Resources

Whilst browsing the net the following suspicious pop-ups appeared: “Harmful Spyware or Adverse software. Such vulnerabilities can destroy or steal your private information and mail. Online Scan. Please click OK to download & install Antivir tool”. Neither will allow me to close the window. Can I get rid of them?

Pop Up Problems

One of the most ubiquitous ways that hackers gain access to computers and install viruses and Trojans is by posing as a security program such as this. What better way to gain full and complete access than by pretending to be a program that will scan an entire computer for bugs. You are right to be credulous - and should never download or install anything that you haven’t researched and verified. Often simply clicking the pop up window is enough to deliver your browser to a fake site and initiate the virus upload.

End Processes with Task Manager

Sometimes even clicking the X to try to close the pop up is enough to initiate something bad - so it’s a good idea to use Windows Task Manager to close it instead. To open the Task Manager, click CTRL+ALT+DEL, and then choose Task Manager. From there you can make some choices to choose Help Topics and Overview Topics that will allow you to select and end the process that is running the pop up.

Run Full System Scans

Once you have gotten rid of the offending pop ups, you should run a full system antivirus and malware scan to ensure that nothing accessed your system during the process. Make sure your security programs are up to date by visiting the manufacturer’s website and looking for releases and updates. Then run a full scan - repeat until it comes back clean.

Update your Software Programs

Good tips to reduce the frequency of pop ups include updating your operating system and web browser - both get frequent updates that include pop up and other malware security. Visit the Microsoft website to get the latest version of Internet Explorer, if that is the browser you use. Windows Updates should be automatically enabled on your system, make sure that you are approving the installations that the tool suggests.

Stay Up to Date

Pop ups are an unfortunate reality for a lot of Internet users and are especially prevalent on Internet Explorer, due to its popularity. Keeping your system up to date with software and security programs will help reduce the annoyance.

I have SpyHunter 3 as well as an older version of Norton that is just a free version now. I can scan my computer and come up clean and still end up getting stuff from “Personal AntiVirus” how do I get rid of this?

Personal Antivirus

As you know, Personal Antivirus is one of those rogue antivirus programs that is really malware. It usually arrives through a worm and then generates fake security alerts in an attempt at tricking you into purchasing the Personal Antivirus product.

Inadequate Virus Protection

Right off the bat, since you are still seeing Personal Antivirus messages or alerts, your computer may be under protected with its old version of Norton and SpyHunter3. While Norton products are good, I wonder if your older, free version of Norton is receiving updates with the latest protections against viruses and spyware. I looked up SpyHunter3 and apparently it is a legitimate antispyware product developed by a company called Enigma Software. However, since these two products in conjunction are not ridding your computer of the fake, Personal Antivirus program, it’s time for a new approach.

Before moving forward, check Norton and SpyHunter3 to see that they are updated with the latest updates from their developers. If not, update each program and run full system scans. If you have Windows XP or Vista, download Microsoft Windows Defender (it’s preinstalled on Windows Vista), update it, and run a full scan with this tool.  

Online Malware Removal Tools

A number of online removal tools are available from leading computer security developers such as Microsoft, Trend Micro, McAfee, and Norton. Let’s see if any of these free tools will work for you.

• Microsoft Malicious Software Removal Tool
• BitDefender Scan Online
• Trend Micro House Call
• McAfee Free Scan

Why Multiple Antivirus and Antispyware Tools are Necessary

I know it seems like overkill to run multiple anti-malware tools. Since each company develops its own products and discovers new threats independently, it makes sense that if one product doesn’t find a virus, another one (from a company that has already detected the threat and developed a fix) will.

I suspect that at least one of these free online tools will do the trick for you. If not, consider investing in a more modern antivirus product such as one of Norton’s latest PC security products or an Internet protection suite from one of the major computer security developers. If you are looking for a good antivirus/antimalware program, we reviewed numerous products earlier this year. All are reputable and several offered excellent protection for personal use at no charge. You can read the antivirus reviews at your leisure and decide which one makes the most sense for your system.

I was just about to turn off my Internet and all of a sudden I had this software called personal antivirus upload on my computer. I want to uninstall but it won’t let me. I tried to delete but it still doesn’t leave. Does anyone have any ideas?

Most likely, the reason that you are having difficulty getting rid of this “personal antivirus” application is that it is a form of malware or rogue antivirus program. Since you haven’t made mention to downloading any such program, this personal antivirus application probably came to you compliments of visiting a particular website, clicking on a link sent through an instant messaging service, clicking the security alert that appeared, or opening an unsolicited attachment.

