1. What is AntivirusTrigger?
It is a rogue computer product since the program simulates computer virus removal application. Antivirus Trigger is dropped by a Trojan.Zlob which is usually bundled with fake video codec.
Antivirus Trigger will start every time Windows system is started. It is considered as a high-risk rogue software program that shows false error messages, misleading scan results thus warning user that the computer system is infected. Time to time user is prompted to buy licensed program version, which will clean computer from viruses in return. Unfortunately, it is a scam and no further directions pointed by Antivirus Trigger should be regarded.
Note: Antivirus Trigger is not recommended to use as computer security software! It won't be able to clean and protect your computer properly!
Related threats: Virus Response Lab 2009, Virus Trigger
Antivirus Trigger will start every time Windows system is started. It is considered as a high-risk rogue software program that shows false error messages, misleading scan results thus warning user that the computer system is infected. Time to time user is prompted to buy licensed program version, which will clean computer from viruses in return. Unfortunately, it is a scam and no further directions pointed by Antivirus Trigger should be regarded.
Note: Antivirus Trigger is not recommended to use as computer security software! It won't be able to clean and protect your computer properly!
Related threats: Virus Response Lab 2009, Virus Trigger
2. AntivirusTrigger screen shot:
3. How to remove AntivirusTrigger:
- Internet connection might be disabled or Internet browser might be blocked by AntivirusTrigger, so it won't be possible to download any files to infected computer. In this case please download all files required for AntivirusTrigger removal to another computer and then transfer them on the infected one using CD/DVD or USB flash drive.
- To remove AntivirusTrigger download Spyware Doctor and install the program (for the installation guide click here). Before installation, make sure all other programs and windows are closed.
-
After the installation, computer scan should be started automatically. If so, please move to the next step. If not, click "Status" on the left side menu and press "Scan Now" button to run computer scanner as shown in the picture below:
-
After the scan has been completed and scan results have been generated, press "Fix Checked" button to remove AntivirusTrigger.
- Restart the computer to complete AntivirusTrigger removal procedure.
4. AntivirusTrigger files:
cwegus.dll, eebpj.dll, elmnplw.dll, gtckad.dll, ijofmsu.dll, pbhha.dll, pgfshvp.dll, umhzwl.dllAvirTr.exe, AnvTrgr.exe
5. Hijackthis entries:
O4 Entries: |
O4 - HKCU\..\Run: [AvirTr] "C:\Program Files\AvirTrsoftware\AvirTr.exe" |
O22 Entries: |
O22 - SharedTaskScheduler: demobilisation - {dfb3c1dc-1212-4235-88fd- 98539540f423} - C:\WINDOWS\system32\umhzwl.dll |
O22 - SharedTaskScheduler: evacuative - {4d5b7736-a3bc-4e5b-9fa2-1bcc3e587abb} - C:\WINDOWS\system32\cwegus.dll |
O22 - SharedTaskScheduler: disaffiliation - {854b8525-c907-4258-bc2e- 7b118037419c} - C:\WINDOWS\system32\eebpj.dll |
O22 - SharedTaskScheduler: achromatic - {61d70260-527c-44e8-bb23-2243e93808d3} - C:\WINDOWS\system32\gtckad.dll |
O22 - SharedTaskScheduler: fddi - {51e7273d-911a-445a-bf46-bd4b86b0e87b} - C:\WINDOWS\system32\pbhha.dll |
O22 - SharedTaskScheduler: defroster - {50e9d039-fb50-4020-a841-1d226ae52b22} - C:\WINDOWS\system32\pgfshvp.dll |
O22 - SharedTaskScheduler: cacara - {341bd909-3367-4307-b37d-fb1cc56387ad} - C:\ WINDOWS\system32\elmnplw.dll |
O22 - SharedTaskScheduler: bussebuschke - {2ecca339-c274-40e3-a582-ef4c0e917639} - C:\WINDOWS\system32\ijofmsu.dll |