How to remove Antivirus 2009

chaos945

chaos945

OSNN Senior Addict
Joined
10 Feb 2003
Messages
934
I've had a lot of machines infected with this malware/virus and I thought I'd share my technique of removing it. Since most of the forums and info I've found regarding the infection has been poor.

Download Malware Bytes Anti-Malware
Download Combofix

1.) Install MWB Anti-Malware and update your definitions to the latest version. Unfortunatelly I've been unable to get this program working portably...

2.) Boot to safemode

3.) Run MWB Anti-Malware. Remove what it finds. Do not restart.

4.) Run ComboFix.

5.) Do not inturrupt ComboxFix just let it do it's thing.

6.) Once ComboFix is done you should be back in Normal Windows again. For good measure scan with your favourite antivirus with the latest definitions. I like Antivir because it's fast.

7.) You should be clear now. You may get some broken startup items. Remove them with your favourite startup program. I like StartupCPL.
 
I wouldn't touch ComboFix, because of all the negative issues it has had in the past (like wiping out the entire system32 directory).

You can use SUPERAntiSpyware and MBAM to get rid of it best. Spybot has also found traces I've noticed.
 
Hmm, I'll have to give SuperAntiSpyware a go.

I haven't had any ill effects with ComboFix after about of year of use and it has been effective against variations of AV2k9 and Vundo. I'm not saying that it is bulletproof, just that I've not had a problem.
 
Well I've tried SuperAntiSpyware for a couple of days. I must say that it isn't bad, removal rates were good, and it was a breeze making it portable.

The only thing I found a bit tedious was scan time which was on average 45min-80min. For a thorough scanner its great but I'd probably only use it sparingly. Using ComboFix or MBAM, then scouring the system with Autoruns and/or Hijackthis takes maybe 10min.
 
RogueRemover also created by Malwarebytes, is a small program specific option for removing the bastard antivirus 2008. try running it to make sure it is completely removed.

works well and super fast :)

here is the link

http://www.malwarebytes.org/rogueremover.php
 
You must log in or register to reply here.

Members online

No members online now.
Total: 510 (members: 0, guests: 510)

Affiliates

lunarsoft.net techzonez.com

- Contact us to trade links -

OSNN OSNN NTFS XP-erience

Latest profile posts

Steevo
Steevo
Also Hi EP and people. I found this place again while looking through a oooollllllldddd backup. I have filled over 10TB and was looking at my collection of antiques. Any bids on the 500Mhz Win 95 fix?
•••
Steevo
Steevo
Any of the SP crew still out there?
•••
Xie
Xie wrote on Electronic Punk's profile.
Impressed you have kept this alive this long EP! So many sites have come and gone. :(

Just did some crude math and I apparently joined almost 18yrs ago, how is that possible???
•••
N
Nismo83
hello peeps... is been some time since i last came here.
•••
Electronic Punk
Electronic Punk wrote on Sazar's profile.
Rest in peace my friend, been trying to find you and finally did in the worst way imaginable.
•••

Forum statistics

Threads
62,015
Messages
673,494
Members
5,621
Latest member
naeemsafi
Back