Avscanonline.com
Avscanonline.com is a browser hijacker promoting the rogue anti-spyware application Antivirus 09. It does this by redirecting your web-surfing activities to the Avscanonline.com domain. This is achieved by having a trojan infiltrate your computer via security exploits and modify your browser settings. Once you arrive at the Avscanonline.com web page, your PC is subject to a fake online scan that reports various fictitious infections, all in the hopes of scaring you into purchasing and installing the fake spyware remover Antivirus '09.
File System Modifications
- The following files were created in the system:
# File Name 1 %Documents and Settings%\All Users\Start Menu\Antivirus 2009 2 %Documents and Settings%\All Users\Start Menu\Antivirus 2009\Antivirus 2009.lnk 3 %Documents and Settings%\All Users\Start Menu\Antivirus 2009\Support.lnk 4 %Documents and Settings%\All Users\Start Menu\Antivirus 2009\Uninstall Antivirus 2009.lnk 5 %Program Files%\Antivirus 2009 6 %Program Files%\Antivirus 2009\AV2009.exe 7 %Program Files%\Antivirus 2009\AV2009_Update.exe 8 %Program Files%\Antivirus 2009\scanopt.sys 9 %Program Files%\Antivirus 2009\Support.url 10 %Program Files%\Antivirus 2009\sysdata.sys 11 %Program Files%\Antivirus 2009\SysShield.exe 12 %Program Files%\Antivirus 2009\Uninstall.exe 13 %UserProfile%\Desktop\Antivirus 2009.lnk 14 %WINDOWS%\system32\SysShield.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\SOFTWARE\AV2009HKEY_CURRENT_USER\SOFTWARE\AVP09HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform "AVP09HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Antivirus 2009"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Windows applications server"HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}Antivirus 2009
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.