Windows Antivirus Pro
Windows Antivirus Pro is a fake anti-spyware application. Windows Antivirus Pro uses several misleading methods to extort money from computer users who choose to purchase a full version of Windows Antivirus Pro in hopes to detect and remove parasites from their computer. Windows Antivirus Pro is not able to detect or remove computer parasites or provide any additional security protection for a Windows PC.
It is recommended that Windows Antivirus Pro be removed before it is able to cause damage to your system by creating bogus registry entries or installing malicious executable files. Windows Antivirus Pro may be difficult to manually detect or remove because it is able to load at startup of Windows.
File System Modifications
- The following files were created in the system:
# File Name File Size (bytes) File Hash 1 %UserProfile%\Desktop\Windows Antivirus Pro.lnk N/A N/A 2 %UserProfile%\Start Menu\Programs\Windows Antivirus Pro N/A N/A 3 %UserProfile%\Start Menu\Programs\Windows Antivirus Pro\Windows Antivirus Pro.lnk N/A N/A 4 AntipPro2009_12 N/A N/A 5 c:\Program Files\Windows Antivirus Pro\ N/A N/A 6 c:\Program Files\Windows Antivirus Pro\ANTI_files.exe N/A N/A 7 c:\Program Files\Windows Antivirus Pro\msvcm80.dll N/A N/A 8 c:\Program Files\Windows Antivirus Pro\msvcp80.dll N/A N/A 9 c:\Program Files\Windows Antivirus Pro\msvcr80.dll N/A N/A 10 C:\Program Files\Windows Antivirus Pro\tmp\ N/A N/A 11 C:\Program Files\Windows Antivirus Pro\tmp\dbsinit.exe N/A N/A 12 C:\Program Files\Windows Antivirus Pro\tmp\images\ N/A N/A 13 C:\Program Files\Windows Antivirus Pro\tmp\images\i1.gif N/A N/A 14 C:\Program Files\Windows Antivirus Pro\tmp\images\i2.gif N/A N/A 15 C:\Program Files\Windows Antivirus Pro\tmp\images\i3.gif N/A N/A 16 C:\Program Files\Windows Antivirus Pro\tmp\images\j1.gif N/A N/A 17 C:\Program Files\Windows Antivirus Pro\tmp\images\j2.gif N/A N/A 18 C:\Program Files\Windows Antivirus Pro\tmp\images\j3.gif N/A N/A 19 C:\Program Files\Windows Antivirus Pro\tmp\images\jj1.gif N/A N/A 20 C:\Program Files\Windows Antivirus Pro\tmp\images\jj2.gif N/A N/A 21 C:\Program Files\Windows Antivirus Pro\tmp\images\jj3.gif N/A N/A 22 C:\Program Files\Windows Antivirus Pro\tmp\images\l1.gif N/A N/A 23 C:\Program Files\Windows Antivirus Pro\tmp\images\l2.gif N/A N/A 24 C:\Program Files\Windows Antivirus Pro\tmp\images\l3.gif N/A N/A 25 C:\Program Files\Windows Antivirus Pro\tmp\images\pix.gif N/A N/A 26 C:\Program Files\Windows Antivirus Pro\tmp\images\t1.gif N/A N/A 27 C:\Program Files\Windows Antivirus Pro\tmp\images\t2.gif N/A N/A 28 C:\Program Files\Windows Antivirus Pro\tmp\images\up1.gif N/A N/A 29 C:\Program Files\Windows Antivirus Pro\tmp\images\up2.gif N/A N/A 30 C:\Program Files\Windows Antivirus Pro\tmp\images\w1.gif N/A N/A 31 C:\Program Files\Windows Antivirus Pro\tmp\images\w11.gif N/A N/A 32 C:\Program Files\Windows Antivirus Pro\tmp\images\w2.gif N/A N/A 33 C:\Program Files\Windows Antivirus Pro\tmp\images\w3.gif N/A N/A 34 C:\Program Files\Windows Antivirus Pro\tmp\images\w3.jpg N/A N/A 35 C:\Program Files\Windows Antivirus Pro\tmp\images\wt1.gif N/A N/A 36 C:\Program Files\Windows Antivirus Pro\tmp\images\wt2.gif N/A N/A 37 C:\Program Files\Windows Antivirus Pro\tmp\images\wt3.gif N/A N/A 38 C:\Program Files\Windows Antivirus Pro\tmp\wispex.html N/A N/A 39 c:\Program Files\Windows Antivirus Pro\Windows Antivirus Pro.exe N/A N/A 40 c:\WINDOWS\ppp3.dat N/A N/A 41 c:\WINDOWS\ppp4.dat N/A N/A 42 c:\WINDOWS\svchast.exe N/A N/A 43 c:\WINDOWS\system32\bennuar.old N/A N/A 44 c:\WINDOWS\system32\dddesot.dll N/A N/A 45 c:\WINDOWS\system32\desot.exe N/A N/A 46 c:\WINDOWS\system32\sysnet.dat N/A N/A 47 dbsinit.exe 93,207 c56d7e972adfdd33b5edd30e5eaff45e 48 dddesot.dll 827,392 6763d5e252a4d9a8de44ad9a366ad13b 