How to remove Antivirus 2009

chaos945

OSNN Senior Addict
Joined
10 Feb 2003
Messages
934
I've had a lot of machines infected with this malware/virus and I thought I'd share my technique of removing it. Since most of the forums and info I've found regarding the infection has been poor.

Download Malware Bytes Anti-Malware
Download Combofix

1.) Install MWB Anti-Malware and update your definitions to the latest version. Unfortunatelly I've been unable to get this program working portably...

2.) Boot to safemode

3.) Run MWB Anti-Malware. Remove what it finds. Do not restart.

4.) Run ComboFix.

5.) Do not inturrupt ComboxFix just let it do it's thing.

6.) Once ComboFix is done you should be back in Normal Windows again. For good measure scan with your favourite antivirus with the latest definitions. I like Antivir because it's fast.

7.) You should be clear now. You may get some broken startup items. Remove them with your favourite startup program. I like StartupCPL.
 

Tarun

https://www.lunarsoft.net
Joined
10 Jul 2007
Messages
91
I wouldn't touch ComboFix, because of all the negative issues it has had in the past (like wiping out the entire system32 directory).

You can use SUPERAntiSpyware and MBAM to get rid of it best. Spybot has also found traces I've noticed.
 

chaos945

OSNN Senior Addict
Joined
10 Feb 2003
Messages
934
Hmm, I'll have to give SuperAntiSpyware a go.

I haven't had any ill effects with ComboFix after about of year of use and it has been effective against variations of AV2k9 and Vundo. I'm not saying that it is bulletproof, just that I've not had a problem.
 

chaos945

OSNN Senior Addict
Joined
10 Feb 2003
Messages
934
Well I've tried SuperAntiSpyware for a couple of days. I must say that it isn't bad, removal rates were good, and it was a breeze making it portable.

The only thing I found a bit tedious was scan time which was on average 45min-80min. For a thorough scanner its great but I'd probably only use it sparingly. Using ComboFix or MBAM, then scouring the system with Autoruns and/or Hijackthis takes maybe 10min.
 

tdinc

OSNN Veteran Addict
Political Access
Joined
6 Dec 2003
Messages
3,508
RogueRemover also created by Malwarebytes, is a small program specific option for removing the bastard antivirus 2008. try running it to make sure it is completely removed.

works well and super fast :)

here is the link

http://www.malwarebytes.org/rogueremover.php
 

Members online

No members online now.

Latest forum posts

Latest profile posts

Electronic Punk wrote on Sazar's profile.
Rest in peace my friend, been trying to find you and finally did in the worst way imaginable.
Terrahertz wrote on Electronic Punk's profile.
Yo fellas!
Electronic Punk wrote on Sazar's profile.
Where are you buddy?
Perris Calderon wrote on Electronic Punk's profile.
Hey EP! All good with me, applying for Microsoft MVP right now, should have done this a while ago.

Notifications don't work, I only found your response by coming back to hunt up some threads, if you want, give me your email address so we can keep in touch easier!
Perris Calderon wrote on Electronic Punk's profile.
EP, glad to see you come back and tidy up...did want to ask a one day favor, I want to enhance my resume , was hoping you could make me administrator for a day, if so, take me right off since I won't be here to do anything, and don't know the slightest about the board, but it would be nice putting "served administrator osnn", if can do, THANKS

Been running around Quora lately, luv it there!

Forum statistics

Threads
61,997
Messages
673,414
Members
5,591
Latest member
nodee