Remove Personal Antivirus
Personal Antivirus is another of those rogue antivirus programs. They claim to protect, but really their goal is to find ways to separate you from your money. Usually this is through false claims of infected files and a “we’ll fix it, if you pay us” sales model. Apparently it’s almost identical to Internet Antivirus Pro and General Antivirus. Cut from the same cloth I guess you could say. It (as the others) creates false reports of phantom infections on your system and then offers to clean them up for a cost. Nice huh? It sees invisible villains and can get rid of them for a fee.
So, how do you remove personal antivirus? Personal Antivirus manual removal can go as follows:
Look for the following system processes to kill off using task manager:
services.exe
iv.exe
PerAvir.exe
unins000.exe
You may also want to block access to the following web sites:
personal-antivirus.com
securityhelpcenter.com
securedantivirusonlinescanner.com
securedonlinecomputerscan.com
securedvirusscanner.com
antispywarepcscanner.com
antiviruspowerfulscanv2.com
antipowerfulscanv2.com
1bestprotectionscanner.com
systemsupportnetwork.com
1viruslivescanner.com
virusinfocheck.com
vrusstatuscheck.com
fullantispywarescan.com
proantivirusscanv3.com
antivirusquickscanv1.com
antivirus-online-pro-scan.com
antivirusbestscannerv1.com
1quickpcscanner.com
antiviruslivescanv3.com
savemypcnowv1.com
quickscanpcv1.com
antvirushelpv1.com
malwareliveproscannerv1.com
networksecurityadvice.com
anti-spyware-scan-v1.com
malware-live-pro-scanv1.com
internetsafebrowsing.com
proantivirusscanv2.com
powerantivirusscannerv2.com
antivirus-scanner-v1.com
antivirusonlinescanv2.com
personal-antivirus-software.com
antimalware-live-scanv3.com
websafetynetwork.com
internetsafebrowsinghelp.com
antimalware-online-scanv3.com
antimalware-internet-scanv3.com
antimalwareproonlinescanv3.com
antimalwareonlinescannerv3.com
fastpcscan3.com
bestantiviruscheck2.com
bestantispywarescanner4.com
anti-virussecurity3.com
private-online-scan.com
onlinebrowsinghelp.com
threatpcscanner.com
restricteddomainhelp.com
fastfolderscanner.com
antivirusfolderscanner.com
winonlinescanner.com
folderantispywarescanner.com
antivirussystemfolderscanv3.com
ieprotectionlist.com
fast-antimalware-scanv3.com
advanedprospywarescanner.com
spywareurladvisor.com
antiviruspcscannerv7.com
antimalwarecheckv6.com
livefolderscannerv6.com
totalvirusscanc3.com
bestfoldervirusscanv3.com
spywarefolderscannerv2.com
browsersecurityinfo.com
windowssecurityinfo.com
antimalwarescannerv9.com
livesecuredscannerv9.com
personalsafescanner.com
mysafecomputerscan.com
livesecuredscannerv7.com
livesecuredscannerv2.com
best-antispyware-scannerv2.com
personalfoldertest.com
onlinepersonalscanner.com
gomalwarescanner.com
explorersecurityhelper.com
malwareurlblock.com
online-pro-scan.com
online-pro-antivirus-scanner.com
antispywarelivescanv5.com
spywarescannerv4.com
antispyware-live-scanv3.com
secure-antispyware-scanv3.com
online-secure-scannerv2.com
premium-antivirus-scanv6.com
premium-antispy-scanv7.com
premium-antispy-scanv3.com
online-antispy-scanv4.com
online-secure-scanv7.com
safeonlinescannerv4.com
antivirus-scannerv12.com
getyouprotectiontodayv2.com
live-virus-scanner7.com
live-virus-scanner9.com
antimalwarescanner8.com
(ambitious aren’t they?)
The following files will need to be removed too:
%progfiles%\Personal Antivirus
%progfiles%\Personal Antivirus\activate.ico
%progfiles%\Personal Antivirus\Explorer.ico
%progfiles%\Personal Antivirus\PerAvir.exe
%progfiles%\Personal Antivirus\unins000.dat
%progfiles%\Personal Antivirus\uninstall.ico
%progfiles%\Personal Antivirus\working.log
%progfiles%\Personal Antivirus\db
%progfiles%\Personal Antivirus\db\DBInfo.ver
%progfiles%\Personal Antivirus\db\ia080614.db
%progfiles%\Personal Antivirus\db\ia080618x.db
%progfiles%\Personal Antivirus\Languages
%progfiles%\Personal Antivirus\Languages\IAEs.lng
%progfiles%\Personal Antivirus\Languages\IAFr.lng
%progfiles%\Personal Antivirus\Languages\IAGer.lng
%progfiles%\Personal Antivirus\Languages\IAIt.lng
%windir%\system32\log.txt
%User%\Application Data\Microsoft\Internet Explorer\Quick Launch\Personal Antivirus.lnk
%User%\Application Data\Personal Antivirus
%User%\Application Data\Personal Antivirus\settings.ini
%User%\Application Data\Personal Antivirus\uill.ini
%User%\Application Data\Personal Antivirus\unins000.exe
%User%\Application Data\Personal Antivirus\Uninstall Personal Antivirus.lnk
%User%\Application Data\Personal Antivirus\db
%User%\Application Data\Personal Antivirus\db\config.cfg
%User%\Application Data\Personal Antivirus\db\Timeout.inf
%User%\Application Data\Personal Antivirus\db\Urls.inf
%User%\Local Settings\Application Data\Microsoft\Windows\log.txt
%User%\Local Settings\Application Data\Microsoft\Windows\pguard.ini
%User%\Local Settings\Application Data\Microsoft\Windows\services.exe
%User%\Application Data\Microsoft\Windows\winlogon.exe
%User%\Local Settings\Application Data\Microsoft\Internet Explorer\iGSh.png
%User%\Local Settings\Application Data\Microsoft\Internet Explorer\iMSh.png
%User%\Local Settings\Application Data\Microsoft\Internet Explorer\iPSh.png
%User%\Local Settings\Application Data\Microsoft\Internet Explorer\iv.exe
%User%\Local Settings\Application Data\Microsoft\Windows\log.txt
%User%\Local Settings\Application Data\Microsoft\Windows\pguard.ini
%User%\Local Settings\Application Data\Microsoft\Windows\services.exe
%docroot%\All Users\Desktop\Personal Antivirus.lnk
%docroot%\All Users\Start Menu\Programs\Personal Antivirus
%docroot%\All Users\Start Menu\Programs\Personal Antivirus\Personal Antivirus Home Page.lnk
%docroot%\All Users\Start Menu\Programs\Personal Antivirus\Personal Antivirus.lnk
%docroot%\All Users\Start Menu\Programs\Personal Antivirus\Purchase License.lnk
There are registry associations too. I highly recommend scanning with malwarebytes antimalware after doing a manual removal to clean up the loose ends. Here they are though in case you need to manually prune: (careful with the registry).
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer “PrS”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Personal Antivirus”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Personal Antivirus_is1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ITGRDENGINE
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ITGrdEngine
Another note is that if the above fails to be killed off or deleted, try rebooting into safe mode and repeat the process.