How to Remove Antivirus 2009 – Uninstall Instructions

Antivirus 2009 is a new rogue anti-spyware program from the same family as Antivirus 2008 and Doctor Antivirus. Antivirus 2009 is installed and advertised through the use of misleading web sites that attempt to make you think your computer is infected with a variety of malware. Once installed, Antivirus 2009 will scan your computer and list a variety of fake infections that can’t be removed unless you first purchase the software. These infections are fake, though, and only being shown to scare you into purchasing the software.

When Antivirus 2009 is installed, a Internet Explorer browser helper object is also installed that displays fake messages when using Internet Explorer. These messages range from a line at the top of the browser stating an infection was found to adding a box to the Google homepage stating Google detected that your computer was infected. These tactics are just two more methods where Antivirus 2009 uses false information to scare you into purchasing their software.

Sample Image:

Antivirus 2009

Antivirus 2009

Symptoms that may be in a HijackThis Log:

Note: Some of these entries are random named.

O2 - BHO: &Research - {037C7B8A-151A-49E6-BAED-CC05FCB50328} - C:WINDOWSsystem32winsrc.dll
O4 - HKCU..Run: [75319611769193918898704537500611] C:Program FilesAntivirus 2009av2009.exe
O4 - HKCU..Run: [ieupdate] "C:WINDOWSsystem32ieupdates.exe"

Automated Removal Instructions for Antivirus 360 using Malwarebytes’ Anti-Malware:

1.     [print_link] Print out these instructions as because we will need to close all Windows so be able to fix it.

2.     Download Malwarebytes’ Anti-Malware, or MBAM, from the following location and save it to your desktop (you can also download in other computer that is not affected and print it).

Malwarebytes’ Anti-Malware Download Link

3.     Once downloaded, close all programs and Windows on your computer, including this one.

4.     Double-click on the icon on your desktop named Download_mbam-setup.exe. This will start the installation of MBAM onto your computer.

5.     When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing, make sure you leave both the Update Malwarebytes’ Anti-Malware and Launch Malwarebytes’ Anti-Malware checked. Then click on the Finish button.

6.     MBAM will now automatically start and you will see a message stating that you should update the program before performing a scan. As MBAM will automatically update itself after the install, you can press the OK button to close that box and you will now be at the main program as shown below.

-Update Windows after the installation:

Update Status

Update Status

The main Window:

Main Window

Main Window

7.     On the Scanner tab, make sure the Perform quick scan option is selected and then click on the Scan button to starts canning your computer for Antivirus 2009 related files.

8.     MBAM will now start scanning your computer for malware. This process can take quite a while, so we suggest you go and do something else and periodically check on the status of the scan. When MBAM is scanning it will look like the image below.

Scanning Status

Scanning Status

9.     When the scan is finished a message box will appear as shown in the image below.

Finish Scanning

Finish Scanning

10.  A screen displaying all the malware that the program found will be shown as seen in the image below. Please note that the infections found may be different than what is shown in the image.

Results

Results

NOTE: You should now click on the Remove Selected button to remove all the listed malware. MBAM will now delete all of the files and registry keys and add them to the programs quarantine. When removing the files, MBAM may require a reboot in order to remove some of them. If it displays a message stating that it needs to reboot, please allow it to do so. Once your computer has rebooted, and you are logged in, please continue with the rest of the steps.

11.  When MBAM has finished removing the malware, it will open the scan log and display it in Notepad. Review the log as desired, and then close the Notepad window.

12.  You can now exit the MBAM program.

Other information:

Associated Antivirus 2009 Files:

Note: Some of these entries are random named.

%UserProfile%DesktopAntivirus 2009.lnk
%UserProfile%Application DataMicrosoftInternet ExplorerQuick LaunchAntivirus 2009.lnk
%UserProfile%Local SettingsTemporary Internet FilesContent.IE5S96PZM7Vwinsrc[1].dll
%UserProfile%Start MenuAntivirus 2009
%UserProfile%Start MenuAntivirus 2009Antivirus 2009.lnk
%UserProfile%Start MenuAntivirus 2009Uninstall Antivirus 2009.lnk
c:Program FilesAntivirus 2009
c:Program FilesAntivirus 2009av2009.exe
c:WINDOWSsystem32ieupdates.exe
c:WINDOWSsystem32scui.cpl
c:WINDOWSsystem32winsrc.dll

Associated Antivirus 2009 Windows Registry Information:

Note: Some of these entries are random named.

HKEY_CURRENT_USERSoftware75319611769193918898704537500611
HKEY_CLASSES_ROOTCLSID{037C7B8A-151A-49E6-BAED-CC05FCB50328}
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects
{037C7B8A-151A-49E6-BAED-CC05FCB50328}
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun "75319611769193918898704537500611"
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun "ieupdate"