System Alert:Virus Chin09.Win
System Alert:Virus Chin09.Win is a fake warning message associated with the Dr.Guard rogue antispyware program. Dr. Guard and its alerts are deceitful so do not fall for this trickery. System Alert:Virus Chin09.Win will never stop until you delete Dr. Guard from the compromised system. Remove Dr. Guard immediately after System Alert:Virus Chin09.Win appears on your desktop.
File System Modifications
- The following files were created in the system:
# File Name 1 %Documents and Settings%\[UserName]\Application Data\Microsoft\Internet Explorer\Quick Launch\Dr. Guard.lnk 2 %Documents and Settings%\[UserName]\Desktop\Dr. Guard Support.lnk 3 %Documents and Settings%\[UserName]\Desktop\Dr. Guard.lnk 4 %Documents and Settings%\[UserName]\Start Menu\Programs\Dr. Guard 5 %Documents and Settings%\[UserName]\Start Menu\Programs\Dr. Guard\About.lnk 6 %Documents and Settings%\[UserName]\Start Menu\Programs\Dr. Guard\Activate.lnk 7 %Documents and Settings%\[UserName]\Start Menu\Programs\Dr. Guard\Buy.lnk 8 %Documents and Settings%\[UserName]\Start Menu\Programs\Dr. Guard\Dr. Guard Support.lnk 9 %Documents and Settings%\[UserName]\Start Menu\Programs\Dr. Guard\Dr. Guard.lnk 10 %Documents and Settings%\[UserName]\Start Menu\Programs\Dr. Guard\Scan.lnk 11 %Documents and Settings%\[UserName]\Start Menu\Programs\Dr. Guard\Settings.lnk 12 %Documents and Settings%\[UserName]\Start Menu\Programs\Dr. Guard\Update.lnk 13 %Program Files%\Dr. Guard 14 %Program Files%\Dr. Guard\about.ico 15 %Program Files%\Dr. Guard\activate.ico 16 %Program Files%\Dr. Guard\buy.ico 17 %Program Files%\Dr. Guard\drg.db 18 %Program Files%\Dr. Guard\drgext.dll 19 %Program Files%\Dr. Guard\drghook.dll 20 %Program Files%\Dr. Guard\drguard.exe 21 %Program Files%\Dr. Guard\help.ico 22 %Program Files%\Dr. Guard\scan.ico 23 %Program Files%\Dr. Guard\settings.ico 24 %Program Files%\Dr. Guard\splash.mp3 25 %Program Files%\Dr. Guard\uninstall.exe 26 %Program Files%\Dr. Guard\update.ico 27 %Program Files%\Dr. Guard\virus.mp3 28 %Temp%\asr64_ldm.exe 29 drgext.dll 30 drghook.dll
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = "1"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Dr. Guard"HKEY_LOCAL_MACHINE\SOFTWARE\Dr. GuardHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{5E2121EE-0300-11D4-8D3B-444553540000}"HKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\SimpleShlExtHKEY_CLASSES_ROOT\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\SimpleShlExtHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}Dr. Guard
Additional Information on System Alert:Virus Chin09.Win
- The following messages's were detected:
# Message 1 System Alert:Virus Chin09.Win Defenseless OS: Windows 2000/XP/Vista
Description: Virus try to damage your documents and bust file system..
Protection: Please, click the ballon to get details.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.