System Alert:Virus Chin09.Win
System Alert:Virus Chin09.Win is a fake system tray pop-up notification used by the rogue anti-spyware Dr.Guard. System Alert:Virus Chin09.Win is used to scare victims into thinking that their computer systems are infected with dangerous malware that can only be removed with the purchase of the "full" version of Dr.Guard. Once a victim clicks on the System Alert:Virus Chin09.Win notification, he/she will be redirected to its affiliate website. Users are advised to ignore System Alert:Virus Chin09.Win and use a legitimate computer security application to automatically remove Dr.Guard.
Table of Contents
File System Details
System Alert:Virus Chin09.Win may create the following file(s):
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | %Program Files%\Dr. Guard\drgext.dll | |
| 2. | %Program Files%\Dr. Guard\uninstall.exe | |
| 3. | drgext.dll | |
| 4. | %Program Files%\Dr. Guard\drguard.exe | |
| 5. | drghook.dll | |
| 6. | %Program Files%\Dr. Guard\drghook.dll | |
| 7. | %Temp%\asr64_ldm.exe | |
| 8. | %Program Files%\Dr. Guard\activate.ico | |
| 9. | %Program Files%\Dr. Guard\help.ico | |
| 10. | %Program Files%\Dr. Guard\splash.mp3 | |
| 11. | %Documents and Settings%\[UserName]\Desktop\Dr. Guard Support.lnk | |
| 12. | %Documents and Settings%\[UserName]\Start Menu\Programs\Dr. Guard\About.lnk | |
| 13. | %Documents and Settings%\[UserName]\Start Menu\Programs\Dr. Guard\Dr. Guard Support.lnk | |
| 14. | %Documents and Settings%\[UserName]\Start Menu\Programs\Dr. Guard\Settings.lnk | |
| 15. | %Program Files%\Dr. Guard\about.ico | |
| 16. | %Program Files%\Dr. Guard\drg.db | |
| 17. | %Program Files%\Dr. Guard\settings.ico | |
| 18. | %Program Files%\Dr. Guard\virus.mp3 | |
| 19. | %Documents and Settings%\[UserName]\Start Menu\Programs\Dr. Guard | |
| 20. | %Documents and Settings%\[UserName]\Start Menu\Programs\Dr. Guard\Buy.lnk | |
| 21. | %Documents and Settings%\[UserName]\Start Menu\Programs\Dr. Guard\Scan.lnk | |
| 22. | %Documents and Settings%\[UserName]\Application Data\Microsoft\Internet Explorer\Quick Launch\Dr. Guard.lnk | |
| 23. | %Program Files%\Dr. Guard | |
| 24. | %Program Files%\Dr. Guard\buy.ico | |
| 25. | %Program Files%\Dr. Guard\scan.ico | |
| 26. | %Program Files%\Dr. Guard\update.ico | |
| 27. | %Documents and Settings%\[UserName]\Desktop\Dr. Guard.lnk | |
| 28. | %Documents and Settings%\[UserName]\Start Menu\Programs\Dr. Guard\Activate.lnk | |
| 29. | %Documents and Settings%\[UserName]\Start Menu\Programs\Dr. Guard\Dr. Guard.lnk | |
| 30. | %Documents and Settings%\[UserName]\Start Menu\Programs\Dr. Guard\Update.lnk |
Registry Details
System Alert:Virus Chin09.Win may create the following registry entry or registry entries:
HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\SimpleShlExt
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = "1"
HKEY_CLASSES_ROOT\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Dr. Guard
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{5E2121EE-0300-11D4-8D3B-444553540000}"
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\SimpleShlExt
HKEY_LOCAL_MACHINE\SOFTWARE\Dr. Guard
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Dr. Guard"
Messages
The following messages associated with System Alert:Virus Chin09.Win were found:
|
System Alert:Virus Chin09.Win
Defenseless OS: Windows 2000/XP/Vista Description: Virus try to damage your documents and bust file system.. Protection: Please, click the ballon to get details. |
