locked
ANTI VIRUS 2009 RRS feed

  • Question

  • LIKE AN IDIOT I THOUGHT THIS WAS PART OF WINDOWS TELLING ME THAT I HAD VIRUS' . NOW WINDOWS WILL NOT LOAD. NEED HELP PLEASE.

    Monday, August 11, 2008 6:51 PM

Answers

All replies

  • It's called social engineering. It was designed to trick you. If you are using One Care please contact support for help with removal. How to reach support - http://forums.microsoft.com/WindowsOneCare/ShowPost.aspx?PostID=2421771&SiteID=2

    If you are not using One Care you are off topic in this forum but you can contact the Microsoft Security Hotline for help - 1-866-727-2338.

    Monday, August 11, 2008 7:02 PM
    Moderator
  • I don't have a solution however I want to mention that I kept seeing the message that my computer was infected and that I needed to install ANTIVIRUS 2009 when I clicked on Glossary on the web site at http://www.bankrate.com. Even though I clicked on the X the software seemed to try to install; I ended up closing Internet Explorer; when I changed the popup blocker setting to "High Block all pop-ups" from "Medium Block most automatic pop-ups" I stopped getting the message from/about ANTIVIRUS 2009.

    Thursday, August 14, 2008 8:02 AM
  • I also went to www.bankrate.com and had the same problem minutes later. I haven't had a chance to see what damage it did, but tomorrow I'll find out. I work from home doing transcription, so that will really be a problem if I'm having pop-ups, etc. It may be a very long day. I may be contacting Microsoft to Sad

    Friday, August 15, 2008 3:48 AM
  • I am an IT for a school district, and we all just came back from our Summer vacation and wouldn't you know it, quite a few of our staff picked up this lovely virus over the break.    I have run our Antivirus program to try and isolate the issue, I have tried deleteing the program from Program Files, the Registry, My Documents, and about a gazillion other places; and guess what...  It still comes back!  I have found that the only effective way of getting rid of it is to pull all of your pictures, music, documents, etc. off of your hard drive onto an external hard drive, (reviewing your documents carefully because there is a Microsoft Antivirus 2009 install executable file that they drop into your documents!)    Once you've got your stuff safely removed from the computer. FORMAT THE SUCKER!!!  HASTA LA VISTA BABY!!!  !

    Thursday, August 28, 2008 5:11 AM
  • Does Microsoft Live OneCare now recognize "Antivirus 2009" as some sort of malware?  If so is Microsoft Live OneCare able to safely remove "Antivirus 2009"?

     

    Thursday, August 28, 2008 7:44 PM
  •  JimRS wrote:
    Does Microsoft Live OneCare now recognize "Antivirus 2009" as some sort of malware?  If so is Microsoft Live OneCare able to safely remove "Antivirus 2009"?

     

    Based on the traffic on this virus and its variants I can only assume that it does not fully protect against all variants. However, I don't know this for a fact. Support may know the answer.

    -steve

    Friday, August 29, 2008 12:48 PM
    Moderator
  •  JimRS wrote:

    ...Even though I clicked on the X the software seemed to try to install...

     

    That is because the pop up window has been coded to where any click on the window including "cancel" and the "X" installs the malware.  The best thing to do is shut down the browser window instead of trying to get rid of the pop up.

     

    I did not get a pop up at that link which is a pity because I wanted to play with it and see if it has the same characteristics of the other one I studied.

    Saturday, August 30, 2008 11:39 PM
  • this thing is nasty.  These jokers play with permissions, and will even move folders, mimick desktops etc...

     

    that's the bad news -- good news is, in many cases, you can still get rid of it. 

     

    Also, I mention using AVAST because it's free, and easy to use -- but it is manual, and the ideal program when all is said and done, is Live OneCare.

     

    However - if this thing has already disabled your antivirus, another one is sometimes needed -- AVAST is good but won't work with some other antiviruses -- if this is the case -- follow the instructions below, but go to http://www.softpedia.com/get/Antivirus/Kaspersky-Virus-Removal-Tool.shtml for Kaspersky virus removal tool -- this runs great in safe mode, and has tested among the top 10 virus removal programs available.  This won't interfere with Windows Live OneCare, and you'll be pleased with the results.  I would do this instead of avast unless you don't already have an antivirus.

