You are here: blogs » Unwanted Programs » Antivirus 2009

Antivirus 2009

Posted: 26 June 2008 | Under: Unwanted Programs

Updated: September 10, 2010

Antivirus 2009 was tagged by security expert as one of the widely-spread and most successful rogue antivirus that has infected millions of computers around the world. Antivirus 2009 generally pretends to be a security application but was created primarily to sell the rogue product by using unfair method of fake scanning and detection to assure the victim of its importance. This fake program was brought about by another Trojan that has the capacity to redirect web browsers to a malicious website and dropped a copy on the visitors computer. It will install itself automatically and there are also instances that users must have a consent in loading this to their computer.

Once loaded into the computer, it will never stop in displaying falsified information particularly fabricated virus scan results. This will show how infected the computer is even though in reality there is no sign of virus infection. A prompt to obtain a registered version of Antivirus 2009 will remain active until such time that it was purchased. As expected, there is no guarantee that computer will be protected and be cleaned from viruses after the acquisition. As what we have always suggested, use only effective and real anti-malware program to remove Antivirus 2009.

Screenshot Image of Antivirus 2009:

Image of Antivirus 2009

Signs and Symptoms of Antivirus 2009 Infection:

Browser is redirected to Antivirus 2009 web sites
Rogue program is coupled with web site that promotes the full version of it. Also, the same web sites are used for online payment if user has fallen into the trap of this malware.

Exhibits fake pop-ups and security alert
In order to deceive computer users, Antivirus 2009 will exhibit a bunch of fake security alerts and warning messages. It also intends to promote the malware as the sole remover for identified threats.

Antivirus 2009 will detect errors and threats that do not exists
Every rogue programs are made to mislead computer users. Thus, expect that Antivirus 2009 will show scan result that is full of errors and threats. This result is fictitious and you should not follow its recommendation.

Other Functions of Antivirus 2009:

  • Antivirus 2009 may come with another Trojan or virus
  • It can contact a remote server in order to download more malware
  • Antivirus 2009 drops files and make changes to the system registry
  • Antivirus 2009 can steal credit card information when you pay for it online
  • The threat can redirect search result link to a malicious web page

How to Remove Antivirus 2009

1. Download Malwarebytes' Anti-Malware from this link and save it on your Desktop.
2. After downloading, double-click on mbam-setup.exe to install the application.
3. Follow the prompts and install as default only.

4. Before the installation completes, check on the following prompts:
- Update Malwarebytes' Anti-Malware
- Launch Malwarebytes' Anti-Malware

5. Click Finish. Program will run automatically and you will be prompt to update the program before doing a scan. Please update.
6. Scan your computer thoroughly.
7. When scanning is finished click on the Show Results button.
8. Make sure that all detected threats are marked, click on Remove Selected.
9. Restart your computer.

Note: Some malware may prevent mbam-setup.exe from downloading and running. You can download and rename this program from a different computer before running it on infected system.

Similar Threats:

Related posts:

  1. Antivirus XP 2008 Antivirus XP 2008 is a widely spread fake antivirus application...

Comments and Suggestions

On this area you can find Visitor's personal suggestions. We cannot control and evaluate each recommended procedure from visitors so please use it at your own risks. If your inquiry pertains to Antivirus 2009 payment refund or lost serial key, kindly check the FAQ for rogue program first.

22 Comments »

  • 1 }
    webmaster (author) said:

    1. Download Malwarebytes’ Anti-Malware (mbam-setup.exe) and save it on your Desktop.
    2. After downloading, double-click on mbam-setup.exe to install the application.
    3. Follow the prompts and install as “default” only
    4. Before the installation completes, check on the following prompts:
    - Update Malwarebytes’ Anti-Malware
    - Launch Malwarebytes’ Anti-Malware
    5. Click “Finish.” Program will run automatically and you will be prompt to update the program before doing a scan. Please update.
    6. Scan your computer thoroughly.
    7. When scanning is finished click on the “Show Results”
    8. Make sure that all detected threats are marked, click on Remove Selected.
    9. Restart your computer.

    Note: Antivirus 2009 may prevent mbam-setup.exe from downloading and running. You can download and rename this program from a different computer before running it on infected system.

