1. Symantec/
  2. Security Response/
  3. AntivirusDoktor2009

AntivirusDoktor2009

Updated:
June 1, 2009 8:42:13 AM
Type:
Misleading Application
Name:
AntivirusDoktorNE
Version:
1.0.0.1
Publisher:
antivirus-doktor.com
Risk Impact:
Medium
Systems Affected:
Windows
Behavior
The program must be manually installed.

The program reports false or exaggerated system security threats on the computer.





The user is then prompted to pay for a full license of the application in order to remove the threats.





Installation
When the program is executed, it creates the following folders:
  • %UserProfile%\Desktop\antivirusDoktor2009
  • %SystemDrive%\Documents and Settings\All Users\AVP 2009
  • %CommonProgramFiles%\Antivirus Doktor 2009


It also creates the following files:
  • %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus Doktor 2009.lnk
  • C:\Documents and Settings\All Users\Desktop\Antivirus Doktor 2009.lnk
  • C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus Doktor 2009\Antivirus Doktor 2009 entfernen.lnk
  • C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus Doktor 2009\Antivirus Doktor 2009.lnk
  • %ProgramFiles%\Antivirus Doktor 2009\Antivirus Doktor 2009.exe
  • %ProgramFiles%\Antivirus Doktor 2009\Close.exe
  • %ProgramFiles%\Antivirus Doktor 2009\definitions\1.dat
  • %ProgramFiles%\Antivirus Doktor 2009\EngineAP.dll
  • %ProgramFiles%\Antivirus Doktor 2009\ScheduleAP.txt
  • %ProgramFiles%\Antivirus Doktor 2009\unins000.dat
  • %ProgramFiles%\Antivirus Doktor 2009\unins000.exe
  • %System%\MSVolume.dll


Next, the program creates the following registry subkey:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Antivirus Doktor 2009_is1
Summary| Technical Details| Removal

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
2016 Internet Security Threat Report, Volume 21
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube