MR

I figured there is some pretty knowledgable people here. My daughter accidently DL'd Antivirus 2009 on her laptop. She thought it was an update or something to her Avast. I googled it and it looks like it is a trojan or virus. I saw some different instructions on uninstalling/getting rid of it......some looked pretty technical. Does anybody know a way to uninstall this or should I take her laptop in to have it removed???

Click start and click the run link, type msconfig in your run box and hit ok. go to the the startup tab and uncheck everything except Avast. Reboot and tick the little box so the config GUI doesn't keep popping up everytime you restart. Try to boot up in safe mode and see if Avast can remove it. When you're booting up hit the F8 key before it goes into the windows startup screen. Pick the safemode option with out network.

Try to download this program and run it also.

http://www.download.com/Spybot-Search-a ... 22137.html

Hey, Deb. I predicted it was this before opening the thread - it's the #1 thing I see, and has more strains than Deano on the crapper. Some are lightweight, but many employ rootkits - stealth files that often are invisible and attach to vital system processes evn in Safe Mode, and I usually end up removing them with the help of a Linux boot disc where I can see everything on the drive outside of Windows. If your AV software can't remove it fully, the cheapest thing is to run a restore disc to take it back to factory defaults.

One very important thing - this is most often linked to ID theft, so don't get tricked into using your credit card to "purchase" the fake product.

Best of luck.

Gunbot wrote:Click start and click the run link, type msconfig in your run box and hit ok. go to the the startup tab and uncheck everything except Avast. Reboot and tick the little box so the config GUI doesn't keep popping up everytime you restart. Try to boot up in safe mode and see if Avast can remove it. When you're booting up hit the F8 key before it goes into the windows startup screen. Pick the safemode option with out network.

Try to download this program and run it also.

http://www.download.com/Spybot-Search-a ... 22137.html

Thanks Gbot. I'm at work, she's at home......LOL not even going to attempt to walk her through that. I'll give it a try tonight. Do I have to reset anything back after? Thanks again.

Oh and BTW she did run a scan on Avast, took forever....but she said it didn't come up with any infected? Mind you that wasn't in safe mode though? But there obviously is, cuz that antivirus 2009 box keeps popping up saying how many infected?

Rip Rokken wrote:and has more strains than Deano on the crapper.

LMAO!

bluejeangirl76 wrote:

Rip Rokken wrote:and has more strains than Deano on the crapper.

LMAO!

I still got it! (Ralph Malph voice).

Rip Rokken wrote:Hey, Deb. I predicted it was this before opening the thread - it's the #1 thing I see, and has more strains than Deano on the crapper. Some are lightweight, but many employ rootkits - stealth files that often are invisible and attach to vital system processes evn in Safe Mode, and I usually end up removing them with the help of a Linux boot disc where I can see everything on the drive outside of Windows. If your AV software can't remove it fully, the cheapest thing is to run a restore disc to take it back to factory defaults.

One very important thing - this is most often linked to ID theft, so don't get tricked into using your credit card to "purchase" the fake product.

Best of luck.

Thanks Rip! No worries there, she doesn't have a cc yet. That's when she knew it wasn't an avast update when it popped up asking her to purchase such and such program to remove infected files......and phoned mommy. Her laptop would have come with a a restore disc, right?

I had to crash mine once and boot it up with the recovery CD,and reinstall my virus protection,there was no other way

Another thing to do is double click on the Avast icon on your desktop. Click on the doodad that looks like an eject button. In the resulting menu, move your mouse over Updating and then click on iAVS Update. Allow Avast to update itself, then click on the eject button thingy again, and then click on Schedule Boot-Time Scan. Restart the computer and Avast will scan it before Windows loads, and has a much better chance of cleaning the system. After that, go to www.download.com Search for then download Spybot Search & Destroy. Install it, update it and scan your computer with that. Allow it to fix all problems it finds.

I hope this helps.

I think I got that one as well. Just as my LiveCare Subscription expired!!! Really not looking forard to redoing it all....again.

Rick wrote:Another thing to do is double click on the Avast icon on your desktop. Click on the doodad that looks like an eject button. In the resulting menu, move your mouse over Updating and then click on iAVS Update. Allow Avast to update itself, then click on the eject button thingy again, and then click on Schedule Boot-Time Scan. Restart the computer and Avast will scan it before Windows loads, and has a much better chance of cleaning the system. After that, go to www.download.com Search for then download Spybot Search & Destroy. Install it, update it and scan your computer with that. Allow it to fix all problems it finds.

I hope this helps.

