Antivirus 2009
Updated: September 10, 2010
Antivirus 2009 was tagged by security expert as one of the widely-spread and most successful rogue antivirus that has infected millions of computers around the world. Antivirus 2009 generally pretends to be a security application but was created primarily to sell the rogue product by using unfair method of fake scanning and detection to assure the victim of its importance. This fake program was brought about by another Trojan that has the capacity to redirect web browsers to a malicious website and dropped a copy on the visitors computer. It will install itself automatically and there are also instances that users must have a consent in loading this to their computer.
Once loaded into the computer, it will never stop in displaying falsified information particularly fabricated virus scan results. This will show how infected the computer is even though in reality there is no sign of virus infection. A prompt to obtain a registered version of Antivirus 2009 will remain active until such time that it was purchased. As expected, there is no guarantee that computer will be protected and be cleaned from viruses after the acquisition. As what we have always suggested, use only effective and real anti-malware program to remove Antivirus 2009.
Screenshot Image:
Aliases:
Antivirus2009
Risk Level: Medium
File Size: Varies
Affected System: Windows
Antivirus 2009 Removal Procedures
MalwareBytes’ Anti-Malware:
In order to completely remove the threat from a computer, it is best to download and run Malwarebytes Anti-Malware. Sometimes, Trojans will block the downloading and installation of MBAM. If this happens, download it from a clean computer and rename the executable file before executing on the infected computer.
Portable SuperAntiSpyware:
To thoroughly clean a computer, it is best to do a separate scan of another security program so that other infected files not detected by anti-virus application can be remove as well. Download and run SuperAntiSpyware Portable Scanner.
Related posts:
- Vista Antivirus 2008
Updated: September 29, 2008 Vista Antivirus 2008 is another rogue anti-virus program that pretends to secure computer and remove virus infections after purchasing...
- Antivirus XP 2008
Antivirus XP 2008 is a widely spread fake antivirus application for Windows systems. It is promoted as a useful program that...
1. Download Malwarebytes’ Anti-Malware (mbam-setup.exe) and save it on your Desktop.
2. After downloading, double-click on mbam-setup.exe to install the application.
3. Follow the prompts and install as “default” only
4. Before the installation completes, check on the following prompts:
- Update Malwarebytes’ Anti-Malware
- Launch Malwarebytes’ Anti-Malware
5. Click “Finish.” Program will run automatically and you will be prompt to update the program before doing a scan. Please update.
6. Scan your computer thoroughly.
7. When scanning is finished click on the “Show Results”
8. Make sure that all detected threats are marked, click on Remove Selected.
9. Restart your computer.
Note: Antivirus 2009 may prevent mbam-setup.exe from downloading and running. You can download and rename this program from a different computer before running it on infected system.
Webmaster- Thank you so much for the Anti-Malware! I was trying all day today to get rid of it and this worked like a charm. Best of all it was free! I was getting so frustrated too. I accidentally downloaded it and it made my computer all wacky. Thank you very much for the help.
i did a system restore went back a couple days it was gone
Yea, Paula — you just saved me $140 with Geek Squad to remove this thing!
Paula’s idea was a charm. I did exactly what she said, then did a system restore for good measure and antivrus 2009 was completely gone upon restart.
THANK YOU!
As long as you stop the process from within task manager you can delete the main .exe file. Note that you also have to remove the registry entry that runs it at startup otherwise you will get error messages saying it cannot be found when you restart. It’s in HKCU/Software/Microsoft/Windows/CurrentVersion/Run. Just delete the key that mentions Antivirus 2009. There are also a couple of infected dlls – it’s safe to delete winsrc.dll, but DO NOT delete wininet.dll, let your antivirus diinfect it.
on your own risk only!!!!
if this problem happened before installing new programs try to reload last system restore that you have.
If not try this solution:
1. go to task manager, end the process av2009.exe
2. search for file av2009*.* on all hd.
3. dell every file that containing av2009
4. go to registry export all of the registry to a file
5. find av2009 dell every match in registry
6. restart computer the computer
Good Luck,
Amir Chen
Click Start/Run and enter REGEDIT
Go to: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System
Look in the right pane for a value called DisableTaskMgr.
If it exists, it should be set to 0 (zero).
If not, double click it and set it to 0.
If it doesn’t exist, right click in a blank area of the right pane and select New,
DWord value.
Name it DisableTaskMgr and leave it set at 0.
Unbelievable how easy it was to get duped by what looked like a legitimate software company cleverly named “antivirus 2009″! Shame on this company!
1) Purchased the download yesterday. Pop ups still came up. Checked the web with search and read the complaints/scams and couldn’t pull up pages for the “antivirus 2009 removal” links.
2) Called the third party biller today (thanks for both numbers) for Jettis International Royal Billing:
1(866) 905-5125 (enter 3 for cancel)
1(866) 905-5126 (enter 3 for cancel)
They could not find the charge. They suggested to call my credit card company.
3) Called my credit card company a few minutes after calling the third party biller, and the credit card company immediately found my charge. Reported/explained this fraudulent charge, and they are reversing this “unauthorized charge”, will cancel this card, and will reissue a new card.
