PDA

View Full Version : Antivirus 2009 Removal Guide*



starforce
27.06.09, 08:10
This is becoming a very popular spyware and a headache for alot of users.Found some useful information I thought I would pass on.Hope it helps.



YouTube - Antivirus 2009 Removal Guide (http://www.youtube.com/watch?v=0W1e5oR8PTw&feature=related)

Antivirus 2009 is a rogue application, which is distributed by several malicious sites or brought into your computer through a trojan virus disguised as a codec. I will try to give you the detailed and updated info for its removal. All the tools/ software mentioned in this article are freeware.

Turn off - system restore : The malicious files are saved in the system restore backup. You need to turn system restore off to remove them. You can turn it ON after cleaning the computer

1.open task mange alt-ctrl-delete
2.go to process
3.find av2009 or antivirus 2009 (if u cant find it, its because your prob not in the administrators account )
4.terminate the program av2009
5.go to my computer
6. go to program files, if its not there then ur in the wrong file!
7. find av2009
8.& drag to recycle bin


If you are unable to open Task Manager
Sometimes you will find that you are not able to open the task manager, the run command etc. The virus does this to prevent you. There are several popular free tools available on the internet to solve this problem
1) The UnHookEcec tool from Symantec
Download the file UnHookExec.inf and save it to your Windows desktop. (If you cannot connect to the Internet from the infected computer, download to an uninfected computer then save it either to a floppy disk or cd, dvd. Then take the disk and insert it in the disk drive of the infected computer.) Note: The tool has a .inf file extension. Locate the download file, either on the Windows desktop or the floppy disk. Right-click the UnHookExec.inf file and click install. (This is a small file. It does not display any notice or boxes when you run it.)
2) Use "Remove Restrictions Tool" . Do a google search with this name, and download the latest version from whichever site you like. It is a Demo version in which some advanced features are disabled, but it should be enough to remove the restrictions placed by the virus on your computer. Uninstall / delete this software after single use. There is no point in keeping it on your computer once it has done its job.

Malwarebytes Antimalware : This is another great software to remove the malware infection. Unlike the Antivirus softwares it is geared more towards removing the rogue security application. It has a free version which can be downloaded from
Code:

malwarebytes.org
With some luck this software may reduce your troubles substantially. Download , install , Update and Perform Quick Scan. The full scan takes several hours or menet depent on the pc if it is pentum 3 or q core to complete. After the scan is over, press the "Remove selected" button

regards
starforce

anon
27.06.09, 19:30
This piece of s*** can be really annoying to kill and uninstall :mad:

Thanks for the tutorial. Taking advantage of the "Image File Execution Options" registry key to make it crash when run and prevent it from readding its files and autostart entries is a nice thing to do. :top:

starforce
27.06.09, 20:08
This piece of s*** can be really annoying to kill and uninstall :mad:

Thanks for the tutorial. Taking advantage of the "Image File Execution Options" registry key to make it crash when run and prevent it from readding its files and autostart entries is a nice thing to do. :top:
lol yes it is men i love this coment it is This piece of s*** :biggrin:
caz off this i post this tut
i holp this well help all off you
regards big love
starforce

SBfreak
27.06.09, 20:22
Well the best way to get rid of it is to reinstall the OS and be sure you use the right security suite/antivirus.That's what I did first time it got into my comp.:mad2:

MikeD
29.06.09, 19:11
SUPERAntiSpyware's free edition will also work. Available at SUPERAntiSpyware.com | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware! (http://www.superantispyware.com). If you are already running a copy of SUPERAntiSpyware, make sure to update the latest version and definitions.