49 desot.exe 65,536 618e7701ebbde277ff08f54ef7a764fb 50 eventcreatexp.exe 619,008 2845c3ce19df8f739c02e5306c216b55 51 svchast.exe 176,128 90a91811c024dcdd991520bb2d5ca737 52 Windows Antivirus Pro.exe 1,021,960 25887d7d41b8e87a3ce469d7e5cc3162 53 Windows Antivirus Pro.lnk N/A N/A
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\SoftimerHKEY_CURRENT_USER\Software\Windows Antivirus ProHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F54AF7DE-6038-4026-8433-CC30E3F17212}HKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOT\CLSID\{425882B0-B0BF-11CE-B59F-00AA006CB37D}HKEY_CLASSES_ROOT\CLSID\{F54AF7DE-6038-4026-8433-CC30E3F17212}HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AntipPro2009_12HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AntipPro2009_12HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}Win Antivirus Pro - The following CLSID's were detected:
HKEY..\..\{CLSID Path}77DC0B63-1535-4ba9-8BE8-D59EB676FA0276DC0B63-1533-4ba9-8BE8-D59EB676FA02F54AF7DE-6038-4026-8433-CC30E3F17212
Additional Information on Windows Antivirus Pro
- The following messages's were detected:
# Message 1 Warning: Infection is Detected Windows has found spyware infection on your computer!
Click here to update your Windows antivirus software...2 Internet attack attempt detected: Somebody is truing to attack your PC:
This can result in loss of your personal information and infection other computers connected to your network.
Click here to prevent attack.3 Security Warning There are critical system files on your computer that were modified by malicious program. It will cause unstable work of your system and permanent data loss. Click here to undo performed modifications and remove malicious software (Highly recommended).
- The following paths were detected:
# Path 1 %UserProfile%\Start Menu\Programs\Windows Antivirus Pro 2 %ProgramFiles%\Windows Antivirus Pro
Related Posts
- Promsmotion.com
- Loadpreciseintenselyinfo-program.info
- Loadquickgreatlyinfo-program.info online
- Holidayperfectionpromotionals.com
- Ziproar.com
Hello,
Windows Antivirus Pro appeared on my computer a couple of days ago and I've removed it via Add/Remove programs. I cannot SEE it anywhere on my computer, but I still have it because I've tried many, many programs such as McAffee, Malwarebytes Anti Malware, Spyhunter, AVG, Avast!, and a few others. I end up deleting most of them because they stop scanning and close up. If I try opening them again, I am notified that I do not have the permission to open the program. Also, I cannot use search engines because they direct me to totally different sites.
I've also used Task Manager to look for processes and such but I'm not finding anything. Can someone please help me remove this? (once again, my antivirus programs are closing up on me and are being hijacked; i will not install anymore. I need another method.)
Thanks in advance
Your help is important but one small problem is that to even find out about your program I had to use my laptop. The "Windows Antivirus Pro" virus/malware has disabled my PC to the extent that I could not access the internet to download your software. I am currently trying to manually remove the software.
i JUST BOUGHT THE WINDOWS ANTI VIRAL PRO PRO AND WAS NOT ABLE TO PRINT THE SERIAL ID FOR THE NEW PRODUCT. THIS FACT WORRIED ME AND CLUED ME INTO THE IDEA THAT MAYBE I HAD JUST BEEN SCAMMED,SO I SEARCHED FOR THE PRODUCT AND FOUND YOUR WEB SITE AND DOWNLOADED YOU SY ADD WARE. I'M READY TO CALL MY BANK AND SEE IF THEY CAN BLOCK THE PURCHASE.
I have been invated with virs that says that it is Windows Prpo (antivirus) it keeps asking for a credit card to purchase a system to killy the Virus that have invaded my system...I have completed their application 3 time and gave then my credit card