Does Windows Live One Care catch Antivirus 2010? RRS feed

  • Question

  • I had an 'anitvirus 2010' popup ad on my computer warning me that I have a virus and I must click on the pop up add to catch it.  I realize this is a malicious popup ad, but somebody said that if this happened my computer is already infected with this malware because live one care doesn't catch this sort of thing.

    How can I be sure that my computer is not infected with this 'antivirus 2010'? Is it true that this can bypass Windows live one care?

    Sunday, February 15, 2009 6:26 PM


All replies

  • Hello Diane673, if you see the Antivirus 2010 pop up on your computer chances are that you are infected. I suggest contacting support for help with malware removal. How to reach support - http://social.microsoft.com/Forums/en-US/onecareinstallandactivate/thread/30400b52-7f26-4ba0-bc18-17e305329d90
    Sunday, February 15, 2009 8:57 PM
  • Hi Diane,

    As Jim has already stated, you do have an infection by at least a portion of the Antivirus 2010 advertisement.  These can be difficult for 'good' Anti-malware such as OneCare to detect since the methods for their delivery change quickly as do the files and registry entries which are actually installed to display the advertisement.

    However, there is a significant distinction between the advertisement 'infection' and the actual infection when Antivirus 2010 itself is installed on a PC.  This 'fake' antivirus installation and many others by similar names contain varying levels of malicious code, some acting as trojans and other highly malicious forms of malware.  These are the 'real' malware that could directly do you harm, so the level of concern increases if this has occured, though it's more likely that OneCare might detect and remove these items since they are generally better known.

    Though it appears you currently only have the more minor advertisement infection, the potential exists that either by mistake or some hidden capability within the existing infection the truly malicious code might get downloaded.  For this reason, it's best to treat the current infection as dangerous, since until it is removed you can't be certain that you are safe from a more severe future infection by the truly malicious malware it's attempting to deliver.

    Windows OneCare Forum Moderator
    Monday, February 16, 2009 4:05 PM