English 
Deutsch
Español
Français
Portuguese
Antivirus Pro 2009 Antivirus Pro 2009
By
GoldSparrow in Rogue Anti-Spyware Program |
348 views
(No Ratings Yet)
Loading ...
Antivirus Pro 2009 Description
Antivirus Pro 2009, a clone of AntiSpywareXP 2009 and XP AntiSpyware 2009, is a rogue anti-spyware application and part of the Antivirus XP family. Antivirus Pro 2009 is often installed by the Braviax or Zlob Trojan that generates pop up ads displaying false security warnings in order to trick computer users into purchasing their bogus software.
Antivirus Pro 2009’s pop up ads may read:
“Trojan detected!
A piece of malicious code was found on your system which can
replicate itself if no action is taken. Click here to have your
system cleaned by Antivirus Pro 2009.”
Once the user is infected, Antivirus Pro 2009 may also upload additional rogue registry cleaners or system optimizers and privacy guards.
In addition, Antivirus Pro 2009 is known to create fake malware files to later detect them as malicious. These supposed infections will not be removed unless the user purchases Antivirus Pro 2009’s full version of the program. Antivirus Pro 2009 may also cause the user’s system to disorder and erase data. Antivirus Pro 2009 will use all means necessary to make the user believe he/she needs to buy this rogue software.
Moreover, Antivirus Pro 2009 may configure itself to launch on every Windows startup. Once it’s running, Antivirus Pro 2009 may also hijack the user’s Internet Explorer. While the user is surfing the web, he/she will receive a screen stating that there has been insecure Internet activity and that the user is at risk of being attacked by a virus. The user may choose between being redirected to the website unprotected or getting the protection. Whatever the user chooses, he/she will be redirected to a malicious website that sells Antivirus Pro 2009 as a legitimate software.
Don’t be tricked by Antivirus Pro 2009’s fraudulent tactics and remove the Antivirus Pro 2009 infection right away.
Type: Rogue AntiSpyware Programs
How Can You Detect Antivirus Pro 2009?
Antivirus Pro 2009 Technical Report
As new Antivirus Pro 2009 details are reported by our customers and findings from our Threat Research Center, we will update this section.
The following Antivirus Pro 2009 files with its MD5s were created in the system:
| File Name | File Size | MD5 |
|---|
| AntivirusPro2009.exe | 596811 | 8b81b491843d0c0b680cd4755f5491e5 |
| AntivirusPro2009.exe | 596811 | 69be94fcd3c48e08d8273751e86cf5fd |
| AntivirusPro2009.exe | 596811 | e69ae4bc1266f93a587c5ef6a24f9ddf |
| AntivirusPro2009.exe | 596811 | 76ad9ea2a9a402a9657697d72fc729e6 |
| AntivirusPro2009.exe | 597323 | 7a240b4b947fa684d0b0704ea49d5134 |
| AntivirusPro2009.exe | 597323 | 3e2f4902ee7b55cd7f9d184f259f4a05 |
| AntivirusPro2009.exe | 597835 | 5b202510c19d8d783fed43d7642d1af6 |
| AntivirusPro2009.exe | 597835 | 1e8701a732cfb621bd0737aac3042a94 |
| Setup[1].exe | 2375776 | b422311dbdda30b9ad80ac2304e5be57 |
| StartApp.exe | 17760 | c816d413c0deb8c1f7531c9d21bec605 |
| wini108013.exe | 125883 | 1f8cb8e814f65c33264d0958bc16c4b7 |
| AntivirusPro2009.exe | 597372 | 2abd315a08145e212b48f8224102db94 |
Antivirus Pro 2009 has typically the following processes in memory:
- c:\Program Files\AVP2009\avp2009.exe
- AVP2009.exe
- %PROGRAMFILES%\AntivirusPro\StartApp.exe
- AntivirusPro2009.exe
- %PROGRAMFILES%\AntivirusPro2009\AntivirusPro2009.exe
Antivirus Pro 2009 created the following directories, files, paths:
- %UserProfile%\Start Menu\Programs\AntivirusPro
- %UserProfile%\Start Menu\Programs\AntivirusPro2009
Antivirus Pro 2009 creates the following registry entries:
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Antivirus”
- AntivirusPro2009
- HKEY_CURRENT_USER\Software\AVP2009
- HKEY_CLASSES_ROOT\.key
- HKEY_CURRENT_USER\Software\AntiVirus
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “Antivirus”
Important Article Disclaimer
