Question

Locked

Antivirus 2009 a virus or a trojan?

By bennie3327 ·
I Googled on a newspaper article and after reading it some popups called Antivirus 2009 came up. It keeps cycling me around its popups and will not let me cancel out. It told me I have dangerous spyware on my system.
It wants open a window and install something called InstallAVg_880135.exe

How do I get rid of it?

This conversation is currently closed to new comments.

7 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

Kinda both

by Kenone In reply to Antivirus 2009 a virus or ...

Once it gets its' hooks into your machine it will download any sort of scumware it feels like. Try Malwarebytes antispyware to get rid of it. There is no such thing as a free scan.

Collapse -

Great link was posted the other day

by Kenone In reply to Antivirus 2009 a virus or ...

I think it was Osmeg posted a great link the other day for cleaning up that mess. search for Antivirus 2009 here, I think it pointed to bleepingcomputer.com. If he's around maybe he'll repost it for you, if he's feeling kind.

Collapse -

If you clicked the 'cancel' button, you are infected....

by ThumbsUp2 In reply to Antivirus 2009 a virus or ...

The popup itself is infected so that if you clicked ANYTHING at all besides the X in the upper right corner to close the window, you have installed the infection.

AntiVirus 2009 is what we sometimes call Hostageware or more commonly called Malware. The obvious signs of infection are that it will drive you nuts with the popups. However, it disables any antivirus/antispyware programs you're running, redirects browser activity to infected web sites and opens back doors so the really nasty stuff can get in which steals personally identifiable information.

Removing this critter isn't easy. If you're not computer savvy, you should take the computer to a professional to 'clean' it for you.

But, if you're up to the task which may include editing the registry, you can take a look at these instructions:

http://www.bleepingcomputer.com/malware-removal/uninstall-antivirus-2009

There are several things not mentioned in those instructions though.

(1) rename the downloaded file after it's downloaded and before it's used to try and install the program so the AntiVirus 2009 won't recognize it. If you don't do this, the critter will block installation.

(2) install while in safe mode and don't try to update the program or run it yet.

(3) find the executable which was installed (mbam.exe) and rename it before you try to run it.

(4) perform your first full system scan while in safe mode by double clicking the file you just renamed. The shortcut on the desktop won't work.

(5) once the first full system scan has been run and infections healed/cleaned, you can rename the executable back to mbam.exe

(6) reboot back to normal, start MalwareBytes and update the program.

(7) run another full system scan, fix all it finds, reboot, repeat till all system scans are clean.

Collapse -

What cancel button?

by jdclyde In reply to If you clicked the 'cance ...

when I saw this, it did not HAVE a cancel button.

ctrl-alt-del was the way to get out of it, and then begin the removal process....

Collapse -

Editorial Licence jd ...

by OldER Mycroft In reply to What cancel button?

It always seems to offer you a choice:

"Would you like to ..."

Collapse -

Got rid of Antivirus with Malwarebytes, I hope

by bennie3327 In reply to If you clicked the 'cance ...

Thanks for the postings.
I ran Malwarebytes yesterday and it seemed to have eliminated the problem. I can not remember whether or not I hit the cancel button. My normal regimen is to "x" out of those boxes. Therefore, I plan to wade through the process provided by ThumbsUp2 later this afternoon.

Back to Malware Forum
7 total posts (Page 1 of 1)  

Related Discussions

Related Forums