Skip to content

How to Remove Antivirus 2009, Spyware Guard 2008 and Other Malware

antivirus
My wife, kids, and I spent this past Christmas at my parents’ house. It wasn’t long after we arrived before I gravitated to their computer to check my email, read the news, check the stock market, etc.

Much to my dismay, I found a barrage of malware, spyware, and rogue software had made its way onto their machine. I searched around a bit, and found the perfect solution: Malwarebytes’ Anti-Malware.

By far the most annoying type of software that had been installed on their machine was rogue antivirus software. The worst and most persistent offenders were Spyware Guard 2008 and Antivirus 2009. Both of these programs (and many similar ones) are designed to deceive a computer user into believing they are legitimate, by informing the user that spyware and malware has been detected on the system.

Unwitting users click away at the dialog boxes and pay to register the programs, although in reality the programs themselves are the nuisance. Although my parents appeared to have acquired these programs with relative ease, I had a very hard time finding them to intentionally install them (on a virtual machine) for taking screenshots of them in action.

Antivirus 2009

I was able to find a website that generates a very convincing screen that indicates it has located malware on the computer. The webpage and application even use the Windows Security Center Icon, which enhances its appearance of legitimacy.

security-center-icon

The Windows Security Center icon.

In reality, the webpage does not perform any scan on the system although it claims to have done so. Upon completion of the bogus scan, the page displays a dialog box that will install the program no matter what you click (if you download and run the EXE installer). Once installed, Antivirus 2009 constantly displays warnings in attempt to have the victim purchase the full version of the software (fortunately my parents had not done this).

Antivirus 2009 Screenshots

Initial view of a webpage that installs Antivirus 2009

Initial view of a webpage that installs Antivirus 2009.

antivirus-2009-webpage-step-2

"Popup" that appears after the bogus scan takes place.

antivirus-2009-scan-on-clean-system

Antivirus 2009 initial scan on a clean system.

antivirus-2009-alert-dialog

One of many annoying and incessant nags from Antivirus 2009.

Spyware Guard 2008

Spyware Guard 2008 is very similar to Antivirus 2009, in that it also attempts to have the user pay to register the product. Unfortunately, I was unable to find a website that attempts to lure me into installing the program so that I could provide screenshots. However, I was finally able to find the install exe (SpywareGuard2008.exe) on a filesharing site.

Spyware Guard 2008 Screenshots

spyware-guard-2008-installer

Spyware Guard 2008 installer

spyware-guard-2008-warning

Bogus warning dialog from Spyware Guard 2008.

spyware-guard-2008-application

Spyware Guard 2008 application showing bogus infections.

Removal of the Rogue Software

Fortunately, Malwarebytes’ Anti-Malware makes it relatively quick and easy to remove this horrendous software. Just download the program and run a full system scan. When the scan is complete, click the Show Results button and then the Remove Selected button.

anti-malware-scan-results

Malwarebytes' Anti-Malware scan results for the aforementioned rogue programs.

If there are still active programs once the removal has taken place, Anti-Malware will inform you and request a reboot to complete the removal process. Upon reboot, the system will have been disinfected.

It is important to note that although the free version of Malwarebytes’ Anti-Malware does an excellent job of detection and removal, it will not provide prevention. If you would like to prevent the installation of malware in the first place, you will need to purchase the full verison.

Photo Credit: Chris Dewey

28 thoughts on “How to Remove Antivirus 2009, Spyware Guard 2008 and Other Malware”

      1. That’s odd. I never had any issues running the installation. It may be
        some other malware preventing it from executing. What sort of error do you
        get when you try running it?

  1. I copied the mbam-setup.exe Malwarebytes’ Anti-Malware binary in to my machine and i was not able to run it It looks like the spywareguard is blocking any excutable to be ran. I copied also SUPERAntiSpyware.exe and sdsetup.exe and was not able to start them. Any help will be appreciated. Thx

    1. 1. with Superantispyware.com free download. Download on another uninfected computer. copy Superspyware install (.exe) file to infected computer and change the name of the install file (something.exe). Run this new file and change the name of the install location to
      C:programfileSupertemp | Once this installation is complete, browse to that folder. I changed the name of the Superantispyware.exe file to Supertemp.exe (May not be necessary). There should also be a file in this folder named:bootsafe.exe! Run this application to restart your
      computer in Safe Mode – Directory Services Repair. Once the computer restarts in this mode then browse back to the Supertemp folder and run the Supertemp.exe. It should now work and start scanning. Mine detected about 88 infections but you will specifically see the 7 or so files of spyware guard 2008. Reboot when the scan is done and you should be good to go!
      I did not do definition updates during this! I did not want to access the internet during this process!
      Note: The file name changes are required because the spyware guard 2009 won’t let them install/run. This is for spyware guard 2009 even though it detects 2008 and 2008/B.

  2. Thank you so much for this information…..every word of it had come true….although i didn't add the stuff….the pop ups continued…and the fake windows appeared…this page allowed me to know it was fake…excellent advice…thanks a heap…will come back and let you know the update after using the malwarebytes anti-malware…i had this scan already going when i read this…found it on What the Tech…formeerly Tom Coyote's page…God Bless…and say a prayer for me…it's very aggravating…i think we got it from my daughter downloading games to play…Rhonie

        1. Yes, my pc has the antivirus 2009 spyware and it appears Malwarebytes is not detecting anything malicious. I've also run Smitfraudfix, Combofix, Ad-Aware all to no avail.

  3. Can anyone help please. it seems antivirus2009 has infected my desktop. i have run some scanners including malwarebytesAM but it hasnt removed everything and now comes up clean. i downloaded and ran 'spyhunter' which found 5 'virtumonde' infections. i still get the antivirus2009 google tip on the google page and also regularly get blocked unneccessarilly. what can i do next or is it too complicated for someone as rubbish at computers as me??

    1. It sounds as though you may have one of the variants sarah mentioned. When I find some time, I need to see if I can do further research and find a way to remove these variants that Malwarebytes fails to handle.

  4. Hound  is a site which search job for you accross the world …hound directly connect with the employers  it means you apply  directly to employers. hound does not allow any banner to promote there bussiness 
    it only provide what the employer wants it is basically a good site which give us a great utility.its a amazing site everyone should try this site … it help us to search job world wide n it is very convenient . 
    in this sit e you did not need to search more just type your qualification and in which city do u want to do job that’s it …….
    operations manager jobs

Leave a Reply to tim Cancel reply

Your email address will not be published. Required fields are marked *