Antivirus Pro 2009 Infection

[Brandon]

I have a computer from a client that has been infected with Antivirus Pro 2009. It is an Emachine desktop with XP Media Center.

I brought it home to start working on it, but when I turn it on and loads windows it gives me the BSOD. The Stop Error is 0x0000007E 0xc0000005,0x00000043,0xB770BC7C,0xB770B978

Any ideas? Need more info let me know.

Thanks,

 

[Checkmate]

That is a typical virus blue screen. I would attempt to boot to safe mode, and install malwarebytes, if that doesn't work, boot with a rescue CD like UBCD4Win or Hiren's or Trinity... and run a virus scan. Last thing to do, rip the drive out, connect to bench machine, scan drive via your preferred virus scan.

 

[Brandon]

Quick update: I removed the NIC card, modem, and 1 stick of RAM. Just the minimum things to operate computer are installed. Rebooted, and it did not BSOD. Going to back up itunes, and other documents while its stable at the moment.

I will then do what Checkmate said with Malwarebytes.

 

[stevenamills]

Brandon,

I had one variant of Av2009 that produced a bogus BSOD. After the BSOD it went through a "memory dump" and then "restarted" Windows. It was well done.

Steve

 

[nonchalant]

Try www.trustport.com.au free trial version. I'd be interested to know if it does (havent had chance to try it out on this variant yet). It removed Antivirus 2008.

Just make sure you update to latest definitions & go into advanced settings and turn everything on before you scan.

 

[koonter]

trojan remover

i cannot stress just how much this tool has helped me.

while it comes with a price tag it also comes with a 30 day evaluation.

just install, update, scan and then uninstall.

it removes the main components of the virus leaving you with the cleanup job in the registry and various files.

just run it with combofix or malwarebytes.

good luck

 

[Xander]

I just had one of these this afternoon. I'd recommend getting into Safe Mode. Once there, don't overlook the obvious and look into the Add/Remove applet in Control Panel. A few of these variants actually list themselves for removal. Might as well get as much cooperation out of them as you can, right?

Next, run SmitFraudFix (from a flash drive). It get rid of the worst bits, in my experience.

Reboot into regular Windows, and run a fully-updated MalwareBytes scan. I ran that parallel to a Deckard's System Scanner which found its own stuff.

The customer was concerned about costs so I left them with MB still scanning and instructions to remove anything it found. At that point, I was confident that the big baddies were already removed.

 

[JasonRulesUDont]

I don't really know if this helps, but a friend of mine had the Antivirus Pro 2009 virus on her computer. I instructed her on the phone on how to download ,install, and use AVG Free Edition. I told her what to after it scanned and got off the phone. I got a text message in the morning saying: "My computer is fixed!!!! I love you forever! Thank you!"

I assume AVG took care of it.