Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Antivirus 2009 Virus


  • Please log in to reply
5 replies to this topic

#1 Scott Haley

Scott Haley

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:01 AM

Posted 20 November 2008 - 02:09 AM

I followed the instructions (to the letter) on this site regarding the removal of an Antivirus 2009 infection via the installation of the Malwarebytes anti-malware program. The "solution" DID NOT WORK. No infections were detected. Zero. My machine still has the virus.

I've tried numerous programs that claim to be able to remove this insidious virus. Not one of them worked. I even restored my computer to a previous date...long before the infection; that worked for a time, but then the virus popped up again. [I was told later, by someone who knows, that overwriting everything (restoring your machine) doesn't always work. He was right.]

Does ANYONE have a solution to this problem? Please keep in mind that I am a complete Techno-Idiot, so the solution has to be fairly simple.

Thanks in advance.

:thumbsup:

BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,134 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:01 AM

Posted 20 November 2008 - 05:36 AM

MBAM should of found something if you used it before "restoring". If you have not used Super Antispyware Free then run a scan with it.
If your computer is still infected after using SAS post a Hijack This Log in the Hijack This Forum. NOT IN THIS FORUM.

http://www.superantispyware.com/

Download and install SUPERAntiSpyware Free from the link above.

* Double-click SUPERAntiSypware.exe and use the default settings for installation.
* An icon will be created on your desktop. Double-click that icon to launch the program.
* If asked to update the program definitions, click "Yes". If not, update the
definitions before scanning by selecting "Check for Updates". (If you encounter
any problems while downloading the updates, manually download them from
here and
unzip into the program's folder.)
* Under the "Configuration and Preferences", click the Preferences... button.
* Click the "General and Startup" tab, and under
Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
* Click the "Scanning Control" tab, and under Scanner
Options, make sure the following are checked (leave all others unchecked):
o Close browsers before scanning.
o Scan for tracking cookies.
o Terminate memory threats before quarantining.
* Click the "Close" button to leave the control center screen and exit the program.
Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".

* Launch the program and back on the main screen, under "Scan for Harmful Software" click Scan your computer.
* On the left, make sure you check C:\Fixed Drive.
* On the right, under "Complete Scan", choose Perform Complete Scan and click "Next".
* After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
* Make sure everything has a checkmark next to it and click "Next".
* A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
* If asked if you want to reboot, click "Yes" and reboot normally.
* To retrieve the removal information after reboot, launch SUPERAntispyware again.
o Click Preferences, then click the Statistics/Logs tab.
o Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
o If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
o Please copy and paste the Scan Log results in your next reply.
* Click Close to exit the program.
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 Scott Haley

Scott Haley
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:01 AM

Posted 21 November 2008 - 12:33 AM

To Buddy 215,

Thanks for your suggestions. No, MBAM found nothing. I already had tried SAS; at least it found some adware cookies. I ran both in "Safe Mode" (whatever that means); neither one located the AS 2009 virus. I also ran them out of "Safe Mode". Nothing.

I don't understand what "Hijack This" is...or what good it would do me to post anything there. ???

Scott Haley

#4 Scott Haley

Scott Haley
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:01 AM

Posted 21 November 2008 - 12:37 AM

This thing is virtually impossible to get rid of...I've tried at least a dozen so-called "solutions". No luck yet.

Does anyone know if restoring your machine to its ORIGINAL configuration (rather than a later date) works?

Scott Haley

#5 buddy215

buddy215

  • Moderator
  • 13,134 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:01 AM

Posted 21 November 2008 - 06:33 AM

Posting a Hijack This Log in the HJT FORUM allows the experts there to assist you in cleaning up your computer.

Directions for posting are in the link below. Skip down to #9 as you have already done the preliminaries.
http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/

After downloading the HJT program and before running a scan, find the HJT.exe on your computer and rename it by
right clicking on the file and choosing rename. Rename it lastchancescan.


Once you have posted in the HJT forum, wait until the HJT team expert responds to it first before. Bumping your post will only delay their response.

Edited by buddy215, 21 November 2008 - 06:36 AM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#6 buddy215

buddy215

  • Moderator
  • 13,134 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:01 AM

Posted 21 November 2008 - 02:44 PM

How to remove Antivirus 2009 (Uninstall Instructions)
http://www.bleepingcomputer.com/malware-re...-antivirus-2009
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users