    ++++++++++++++++++++++++

    edit: just looked over this, and it works, and has a lot of information for ppl who aren't sure how to do some of the internet basics, and are not real savy with installing programs.  Here is a recap of how to remove:

     

    1. ALL need done in safe mode with internet support.

    2. Download, install, run Kapersky virus removal tool.

    3. Download, install, update, upgrade, update, immunize, and check for problems - Spybot S&D

    4. make sure your AV is current & up to date - AVAST is good free one - recommend Windows LiveOneCare if your system meets requirements.

    ++++++++++++++++++++++++++++++

     

    1. If it has just popped up on you and you're not sure where it came from --

    1.  push and release your power button, or use CTRL+ALT+DEL and choose Shutdown.

    2.  On boot up, directly following your DISPLAY LOGO such as DELL, MSI, HP, or whatever - be pressing the F8 key.  This will give you a menu, and allow you to choose to enter SAFE MODE, or SAFE MODE with NETWORKING.   Assuming you have highspeed internet - choose SAFE MODE with NETWORKING.

    3.  [START]-[CONTROL PANNEL]-[CLASSIC VIEW (if not already selected on left side -- just makes it easier to find what you need, but you don't have to do this one)]-[INTERNET OPTIONS...

    1. Internet Explorer 7+, DELETE Temporary files, cookies, and history.  Then click the ADVANCED tab, and click [RESET] to put IE back to factory.  THIS IS IMPORTANT EVEN IF YOU DON'T THINK YOU ARE USING IE - BECAUSE IF YOU'RE USING WINDOWS, YOU ARE USING IE (even if you browse with Firefox, Opra, Flock, etc...)

    2. Internet Explorer 6-.  DELETE Temporary files, cookies, and history.  Then click the ADVANCED tab, and click [RESTORE DEFAULTS] <--would also recommend that you "give in, and update to ie7 asap, as it is truely now an integrated part of Windows, and your system can become quite unstable without it.

    4.  Next I will list 2 recommended FREE programs for download, these do a fantastic job - but unlike Windows OneCare, it is not automated, and requires a lot of constant attention and maintenance by the user.  They are written very well, and do a fantastic job.  If they fix your problem, I would strongly recommend you purchase the Pro version of AVAST, and make a donation to the developer of Spybot -- this guy is a warrior, a true Knight of justice in an unjust virtual world.  He developes Spybot for free, and never limits people because they don't donate.  A rare find, a great guy - and a great product.

    1.  Open a browser window to the internet, and connect to www.AVAST.com  This is the website where you will download a legitimate ANTIVIRUS program.  If you already have a product you cannot uninstall because of all this mess, and your subscription is current - you should be able to skip this step.

    1.  Click the DOWNLOAD button, click the PROGRAMS button, and choose AVAST4HOME Free for home users. 

    2.  Save this download to desktop.  when download complete - go ahead and run the install program.  This is a dated file, and not completely up to date on the definitions, as it is first installed.  With this in mind, as your clicking the NEXT, NEXT, NEXT buttons to install, I would recommend not running the boot time scan just yet.  for that, click "NO" and restart the computer. 

    3.  On restart - go back to F8 - Safe mode with networking.

    4.  Splash screen says AVAST is installed and some words of wisdom - click OK.  After all your balloon messages finish, and your fully loaded into safe mode, right click on the Blue Ball in the bottom right hand corner of your desktop (the AVAST icon, with the A in the center).  Click UPDATE > Program.  and wait for the message to display in center screen as to whether there was an update or not.  (You may have to reboot your computer at this point).  Next, follow the same steps here in step 4, but choose UPDATE > AVS and wait for the message to appear, telling you it has updated, or is already current.

    5.  Follow step 4 again, but this time choose START ANTIVIRUS.

    6.  A brief memory scan will insue.  following this scan, a welcome INFORMATION page with 1.2.3.4.5. important messages appear -- you should read this sometime, but for now, close it with the [x].  Now find and click the menu button on the display. 

