Malware Defender 2009 take control of Window Defender

[John]

I downloaded Window defender recently and installed on my WIndow XP. It rans
first fine and scan my computer and does not report anything abnormal.
However, the second day, I saw this was controled by Malware Defender 2009.
Every time I ran window defender, it is Malware Defender 2009 started. I did
not buy and install Malware Defender 2009. I don't know how this canbe
happen. Any solution or recommendation to remove it?

Thanks

 

[Engel]

Hello John,

Suggest you scan the system for the pÑesence of Vundo (aka Virtumonde).

It seems possible that your Windows installation has been deliberately
damaged by a trojan (Vundo, along any uninvited guests. (SDBot and ZLOB, all
protected by a rootkit.)) so as to prevent you updating your system or
removing the trojan.

If the Windows Malicious Software Tool is not installed nor scanned the
system recently, then suggest you first utilize it and see if it detects and
removes Vundo.

Windows Malicious SoftwaÑe Tool
<http://www.microsoft.com/downloads/...e0-e72d-4f54-9ab3-75b8eb148356&displaylang=en>
Download to the desktop, close any open page, and run.
-=-

Tools that can fix the pÑoblem would be:
-SUPERAntiSpyware (SAS)
-Malwarebytes Anti-Malware (MBAM)
-Windows Live OneCare (WLOC) online scan
-Windows Malicious Software Tool (WMRT)
-WindowsDefender (WD)
-=-

A very good antimalwaÑe app is SUPERAntiSpyware.
There is a free version (on demand scanning only), the paid for version
includes active monitoring, similar to Windows defender:
<http://www.superantispyware.com/>
Reboot
-=-

Try Ñunning Malwarebytes Anti-Malware... download, update, and perform a
full system scan:
<http://www.malwarebytes.org/roguenet.php?id=401>
Reboot
-=-

Windows Live OneCaÑe online scan
<http://onecare.live.com/site/en-us/tryscanner.htm>
Look for Protection, the broom Clean up, also Tune Up..
-=-

Windows DefendeÑ
Consider going to the secuÑity portal

<http://www.microsoft.com/security/portal/>

and downloading the 32-bit definitions for Windows Defender to the desktop,
then double-click them to apply.


Have you done any scans within safe mode ?

RestaÑt in safe mode and scan with both updated WD, your Antivirus, (MBAM),
(SAS), (WMRT) and (WLOC)
-=-

Unexplained computer behavior may be caused by deceptive softwaÑe
<http://support.microsoft.com/kb/827315>
-=-

or

Start a free Windows Update support incident request:
https://support.microsoft.com/oas/default.aspx?gprid=6527

Support for Windows Update:
http://support.microsoft.com/gp/wusupport

For home users, no-charge support is available by calling 1-866-PCSAFETY in
the United States and in Canada or by contacting your local Microsoft
subsidiary. There is no-charge for support calls that are associated with
security updates.
-=-


I hope this post is helpful.


Let us know how it woÑks ºut.


Ǝиçεl
-=-

 

[Kayman]

I downloaded Window defender recently and installed on my WIndow XP. It rans
first fine and scan my computer and does not report anything abnormal.
However, the second day, I saw this was controled by Malware Defender 2009.
Every time I ran window defender, it is Malware Defender 2009 started. I did
not buy and install Malware Defender 2009. I don't know how this canbe
happen. Any solution or recommendation to remove it?

Google for: Malware Defender 2009

 

[Bill Sanderson]

Engel has given good advice, and it is possible that others here will give
clear advice about removal.

If you have trouble, I recommend calling Microsoft--1-866-pcsafety. This is
a free support call for issues with virus infection, security patches, or
spyware.

Hello John,

Suggest you scan the system for the pÑesence of Vundo (aka Virtumonde).

It seems possible that your Windows installation has been deliberately
damaged by a trojan (Vundo, along any uninvited guests. (SDBot and ZLOB,
all
protected by a rootkit.)) so as to prevent you updating your system or
removing the trojan.

If the Windows Malicious Software Tool is not installed nor scanned the
system recently, then suggest you first utilize it and see if it detects
and
removes Vundo.

Windows Malicious SoftwaÑe Tool
<http://www.microsoft.com/downloads/...e0-e72d-4f54-9ab3-75b8eb148356&displaylang=en>
Download to the desktop, close any open page, and run.
-=-

Tools that can fix the pÑoblem would be:
-SUPERAntiSpyware (SAS)
-Malwarebytes Anti-Malware (MBAM)
-Windows Live OneCare (WLOC) online scan
-Windows Malicious Software Tool (WMRT)
-WindowsDefender (WD)
-=-

A very good antimalwaÑe app is SUPERAntiSpyware.
There is a free version (on demand scanning only), the paid for version
includes active monitoring, similar to Windows defender:
<http://www.superantispyware.com/>
Reboot
-=-

Try Ñunning Malwarebytes Anti-Malware... download, update, and perform a
full system scan:
<http://www.malwarebytes.org/roguenet.php?id=401>
Reboot
-=-

Windows Live OneCaÑe online scan
<http://onecare.live.com/site/en-us/tryscanner.htm>
Look for Protection, the broom Clean up, also Tune Up..
-=-

Windows DefendeÑ
Consider going to the secuÑity portal

<http://www.microsoft.com/security/portal/>

and downloading the 32-bit definitions for Windows Defender to the
desktop,
then double-click them to apply.


Have you done any scans within safe mode ?

