Downloading free videos or other freeware or pirated software programs is a common activity of internet users, but unfortunately it carries its own risks related to computer security. Usually those freeware programs come bundled with hidden trojan viruses and other malware that get installed on your computer together with the freeware software without noticing. This is the main method that computer users get infected with the Antivirus 2009 malware. Another common infection method of Antivirus 2009 is by visiting warez or adult websites which usually host those kind of rogue antivirus programs. For a Free Scan of your computer to verify if you are infected with Antivirus 2009, download the Antispyware tool below.

So what is actually Antivirus 2009? It is a rogue antivirus program which is categorized as “scareware” malware because it scares users to purchase the program by generating fake virus alarm messages. It is a successor of the older Antivirus 2008 which infected millions of computers worldwide. Basically Antivirus 2009 is a virus itself. After infecting your computer it will start generating fake alerts and system warning messages claiming that your computer is compromised from numerous viruses and spyware. It might also perform a fake scan of your computer and present you with false results showing infections from various viruses. Then the program will keep asking you to purchase the full version of it so that to remove all “viruses and spyware” from your system. Of course, if you fall in the trap and pay the asked fee, you will just lose your money because Antivirus 2009 is just a scam.

Moreover, Antivirus 2009 hijacks your internet explorer settings and also infects several parts of your system causing computer slowness and system crashes. It sometimes installs other spyware scripts on your PC with the intention to steal personal information such as passwords, credit card numbers etc. If you are a victim of this scam, then you need to take action and remove Antivirus 2009 immediately. A picture of Antivirus 2009 is shown below:

There are two ways to remove Antivirus 2009. You can get rid of Antivirus 2009 either manually or automatically (recommended). Manual removal requires you to be expert in computers and is not recommended since you have to delete entries in the Registry or delete files under “Program Files” and “System32″ folders which makes it kind of dangerous if you don’t know what you are doing. Anyhow, read below for both methods of removing Antivirus 2009 once and for all.

Remove Personal Antivirus Automatically (Recommended)

To safely remove Antivirus 2009 or any other malware and viruses residing on your computer, I would recommend to Download the Free Trial of Spyware Doctor Here, or visit the Spyware Doctor Website for more information.

Spyware Doctor has been used to successfully remove Antivirus 2009 from millions of computers. After Downloading Spyware Doctor, run it and have it scan your PC for free. The free version of Spyware Doctor is for malware detection only. After detecting Antivirus 2009, you can purchase the full version to automatically clean up your PC from Antivirus 2009 or from any other possible malware hiding in your system.

Remove Personal Antivirus Manually
Before proceeding any further, I suggest you to backup everything and especially your computer registry. You need to know what you are doing before manually removing Antivirus 2009. Another thing to keep in mind is that scanning your computer with your currently installed antivirus program will most probably fail since most antivirus programs do not detect Antivirus 2009. You need a dedicated Antispyware program as the one I suggested in the Automatic Removal section above. Anyway, read below for the manual removal steps.

Step1: Stop the following processes

Antivirus2009.exe
AV2009Install.exe
av2009.exe
av2009[1].exe
Note: Some of the processes mentioned above might not be present in your system

Step2: Delete the following Registry entries

First backup your registry before proceeding. Some of the following registry keys might be different in your system.

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\”Antivirus” = “%ProgramFiles%\Antivirus 2009\Antvrs.exe”
HKEY_CURRENT_USER\Software\Antivirus
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\ CurrentVersion\Run\15358943642955870504508370025739
HKEY_CURRENT_USER\Software\75319611769193918898704537500611
HKEY_CLASSES_ROOT\CLSID\{037C7B8A-151A-49E6-BAED-CC05FCB50328}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{037C7B8A-151A-49E6-BAED-CC05FCB50328}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “75319611769193918898704537500611″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “ieupdate”
HKEY_LOCAL_MACHINE\SOFTWARE\Antivirus

Step3: Delete the following files and folders

%UserProfile%\Desktop\Antivirus 2009.lnk
%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus 2009.lnk
%UserProfile%\Local Settings\Temporary Internet Files\Content.IE5\S96PZM7V\winsrc[1].dll
%UserProfile%\Start Menu\Antivirus 2009
%UserProfile%\Start Menu\Antivirus 2009\Antivirus 2009.lnk
%UserProfile%\Start Menu\Antivirus 2009\Uninstall Antivirus 2009.lnk
c:\Program Files\Antivirus 2009
c:\Program Files\Antivirus 2009\av2009.exe
c:\WINDOWS\system32\ieupdates.exe
c:\WINDOWS\system32\scui.cpl
c:\WINDOWS\system32\winsrc.dll
C:\Program Files\Antivirus 2009

Another member of the so called “scareware” viruses is the “Personal Antivirus” malware which infected millions of computers worldwide. The Personal Antivirus is a fake antivirus application which gets installed on user’s computers usually when they download warez software from peer-to-peer networks or when they visit malicious websites. Personal Antivirus is categorized as scareware because it generates fake and misleading alert messages warning the user that their computer is “infected” with hundreds of viruses in order to scare the user and make him/her to purchase the scareware program. Ofcourse, after purchasing Personal Antivirus, hoping that it will clean all your “viruses”, you just lose your money simply because Personal Antivirus is just not a real Antivirus. For a Free Scan of your computer to verify if you are infected with Personal Antivirus, download the Antispyware tool below.