    Choose SCHEDULE BOOT TIME SCAN.

    7.  Checkmark to SCAN ARCHIVE FILES, make sure SCAN ALL LOCAL DRIVES is already checkmarked.  And click SCHEDULE.  It will want to restart, click [YES]. 

    AVAST will search for rootkits, and other viruses -- ANTIVIRUS 2009 is a rootkit, make no mistake -- but it's a bundled package of joy, with downloaders, trojans, generators - the whole ball of wax.  AVAST will not alone be able to get rid of this.  I recommend DELETE ALL as an option when a virus is encountered -- but please be aware, there are rare times that a system file that is needed, is infected, and should be quarantined and cleaned.  Anytime you delete a mass amount of viruses, there is a chance your system may not respond well -- especially when only half the battle is won.  You still have registry entries, spyware, and other wonderful programs that have grown dependent on these viruses.

    Next step, and hopefully the last.

    2.  BOOT back into SAFE MODE.  (thats the F8 screen, SAFE MODE with NETWORKING)

    3.  Open a browser window and go to http://www.safer-networking.org/ and choose your language -- click the DOWNLOADS option on the left side, choose a MIRROR SITE to download the file from.  This is important to go through the main website, so you minimize the risk of a phishing site, with fake programs.  Any MIRROR on their page is fine, but after you click the link -- do read the page to make sure you are clicking the correct DOWNLOAD button.  These sites offer to host his program for free, because the traffic this great program generates, and then they use it to advertise other programs.  So, do be careful.

    1.  Save program to desktop

    2.  after save is complete - run the program with all the default values.  This will set an annoying teatimer program in place, this "annoying" program is watching for changes in your registry, and is realtime, it just may save you from this headache in the future.

    3.  The program will download additional files, and install.  when complete a startup window appears asking to make backup copy of registry, this popup window, i suggest simply click next until you see the popup that includes the [start using spybot] button.  Click [start using spybot].

    4.  Click search for updates.  Choose a server from the list, I choose from the ones with my country flag for a quicker download -- click next.  If anything in the available downloads box is checked, click DOWNLOAD.  Wait for it to finish, and close the download windows.

    5.  Spybot may restart and upgrade durring this process -- it's worth it to not quit before this is finished.  After the updates -- SEARCH for updates again, and again , until there are no moreupdates available.

    6.  click [IMMUNIZE] -- the program will show you how many "blacklist" sites, domains, cookies it can protect you from -- click the IMMUNIZE button above the "brick" wall to put this protection to use.

    7.  Click the Search and Destroy button on the left, and [CHECK FOR PROBLEMS] -- this is the big scan you've been waiting for, and to-date, it's been very successful when removing this problem.

    8.  When the scan is complete, click [FIX SELECTED] and let it do it's magic.

     

     

    If you are among one of the thousands who have mistakenly ordered this rogue software, or installed a trial of it -- the above is still worth trying -- and in some cases, quite successful.  However, because of it's nature, I would strongly recommend going into safe mode, backing up your important data - and using your system restore options.

     

    I will also add, that Windows Live Onecare should protect against initial infection, it's a well rounded product, and I can't say enough about it's automation.  The only complaint I've heard is the speed -- it seems to slow some systems down -- generally these are computers 3-5 years old, or with 512mb ram running Vista. 

     

    GL to all, I hope this helps someone!

    Tuesday, September 9, 2008 10:06 PM
  • i need antivirus for my laptop to eliminate viruses is there a posibility for free download

     

    Saturday, September 20, 2008 3:52 PM
  • There are many free antivirus applications available and you can also use the One Care 90 day free trial. However many antivirus applications may not install properly if your computer is already infected. I suggest using an online scanner prior to installing an antivirus application.

    Online virus scanners:

    One Care Safety Scanner - http://onecare.live.com/site/en-us/default.htm

    Eset Online Scanner - http://www.eset.com/onlinescan/

    Trend Micro Housecall - http://housecall.trendmicro.com/

    Saturday, September 20, 2008 4:02 PM
    Moderator