Removing the Antivirus 2009 infection

a-foton » Removing the Antivirus 2009 infection

a-foton » Removing the Antivirus 2009 infection — Sat, 05 Jul 2008 08:09:53 GMT

PingBack from http://blog.a-foton.ru/2008/07/removing-the-antivirus-2009-infection/

re: Removing the Antivirus 2009 infection

Ken Bennet — Mon, 07 Jul 2008 00:54:50 GMT

It saddens me to see a Microsoft employee advising as to how to remove an infection that is system wide like this. Miguel, you can never truly trust this computer again until you format the heard disk and reinstall Windows from scratch! How do you know some other malware wasn't also installed on the system during this infection - malware that you failed to detect and remove? It is still lurking around on your system and sending lff your bank account numbers and sensitive personal information to some crooks who will use it to commit fraud. CERT says that such an infection can only be guaranteed to be removed only after complete rebuild of the system. "Removing" the infection in the way you cite lures you and everyone who tries your advice into a false sense of security.

Take my advice: Repartition and reformat your hard disk, reinstall Windows from known trusted media and reinstall your applications from know trusted media. then restore from your most recent pre-infection backup. To prevent this problem in the future, remove yourself from the administrators and power users groups and run as a standard user and require others to do the same. As a standard user, you should never run into a situation where your entire system gets infected. The worst that can happen if you are running as standard user is that your user profile gets infected and you have to delete the profile and rebuild it. Please feel free to contact me at kjbemail-cl@yahoo.com if you need to follow up on this comment.

re: Removing the Antivirus 2009 infection

Miguel Campos ROCKS !!!! — Mon, 07 Jul 2008 02:45:12 GMT

Thank you very much for your help, now I am a hero for to my friend for getting rid of the virus on his computer (by following your instructions).

THANK YOU !

re: Removing the Antivirus 2009 infection

David — Mon, 07 Jul 2008 03:17:51 GMT

Thank you so much! It worked perfectly.

re: Removing the Antivirus 2009 infection

mcampos — Mon, 07 Jul 2008 03:34:38 GMT

Thanks a lot to Ken ! His recommendations are right on the mark.

Actually I ran several tools to scan the system for spyware (including Defender and OneCare), this took several hours.

And yes, while all other users in my system run with limited privileges, my brother in law just sit down and used my machine when my user was logged on.

My purpose on writing this entry is to make it easier to people to remove the Antivirus 2009 ... so they will be able to run trusted scan and removal tools. The results of this scanning will make it easier to determine if a complete reformat is required.

re: Removing the Antivirus 2009 infection

Marcus — Wed, 09 Jul 2008 14:17:09 GMT

Thanks a lot. This was very helpful!!!!!!!!

re: Removing the Antivirus 2009 infection

Leonie — Thu, 10 Jul 2008 12:17:53 GMT

Hi Please help - a very blond lady when it comes to issues like this, I am currently having this virus poping up telling me that I need to update I am running my own virus program but this is blocking me for doing any thing and I am to scared to do any thing, I also can not delet this dame thing

Please mail me instuctions in very lame terms to leo2_angel @yahoo.com

re: Removing the Antivirus 2009 infection

rick frost — Thu, 10 Jul 2008 15:18:59 GMT

miguel...thank you...!! it worked..

re: Removing the Antivirus 2009 infection

Sandy Beidel — Fri, 11 Jul 2008 18:47:09 GMT

Antivirus 2009 popped up on my screen a couple of days ago when I was using Mozilla Firefox - I don't use Internet Explorer. I went through screens popping up and interfering with everything I tried to do - stopping my computer and telling me I had a blue monster that could infect my computer, etc. McAfee tried to walk me through removing it but I kept being interuppted by the Antivirus. I finally did a System Restore going back to a previous date. After that I checked all of the places I knew to look for any evidence that it was still on my computer but I am not very computer literate and like "very blond lady" said I need instructions in very lame terms in order to know if I need to do anything else to be sure I am rid of this virus. I plan to buy the Max Spyware Detector and run it on my computer later today and run a scan to see if it picks up anything. So far I haven't had any problems since then but does that mean it could still be in the background getting info from my bank account and personal information and passing it on to "crooks" as Ken Bennett said? Thanks for any help.

re: Removing the Antivirus 2009 infection

mcampos — Fri, 11 Jul 2008 20:16:17 GMT

Try to run at least two full antivirus and antiscan from different providers (I did that).

As Ken said there may a possibility of some other spyware being installed during the duration of the infection.

The more different tools you use to scan you increase the probability of locating another threats.

But sadly the only way to be 100% safe maybe to reinstall the machine as Ken recommended.

re: Removing the Antivirus 2009 infection

Bill Miller — Mon, 14 Jul 2008 15:43:51 GMT

Thanks for the help. This was nasty problem. It is disappointing when your virus protection software company doesn't do its job.

re: Removing the Antivirus 2009 infection

dotlizard — Sun, 20 Jul 2008 08:35:51 GMT

i installed Windows Live OneCare and before it was even done with setup, it had found and dealt with this threat. perhaps the computer is not completely clean, but it sure seems that way.

Antivirus 2009

dotlizard — Sun, 20 Jul 2008 08:38:16 GMT

this evening my son said to me "antivirus says i have a virus!" and i knew we were in for a long night. i've battled infections of Antivirus 2008 and i know it to be a very insidious enemy. well,...

re: Removing the Antivirus 2009 infection

Harmonic — Wed, 23 Jul 2008 23:36:16 GMT

I ran SmitfraudFix and got rid of the popup ads and toolbar icons,then ran Malwarebytes' Anti-Malware to get rid of the Google Tips Warning about unregistered copy of Antivirus 2009. These were all free removal tools. System appears clean now.

re: Removing the Antivirus 2009 infection

dartbeyder — Sun, 27 Jul 2008 13:26:15 GMT

I used malwarebytes anti-malware and successfuly removed the threat. Just follow the removal procedure here: http://www.precisesecurity.com/blogs/2008/06/26/antivirus-2009/

re: Removing the Antivirus 2009 infection

campaignagainstinternetscum — Tue, 29 Jul 2008 03:57:16 GMT

The best advice anyone can give is NEVER repeat NEVER download any "FREE" software that claims it will remove Antivirus 2009 - it's probably made by the same scum that actually created Antivirus 2009!!!

Re-format!

re: Removing the Antivirus 2009 infection

Scott — Tue, 29 Jul 2008 08:50:28 GMT

this virus has morphed. who ever heard of a virus being updated?? usually its take the money and run..antivirus 2008 updated to antivirus 2009 and attached a whole host of other rogue malware.. the internet sucks.. peace out

re: Removing the Antivirus 2009 infection

T. White — Wed, 30 Jul 2008 03:30:06 GMT

I have to agree with Ken. I don't completely trust that the malware has been completely removed unless I format the hard drive and reinstall the OS. I have an end user that has somehow had her machine infected. I've tried booting from the Windows XP cd with the intention of deleting the partition and starting over from scratch. I can't even get that far. The XP drivers will load and right before it comes up with the menu to install or repair Windows - it crashes. Every single time. So how do I get past this??

re: Removing the Antivirus 2009 infection

jesse — Wed, 30 Jul 2008 22:28:01 GMT

thank you i had the 2008 version first and could not get everythng and then i saw that it turned into the 09 version and followe he steps and no everything seems o ork fine thank you a lot