Antivirus 2009 and other malware!

I began working on a computer where the owner was complaining of "pop-ups" and not being able to browse the web.

The computer is a Gateway running Windows Vista. I logged in to the Administrator account and got to the desktop, before I could do anything else about 9 "Windows Security" pop-ups came up telling me to download various removal tools. Most of them were recommending I download Antivirus 2009. Then I noticed the owner must have already taken the advice because Antivirus 2009 was running in the background asking to run a complete scan.

Antivirus 2009 is Malware, or software designed to infiltrate and damage a computer. One of the best removal tools for Antivirus 2009 is Malwarebytes Anti-Malware software. Upon searching for this software from the computers web browser I discovered another problem. The go.yahoo.com / go.google.com virus. This virus prevents you from actually going to any website by redirecting you to an unlimited amount of search websites. I downloaded Malwarebytes on my laptop and transferred it to my flash drive and then installed my flash drive in the computer. When I tried to run the mbam-setup.exe file it wouldn't run, which is another symptom of Antivirus 2009, it blocks the installation of things that can kill it. A simple work around for this was to rename the .exe file and then it allowed the install to happen. After installing I rebooted into safe mode (this is accomplished by hitting F5 or F8 during the boot process before the Vista splash screen comes up) I then ran a Quick Scan which completely cleaned the Antivirus 2009 off the system, but upon reboot into normal mode I discovered that the go.google.com virus was still present, so I disconnected the ethernet connection and rebooted into safe mode again and ran a Complete Scan with Malwarebytes, this found 8 more infections in which it cleaned, and upon reboot I ran another Complete Scan in normal mode and it found 5 more infections which required a reboot to clean. When it came back up everything seemed to be working great.

I always run HiJackThis on all systems I am working on just to make sure that no malicious Browser Helper Objects (BHO) are left behind that will continue to allow malware / spyware to be installed. The HiJackThis log looked pretty clean, but I removed a few toolbars and search assistants that only slow the functionality of Internet Explorer down. After a final reboot the system was running smoothly with no further infections showing up in either Malwarebytes or Windows Defender. They were using an expired version of McAfee so I uninstalled this and installed AVG Free Anti-Virus and updated it. A complete scan from it reported no infections / problems. All in all it took around 4 hours to remove all infections, but most of that was time spent performing the scans which doesn't require direct intervention so I was able to do other things while they ran.

There are also manual removal methods for the Antivirus 2009 software which involves booting into safemode and killing certain processes (av2009.exe, etc.) and then deleting registry keys and deleting all files related to Antivirus 2009, but I find using software not only does the trick but also removes items you may not know was infecting the system.

First off let me say welcome to my new blog. I created this blog because I wanted a blog that I could use to discuss my interest in all things tech.
Now on with the show. I just built a new PC for The Pinnells, they had a Dell XPS 400 and the motherboard went south. We decided on a budget of around $700 just for the tower because they had everything else already.

I began shopping around and I chose to buy from www.zipzoomfly.com because I have had great success from their service department in the past and also they have lightning fast shipping for cheap. Tigerdirect.com has some good deals on bare bones systems, but I really like being able to choose all aspects of the build. With a budget of $700 I decided to not go to expensive on the case, but I didn't want anything to flimsy either, so I decided to see what Cooler Master had to offer. I decided to go with the Cooler Master Centurion 5 case which I found for $55.

I decided to go with a Intel processor on this build because quite frankly their Quad Core processor line really out does AMD by leaps and bounds. So I chose the Intel Core 2 Quad Q8200 2.33Ghz processor for $195. With memory prices as cheap as they are now I decided to just max out the system (he wanted WinXP 32bit installed) and put 4GB in it. I found a killer deal on Corsair XMS2 4GB Kit for $55. They didn't really have alot of PCI cards in the old system that they ever used and didn't plan on expanding the system much anyways so I saved money by choosing a economical motherboard, the MSI G31M3L for $43 is a small board for the big Cooler Master case, but it will get the job done. They don't game much, but he does use AutoCAD, but on the $700 budget a Quatro or similar card is pretty much out of the question, but I figured a card with alot of memory on board should fit the bill just fine, so I chose a ASUS GeForce9400GT with 1GB DDR2 on board for $80. Hard drives have come down in price so much I decided to go with a 2 hard drive setup, one for the OS and applications and another for storage of music, videos, etc. I chose a Seagate 250GB SATA II 7200RPM drive for the OS and a Seagate 1TB SATA II 7200RPM 32MB Buffer for storage both drives came to $160. I figured a 500W power supply should power this rig fine, but had limited cashflow left so I wasn't able to go with a detachable cable power supply but I found a nice OCZ 500SXS power supply for $60.

I really liked the simplicity of the Cooler Master case and its tool-less design. The Intel processor runs lightning fast and overall the system is extremely quiet. I deliver the system tomorrow and hope The Pinnells will be happy with it.