••• Latest Virus Threat

Latest Virus Threat

Antivirus 2009:

Antivirus 2009 is a new rogue anti-spyware program. It is also a clone of Antivirus 2008 - also a rogue, and one that's produced more clones than any other recently. The list of these clones is long: System Antivirus 2008, Ultimate Antivirus 2008, Vista Antivirus 2008, XP Antivirus 2008 etc.

Like any other of it's predecessors, Antivirus2009 uses trojans, such as Zlob or Vundo, to spread. These trojans lurk in porn/warez websites disguised as video codecs, and, upon entering the system, floods the user with popups and fake system notifications, supposedly to inform him of an infection.

While the system at hand may indeed be infected, Antivirus 2009 will inform the user of this regardless of whether it's true or not. The point of this disinformation is to convince the user he is infected and therefore needs an antispyware program to dispose of the threat. The user might click on one of the popups or notifications, all of which claim they will take him to a legitimate security tool, but try to make him purchase Antivirus2009's "licensed version" instead. Antivirus2009 may redirect web browser to antivirus-premium-scan.com, webscannertools.com, googlescanners-360.com, livesecurityinfo.com, antivirusonlivescan.com, bestantivirusscan.com, antivirus-best.com, internetquarantinesite.com, premiumlivescan.com and secureclick1.com websites that sell the malware. Some of these website are not only fraudulent, but they are also malicious. they are capable of installing additional malwares.

Antivirus 2009 is a scam and should be treated as such: do NOT download or buy it.

Ex.

Antivirus 2009 manual removal:

Kill processes:
av2009.exe av2009[1].exe AV2009Install.exe Antivirus2009.exe

Delete registry values:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\ CurrentVersion\Run\15358943642955870504508370025739

HKEY_LOCAL_MACHINE\SOFTWARE\Antivirus

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\”Antivirus” = “%ProgramFiles%\Antivirus 2009\Antvrs.exe”

HKEY_CURRENT_USER\Software\Antivirus

Unregister DLLs:
shlwapi.dll wininet.dll

Delete files:
av2009.exe av2009install.exe av2009install_0011.exe av2009[1].exe Antivirus2009.exe ieupdates.exe scui.cpl %program_files%\\antivirus 2009\\av2009.exe %startmenu%\\antivirus 2009\\antivirus 2009.lnk %startmenu%\\antivirus 2009\\uninstall antivirus 2009.lnk winsrc.dll %desktopdirectory%\\antivirus 2009.lnk winsrc.dll ieupdates.exe av2009install_0011.exe av2009install.exe %program_files%\\antivirus 2009\\av2009.exe

Delete directories:
C:\Program Files\Antivirus 2009
 

Testimonials

  • At Consolidated Giroux Environment we needed a site specific web site to our industry that would get the attention of engineers and consulting firms. The professionals of the North Studio delivered a product that exceeded our expectations. The team supported us in our learning curve of how the web works and worked with us to get our site quickly online.

    Thank you North Studio for all you support and continuing support.

    Malcolm Wilson & Wendy Phillips, Consolidated Giroux Environment Inc.
  • PLC resolved some serious IT issues we faced in a professional and well coordinated manner. Their response time is quick and their specialized technicians help keep our operations running smoothly. We feel confident in their abilities to tackle any IT issue we may face.

    Lise Bernard, CMA, Controller, Victor Bernard & Sons Ltd, Design Built Mechanical Inc.
  • Our firm has employed PLC Info for our IT needs for almost 2 years now and is very satisfied with their professional approach and knowledgeable staff. We have utilized their services for updating our database, upgrading our network, and providing computer troubleshooting when the need arises.

    PLC Info understands how important a properly working computer network system is to our business. The timely manner in which they worked on our system is proof of their commitment.

    Terry Gallant, P.Eng IT Manager, Boissonnault McGraw Consultant Engineers