Antivirus 2009 is a rogue application, which is distributed by several malicious sites or brought into your computer through a trojan virus disguised as a codec. I will try to give you the detailed and updated info for its removal. All the tools/ software mentioned in this article are freeware.
Trojan Removers: As you might be aware that this malware could be installed by a Trojan, you will need to remove that Trojan as well. Try these free tools . Click here to read more....
Preparation: Search for and keep the windows operating system disk ready, if you got one with your computer. Or check if there is a Restore Partition on your hard disk, in that case you won't require an extra disk. It will be useful if you want to run the system file checker.
Turn off - system restore : The malicious files are saved in the system restore backup. You need to turn system restore off to remove them. You can turn it ON after cleaning the computer. Click here to read more...
If you are unable to open Task Manager Sometimes you will find that you are not able to open the task manager, the run command etc. The virus does this to prevent you. There are several polpular free tools available on the internet to solve this problem. I will list them here, see which one helps you. Click here to read more....
Remove Processes from Task Manager Press Ctrl Shift Esc to open Task Manager. See in the list of the processes for a process named av2009.exe select if found and press the End Process button. It will prompt you , say yes, and then close the Task Manager. There may be more processes belonging to this malware.
Removing a Program from windows startup: The system configuration utility can be started in xp and in vista by typing msconfig in the run box. The run box can be opened in xp by clicking on Start > run
After the system configuration utility window is open, Click on the Startup tab, that will list all the programs that are scheduled to start when you turn your computer On. Expand the middle column using your mouse pointer so that you can see the path of the program on the hard disk, that will give you a clear idea, what program that is. Locate and uncheck the entries if found C:\Program Files\Antivirus 2009\av2009.exe and also look for entries that consist of random numbers, these entries are also added by the antivirus2009. Uncheck the boxes in front of these entries, and also note down the random number, and its path on the hard disk, that will be needed when you want to locate it in the taskmanager and also on the hard disk to delete it. This step is very important. The further cleaning depends on cleaning this list. Press Apply , Press Close/Ok , at the next prompt select "Restart the computer".
Searching andd Deleting the Folders / files on the hard disk After restarting the computer, use the windows search utility to search for"Antivirus2009". This search will find all its folders on the hard disk , delete the folders from the hard disk. You may find the folder in more than one location. Delete its all instances.There are some more files other than this directory. You may need to enable to view hidden files and folders if you can not see the folders listed below. In XP, Control panel > Folder options > View . Locate "Hidden Files and Folders", select "View hidden files and folders" , press Apply, press ok. These files were found in the windows directory. These are not the windows system files, although they have similar names. You can delete these files, if they are found in the following locations. Remember, there are legitimate windows system files with the same names under C:\Windows\System directory.
You can edit the registry by using the windows built in registry editor. Click on Start > Run to open the run command box in XP, whereas in Vista the box is already open. type regedit and press Enter or Ok , that will open the registry editor. Click here to read more....
These registry entries may be found on an infected computer. Delete them if found.
(All the keys under this path were found to be created by antivirus2009. The names were like AutoUpdate_1, AutoUpdate_2, AutoUpdate_3, AutoUpdate_4, 80d9aadb etc...)
Using CCleaner: CCleaner is a freeware temp files and registry cleaner. We need to use this type of software because almost all the infection that occur through internet, come through the temp files, and unfortunately windows does not remove temp files automatically.
Using the Antivirus : Follow this step, if even after applying all the above steps, the virus still shows its presence in the computer. Click here to read more....
Using the system file checker: Follow this step if you notice trouble in the normal functioning of windows. This utility will check and replace the damaged/ altered or missing system files. Click here to read more....
If you are unable to access one or more sites during the repair process
- It can happen if your Hosts file has been altered. To repair/ edit the hosts file. Login as administrator. open the following file in notepad C:\ WINDOWS \system32 \drivers \etc \hosts remove anything other than 127.0.0.1 Localhost, and save and close the file. In some cases there may be entries created by you or some security application installed on your computer to block malicious sites on your computer, but there is no reason for security related sites to be in this list. - if possible use another computer to download the software needed for repairing your computer, and then copy and transfer it to the infected computer using any available means like a pen drive. - if you are using only internet explorer, and if it is blocked from visiting some of the security related sites, try to download/ install Firefox browser, and see if you can use it for the same purpose.
My pc was infcted with spyware protect 2009 alert so i couldnt find av2009 or or antivirus 2009 but I unchecked the sysguard from msconfig from run..and the pop up which was from that stupid fake untivirus is gone also as I used Spyboot search and destroy antivirus software...so Is my pc now saved?
i tried to follow ur instrutions on how to remove personal antivirus online and when i go into processes it does not show there and its really on my computer not allowing me to update work i need to do online i dont know what to do please help
Please download a small free tool called "TrendMicro HijackThis", scan your computer with it, and then save the log file as a text file, send this file on my email (support@comprolive.com)
