19 total posts
What to do
This is what I'd do with this: Techie-Master leaves out that you'll need to boot the computer into safe mode (first try safe mode with networking enabled - you'll see why in a moment) because MBAM needs to run under Windows. If you can't get Windows up, the MBAM suggestion does you no good.
To do any sort of removal, you'll need a thumbdrive or the ability to copy files back and forth with a CD. Assuming you know how to get the computer into safe mode, you will probably be able to mount and install MBAM and (with networking enabled) get an updated pattern/signature file from their website. If you cannot get to the 'net in safe mode (sometimes it will work and sometimes it won't - it's tricky) you can go here on another computer: http://www.gt500.org/malwarebytes/database.jsp
and retrieve the latest pattern/signature file manually and apply it manually.
If the online or manual update fails for some reason, you can still do a full scan with MBAM, even with an old pattern/fignature file. In fact, you might try that first because the old stock pattern/signature file that comes with the current version of MBAM, may have the correct references in it to remove AV-2009. But don't be surprised if it doesn't. And if not, then you need to update MBAM using one of the two methods suggested here.
AV-2009 is one of the largest, most prevalent, most stinkiest rogues out there. If you get the computer repaired, I suggest running MBAM as a background service, so it watches what you do avoiding this in the future. Advisory: It should now be readily apparent that Norton (whatever flavor you have) failed you - it did not perform. I'd get rid of that - real quick!)
If all of this throws you, report to one of the anti-malware forums listed at the top of this forum, for expert help in removing this garbage.
Unable to access via safemode
Thanks for the advice. Unfortunately, and I neglected to mention, I am unable to access windows via safemode (network). Any attempt produces the same failure. That's why Norton was unable to do a remote extraction.
Unless I am misunderstanding, everything you have instructed me to do is contingent on accessing windows. I imagine I will have to take the computer into a local repair shop, if I can't open it up. That's a real drag considering I got it back from the "GeekSquad" just three weeks ago. Infact, they'er the one's that suggested I use Norton as a Firewall.
Considering I can get this thing fixed, what brand of protection do you recommend?
Help with virus removal!
I'm having the exact same problem and found your post while doing a search.
Is there a solution?
So You're Having Problems With TurboTax As Well?
And you use an "HP Pavilion 521n, with 1 Gig (recently added. Windows XP operating program)
I'll guess not.. When jumping into another thread, please make sure that it's the EXACT same problem and if so, please give us all the specifics about your computer and what the problem is.. If you think it's a virus, WHY do you think it's a virus. Or is it spyware? Or is it something else? And which tools have you used to determine that? What have you ALREADY done to attempt to fix the problem?
At this point, you've give us very little to go on except to ask: "Have you tried the solutions already given in this thread?"
Hope this helps and let us know more.
Cannot get past log-in
I'm using a Dell Dimension 8110 desktop, using Windows XP Home Edition, I think about 100 G.
The virus or malware or whatever sounds exactly like the one described in the previous thread: a virus warning appeared and McAffee said it took care of it but the dialogue box appeared many times. Then it prompted me to run a complete virus scan. When I went to do this with McAffee, it said that the registry was updated and I needed to re-start the computer... big mistake! The virus or malware or trojan, created a welcome screen (it previously went straight to my desktop) and a log-on for myself and "administrator". Clicking on either appears to begin the log-in process and then logs out. That's it. The same result happened in Safe Mode, Safe Mode with networking, last configured setting. McAffee attempted to guide me through remotely to see if they could fix it but because it wouldn't allow a log in there was nothing they could do.
I've read of other people online having similar issues but no clear solution yet.
Then There Aren't Many Options..
Use your computer's recovery discs to perform a repair install.. Or if not an option, you'll need to use them to format and reinstall back to a factory state..
Unfortunately, if you can't log in, you'll need recovery discs of some type.. Let us know what you have..
Because it sounds like system files have been damaged by the virus and then removed by the antivirus program, you might be able to replace the damaged files using the XP Recovery Console IF you have the Windows XP disc and IF you know exactly which files were removed.. If you don't know have all that information at hand, the recovery discs (or the Recovery partition) will be needed.
Hope this helps.
There are two different spyware variations
av-2009(dot)com & av2009(dot).com and a third one is av2009(dot)net. I have them installed from my HOSTS.txt file. You may try to disconnect from the internet first, go up to the E for Internet Explorer or Internet Options in the Control Panel. On the desktop, you go to properties, this is the same as Internet Options. Under the Security Tab is the Restricted sites, click on that and when Sites comes up, put them into that place, (dot)=. Put all 3 in there, Apply and OK. Connect back to the internet and try it again and see if you can log on. They could be also put into Privacy Tab, Sites... and blocked there also. Darrell
Sorry....Not Really Relevant.. User Can't Log In
There's no access to Windows at all. Therefore, the fixes you've mentioned aren't usable. If one can't log in, "FrankieWP" can't "go up to the E for Internet Explorer or Internet Options in the Control Panel" etc.
Hope this helps.
Grif, I mentioned that there was not a reason to log on
And I did find other similar ones: home-av-2009; homeav-2009; miav-2009 and the first three are also listed as www. - all of the others end in com. When you say log on, I can go directly to my desktop and not log on w/o internet access. Darrell
Did you try system restore?? w/o being online?? DarCLew
System Restore Not Possible Without Logging On To Windows
SR is an option from either "normal" Windows or "Safe Mode" but the user must log in to the computer to be able to access such.
Hope this helps.
Sorry Darrell, I Don't Think You Understand
Simply stated, It's not possible to access your desktop without logging on to either "normal" Windows or "Safe Mode" Windows.. In your case, you may be able to start your computer because you don't have a password for your user name or you have it automatically startup but it's still "loggin on" to Windows before accessing your desktop.
In this users case, they can't access Windows at all because they can't logon.. No desktop..No internet.. No nothing but a login window which they can't proceed beyond.
Hope this helps.
That's right, Griff
Griff, you got the problem right. So if there are any solutions for bypassing the log-on problem I'll be very happy to hear them. Griff mentioned trying to use a boot-disk. I'll look into creating one.
I Mentioned Recovery Discs.. Do You Have Them??
A standard "boot disc" doesn't really work with the NTFS file system because it won't allow you to "see" the file system. It's not something you can "create". On the other hand, if you've got a Windows XP disc, (or the manufacturer's recovery discs) it is possible to format and reinstall the operating system. Or as a long shot, an XP disc does allow you to install the REcovery Console which can be used to check for files on the HD.
Hope this helps.
I didn't understand, and There is only one alternative
To reformat the HDD. Unless one created a CD or DVD that had DBAN or KILLDISK on it. I have two of the latter. My apologies, Darrell
Isn't there a way to access the computer some other way?
The files should still be on the hard drive right?
Couldn't someone that knows how to write code make a code that he could run from another computer connected to his computer with the virus on it to either take files he wants to save before he would reformat or maybe even run an anti-virus from a clean computer to delete the virus on his infected computer? I dunno if that would work... I don't know that much about computers. All I know is that computers work in codes. So unless you can't understand a computer without the windows scripts that were deleted by the virus, then I guess the only option would be to try recovery discs or what you suggested.
I'm just thinking because you don't really need windows to access a computer. It's an easy way for people to use it and the only way someone could use a computer without windows is to know how to use/write codes, but if it's possible to do what I was thinking, couldn't it work?