RestaÑt in safe mode and scan with both updated WD, your Antivirus,
(MBAM),
(SAS), (WMRT) and (WLOC)
-=-

Unexplained computer behavior may be caused by deceptive softwaÑe
<http://support.microsoft.com/kb/827315>
-=-

or

Start a free Windows Update support incident request:
https://support.microsoft.com/oas/default.aspx?gprid=6527

Support for Windows Update:
http://support.microsoft.com/gp/wusupport

For home users, no-charge support is available by calling 1-866-PCSAFETY
in
the United States and in Canada or by contacting your local Microsoft
subsidiary. There is no-charge for support calls that are associated with
security updates.
-=-


I hope this post is helpful.


Let us know how it woÑks ºut.


Ǝиçεl
-=-

--

 

[ignys5]

Malware Defender 2009 description and removal instructions

Malware Defender 2009 was probably installed through trojan virus, so it's not surprising that you haven't noticed anything. Luckily, Malware Defender 2009 can be removed either with anti-spyware application such as Spyware Doctor or Malwarebytes Anti Malware. Or this rogue can be also removed manually. Yoou just have to complete removal guide step by step Detailed Malware Defender 2009 manual removal guide

 

[Mamajo41]

Google for: Malware Defender 2009

 

[Mamajo41]

Google for: Malware Defender 2009

 

[Mamajo41]

I downloaded Window defender recently and installed on my WIndow XP. It rans
first fine and scan my computer and does not report anything abnormal.
However, the second day, I saw this was controled by Malware Defender 2009.
Every time I ran window defender, it is Malware Defender 2009 started. I did
not buy and install Malware Defender 2009. I don't know how this canbe
happen. Any solution or recommendation to remove it?

Thanks

 

[Mamajo41]

I downloaded Window defender recently and installed on my WIndow XP. It rans
first fine and scan my computer and does not report anything abnormal.
However, the second day, I saw this was controled by Malware Defender 2009.
Every time I ran window defender, it is Malware Defender 2009 started. I did
not buy and install Malware Defender 2009. I don't know how this canbe
happen. Any solution or recommendation to remove it?

Thanks

 

[Mamajo41]

WARNING...This is a TROJAN downloaded from www.supportnetcenter.com. It is
not the real defender, and the only way to remove it is by deleting it in
safemode, rebooting, and then running all scans to make sure it is completely
gone. first, make sure you know where the exe file is located by
right-clicking the desktop shortcut icon and "open file location". Make a
note of where the file is. Mine was simply listed as a file with a 6 or seven
digit number for a filename. After you have determined where the file is,
then reboot in safemode, delete the folder and contents and empty the recycle
bin. You can then reboot normally and scan for any hidden registry entries or
autorun entries. Unless you remove the file in safemode, it will block any
attempts to remove it, block all other malware and virus programs, and even
block access to Internet Explorer. The only place you will be allowed to go
is the "choose Master Card or Visa to activate your product" (for $50). This
is a very malicious trojan. I highly suggest blocking this entire website
specifically after removing the virus so that it cannot reinfect your
system!!!
This should be illegal.Anyone know the direct number for the FCC's internet
division?

 

[Mamajo41]

WARNING...This is a TROJAN downloaded from www.supportnetcenter.com. It is
not the real defender, and the only way to remove it is by deleting it in
safemode, rebooting, and then running all scans to make sure it is completely
gone. first, make sure you know where the exe file is located by
right-clicking the desktop shortcut icon and "open file location". Make a
note of where the file is. Mine was simply listed as a file with a 6 or seven
digit number for a filename. After you have determined where the file is,
then reboot in safemode, delete the folder and contents and empty the recycle
bin. You can then reboot normally and scan for any hidden registry entries or
autorun entries. Unless you remove the file in safemode, it will block any
attempts to remove it, block all other malware and virus programs, and even
block access to Internet Explorer. The only place you will be allowed to go
is the "choose Master Card or Visa to activate your product" (for $50). This
is a very malicious trojan. I highly suggest blocking this entire website
specifically after removing the virus so that it cannot reinfect your
system!!!
This should be illegal.Anyone know the direct number for the FCC's internet
division?

 

[Bill Sanderson]

Please don't post clickable links to malware sites. If you need to post
such a link, break it in some way so as to make it not clickable. Some
folks will click on anything....

This probably IS illegal, but there are parts of the world where the legal
processes are difficult to work with. In addition, the line between
incompetent and fraudulent can be difficult to prove.

 

[Bill Sanderson]

Please don't post clickable links to malware sites. If you need to post
such a link, break it in some way so as to make it not clickable. Some
folks will click on anything....

This probably IS illegal, but there are parts of the world where the legal
processes are difficult to work with. In addition, the line between
incompetent and fraudulent can be difficult to prove.

 

[SRV]

hello john malware defender is a trojan which was recently forwarded by
hackers through one's ip this was proven by kaspersky labs and shows false
alarm or try reinstallling windows.and use a good antivirus software like
bitdefender and kaspersky so that u can stay safe all the time.thank u reply
to (e-mail address removed) to clarify ur doubts.

 

[Mamajo41]

OOPS! My bad, sorry. I didn't realize that the link would post as a
clickable. I just signed up for this site and wasn't aware that it would do
so. It won't happen again. Thanks for the info, Bill.

 

[Bill Sanderson]

No problem! I'll note that these fake antimalware operations have been a
major focus for the monthly Malicious Software Removal Tool which comes out
with the security updates on the second Tuesday of each month.

 

[lexlow]

I donno how i got this cause im super safe and i have malware but cant open it
and i cant restart in safe mode cause i get the blue screen, only can restart in normal mode
how can i fix this??