Fast Antivirus 2009
Fast Antivirus 2009 is another fake computer security scanner that belongs to family of rogue programs including MalwareCatcher, VirusShield, Extra Anvitirus and many more. Fast Antivirus 2009 will display fake security alerts and perform its own virus scanning followed by warning messages about potential threats found on the computer. To remove the infections, it will advise computer users to acquire the registered version of the program.
Malicious web sites and Trojans are the top carrier of Fast Antivirus 2009. During user’s visit to malicious web site, it executes a script that downloads and installs Fast Antivirus 2009 even without intervention. Additionally, Trojan may sneak into the system and locate vulnerabilities, which it can exploit to conceal the download and execution of Fast Antivirus 2009.
Once loaded, Trojan may directly modify system configuration and registry values that allow Fast Antivirus 2009 to run when Windows starts. From here on, the rogue program will perform other payload that controls the operation of the computer.
Screen Shot Image:
Technical Details and Additional Information:
Damage Level: Medium
Systems Affected: Windows 9x, 2000, XP, Vista
Malware Behavior
While Fast Antivirus 2009 is running on the computer, it continuously exhibit false security alerts originating from system tray. It mimics Windows’ legitimate pop-up alerts to deceive user. One sample alert may contain this message:
System Alert
Suspicious software, which may be malicious, has been detected on your PC. Click here to remove this threat immediately with Fast Antivirus 2009.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Fast Antivirus 2009"Associated Files and Folders:
c:\Documents and Settings\All Users\Application Data\5tsgg6x\17.mof c:\Documents and Settings\All Users\Application Data\5tsgg6x\FastAV.exe c:\Documents and Settings\All Users\Application Data\5tsgg6x\mozcrt19.dll c:\Documents and Settings\All Users\Application Data\5tsgg6x\sqlite3.dll c:\Documents and Settings\All Users\Application Data\5tsgg6x\SysFld c:\Documents and Settings\All Users\Application Data\5tsgg6x\SysFld\vd952342.bd c:\Documents and Settings\All Users\Application Data\SysFld\fastav.cfg %UserProfile%\Application Data\Fast Antivirus 2009\cookies.sqlite %UserProfile%\Application Data\Fast Antivirus 2009\Instructions.ini %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Fast Antivirus 2009.lnk %UserProfile%\Desktop\Fast Antivirus 2009.lnk %UserProfile%\Recent\ANTIGEN.sys %UserProfile%\Recent\cid.dll %UserProfile%\Recent\CLSV.dll %UserProfile%\Recent\CLSV.tmp %UserProfile%\Recent\ddv.dll %UserProfile%\Recent\dudl.dll %UserProfile%\Recent\eb.drv %UserProfile%\Recent\eb.tmp %UserProfile%\Recent\energy.sys %UserProfile%\Recent\fix.drv %UserProfile%\Recent\gid.exe %UserProfile%\Recent\PE.drv %UserProfile%\Recent\PE.sys %UserProfile%\Recent\PE.tmp %UserProfile%\Recent\SICKBOY.dll %UserProfile%\Recent\tempdoc.sys %UserProfile%\Start Menu\Fast Antivirus 2009.lnk %UserProfile%\Start Menu\Programs\Fast Antivirus 2009.lnk
How to Remove Fast Antivirus 2009
Manual Removal Procedure
1. Kill any running process that belongs to Fast Antivirus 2009.
- Press Ctrl+Alt+Del on your keyboard.
- When Windows Task Manager appears, look for the following files and click End Task.
FastAV.exe
2. Delete all registry entries that belong to this malware.
- Press [Windows Key]+R on your keyboard.
- In the 'Open' dialog box, type regedit. This will open registry editor.
- Find and delete the following:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Fast Antivirus 2009"
- Close registry editor. Changes made will be save automatically.
3. Scan the computer with antivirus program.
- Connect to Internet and open your antivirus software. Please Update to obtain the latest database and necessary files.
- Restart the computer in Safe Mode.
- Just before Windows logo begins to load press F8 on your keyboard.
- On Windows Advanced Boot Options, select Safe Mode and press Enter.
4. Delete all files dropped by Fast Antivirus 2009.
- While still in Safe Mode, search and delete malicious files. Please refer to 'Associated Files and Folders.'