antivirus 2009, blocked internet, and unable to run antimalware

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by franktaplin, Feb 3, 2009.

  1. franktaplin

    franktaplin Private E-2

    A customer brought a computer in that has antivirus 2009 on it. I tried to run through the antimalware procedure but I am having trouble getting anything to work. I was able to install and run Ccleaner. It appeared to install Spybot but the update while installing appears to be rerouted to the loopback so I didn't download any updates when I installed it. When I try to run Spybot nothing happens. When I try to install SUPAERAntispyware I get a message saying that the files are corrupted and cannot be installed. I know this is not the case because I can install it on other computers from that disc. When I try to install Malwarebytes nothing happens. I tried to run combofix but again nothing happens. I was able to get mgtools to work and have attached the log. When I try to get to trendmicro, bitdefender, or panda fro an online scan or to a site such as majoregeeks or bleeping computer I get either a "page cannot be displayed" or I keep getting cycled though search sites.
    I went to bleepingcomputer on a good computer and looked up antivirus 2009. I then went through the steps for manually deleting it and I don't get the popup any more but that's all it accomplished.
     

    Attached Files:

  2. franktaplin

    franktaplin Private E-2

    I renamed the malwarebytes and superantispyware install files and was able to install them in safe mode. When I try to run Superantispyware I get the the application has encountered an error and needs to close. Malwarebytes does nothing. Any ideas.
     
  3. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    You are running a very old version of MGTools....please go to the Read and Run First sticky and download all the latest versions of our tools. I suspect that SAS and MBAM are also old versions and need to be uninstalled and then reinstalled with the latest versions.
     
  4. franktaplin

    franktaplin Private E-2

    I din't realize that mgtools had been updated. It never appears on the updates on the main page so I assumed it was still current. The other programs are the current versions as of Feb. 1, 2009. I'll rerun mgtools and post the log again.
     
  5. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Chaslang updates the MGTools frequently, so it would be difficult to the owners to be constantly updating the main page....always check the Read and Run first as it will always have the updated links.
     
  6. franktaplin

    franktaplin Private E-2

    I'll do that for mgtools and combofix from now on. I usually checke the main page for the others every day.
    I was able to get the computer cleaned and everything working. I've noticed the problems I had with this one on several other computers that had the antivirus 2009 malware program and its variants on it.
    To get around the problems with installing I did like the READ ME said and renamed the SAS and mbam install files so that they'd be able to install.
    The problem was that none of them would run and I'd get a "this program has encountered an error and needs to close" type error when I'd try to run SAS. How I found to get around this error was to put the SAS definitons on disc and then manually update the program. Then I went into the program folder (c:\program files\superantispyware). I then made a copy of the superantispyware.exe file and renamed the copy to sas.exe. I then ran it from inside the folder and was able to get SAS to run. After it ran and removed a lot of spyware the internet was working so I was able to proceed with the procedure in the READ ME without a hitch and get everything removed.
    I double checked it by running several alternate scans, running hijack this, checking the rigstry, and the folders on the system for any trace.
    Its worked on two other computers that I've gotten in since then and I was just passing that little bit of info on.
     
  7. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Good to know.....let me know if you have any other malware issues with this computer.

    If you are not having any other malware problems, it is time to do our final steps:

    1. We recommed you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no real time protection. They are useful as backup scanners. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
    2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
      • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
      • "%userprofile%\Desktop\combofix" /u
        • Notes: The space between the combofix" and the /u, it must be there.
        • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.

      • Delete the C:\combofix folder from combofix (if it exists)

    3. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    4. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    5. Go to add/remove programs and uninstall HijackThis.
    6. You can delete the C:\MGtools folder and the C:\MGtools.exe file. You can also delete the C:\MGlogs.zip
    7. If you are running Vista, Windows XP or Windows ME, do the below:
      • Refer to the cleaning steps in the READ ME for your Window version and see the steps to Disable System Restore which will flush your Restore Points.
      • Then reboot and Enable System Restore to create a new clean Restore Point.

    8. After doing the above, you should work thru the below link:

     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds