Malware Destructor 2009 also known as Malware Destructor is a rogue antispyware program from Virus Doctor rogue family (Fast Antivirus 2009, Malware Catcher 2009, Extra Antivirus, Virus Sweeper, Ultra Antivir2009, Virus Alert, Virus Melt, etc). During installation, Malware Destructor 2009 configures itself to run automatically every time, when you boot your computer. The fake antispyware also changes your HOSTS file in order to redirect google searches to 18.104.22.168. In addition the program drops a few files. These files are are actually harmless, but during the scan will determine as threats (spyware, malware and trojans).
Immediately after launch, the program starts scanning the computer and list previously created files as threats to trick you to buy the paid version of Malware Destructor 2009, in order to remove these reported infections. While the rogue is running your computer will display:
- system alerts
Suspicious software, which may be malicious, has been
detected on your PC. Click here to remove this threat
immediately with Malware Destructor 2009.
- system messages
You PC may still be infected with dangerous viruses. Malware
Destructor 2009 protection is needed to prevent data loss and
avoid theft of your personal and credit card details. Click here
to activate protection.
Threat detected: Trojan
File name: eb.dll
Threat name: Trojan-Spy.HTML.BayFraud.hn
These alerts and warnings are fake and should be ignored! Use the free instructions below to remove Malware Destructor 2009 and any associated malware from your computer.
Symptoms in a HijackThis Log
O1 – Hosts: 22.214.171.124 test1111.com
O1 – Hosts: 126.96.36.199 test1112.com
O1 – Hosts: 188.8.131.52 4-open-davinci.com
O1 – Hosts: 184.108.40.206 securitysoftwarepayments.com
O1 – Hosts: 220.127.116.11 privatesecuredpayments.com
O1 – Hosts: 18.104.22.168 secure.privatesecuredpayments.com
O1 – Hosts: 22.214.171.124 getantivirusplusnow.com
O1 – Hosts: 126.96.36.199 secure-plus-payments.com
O1 – Hosts: 188.8.131.52 www.getantivirusplusnow.com
O1 – Hosts: 184.108.40.206 www.secure-plus-payments.com
O1 – Hosts: 220.127.116.11 www.securesoftwarebill.com
O4 – HKCU\..\Run: [Malware Destructor 2009] “C:\Documents and Settings\All Users\Application Data\f5bc4e8\MDf5bc.exe” /s /d
Use the following instructions to remove Malware Destructor 2009 (Uninstall instructions)
Download MalwareBytes Anti-malware (MBAM). Close all programs and Windows on your computer.
Double Click mbam-setup.exe to install the application. When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing, make sure a checkmark is placed next to Update Malwarebytes’ Anti-Malware and Launch Malwarebytes’ Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded you will see window similar to the one below.
Malwarebytes Anti-Malware Window
Select Perform Quick Scan, then click Scan, it will start scanning your computer for Malware Destructor 2009 infection. This procedure can take some time, so please be patient.
When the scan is complete, click OK, then Show Results to view the results. You will see a list of infected items similar as shown below. Note: list of infected items may be different than what is shown in the image below.
Malwarebytes Anti-malware, list of infected items
Make sure that everything is checked, and click Remove Selected for start Malware Destructor 2009 removal process. When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.
Note: if you need help with the instructions, then post your questions in our Spyware Removal forum.
Malware Destructor 2009 creates the following files and folders
%UserProfile%\Application Data\Malware Destructor 2009
c:\documents and settings\All Users\Application Data\MDestrSys
%UserProfile%\application data\malware destructor 2009\Instructions.ini
c:\documents and settings\all users\application data\mdestrsys\mdestr.cfg
%UserProfile%\Desktop\Malware Destructor 2009.lnk
c:\Documents and Settings\All Users\Application Data\f5bc4e8\MDf5bc.exe
%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Malware Destructor 2009.lnk
%UserProfile%\Start Menu\Malware Destructor 2009.lnk
%UserProfile%\Start Menu\Programs\Malware Destructor 2009.lnk