Testversion Popup
The following popup:
"Testversion. ACHTUNG. Unser Scanner hat zahlreiche Probleme auf lhrem PC gefunden, die sofort nach dem Kauf eines zum Freischalten unseres Programms notwendigen Aktivierungscodes gelost werden konnen. Um den Aktivierungscode zu erwerben, klicken Sie HIER."
is not a legitimate warning, but rather a misleading popup displayed by the rogue anti-virus program Antivirus Doktor. This parasite uses this and other tactics, to trick you into thinking that your PC is infected and in need of anti-viral software, when the only infection they have is Antivirus Doktor itself.
File System Modifications
- The following files were created in the system:
# File Name 1 %ProgramFiles%\Antivirus Doktor 2009\Antivirus Doktor 2009.exe 2 %ProgramFiles%\Antivirus Doktor 2009\Close.exe 3 %ProgramFiles%\Antivirus Doktor 2009\definitions\1.dat 4 %ProgramFiles%\Antivirus Doktor 2009\EngineAP.dll 5 %ProgramFiles%\Antivirus Doktor 2009\ScheduleAP.txt 6 %ProgramFiles%\Antivirus Doktor 2009\unins000.dat 7 %ProgramFiles%\Antivirus Doktor 2009\unins000.exe 8 %SystemDrive%\Documents and Settings\All Users\AVP 2009 9 %UserProfile%\Application Data\AntivirusSystem 2009\ 10 %UserProfile%\Application Data\AntivirusSystem 2009\settings.ini 11 %UserProfile%\Application Data\AntivirusSystem 2009\uill.ini 12 %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus Doktor 2009.lnk 13 %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\AntivirusSystem 2009.lnk 14 %UserProfile%\Desktop\antivirusDoktor2009 15 %UserProfile%\Desktop\AntivirusDoktor2009.exe 16 %UserProfile%\Desktop\AntivirusSystem 2009.lnk 17 %UserProfile%\Start Menu\AntivirusSystem 2009.lnk 18 %UserProfile%\Start Menu\Programs\AntivirusSystem 2009.lnk 19 2009.lnk 20 C:\Documents and Settings\All Users\Desktop\Antivirus Doktor 2009.lnk 21 C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus Doktor 2009\Antivirus Doktor 22 C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus Doktor 2009\Antivirus Doktor 2009 entfernen.lnk
Registry Modifications
- The following newly produced Registry Values are:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "AntivirusSystem 2009"HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}Antivirus Doktor 2009_is1AntivirusSystem 2009
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.