Sometimes you can prevent the application from installing by closing out of your browser immediately and shutting down the computer. However, this strategy doesn’t always work and it is past that point for you.

What is Personal Antivirus?

The application, Personal Antivirus, was created by Innovagest 2000. It is a form of rogue antivirus that will eventually create pop ups telling you that you have security problems with your computer such as spyware or viruses. It makes use of Trojans, a form of malware that uses a great deal of Internet bandwidth and can upset the functioning of your computer. As long as you don’t click on the security alert that appears, the application shouldn’t fully install. However, it is designed to load automatically upon the start of Windows.

What are Rogue Antivirus Programs?

A variety of rogue antivirus programs exists and infects computers every day. These fake antivirus applications can create a lot of problems on your computer. So, you really do want to get it removed as quickly as possible.

How to Remove Fake Personal Antivirus Applications

The first strategy that you need to take is to run a thorough scan using an up-to-date anti-virus/anti-spyware program. If you have such a program, check the website for it and make sure that you have the latest version. Once you have done that, you can run the application and hopefully, it will remove the fake personal antivirus program. You can check the log file for most anti-virus/anti-spyware programs to see what programs have been removed.

If you don’t already have an up-to-date anti-virus/anti-spyware program, you need to obtain one. I can recommend Anti-VirusPLUS. It’s a great application that should be able to remove the fake one.

What Signs Exist for Personal Anti-Virus?

If you check the log file for your legitimate anti-virus/anti-spyware program, you will most likely see some of the following types of data:

• Rogue.PersonalAntiVirus
• C:\Program Files\Personal AntiVirus
• C:\Program Files\Personal AntiVirus\Explorer.ico
• C:\Program Files\Personal AntiVirus
• PerAvir.exe

These are just a few of the entries that will show up in the scan. Once they are removed by your legitimate anti-virus/anti-spyware program, you should be fine.

Antivirus 2008 is hijacking my Mozilla browser and Malwarebytes doesn’t remove it. What should I do?

Antivirus 2008 is a rogue program from the people who brought you XP Antivirus and XP Cleaner. It uses a stealth installation from a Trojan or other malware and is difficult, although not impossible, to manually remove. Among other problems, it will often give you false pop ups alerting you of problems with your system. If you’ve tried Malwarebytes and that hasn’t done it, try Paretologic’s Antivirus Plus - there is a free download that will scan your system before you commit to a purchase. ParetoLogic’s database shows two versions of this virus, so it’s safe to say that this software is equipped to remove Antivirus 2008.

Manually Remove Antivirus 2008

If you want to try to manually remove the virus, you will have to alter the registry. If you are not comfortable with your computer, you might want to leave this to someone who is, and always make sure that everything important is backed up before you start.

First, you will have to kill these processes:

• AntiVirus2008.exe
• AntvrsInstall.exe
• AntvrsInstall[1].exe
• Antvrs.exe.

To do this, open Windows Task Manager (usually by pressing CTRL+ALT+DEL). Click on the Processes tab and you will see a list. Find the above processes and choose End Process to kill them.

Next, you need to get into the registry by going to Start and then Run. In the open box, type in: regedit. Then click OK. Navigate to the following registry values and delete them:

• HKEY_LOCAL_MACHINE\SOFTWARE\Antivirus
• HKEY_USERS\Software\antivirus 2008
• HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce “3P_UDEC”
• HKEY_CURRENT_USER\Software\Antivirus
  Software\Microsoft\Windows\CurrentVersion\RunOnce\3P_UDEC
• HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Antivirus”
• Microsoft\Code Store Database\Distribution Units\3BA4271E-5C1E-48E2-B432-D8BF420DD31D

You need to unregister the dll files that are associated with the virus. They are shlwapi.dll and wininet.dll. Go to Start and Run and then type in: cmd. Click OK. Now navigate to the folder that contains the dlls. When you find the exact directory, type in: regsvr32 /ushlwapi.dll and click Enter. You should see the message that the process was successful. Do the same thing again, only this time, type in: regsvr32  /uwininet.dll.

You can find and delete the files by going to Start> then Search> Files and Folders and typing in the name of the file you are looking to delete. Delete the following files:

• AntiVirus 2008.lic
• AntiVirus 2008.lnk
• Antivirus.lnk
• AntiVirus2008.exe
• Antvrs.exe
• AntvrsInstall.exe
• AntvrsInstall[1].exe
• shlwapi.dll
• wininet.dll

Delete the directory:

• ProgramFiles\ANTIVIRUS 2008

As you can see, manually deleting everything you need to in order to get rid of the program is a bit arduous - you might want to try another program like Antivirus Plus before you give up completely.