  • 2 }
    Chris said:

    Webmaster- Thank you so much for the Anti-Malware! I was trying all day today to get rid of it and this worked like a charm. Best of all it was free! I was getting so frustrated too. I accidentally downloaded it and it made my computer all wacky. Thank you very much for the help.

  • 3 }
    joe said:

    i did a system restore went back a couple days it was gone

  • 4 }
    mil said:

    Yea, Paula — you just saved me $140 with Geek Squad to remove this thing!

  • 5 }
    Rose Elle said:

    Paula’s idea was a charm. I did exactly what she said, then did a system restore for good measure and antivrus 2009 was completely gone upon restart.
    THANK YOU!

  • 6 }
    john said:

    As long as you stop the process from within task manager you can delete the main .exe file. Note that you also have to remove the registry entry that runs it at startup otherwise you will get error messages saying it cannot be found when you restart. It’s in HKCU/Software/Microsoft/Windows/CurrentVersion/Run. Just delete the key that mentions Antivirus 2009. There are also a couple of infected dlls – it’s safe to delete winsrc.dll, but DO NOT delete wininet.dll, let your antivirus diinfect it.

  • 7 }
    Amir Chen said:

    on your own risk only!!!!
    if this problem happened before installing new programs try to reload last system restore that you have.
    If not try this solution:
    1. go to task manager, end the process av2009.exe
    2. search for file av2009*.* on all hd.
    3. dell every file that containing av2009
    4. go to registry export all of the registry to a file
    5. find av2009 dell every match in registry
    6. restart computer the computer
    Good Luck,
    Amir Chen

  • 8 }
    Dave said:

    Click Start/Run and enter REGEDIT
    Go to: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System

    Look in the right pane for a value called DisableTaskMgr.

    If it exists, it should be set to 0 (zero).
    If not, double click it and set it to 0.

    If it doesn’t exist, right click in a blank area of the right pane and select New,
    DWord value.
    Name it DisableTaskMgr and leave it set at 0.

  • 9 }
    naive said:

    Unbelievable how easy it was to get duped by what looked like a legitimate software company cleverly named “antivirus 2009″! Shame on this company!

    1) Purchased the download yesterday. Pop ups still came up. Checked the web with search and read the complaints/scams and couldn’t pull up pages for the “antivirus 2009 removal” links.

    2) Called the third party biller today (thanks for both numbers) for Jettis International Royal Billing:
    1(866) 905-5125 (enter 3 for cancel)
    1(866) 905-5126 (enter 3 for cancel)
    They could not find the charge. They suggested to call my credit card company.

    3) Called my credit card company a few minutes after calling the third party biller, and the credit card company immediately found my charge. Reported/explained this fraudulent charge, and they are reversing this “unauthorized charge”, will cancel this card, and will reissue a new card.

    Encourage everyone to try to get your charges reversed/refunded.

  • 10 }
    papatango said:

    webmaster ive been a network engineer for 10 years and this is the first time i have ever contributed to a post-my 21 month old infant son (aka destructo man) was banging away on the keyboard on my home computer (which I never use) and as as result av09 was installed on the machine while i was out working on a major client security breach downtown on wall street in nyc-after coming home and spending 3 hours of troubleshooting registry/ar programs/taskmgr etc etc (while the family slept comfortably lol)-i found this site-you’re approach worked-thanks!shoot me an email if you need help with anything

  • 11 }
    Mo said:

    Sean,

    I was able to make this work.

    1) Downloaded Malwarebytes software to a different computer and then put it on a flash drive
    2) Went to start/control panel/system/hardware/device manager, click on view and click on show hidden devices. Look for TDSServ.sys, right click it and disable it.
    3) Plug flash drive into infected machine and rename the Malwarebyte file to anything else. Install the program and then run a scan. It should locate and quarantine about 20-25 files.
    4) At that point you can update all of your virus software and spyware software.

