The Underbelly of the Internet – Antivirus 2009 (removal help)…

I am getting sporadic reports from friends of getting the uninvited rogue “Antivirus 2009” anti-spyware program on their computers. From what I can find, the “Antivirus 2009” is usually spread via a ZLOB/MediaAccess Codec installer usually found on adult sites, in shady torrent downloads, and from what I call the underbelly of the internet. If you are one to cruise the underbelly, you better be prepared for the consequences. It is not to say there is the possibility infection can occur from what appears to be legitimate means; but the underbelly of the internet is usually the carrier and promoter of these rogue packages. These forms of infection carry what is called a “Trojan” that is basically installed on your computer and disguised as system notifications that lead to websites with rogue anti-spyware and anti-virus programs. If you are seeing random pop-ups prompting you to do system scans and showing results that your system is infected with spyware, etc., then you’ve been had. Do not let desperation get the best of you where you end up using your credit card to purchase of the “rogue” software. Again, it goes back to the old premise, “believe nothing and verify everything”; including the removal sources for these type of malware applications. I strongly advise that if you get infected, do not make any online purchases where you are typing in personal information, such as credit card numbers, etc… The “Trojan”, as I mentioned earlier can or could contain a keylogger which could record and send out every keystroke you make. I do not put anything past these rogue packages. If you do get infected, research the problem, preferably on a clean machine AND, if possible, get someone to help you… These infections are difficult to remove and are usually bundled with so much other malware, that traditional antispyware or antivirus programs have difficulty with completely cleaning these infections. Even a seasoned tech person will tell you these packages are a nightmare and it is not uncommon to do a complete rebuild on the computer.

Research information and Removal Assistance (click on links below):

SmitFraudFix – A tool created to remove rogue anti-spyware applications that utilize Trojans to issue fake taskbar security alerts or that change your background in order to scare you into purchasing the full commercial version of their software..  This is a specialized tool was created in order to help a user clean their system of these infections.

Bill Mullin’s Weblog – Tech Thoughts – Bill, a seasoned blogger and information technology expert, recently posted an article on (VirusResponse Lab 2009) – Removal Solutions which describes a similar circumstance as the Antivirus 2009. Further down in Bill’s blog post you will find additional removal sources.

Tech – for Everyone – Another blogging site that is an excellent resource, with numerous posts, which describes and teaches you what to expect from the underbelly of the internet.

Spyware Techie – A techie’s take on spyware. The site specializes in identifying and providing removal solutions for numerous of these rogue carriers.



4 thoughts on “The Underbelly of the Internet – Antivirus 2009 (removal help)…

Add yours

  1. Rick,

    Indicative of the pervasiveness of these rogue applications you describe in your article, is the 11,000 + times, removal solutions have been downloaded through my site in the last 5 days alone.

    The huge number of people, that I am personally aware of, who have been defrauded of their money in an attempt to remove these infections from their computers, has appalled me.

    You have served your readers’ well by pointing out the the very real dangers involved in surfing the “underbelly” of the Internet.



  2. Rick,
    As Bill has stated, this rogue antivirus program problem has truly become an epidemic– and as you stated, the cyber-criminals are able to launch these popup warnings at us even when we visit “legitimate” websites.
    You are right to alert your readers, and your readers will be doing their friends a favor if they refer them to your article.

    I am a part-time blogger and full-time Tech Support & Repair Technician… cleaning up infections is part of my job. Because these modern forms of malware mutate, and install a downloader which is constantly adding more malware.. cleaning them is a truly difficult and lengthy task (meaning, “not cheap”).
    Short of seeking professional aid, the average PC owner will be best served by formatting their hard-drive, reinstalling Windows, and restoring their files from a backup made prior to infection.
    (You have made backup copies of your files/photos/music… right???)

    * Readers should be aware that these specialty anti-rogues, so frequently mentioned in “how to remove” articles, (such as Smits) do not run on Vista.


  3. Bill,

    Your mentioning the 11,000 + times people have downloaded removal solutions through your blog speaks not a thousand words, but 11000 words… This problem is “epidemic” in nature… It is techs like you that is pro-active and tries to educate and alert people… Oh, got me thinking about the term “underbelly” and wondering if it is in fact a true word and it is: Underbelly – a dark, seamy, often hidden area or side.

    Thanks for all your input…


  4. TechPaul,

    I too have assisted with removal of these rogue packages. It is one reason I’m not doing this as a business… To time consuming and folks don’t realize the “brain energy” you have to use to clean a machine…

    Backup copies you ask??? When I managed a computer network at a small government agency, I was obsessed with backups… Still am in my home setup… I currently have a blog post ready about disk imaging…

    Thank you for all your input…


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Powered by

Up ↑

%d bloggers like this: