Downloading free videos or other freeware or pirated software programs is a common activity of internet users, but unfortunately it carries its own risks related to computer security. Usually those freeware programs come bundled with hidden trojan viruses and other malware that get installed on your computer together with the freeware software without noticing. This is the main method that computer users get infected with the Antivirus 2009 malware. Another common infection method of Antivirus 2009 is by visiting warez or adult websites which usually host those kind of rogue antivirus programs. For a Free Scan of your computer to verify if you are infected with Antivirus 2009, download the Antispyware tool below.

So what is actually Antivirus 2009? It is a rogue antivirus program which is categorized as “scareware” malware because it scares users to purchase the program by generating fake virus alarm messages. It is a successor of the older Antivirus 2008 which infected millions of computers worldwide. Basically Antivirus 2009 is a virus itself. After infecting your computer it will start generating fake alerts and system warning messages claiming that your computer is compromised from numerous viruses and spyware. It might also perform a fake scan of your computer and present you with false results showing infections from various viruses. Then the program will keep asking you to purchase the full version of it so that to remove all “viruses and spyware” from your system. Of course, if you fall in the trap and pay the asked fee, you will just lose your money because Antivirus 2009 is just a scam.

Moreover, Antivirus 2009 hijacks your internet explorer settings and also infects several parts of your system causing computer slowness and system crashes. It sometimes installs other spyware scripts on your PC with the intention to steal personal information such as passwords, credit card numbers etc. If you are a victim of this scam, then you need to take action and remove Antivirus 2009 immediately. A picture of Antivirus 2009 is shown below:

There are two ways to remove Antivirus 2009. You can get rid of Antivirus 2009 either manually or automatically (recommended). Manual removal requires you to be expert in computers and is not recommended since you have to delete entries in the Registry or delete files under “Program Files” and “System32″ folders which makes it kind of dangerous if you don’t know what you are doing. Anyhow, read below for both methods of removing Antivirus 2009 once and for all.

Remove Personal Antivirus Automatically (Recommended)

To safely remove Antivirus 2009 or any other malware and viruses residing on your computer, I would recommend to Download the Free Trial of Spyware Doctor Here, or visit the Spyware Doctor Website for more information.

Spyware Doctor has been used to successfully remove Antivirus 2009 from millions of computers. After Downloading Spyware Doctor, run it and have it scan your PC for free. The free version of Spyware Doctor is for malware detection only. After detecting Antivirus 2009, you can purchase the full version to automatically clean up your PC from Antivirus 2009 or from any other possible malware hiding in your system.

Remove Personal Antivirus Manually
Before proceeding any further, I suggest you to backup everything and especially your computer registry. You need to know what you are doing before manually removing Antivirus 2009. Another thing to keep in mind is that scanning your computer with your currently installed antivirus program will most probably fail since most antivirus programs do not detect Antivirus 2009. You need a dedicated Antispyware program as the one I suggested in the Automatic Removal section above. Anyway, read below for the manual removal steps.

Step1: Stop the following processes

Antivirus2009.exe
AV2009Install.exe
av2009.exe
av2009[1].exe
Note: Some of the processes mentioned above might not be present in your system

Step2: Delete the following Registry entries

First backup your registry before proceeding. Some of the following registry keys might be different in your system.

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\”Antivirus” = “%ProgramFiles%\Antivirus 2009\Antvrs.exe”
HKEY_CURRENT_USER\Software\Antivirus
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\ CurrentVersion\Run\15358943642955870504508370025739
HKEY_CURRENT_USER\Software\75319611769193918898704537500611
HKEY_CLASSES_ROOT\CLSID\{037C7B8A-151A-49E6-BAED-CC05FCB50328}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{037C7B8A-151A-49E6-BAED-CC05FCB50328}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “75319611769193918898704537500611″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “ieupdate”
HKEY_LOCAL_MACHINE\SOFTWARE\Antivirus

Step3: Delete the following files and folders

%UserProfile%\Desktop\Antivirus 2009.lnk
%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus 2009.lnk
%UserProfile%\Local Settings\Temporary Internet Files\Content.IE5\S96PZM7V\winsrc[1].dll
%UserProfile%\Start Menu\Antivirus 2009
%UserProfile%\Start Menu\Antivirus 2009\Antivirus 2009.lnk
%UserProfile%\Start Menu\Antivirus 2009\Uninstall Antivirus 2009.lnk
c:\Program Files\Antivirus 2009
c:\Program Files\Antivirus 2009\av2009.exe
c:\WINDOWS\system32\ieupdates.exe
c:\WINDOWS\system32\scui.cpl
c:\WINDOWS\system32\winsrc.dll
C:\Program Files\Antivirus 2009

By default, Windows XP does not show the Administrator account as an option to the log-on screen. The Administrator account is only shown when you boot up on Safe Mode. If you want the Administrator account to show up on your log-on screen follow the directions below:

Step1: Backup the Registry

Be very careful when changing Registry Entries. Back up your registry first as following: Start>Run>regedit then go to File>Export and select Export Range All.

Step2: Enable the Administrator account to show up on log-on screen

Start>Run>regedit

Go to the following registry entry:

HKEY_LOCAL_MACHINE > SOFTWARE > Microsoft > Windows NT > CurrentVersion > Winlogon > SpecialAccounts > UserList

Now, go to the right side pane and right click with the mouse selecting New, DWORD Value. Give the name “Administrator” to this DWORD value. Double click on the DWORD value and make it numerical “1”.

Reboot and you should see the Administrator account shown up on the log-on screen.

Even the most strict Linux opponent would recognize that all Linux flavors and versions have abundant utilities and tools that help users to detect and fix any operating system problems. In Windows, on the other hand, Microsoft believes that users have nothing to do with messing around with the operating system. This Microsoft philosophy is further supported by the fact that windows by default do not contain any power tools or utilities that will be helpful for the advanced user in order to fix and administer the windows system.

Fortunately there are some non-commercial but powerful windows utilities that must be included in the software toolbox of any serious windows power user. Two companies have created such utilities: Sysinternals and NirSoft. The tools from Sysinternals were so useful and powerful that draw the attention of Microsoft which took over the company in 2006.

The Windows System Control Center (WSCC) and the Computer Repair Utility Kit (CRUK) are two very useful utility suites which work as a front end for the SysInternals and NirSoft utilities. Both WSCC and CRUK are portable applications which can be easily carried on a USB stick to help you repair and manage any windows box.

WSCC

WSCC is a freeware front end which gives you access to the 150 or so collection of the different free windows utilities from Sysinternals and NirSoft. WSCC categorizes the utilities according to their functionality and also provides a brief description for each utility tool. WSCC resembles the windows control panel and offers a nice graphical interface for running the windows utilities. If you don’t have all windows tools downloaded locally, you can download them on demand upon usage.

First you need to download and uncompress the WSCC front end program from HERE. Then, I recommend you to download all the SysInternals utilities from Microsoft at http://technet.microsoft.com/en-us/sysinternals/bb842062.aspx and uncompress them in a local directory. Regarding the NirSoft utilities, you need to download them one by one from http://www.nirsoft.net/panel. Store them also in a local directory. Then you will need to configure WSCC and specify the folders of Sysinternals and Nirsoft tools.

CRUK

The Computer Repair Utility Kit consists mainly from tools that have to do with fixing windows. This software utility suite is distributed by Technibble at http://www.technibble.com/computer-repair-utility-kit-v1/. CRUK contains around 50 tools for windows repair. Some examples include CCleaner, Rootkit Revealer, Hijack This, Recuva, Process Explorer, DeepBurner, 7zip, PuTTY etc.Like WSCC, CRUK is also portable so you can carry the software toolbox on a USB or CD media. Unlike WSCC, CRUK contains all the utilities and tools inside a compressed file of around 90 Mbytes.

Another member of the so called “scareware” viruses is the “Personal Antivirus” malware which infected millions of computers worldwide. The Personal Antivirus is a fake antivirus application which gets installed on user’s computers usually when they download warez software from peer-to-peer networks or when they visit malicious websites. Personal Antivirus is categorized as scareware because it generates fake and misleading alert messages warning the user that their computer is “infected” with hundreds of viruses in order to scare the user and make him/her to purchase the scareware program. Ofcourse, after purchasing Personal Antivirus, hoping that it will clean all your “viruses”, you just lose your money simply because Personal Antivirus is just not a real Antivirus. For a Free Scan of your computer to verify if you are infected with Personal Antivirus, download the Antispyware tool below.

Even worse, the program is a virus itself. It installs keyloggers and other spyware programs on your PC to steal sensitive information such as passwords, credit card numbers etc. It also infects your browser settings to redirect you to websites promoting the malware in order to convince you to buy it. So, when you see the following image popping up on your screen, you MUST take action immediately to remove Personal Antivirus program from your computer.

Now, you can remove Personal Antivirus either manually or automatically (recommended). Manual removal requires you to be expert in computers and is not recommended since you have to delete entries in the Registry or delete files under “Program Files” folder which makes it kind of dangerous if you don’t know what you are doing. Anyhow, read below for both methods of removing personal antivirus permanently.

Remove Personal Antivirus Automatically (Recommended)

To safely remove Personal Antivirus or any other malware and viruses residing on your computer, I would recommend to Download the Free Trial of Spyware Doctor Here, or visit the Spyware Doctor Website for more information.

After Downloading Spyware Doctor, run it and have it scan your PC for free. The free version of Spyware Doctor is for malware detection only. After detecting Personal Antivirus, you can purchase the full version to automatically clean up your PC from any malware including Personal Antivirus.

Remove Personal Antivirus Manually

Before proceeding any further, I suggest you to backup everything and especially your computer registry. You need to know what you are doing before manually removing Personal Antivirus:

Step1: Stop the following processes

unins000.exe
PerAvir.exe
pav.exe
winlogon.exe
services.exe
iv.exe
PersonalAv.exe

Note: Some of the processes mentioned above might not be the same in your case

Step2: Remove the following Registry Entries

You must back up your registry first.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Personal Antivirus_is1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ITGRDENGINE
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ITGrdEngine
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer “PrS”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Personal Antivirus”

Step3: Remove the following Files

PersonalAv.exe
c:\Documents and Settings\All Users\Desktop\Personal Antivirus.lnk
c:\Documents and Settings\All Users\Start Menu\Programs\Personal Antivirus
c:\Documents and Settings\All Users\Start Menu\Programs\Personal Antivirus\Personal Antivirus Home Page.lnk
c:\Documents and Settings\All Users\Start Menu\Programs\Personal Antivirus\Personal Antivirus.lnk
c:\Documents and Settings\All Users\Start Menu\Programs\Personal Antivirus\Purchase License.lnk
%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Personal Antivirus.lnk
%UserProfile%\Application Data\Personal Antivirus
%UserProfile%\Application Data\Personal Antivirus\settings.ini
%UserProfile%\Application Data\Personal Antivirus\uill.ini
%UserProfile%\Application Data\Personal Antivirus\unins000.exe
%UserProfile%\Application Data\Personal Antivirus\Uninstall Personal Antivirus.lnk
%UserProfile%\Application Data\Personal Antivirus\db
%UserProfile%\Application Data\Personal Antivirus\db\config.cfg
%UserProfile%\Application Data\Personal Antivirus\db\Timeout.inf
%UserProfile%\Application Data\Personal Antivirus\db\Urls.inf
%UserProfile%\Local Settings\Application Data\Microsoft\Windows\log.txt
%UserProfile%\Local Settings\Application Data\Microsoft\Windows\pguard.ini
%UserProfile%\Local Settings\Application Data\Microsoft\Windows\services.exe
c:\Program Files\Personal Antivirus
c:\Program Files\Personal Antivirus\activate.ico
c:\Program Files\Personal Antivirus\Explorer.ico
c:\Program Files\Personal Antivirus\PerAvir.exe
c:\Program Files\Personal Antivirus\unins000.dat
c:\Program Files\Personal Antivirus\uninstall.ico
c:\Program Files\Personal Antivirus\working.log
c:\Program Files\Personal Antivirus\db
c:\Program Files\Personal Antivirus\db\DBInfo.ver
c:\Program Files\Personal Antivirus\db\ia080614.db
c:\Program Files\Personal Antivirus\db\ia080618x.db
c:\Program Files\Personal Antivirus\Languages
c:\Program Files\Personal Antivirus\Languages\IAEs.lng
c:\Program Files\Personal Antivirus\Languages\IAFr.lng
c:\Program Files\Personal Antivirus\Languages\IAGer.lng
c:\Program Files\Personal Antivirus\Languages\IAIt.lng
c:\WINDOWS\system32\log.txt
%UserProfile%\Application Data\Microsoft\Windows\winlogon.exe
%UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iGSh.png
%UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iMSh.png
%UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iPSh.png
%UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iv.exe
%UserProfile%\Local Settings\Application Data\Microsoft\Windows\log.txt
%UserProfile%\Local Settings\Application Data\Microsoft\Windows\pguard.ini
%UserProfile%\Local Settings\Application Data\Microsoft\Windows\services.exe