Cleaning the Fake XP Antivirus 2009 SpywareThis spyware has several names: Antivirus XP 2008, XP Antivirus 2009, Antivirus 360. But the symptoms of an infection are the same. These include
The spyware mutates constantly, so it is difficult for antivirus vendors to keep up. In addition, they can hide from antivirus and prevent them from updating. The software uses many different infection routes, but it is essential to get rid of it. This page discusses some methods. MalwarebytesThis is cleaning software that can be found at malwarebytes.org. It is highly effective, though it's quite possible this will diminish as the spyware programmers find ways to shut it down. However, it is the first choice for fixing the problem. Once you download the software, run it to install it on your computer. As windows display, stick with the default options. In general, the software will install itself, then will check for a new version. That will be downloaded and updated before it finally runs.
Click on "Scan" to scan your computer. This may take some time -- up to a half hour. While scanning, it will keep a running total of all infections found. When the scan is complete, a button will display at the lower right for cleaning the detected items. Click on it. A list of the files will display. Click on the button to remove the items. You may be prompted to restart your computer. Do so. Note: you may notice virus warnings popping up as you scan. This is often your regular antivirus. The spyware has hidden itself from it, and Malwarebytes makes the files detectable. Double check it is indeed your regular antispyware and you can use that to delete the files or just wait and let Maywarebytes do the work. In some cases, when you try to install Malwarebytes, it will not install, but will rather just die and do nothing. Some variants of the software do this. To fix, rename the Malwarebytes file (mbam-setup.exe) to something else (anything is good, as long as it keeps the ".exe"). This generally fixes the problem. However, if it doesn't work, there are other options. Starting in Safe ModeIf the scan hangs up, or Malwarebytes shuts down, you can start the computer in Safe Mode. To do this,
Once in Safe Mode, try running Malwarebytes again. Shutting Down the Spyware ProcessIt's sometimes possible to shut down the spyware using the task manager. To do this:
Now you can try running Malwarebytes. SuperAntiSpywareIf Malwarebytes doesn't clean the infection, the next step is to try SuperAntispyware. This sometimes finds problems Malwarebytes misses. It does require a bit more computer savvy to use, but in stubborn cases, it may be your only choice. Download and run the installer. When prompted, check up updates. Stick with the default options and follow the prompts to scan your computer. Have it clean anything it finds. FileFixerThis is a variant of fake antivirus that encrypts your file, says you are corrupted files, and asks you to pay for it in order to read your data again. This web page gives details; the download link is at the end. HijackthisIf you're having problems, download and install Hijackthis. It will create a log. Send the log to Siena's Call Center. NOTE: Due to our small staff, we will only analyze logs for Siena students, faculty, and Staff. Others can post their logs at the Spywareinfoforum. |
Home » Current Students » Tools and Technology » Computer Maintenance and Security » Viruses and Spyware » Cleaning the Fake XP Antivirus 2009 Spyware