Even worse, the program is a virus itself. It installs keyloggers and other spyware programs on your PC to steal sensitive information such as passwords, credit card numbers etc. It also infects your browser settings to redirect you to websites promoting the malware in order to convince you to buy it. So, when you see the following image popping up on your screen, you MUST take action immediately to remove Personal Antivirus program from your computer.

Now, you can remove Personal Antivirus either manually or automatically (recommended). Manual removal requires you to be expert in computers and is not recommended since you have to delete entries in the Registry or delete files under “Program Files” folder which makes it kind of dangerous if you don’t know what you are doing. Anyhow, read below for both methods of removing personal antivirus permanently.

Remove Personal Antivirus Automatically (Recommended)

To safely remove Personal Antivirus or any other malware and viruses residing on your computer, I would recommend to Download the Free Trial of Spyware Doctor Here, or visit the Spyware Doctor Website for more information.

After Downloading Spyware Doctor, run it and have it scan your PC for free. The free version of Spyware Doctor is for malware detection only. After detecting Personal Antivirus, you can purchase the full version to automatically clean up your PC from any malware including Personal Antivirus.

Remove Personal Antivirus Manually

Before proceeding any further, I suggest you to backup everything and especially your computer registry. You need to know what you are doing before manually removing Personal Antivirus:

Step1: Stop the following processes

unins000.exe
PerAvir.exe
pav.exe
winlogon.exe
services.exe
iv.exe
PersonalAv.exe

Note: Some of the processes mentioned above might not be the same in your case

Step2: Remove the following Registry Entries

You must back up your registry first.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Personal Antivirus_is1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ITGRDENGINE
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ITGrdEngine
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer “PrS”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Personal Antivirus”

Step3: Remove the following Files

PersonalAv.exe
c:\Documents and Settings\All Users\Desktop\Personal Antivirus.lnk
c:\Documents and Settings\All Users\Start Menu\Programs\Personal Antivirus
c:\Documents and Settings\All Users\Start Menu\Programs\Personal Antivirus\Personal Antivirus Home Page.lnk
c:\Documents and Settings\All Users\Start Menu\Programs\Personal Antivirus\Personal Antivirus.lnk
c:\Documents and Settings\All Users\Start Menu\Programs\Personal Antivirus\Purchase License.lnk
%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Personal Antivirus.lnk
%UserProfile%\Application Data\Personal Antivirus
%UserProfile%\Application Data\Personal Antivirus\settings.ini
%UserProfile%\Application Data\Personal Antivirus\uill.ini
%UserProfile%\Application Data\Personal Antivirus\unins000.exe
%UserProfile%\Application Data\Personal Antivirus\Uninstall Personal Antivirus.lnk
%UserProfile%\Application Data\Personal Antivirus\db
%UserProfile%\Application Data\Personal Antivirus\db\config.cfg
%UserProfile%\Application Data\Personal Antivirus\db\Timeout.inf
%UserProfile%\Application Data\Personal Antivirus\db\Urls.inf
%UserProfile%\Local Settings\Application Data\Microsoft\Windows\log.txt
%UserProfile%\Local Settings\Application Data\Microsoft\Windows\pguard.ini
%UserProfile%\Local Settings\Application Data\Microsoft\Windows\services.exe
c:\Program Files\Personal Antivirus
c:\Program Files\Personal Antivirus\activate.ico
c:\Program Files\Personal Antivirus\Explorer.ico
c:\Program Files\Personal Antivirus\PerAvir.exe
c:\Program Files\Personal Antivirus\unins000.dat
c:\Program Files\Personal Antivirus\uninstall.ico
c:\Program Files\Personal Antivirus\working.log
c:\Program Files\Personal Antivirus\db
c:\Program Files\Personal Antivirus\db\DBInfo.ver
c:\Program Files\Personal Antivirus\db\ia080614.db
c:\Program Files\Personal Antivirus\db\ia080618x.db
c:\Program Files\Personal Antivirus\Languages
c:\Program Files\Personal Antivirus\Languages\IAEs.lng
c:\Program Files\Personal Antivirus\Languages\IAFr.lng
c:\Program Files\Personal Antivirus\Languages\IAGer.lng
c:\Program Files\Personal Antivirus\Languages\IAIt.lng
c:\WINDOWS\system32\log.txt
%UserProfile%\Application Data\Microsoft\Windows\winlogon.exe
%UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iGSh.png
%UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iMSh.png
%UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iPSh.png
%UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iv.exe
%UserProfile%\Local Settings\Application Data\Microsoft\Windows\log.txt
%UserProfile%\Local Settings\Application Data\Microsoft\Windows\pguard.ini
%UserProfile%\Local Settings\Application Data\Microsoft\Windows\services.exe

