Manual Removal of W32/Antivirus2009.EE Trojan

• %Program Files\Antivirus 2009\av2009.exe
• %Program Files\Antivirus 2009\Antivirus2009.exe
• %Program Files\Antivirus 2009\shlwapi.dll
• %Program Files\Antivirus 2009\wininet.dll
• %Documents and Settings\Default User\Local Settings\Temporary Internet Files\av_2009glof[1].exe
  If you have any of these files in running process from task manger, end the process before removal.
  Note: if task manager is disabled
  Download the following file [ Right click and select “Save Target as” ]
  Click to Download - Enable Registry.reg
  Open it with Regedit.exe [%system32\regedit.exe], then it Confirms Add to registry Yes or No, Confirm Yes, then click Ok.

Note: If the registry editor fails to open the threat may have modified the registry to prevent access to the registry editor.
Download UnHookExec.inf, [ Right click and select “Save Target as” ] and then continue with the removal.
Save it to your Windows desktop. Do not run it at this time, download it only.
After booting into the Safe Mode or VGA Mode
Right-click the UnHookExec.inf file and click Install. [This is a small file. It does not display any notice or boxes when you run it.]

Delete the registry Key “Antivirus” at “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run”

Delete the registry key “Antivirus” at “HKEY_CURRENT_USER\Software\”
Delete the registry key “Antivirus” at “HKEY_LOCAL_MACHINE\Software\”
HKEY_USERS\S-1-5-21-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXX-XXXX\Software\Microsoft\Windows\CurrentVersion\Run 

Popularity: 1%

Written by FireFly. Read more great feeds at is source WEBSITE
no comments.
Read more articles on W32/XPAntivirus.TF Trojan and W32/Antivirus2009.EE and W32/AntiMalware2009 and manual removal and otherSoftware and removal of trojan and Windows XP.

• [+] Digg: Feature this article
• [+] Del.icio.us: Bookmark this article
• [+] Furl: Bookmark this article

Related articles

• Manual Removal of W32/XPAntivirus.TF Trojan (December 15th, 2008)