AntiVirus 2009

[Kadie]

I hope someone can tell me what's going on. I downloaded Windows Live yesterday (mainly to use the Live Mail) as Windows Mail lost all my emails from my Inbox. Now I am being clobbered by what appears to be MS Anti-Virus 2009. It has become a royal pain. I've been using PCSecurity Shield 2008 with regular updates and scans, without any problems until now. For some reason, Windows now does not want to see my already installed security system. It keeps telling me I'm unprotected, and will not see my Internet Secuirty program. It did before. It's driving me nuts. Help.

And as par for the course, the tech support group for PC SecurityShield is not manning the live chat line so I can't ask them if 1. I am infact protected and 2. What to do to fix this.

The damn MS thing is even blocking me from going to some websites that I regularly go to - like Bill Pay, etc.

Somebody help, please!

 

[Barman58]

Hello kadie, welcome to the Vista Forums

I am afraid to say that it would appear that you have become infected with a trojan which acts to persude you to downoad a program called MS Antivirus 2009. which is in reality a virus.

More information is available here ...

MS Antivirus - Wikipedia, the free encyclopedia

This is a nasty infection and unless you are quite advanced you will probably be better to contact your Anti-Virus company to let them help you remove it.

Whatever you do DO NOT DOWNLOAD THE PROGRAM suggested by the pop-ups.

if possible backup any personal data you may have onto either another drive or DVD /CD

Contact your AV company ASAP.

Hope this explains a little of what is happening

 

[Kadie]

Thanks, barman58. Why didn't my PCSecurityShield catch this thing. That thing was trying to tell me that I have like 30 different 'problems'. Dthink I do or is that what it told me to get me to buy it. Actually the Antivirus 2009 downloaded itelf, but I didn't buy it, and uninstalled it asap. Guess I still may have a problem, right?

Guess I need to have a talk with my AV provider, they may need to give me a refund or upgrade their product. Even though I've got the one that is supposed to be the best they make and the one popular mags & groups gave the highest ratings to.

Thanks.

 

[Barman58]

This particular infection is extremely advanced and continually updating itself in order to fool Anti Virus software. If you are still getting the warnings that you have "30 infections" then I would assume that you have the trojan still present.

As you have a commercial anti virus product is is best that you contact them as they should be able to remove it and it will also let them update their product to defend against the new variant that has got onto your system.

Whilst you are waiting to contact them I would try not to use the PC if you can, as it may make things worse to do so.

The good news is that this type of infection is removable, even though it is not a simple procedure.

If for any reason your software provider cannot solve this issue please post back as there are a few members here with removal experience for this particular nasty

 

[dinesh]

Malwarebytes.org
download the free-version and run a full system scan.
Antivirus 2009, if present, will be completely out of your computer.

 

[ignys]

Hi,

I don't know for sure, but it seems that i have found a very useful source here: Remove Antivirus 2009, removal instructions they have manual removal guide which will save money, because reliable spyware is paid.

 

[dk70]

You dont need expertise to remove this - go get that Malwarebytes and do a full scan. Dont attempt manual removal unless you really want.

I would also scan with SuperAntiSpyware SUPERAntiSpyware.com - AntiAdware, AntiSpyware, AntiMalware!

Both of these are non-resident scanners and wont conflict with anything. They specifically target this type of infection so a lot better than Avira, Norton, ESET etc. - even more so with removal. Preventing is the easy part.

If infection blocks those sites then go here and find them Anti-Spyware Downloads - FileHippo.com

So you notice AV2009 but why assume that is the only infection? May be scan with other AV product as well. Burn a Rescue CD from whoever, like Avira http://www.free-av.de/en/tools/12/avira_antivir_rescue_system.html Do it on a cdrw or similar since theirs is stupid and cant update itself - so only works today so to speak. Download is an exe-file, will burn when run so have disk ready. Bitdefender, Kaspersky, Dr. Web has at least technical better rescue-cds, can update them self.

Kaspersky: http://downloads.kaspersky-labs.com/devbuilds/RescueDisk/
Bitdefender: http://download.bitdefender.com/rescue_cd/
Dr. Web: http://www.freedrweb.com/livecd/

Windows Live did not install AV2009, you or someone else operating computer did

Did you or PCSecurity Shield 2008 turn Windows Defender off? or did it just not catch this?

Why use some rebranded and probably old AV product and not the real deal? I know you can get lucky and save some money by getting a licensed engine under other name - Lavasoft/Avira is not too bad for example, cheaper than Avira. This looks bad to me. They dont even have a public forum, looks like it is more a business idea than for real.

 

[Jerin]

Anti-Virus can be removed by using Windows Defender - or you can go to regedit and search for av2009 and delete all the entries make sure you are carefully while doing this don't delete any file if your not sure about it.
To search in regedit Press F3 to continue searching the same Press F3 again.

 

[Home4thewinters]

First and foremost, never edit your registry if you do not have some experience to do so. And always back up the registry BEFORE attempting anything. If you need assistance with backing up the registry, then that should be your first clue that you should NOT make any alterations. The smallest incorrect change could render your computer useless. As far as the Antivirus is concerned, there are several variants. MS Antivirus 2008, Antivirus 2008, MS Antivirus2009...etc, all look the same, but each one does something different. Malwarebytes is a good tool for most of these variants, but not for all. I know first hand that malwarebytes did not work for MS Antivirus 2009 as of 3 weeks ago, but they may have updated since then. I like using the Microsoft Malicious Software Removal Tool first.

1. Open the Start Menu.
2. In the white line (Start Search) area, type mrt.exe and press Enter
3. Click on Continue in the UAC prompt.
4. Click on the Next button.
5. Select and check the type of scan you would like to run and click on Next
I recommend using the full scan.
6. It will now start the scan
7. When finished, it will report the scan results.
8. Click on the Finish button when you are ready to close the Microsoft Malicious Software Removal Tool window.
NOTE: To see detailed scan results, click on the View detailed results of the scan link.
This scan can give you some indication on what your dealing with and possible ways to rid yourself of the pesty buggers.

My second choice would be malwarebytes.org.
Please read thier instructions thoroughly.

My third choice is to run your antivirus software program in safe mode. Unlike popular belief, you can force your antivirus software program to run in safe mode. Most will warn you of the affects, but they usually will leave thier results on the desktop of the administrative account. Consult with your venders help documentation first.

Good luck

 

[dinesh]

you can also try bbuilt-in windows defender.run a quick scan and this will do the trick for you if you are unable to get online.

 

[Home4thewinters]

It's been my experience with regard to the Anti-Virus 2009 malware that a person who is infected only has about 3 seconds with their browser before the pop-up appears. Any online tools needed to repair the problem should be downloaded to a removable storage device on a computer that is not affected with the malware. And then run the removable storage device on the affected computer.