How to remove antivirus2009 manually

Moderators: Divesh, Gurdip Singh

How to remove antivirus2009 manually

Postby tarique » Sat Jul 19, 2008 4:02 pm

How to remove Antivirus2009 manually

1)Boot your machine in safe mode
2)Go to Start>>>>Run>>>regedit
3)press key ctrl+f
4)search antivirus2009
4)Delete all entry like antivirus2009.exe etc.
5)Delete antivirus2009 folder from <Root Drive>\programfile\antivirus2009

Restart your system in normal mode.

This process will be solve your problem.
tarique
 
Posts: 66
Joined: Tue Feb 12, 2008 6:02 pm
Location: Mumbai

Postby Varghese » Wed Aug 06, 2008 1:15 pm

A folder av2009 is created normally in the program files with an exe av2009.exe running in the backgroud. Kill the exe and delete the file.

Also different variants of the same adware are in the wild.
A common symptom is a BSOD screen saver popping up every two mintues or five. A yellow/blue wallpaper stating the Machine being infected.

Almost every variants of this adware/virus is removed by MWAV. Just the leftovers of the virus, a screensaver and wallpaper needs to be removed manually. Since these files have no malicious codes in it.

Normally these wallpapers and screensavers are in the following path.

%windir%\system32\[RANDOM NAME].scr
%windir%\system32\[RANDOM NAME].bmp

it has been observed the names start with an lphc or blphc or rhc followed by a random string of alphabets.

Eg. lphcv8e4eab.exe
blphcv8e2eab.bmp
blphcv8e3eab.scr

Running latest mwavscan /explorer will change the default wallapaper and screensaver to none.

Keep checking for the pinfect.zip getting created everytime the mwavscan runs. If you doubt any suspicious behaviour sent this file to samples@mwti.net

:)
Varghese
 
Posts: 144
Joined: Sat Dec 29, 2007 11:52 am
Location: Mumbai


Return to Virus-related Issues

Who is online

Users browsing this forum: No registered users and 9 guests

cron