Antivirus System 2009 is a rogue security software, it is a false anti-spyware application that is generally installed in the user’s computer by dangerous trojans (such as the Zlob Trojan Virus and false video codecs)(What is Zlob?), but it can also be installed manually by the victim.
Once the your computer is infected with this parasite, it will immediately displays security warnings, alerts and system scans stating that your computer is heavily infected. These warnings are all false and are only displayed to make you think your computer is truly infected and that it is necessary to buy the full version of the software to remove the so-called infections.
Make sure to not fall in this scam, if your computer is infected with Antivirus System 2009, it is recommended to remove it immediately and to scan your system with a real security software.
Symptoms of infection
- The process antivirsystempro.exe is running in your system
- The process AntivirusSystem2009.exe is running in your system
- Slow computer performance
- Repeated security warnings, alerts and system scans
- Web sites that suddenly are shown on your desktop
Malicious web sites and urls:
antivirsystem.com |
When the program is executed, it creates the following files:
%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\AntivirusSystem 2009.lnk
%UserProfile%\Application Data\AntivirusSystem 2009\settings.ini
%UserProfile%\Application Data\AntivirusSystem 2009\uill.ini
%UserProfile%\Start Menu\Programs\AntivirusSystem 2009.lnk
%UserProfile%\Start Menu\AntivirusSystem 2009.lnk
%UserProfile%\Desktop\AntivirusSystem 2009.lnk
%UserProfile%\Desktop\AntivirusSystem2009.exe
%ProgramFiles%\Antivir System PRO\queue.vdb
%ProgramFiles%\Antivir System PRO\antivirsystempro.exe
%ProgramFiles%\Antivir System PRO\uninstall.exe
%ProgramFiles%\Antivir System PRO\conf.cfg
%ProgramFiles%\Antivir System PRO\mbase.vdb
%ProgramFiles%\Antivir System PRO\quarantine.vdb
The program creates the following registry entries:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Antivir System PRO
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AntivirusSystem 2009
HKLM\SOFTWARE\Antivir System PRO
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ieModule
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Antivir System PRO
How to remove Antivirus System 2009 (manual removal) ?
- Terminate all the Antivirus System 2009 processes
- Unregister all the Antivirus System 2009 DLLs
- Delete all the Antivirus System 2009 files
- Delete all the Antivirus System 2009 registry entries
How to remove Antivirus System 2009 (automatic removal) ?
- Download and Install Malware Remover
- Update the database
- Click the button Scan
- Delete infected files
No comments:
Post a Comment