Is your PC affected by Antivirus 2009? Then here we list down a few ways by which you can get rid of this rogue anti-spyware program. Antivirus 2009 is nothing but the 2009 edition of the rogue Antivirus 2008 program.
Antivirus 2009 uses trojan that lurk in some websites disguised as video codecs.Once it downloads to your PC, it frequently pops up fake infection notifications informing you of a non-existent infection and forces you to purchase the fake Anti virus 2009, if he clicks on the pop up. Upon clicking, the user will be taken to a website, which may infect the PC with more malware!
The following are some websites where users may be sent.
- premiumlivescan.com and
If you land up in any one of the above sites, then you can be sure that your PC is infected by Antivirus 2009. How do you then get rid of this fake antivirus 2009?
How to remove Antivirus 2009?
If you prefer the manual method, then you need to follow the steps mentioned below to remove antivirus 2009
- 1. Kill the malicious processes av2009.exe, av2009.exe, AV2009Install.exe and Antivirus2009.exe. To kill them, you can refer to this article Cannot delete a file in windows? Learn how to Delete files and processes
- 2. Delete the following registry entries carefully. Before deleting them, back up your registry to ensure that you can revert back in case you deleted a wrong entry.After ensuring that you have deleted the malicious registry entries, you can ignore or delete the backed up registry as it is an infected one.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\ CurrentVersion\Run\15358943642955870504508370025739 HKEY_LOCAL_MACHINE\SOFTWARE\Antivirus HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\”Antivirus” = “%ProgramFiles%\Antivirus 2009\Antvrs.exe” HKEY_CURRENT_USER\Software\Antivirus
To delete the above, go to Start => Run and type in regedit. Press “OK”, navigate to the above mentioned registry keys, right click and choose “Delete” from the context menu.
- 3. Next, unregister the following DLLs – shlwapi.dll wininet.dll. You will have to find the location of these DLLs to unregister them.Usually, they are present in system32 folder (C:\WINDOWS\system32). You can do a search to find these DLL files in your computer.To delete the DLLs, go to Start =>. Run, type in cmd and press OK. Go to the folder in which the DLLs are located using cd Dos command. After moving to the location where the DLL is located, type the following at the command prompt.
regsrv /u shlwapi.dll
regsrv /u wininet.dll
- 4. Delete the following malicious files.
av2009.exe av2009install.exe av2009install_0011.exe av2009.exe Antivirus2009.exe ieupdates.exe scui.cpl %program_files%\\antivirus 2009\\av2009.exe %startmenu%\\antivirus 2009\\antivirus 2009.lnk %startmenu%\\antivirus 2009\\uninstall antivirus 2009.lnk winsrc.dll %desktopdirectory%\\antivirus 2009.lnk winsrc.dll ieupdates.exe av2009install_0011.exe av2009install.exe %program_files%\\antivirus 2009\\av2009.exe
to delete them, you can refer to the tutorial on how to delete files
- 5. Finally, delete the directory C:\Program Files\Antivirus 2009
If you find the above manual method too geeky, you can also free download windows defender and use it to remove Antivirus 2009.
Does this help in removing Antivirus 2009?