I bet you must have been in the situation where you downloaded a file from the Internet or maybe you found a suspicious file on your computer and you want to verify if it contains a virus or malware in it. Well, you could of course scan it with your locally installed antivirus software, but this is not enough anymore. Even if your installed antivirus finds the file as clean, this does not mean it actually is. Newer malware and virus scripts can encrypt and hide themselves such that many antivirus programs can not detect them. Fortunately there are a couple of online “Multiple Antivirus Engine” websites which allow you to upload a file and have it scanned with several antivirus programs (for FREE) to verify if the file is safe or not.

1. VirusTotal (http://www.virustotal.com/)

This is the most popular online “multiple antivirus engine” site. Taken from the website itself, “VirusTotal is a service that analyzes suspicious files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines“.

The website uses several command line versions of antivirus programs to scan your uploaded file for any kind of malware. The signatures of the antivirus engines are updated regularly. The uploaded file is scanned from 39 different antivirus engines including AVG, ClamAV, Comodo, ESET NOD32, F-Secure, McAfee, Kaspersky, Microsoft, Panda, Sophos, Symantec, TrendMicro etc.

After scanning, the website will give you a report from each antivirus engine whether the uploaded file was found clean or not.

2. VirScan (http://www.virscan.org/)

 This is similar with the above. It has an upload file limit of 20Mb. Taken from the website itself, “VirSCAN.org is a FREE on-line scan service, which checks uploaded files for malware, using antivirus engines, indicated in the VirSCAN list“.

The site scans your uploaded file with 37 different antivirus engines including the most popular ones (same as those in VirusTotal website).

Have those websites in mind before installing any program that you have downloaded from the Internet.

Malware Doctor (or MalwareDoc) is one of the many scam “antivirus” tools which are found all over the Internet which claims to help you get rid of viruses but it is actually a virus itself. The picture below shows how Malware Doctor looks like.

Malware Doctor will perform a “dummy” scan of your computer and will report that it found several viruses and malware on your computer. The program will then recommend you to proceed with removal of the “dummy viruses”. DO NOT proceed any further and DO NOT install Malware Doctor because this program is actually a malicious virus by itself. If you happened to fall in the trap of Malware Doctor, then you need to remove MalwareDoc as soon as possible. This program, after being installed on your computer, will steal you sensitive information (credit cards, passwords etc) and will fully compromise your computer’s security.

Malware Doctor Removal (The Hard Way)

To manually remove Malware Doctor you need to perform the following tasks. However, before continuing any further, backup your system and registry first. The following tasks can damage your computer so be very careful. It is better to proceed only if you know what you are doing. Further down I offer also an easier way to remove malware doctor (scroll further down If you want).

Step1: Stop Malware Doctor Processes
Malware Doctor.exe
MDsetup.exe
%ProgramFiles%\Malware Doctor\Malware Doctor.exe
%ProgramFiles%\Malware Doctor\unins000.exe

Step2: Delete the following DLL files

%ProgramFiles%\Malware Doctor\htmlayout.dll
%ProgramFiles%\Malware Doctor\Validation.dll

Step3: Uninstall and Remove all Malware Doctor directory and files

%ProgramFiles%\Malware Doctor\
%\Documents and Settings%\All Users\Start Menu\Programs\Malware Doctor\Malware Doctor.lnk

Step4: Delete all malware doctor folders

%\Documents and Settings%\All Users\Start Menu\Programs\Malware Doctor\
%ProgramFiles%\Malware Doctor\
%ProgramFiles%\Malware Doctor\GUI\

Step 5: Remove the following Registry values

HKEY_USERS\Software\Microsoft\Windows\Explorer\MenuOrder\Start Menu2\Programs\Malware Doctor
HKEY_USERS\Software\Microsoft\Windows\CurrentVersion\Uninstall\Malware Doctor
HKEY_CURRENT_USER\Software\Malware Doctor
HKEY_CURRENT_USER\Software\Malware Doctor\AntiSpy Knight
HKEY_LOCAL_MACHINE\SOFTWARE\Malware Doctor
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Malware Doctor_is1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “Alcmtr”

Malware Doctor Removal (The Easy Way)

Now, if you don’t want to follow the hard manual way, there is an easier method to automatically remove Malware Doctor. That is, you can download the FREE trial of the famous Spyware Doctor software (from the well known software developer PCTools) and have it scan your computer. With the Free trial you will not be able to remove the Malware Doctor, but it will help you to identify all infected files and then remove them manually by yourself. However, if you register the program (its around $30 I think) you will be able to automatically remove Malware Doctor without having to mess around with registry values and all that stuff. Download the Free Trial of Spyware Doctor Here, or visit the Spyware Doctor Website for more information.