What is AntivirusTrigger?
It is a rogue computer product since the program simulates computer virus removal application. Antivirus Trigger is dropped by a Trojan.Zlob which is usually bundled with fake video codec.
Antivirus Trigger will start every time Windows system is started. It is considered as a high-risk rogue software program that shows false error messages, misleading scan results thus warning user that the computer system is infected. Time to time user is prompted to buy licensed program version, which will clean computer from viruses in return. Unfortunately, it is a scam and no further directions pointed by Antivirus Trigger should be regarded.
Note: Antivirus Trigger is not recommended to use as computer security software! It won't be able to clean and protect your computer properly!
Related threats: Virus Response Lab 2009, Virus Trigger
Antivirus Trigger will start every time Windows system is started. It is considered as a high-risk rogue software program that shows false error messages, misleading scan results thus warning user that the computer system is infected. Time to time user is prompted to buy licensed program version, which will clean computer from viruses in return. Unfortunately, it is a scam and no further directions pointed by Antivirus Trigger should be regarded.
Note: Antivirus Trigger is not recommended to use as computer security software! It won't be able to clean and protect your computer properly!
Related threats: Virus Response Lab 2009, Virus Trigger
AntivirusTrigger removal tool:
- Spyware Doctor (see here for the installation guide)
Screenshot:
AntivirusTrigger Entries:
The following dll files are created: cwegus.dll, eebpj.dll, elmnplw.dll, gtckad.dll, ijofmsu.dll, pbhha.dll, pgfshvp.dll, umhzwl.dll
The following files are created:
AvirTr.exe, AnvTrgr.exe
Hijackthis Entries:
O4 Entries:
O4 - HKCU\..\Run: [AvirTr] "C:\Program Files\AvirTrsoftware\AvirTr.exe"
O22 Entries:
O22 - SharedTaskScheduler: demobilisation - {dfb3c1dc-1212-4235-88fd- 98539540f423} - C:\WINDOWS\system32\umhzwl.dll
O22 - SharedTaskScheduler: evacuative - {4d5b7736-a3bc-4e5b-9fa2-1bcc3e587abb} - C:\WINDOWS\system32\cwegus.dll
O22 - SharedTaskScheduler: disaffiliation - {854b8525-c907-4258-bc2e- 7b118037419c} - C:\WINDOWS\system32\eebpj.dll
O22 - SharedTaskScheduler: achromatic - {61d70260-527c-44e8-bb23-2243e93808d3} - C:\WINDOWS\system32\gtckad.dll
O22 - SharedTaskScheduler: fddi - {51e7273d-911a-445a-bf46-bd4b86b0e87b} - C:\WINDOWS\system32\pbhha.dll
O22 - SharedTaskScheduler: defroster - {50e9d039-fb50-4020-a841-1d226ae52b22} - C:\WINDOWS\system32\pgfshvp.dll
O22 - SharedTaskScheduler: cacara - {341bd909-3367-4307-b37d-fb1cc56387ad} - C:\ WINDOWS\system32\elmnplw.dll
O22 - SharedTaskScheduler: bussebuschke - {2ecca339-c274-40e3-a582-ef4c0e917639} - C:\WINDOWS\system32\ijofmsu.dll
O4 - HKCU\..\Run: [AvirTr] "C:\Program Files\AvirTrsoftware\AvirTr.exe"
O22 Entries:
O22 - SharedTaskScheduler: demobilisation - {dfb3c1dc-1212-4235-88fd- 98539540f423} - C:\WINDOWS\system32\umhzwl.dll
O22 - SharedTaskScheduler: evacuative - {4d5b7736-a3bc-4e5b-9fa2-1bcc3e587abb} - C:\WINDOWS\system32\cwegus.dll
O22 - SharedTaskScheduler: disaffiliation - {854b8525-c907-4258-bc2e- 7b118037419c} - C:\WINDOWS\system32\eebpj.dll
O22 - SharedTaskScheduler: achromatic - {61d70260-527c-44e8-bb23-2243e93808d3} - C:\WINDOWS\system32\gtckad.dll
O22 - SharedTaskScheduler: fddi - {51e7273d-911a-445a-bf46-bd4b86b0e87b} - C:\WINDOWS\system32\pbhha.dll
O22 - SharedTaskScheduler: defroster - {50e9d039-fb50-4020-a841-1d226ae52b22} - C:\WINDOWS\system32\pgfshvp.dll
O22 - SharedTaskScheduler: cacara - {341bd909-3367-4307-b37d-fb1cc56387ad} - C:\ WINDOWS\system32\elmnplw.dll
O22 - SharedTaskScheduler: bussebuschke - {2ecca339-c274-40e3-a582-ef4c0e917639} - C:\WINDOWS\system32\ijofmsu.dll