Encourage everyone to try to get your charges reversed/refunded.
webmaster ive been a network engineer for 10 years and this is the first time i have ever contributed to a post-my 21 month old infant son (aka destructo man) was banging away on the keyboard on my home computer (which I never use) and as as result av09 was installed on the machine while i was out working on a major client security breach downtown on wall street in nyc-after coming home and spending 3 hours of troubleshooting registry/ar programs/taskmgr etc etc (while the family slept comfortably lol)-i found this site-you’re approach worked-thanks!shoot me an email if you need help with anything
Sean,
I was able to make this work.
1) Downloaded Malwarebytes software to a different computer and then put it on a flash drive
2) Went to start/control panel/system/hardware/device manager, click on view and click on show hidden devices. Look for TDSServ.sys, right click it and disable it.
3) Plug flash drive into infected machine and rename the Malwarebyte file to anything else. Install the program and then run a scan. It should locate and quarantine about 20-25 files.
4) At that point you can update all of your virus software and spyware software.
Good luck! This thing is a &$%#*
What a great thread! I’m so happy to have found out that I wasn’t the only one who got stung by these jerks. I was fortunate to not have downloaded or paid for anything, but the popup ads had me a nervous wreck, being a computer novice not knowing what was happening to my machine. Here I thought I was a safe surfer: I guess there’s no such thing as long as there are cretins in the world who get a kick out of building garbage like this stuff. Anyway, HUGE PROPs to the guys at Malwarebytes! I downloaded the app, loaded it and it had found 14 infected files. I can only assume that the AV2009 popup crap was only one of several worms/trojans that stung me. The app that I couldn’t get rid of was lsass.exe: I could see it while using Task Manager, but I couldn’t figure out how to delete it. To my complete joy, Malwarebytes cleaned me up in one quickscan. I can only pray that whatever fixes were made stay put. Here’s the link (I also saw it in some previous posts here): http://www.precisesecurity.com/tools-resources/adware-tools/malwarebytes-anti-malware/ .Thanks for a great thread & great info exchange on the subject.
I too had this problem. Found the most simple way..
1. go to your start menu
2. go to accessories
3. then to system tools
4. then to system resore
5. go to a date from before this program started popping up.
6. click next.
it will re-boot your computer and put to the settings from before you ran into this probelm!
I hope this helps:))
System restore worked for me with Vista.
Completely removed.
Here is how I fixed the problem this morning. I know those jerks will read this comment, and design something to prevent my solution, but I believe helping those in trouble right now is more important.
. I first used Malwarebytes’Anti-Malware program (free) to scan my computer and removed ALL infections (I had about 189!)
. Then I used SpyBot Search and Destroy to scan again and removed another 19 infections not detected by Malewarebytes.
. That got rid of the popups.
. However, my Internet Explorer, including my Google homepage wa still displaying the annoying Google Tip about Antivirus 2009 “hijacked” by those jerks, and it was impossible to surf without constantly getting AntiVirus 2009 fake pages.
. After working all night on doing searches malicious websites, I found out that all sites named *gmodules.com are the malicious ones implanting anything they want in your computer. So here is what I did:
1) I blocked 3rd-party cookies in my Internet options security
2) I added the sites *gmodules.com (all sites ending with “gmodules.com” in my list of restricted/untrusted sites.
3) I deleted all cookies and temp internet files.
4) I restarted my computer.
Now, this morning, my computer is sane again.
I hope this helps you.
Thank you Corinne; your solution worked for me.
Hope the virus does not come back.
There is a new version out that nothing will remove it. And Roy, you can go to google and get this Virus. It is dirty. People think it comes from Microsoft and maybe it does. If they have a customer service number why can’t this be shut down? Isn’t it illegal?
For those that can’t get Malwarebytes to install, do not use the mouse to click through the dialog.
Use your arrow keys, tab, and enter key to go through the install windows.
I found this tip on another site and it worked for me.
I used the quick scan option which took about 10 minutes and all seems fine.
Paula…you are THE BEST. We have had this annoying thing on our computer since the summer…..argh!!! We are not computer savvy and had no idea how to get rid of it. I so appreciate your help.
Paula! After 5 wasted hours and numerous phone efforts-it seems to be gone. Thank you
this software has now gotten much smarter. You can no longer run task manager, you can not download anything from the internet, it blocks all programs but their product so you can’t even run command, ie, firefox or anything. It also blocks you from rebooting in safe mode and blue screens when you try.
I agree with adam that although paula’s suggestion works it will not for a long time, as i have done this and it keeps coming back again and again. although the antimalware works like a charm it takes along time for the moment but again it comes back. i have avg, spybot search and destroy, spyware blaster, ccleaner but no use, it keeps coming back and back, all i am doing right now is open the task manager and deleting as soon as it comes in and in the process tab deleting the svchast.exe which stops from repeting the anitvirus installation. Its not svchost.exe but svchast.exe. I dont know if i am right but it gives me a piece of mind for a week and then i have to do it again. haha
any suggestion to completely stop it please do let me know. thanks
Leave your response!
Subcategory
Recent Comments
Recent Posts
Most Commented
About precisesecurity
A trusted computer security web site that provides efficient and free solution to remove Trojans, viruses, rogue programs and other similar malicious activities.
Copyright © 2006-2012 | Tech Blogs - precisesecurity.com | Privacy Policy