    Good luck! This thing is a &$%#*

  • 12 }
    HockeyPuck said:

    What a great thread! I’m so happy to have found out that I wasn’t the only one who got stung by these jerks. I was fortunate to not have downloaded or paid for anything, but the popup ads had me a nervous wreck, being a computer novice not knowing what was happening to my machine. Here I thought I was a safe surfer: I guess there’s no such thing as long as there are cretins in the world who get a kick out of building garbage like this stuff. Anyway, HUGE PROPs to the guys at Malwarebytes! I downloaded the app, loaded it and it had found 14 infected files. I can only assume that the AV2009 popup crap was only one of several worms/trojans that stung me. The app that I couldn’t get rid of was lsass.exe: I could see it while using Task Manager, but I couldn’t figure out how to delete it. To my complete joy, Malwarebytes cleaned me up in one quickscan. I can only pray that whatever fixes were made stay put. Here’s the link (I also saw it in some previous posts here): http://www.precisesecurity.com/tools-resources/adware-tools/malwarebytes-anti-malware/ .Thanks for a great thread & great info exchange on the subject.

  • 13 }
    JanPerry said:

    I too had this problem. Found the most simple way..
    1. go to your start menu
    2. go to accessories
    3. then to system tools
    4. then to system resore
    5. go to a date from before this program started popping up.
    6. click next.

    it will re-boot your computer and put to the settings from before you ran into this probelm!

    I hope this helps:))

  • 14 }
    Burnster said:

    System restore worked for me with Vista.
    Completely removed.

  • 15 }
    Corinne said:

    Here is how I fixed the problem this morning. I know those jerks will read this comment, and design something to prevent my solution, but I believe helping those in trouble right now is more important.
    . I first used Malwarebytes’Anti-Malware program (free) to scan my computer and removed ALL infections (I had about 189!)
    . Then I used SpyBot Search and Destroy to scan again and removed another 19 infections not detected by Malewarebytes.
    . That got rid of the popups.
    . However, my Internet Explorer, including my Google homepage wa still displaying the annoying Google Tip about Antivirus 2009 “hijacked” by those jerks, and it was impossible to surf without constantly getting AntiVirus 2009 fake pages.
    . After working all night on doing searches malicious websites, I found out that all sites named *gmodules.com are the malicious ones implanting anything they want in your computer. So here is what I did:
    1) I blocked 3rd-party cookies in my Internet options security
    2) I added the sites *gmodules.com (all sites ending with “gmodules.com” in my list of restricted/untrusted sites.
    3) I deleted all cookies and temp internet files.
    4) I restarted my computer.

    Now, this morning, my computer is sane again.
    I hope this helps you.

  • 16 }
    tigerxxx said:

    Thank you Corinne; your solution worked for me.
    Hope the virus does not come back.

  • 17 }
    Maureen said:

    There is a new version out that nothing will remove it. And Roy, you can go to google and get this Virus. It is dirty. People think it comes from Microsoft and maybe it does. If they have a customer service number why can’t this be shut down? Isn’t it illegal?

  • 18 }
    David said:

    For those that can’t get Malwarebytes to install, do not use the mouse to click through the dialog.
    Use your arrow keys, tab, and enter key to go through the install windows.
    I found this tip on another site and it worked for me.
    I used the quick scan option which took about 10 minutes and all seems fine.

  • 19 }
    Christina said:

    Paula…you are THE BEST. We have had this annoying thing on our computer since the summer…..argh!!! We are not computer savvy and had no idea how to get rid of it. I so appreciate your help.

  • 20 }
    Stewart Scham said:

    Paula! After 5 wasted hours and numerous phone efforts-it seems to be gone. Thank you

  • 21 }
    mike said:

    this software has now gotten much smarter. You can no longer run task manager, you can not download anything from the internet, it blocks all programs but their product so you can’t even run command, ie, firefox or anything. It also blocks you from rebooting in safe mode and blue screens when you try.

  • 22 }
    tashi said:

    I agree with adam that although paula’s suggestion works it will not for a long time, as i have done this and it keeps coming back again and again. although the antimalware works like a charm it takes along time for the moment but again it comes back. i have avg, spybot search and destroy, spyware blaster, ccleaner but no use, it keeps coming back and back, all i am doing right now is open the task manager and deleting as soon as it comes in and in the process tab deleting the svchast.exe which stops from repeting the anitvirus installation. Its not svchost.exe but svchast.exe. I dont know if i am right but it gives me a piece of mind for a week and then i have to do it again. haha
    any suggestion to completely stop it please do let me know. thanks

Leave your response!

You must be logged in to post a comment.