What I learnt about... The 'Antivirus 2009' Virus.
The 'Antivirus' 2009 Virus is a nasty piece of programming which continues to boggle the minds of those infected. Basically, the virus infects your computer by either finding vulnerabilities in your web browser or infecting downloadable files and email attachments. It takes the appearance of an antiviral software, prompting pop-up messages to tell you that it has found malware on your computer or advising you to install it while giving no option to cancel.
Once infected, pop-up messages start appearing at random intervals, boot-up is affected and your wallpaper is changed to a nasty .jpg that tells you your computer is infected. What's more, the trojan blocks access to anti-virus websites such as Mcafee and Kaspersky, and then cloaks itself so that it goes undetected in any system scans.
The trojan provides a root-kit backdoor by modifying registry values. However, there IS hope of removing it. Don't follow prompts and install the fake software. Manually delete suspicious files (which may be located in temp folders), install Avira Antivir and Combofix and try rebooting machine a few times. Update firewall settings and web browser.
**EDIT It is advisable to delete ALL restoration points in order to avoid duplicating the backdoor component.
Once infected, pop-up messages start appearing at random intervals, boot-up is affected and your wallpaper is changed to a nasty .jpg that tells you your computer is infected. What's more, the trojan blocks access to anti-virus websites such as Mcafee and Kaspersky, and then cloaks itself so that it goes undetected in any system scans.
The trojan provides a root-kit backdoor by modifying registry values. However, there IS hope of removing it. Don't follow prompts and install the fake software. Manually delete suspicious files (which may be located in temp folders), install Avira Antivir and Combofix and try rebooting machine a few times. Update firewall settings and web browser.
**EDIT It is advisable to delete ALL restoration points in order to avoid duplicating the backdoor component.