Thanks a bunch, you guys rock. Thanks for all your help. I'll try this too. Thing is, she said she ran an AVAST scan, it took forever, but she said nothing came up infected. But obviously it is if an Antivirus 2009 box is coming up saying there is infected files. Rip, could this be what you mean by a lightweight version, gawd I hope so.

You know what, let me have a look at it first later before I ask anymore questions, I'm getting this all second hand.....

Oh and Rick, you're slipping.......these instructions didn't come with scheduled coffee and potty breaks.....like your Nero to youtube instructions.

Deb wrote:I figured there is some pretty knowledgable people here. My daughter accidently DL'd Antivirus 2009 on her laptop. She thought it was an update or something to her Avast. I googled it and it looks like it is a trojan or virus. I saw some different instructions on uninstalling/getting rid of it......some looked pretty technical. Does anybody know a way to uninstall this or should I take her laptop in to have it removed???

It is not a virus that's why Avast didn't pick it up. It's malware. AntiVirus 2009 sent it and so it is "reporting" maliciously as a virus so you can purchase their software. It will take over your homepage, etc. You can try what the others have suggested but if it doesn't get rid of it, try http://www.malwarebytes.org/ - there's a free version and i have great success with it.

Here's more info about AntiVirus 2009:

Antivirus 2009 is a new rogue anti-spyware program from the same family as Antivirus 2008 and Doctor Antivirus . Antivirus 2009 is installed and advertised through the use of misleading web sites that attempt to make you think your computer is infected with a variety of malware. Once installed, Antivirus 2009 will scan your computer and list a variety of fake infections that can't be removed unless you first purchase the software. These infections are fake, though, and only being shown to scare you into purchasing the software.

When Antivirus 2009 is installed, a Internet Explorer browser helper object is also installed that displays fake messages when using Internet Explorer. These messages range from a line at the top of the browser stating an infection was found to adding a box to the Google homepage stating Google detected that your computer was infected. These tactics are just two more methods where Antivirus 2009 uses false information to scare you into purchasing their software.

epoy wrote:

Deb wrote:I figured there is some pretty knowledgable people here. My daughter accidently DL'd Antivirus 2009 on her laptop. She thought it was an update or something to her Avast. I googled it and it looks like it is a trojan or virus. I saw some different instructions on uninstalling/getting rid of it......some looked pretty technical. Does anybody know a way to uninstall this or should I take her laptop in to have it removed???

It is not a virus that's why Avast didn't pick it up. It's malware. AntiVirus 2009 sent it and so it is "reporting" maliciously as a virus so you can purchase their software. It will take over your homepage, etc. You can try what the others have suggested but if it doesn't get rid of it, try http://www.malwarebytes.org/ - there's a free version and i have great success with it.

Thank you very much, will try that. Was wondering why she kept telling me it wasn't showing up in AVAST scans?

Using the Mozilla Firefox browser also helps to prevent that sort of thing from happening in the future. It is much more secure than Internet Explorer.

The lines between viruses/malware/spyware are really blurred these days, and most current products overlap their protection. I did read a recent article that said all the major security products only detect 25% of new botnet infections (the types that create networks of zombie PC's). After 30 days, that # increases to only 50%.

I quit relying on traditional scanning products myself a few years ago for virus removal, and do them all manually with a boot disk and a few utilities like Hijack This. There is no infection I've run across that I haven't been able to fully remove without wiping the drive unless it was by choice, but they are getting trickier all the time.

Deb, whether your laptop has a restore cd depends on the brand and model. Hope you get an easier variant to remove. SuperAntispware is also a great free scanner that does a good job.

Rip- I will laugh for the week. That was a good one !

Using the msconfig thingy doesn't get rid of a virus as they run hidden in the background and embed themselves in the registry. It'll take a specialized type program to assist you in getting rid of it, but if you don't know what the virus is, then it gets harder. HiJackThis V2 is a good one, but you have to be VERY CAREFUL on what you remove. Without seeing it, I can't help. Try having someone more knowledgable look at it in person before you do something that can't be undone

Actually, Norton is "ok", but it can be a system hog using your own system memory to run itself. I'd recommend Kaspersky or BitDefender

http://anti-virus-software-review.toptenreviews.com/


Spy Sweeper, if left running, can also be a system hog. It does the job ok, but I got annoyed with it bogging my system.


I run BitDefender on both my big rig and my backup and also run SpyBot Search And Destroy once a week. I usually have zero problems. And SpyBot only is running when I allow it to.



And wiping your system completely is sometimes the best thing to do. I redo my system at least once a year whether it needs it or not just to keep things in top form.

I use AVG (the free version). It removes anything I have had problems with. Stuff Norton would not. You can get it at download.com when there type in AVG free. And it will take you to the download.