarebytes from installing or running. The website is also being blocked in IE. The following steps were posted on their forum which helped address this. Also, I would recommend running this scan on multiple profiles.

• Click on Start, click Run, and then type devmgmt.msc and click OK
• On the View menu click on Show hidden devices
• Browse to Non-Plug and Play Drivers and you should see something like TDSSserv.sys
• Highlight that driver and right click on it and select DISABLE
• Now RESTART your computer.
• Download a copy of Malwarebytes but DO NOT run it yet.
• Rename the downloaded installer file to any generic name such as your own name but keep the .EXE extension on the file and run it.
• Once the program is installed go to the UPDATE tab and try to update the program if you can.
• Then go to the SCANNER tab and run a Quick Scan and allow MBAM to fix anything found.

Well, that should about do it and hopefully this has helped someone out there. You should notice quite a performance improvement after cleaning this off. I hope you all have a safe and wonderful Christmas!

To My Friends and Family,

Jay

2 Responses to “Antivirus 2009 or Antivirus 360? Neither Please!”