AV Protection Online
AV Protection Online Description
AV Protection Online is an AV scamware program that slaps fake alerts and infection warnings onto your screen to incite a furor, before AV Protection Online tries to lull you with promises of normalcy if you’ll only purchase AV Protection Online’s full-registered and activated version. Despite AV Protection Online’s claims, however, AV Protection Online doesn’t have any real anti-virus features and can’t do more than create inaccurate pop-ups and cripple your real security programs. While AV Protection Online or related infections are active, SpywareRemove.com malware experts warn against potential browser hijacks that can force your browser towards an AV Protection Online-affiliated website. Instead of spending money at such fraudulent sites, it’s suggested that you remove AV Protection Online with a good anti-malware program and, in doing so, put a halt to all of AV Protection Online’s symptoms.AV Protection Online: the Charade of Security That It Dishes Up in Lieu of Real AV Protection
AV Protection Online looks exactly like a real anti-virus program and markets itself as such, but SpywareRemove.com malware researchers have tied AV Protection Online to other rogue AV programs that are equally well-known for fraudulent tactics. AV Protection Online can be considered functionally identical to other members of the FakeScanti family such as AV Protection 2011, Win 7 2012, Home Security Solutions, Security Guard 2012, AV Guard Online, Security Guard, Super AV 2013, AV Security Essentials, Wireshark Antivirus, Rogue.Data Restore, Super AV, Internet Security Guard, OpenCloud Antivirus, AV Protection 2012, BlueFlare Antivirus, Sysinternals Antivirus, Milestone Antivirus, Sphere Security 2012, Your PC Protector, Wolfram Antivirus, Cloud Protection, AV Secure 2012, System Protection 2012, System Protection, OpenCloud Security, AV Security 2012 and Cloud AV 2012. Like them, AV Protection Online has been confirmed to create a variety of rather non-protective problems for any PC that AV Protection Online infects, including (but not limited to):
- Browser hijacks that redirect your web browser to AV Protection Online’s own website or the website of a related fake anti-virus program. Any contact with these sites may cause other infections, such as Trojans, rootkits or spyware to be installed without your consent.
- AV Protection Online may try to block your real security and anti-virus programs to stop you from removing AV Protection Online. Renaming the executable files into generic names (such as ‘explorer.exe) or rebooting and launching Safe Mode, will let you get past AV Protection Online’s little blacklist so that you can use appropriate software.
- You may also experience changes in your browser settings, desktop settings or proxy server settings that make your PC appear to be infected by a wide range of PC threats, but AV Protection Online is, in fact, almost certain to be the direct source of any other system problems experienced, even if AV Protection Online creates error messages to make it appear as though another program is at fault.
Good Information – Your Best Defense Against AV Protection Online Attacks
Along with the serious problems described earlier, AV Protection Online is also capable of creating less serious but equally irritating error messages that mislead you about your computer’s health.
svchost.exe
svchost.exe was replaced with unauthorized program.
It has encountered a problem and needs to close.
If you were in the middle of something, the information you were working on might be lost.
Please tell Microsoft about this problem.
We have created an error report that you can send to us. We will treat this report as confidential and anonymous.
Windows Security Alert
To help protect your computer, Windows Firewall has blocked some features of this program.
Do you want to keep blocking this program?
Name: Zeus Trojan
Publisher: Unauthorized
Warning! Infection found
Unauthorized sending E-MAIL with subject “RE:” to [FAKE EMAIL] was CANCELLED.
Warning! Infection found
Unwanted software (malware) or tracking cookies have been found during last scan. It is highly recommended to remove it from your computer.
Keylogger Zeus was detected and put in quarantine.
Keylogger Zeus is a very dangerous software used by criminals to steal personal data such as credit card information, access to banking accounts, passwords to social networks and e-mails.
Security Warning
Your computer continues to be infected with harmful viruses. In order to prevent permanent loss of your information and credit card data theft please activate your antivirus software. Click here to enable protection.
Security Warning
Malicious programs that may steal your private information and prevent your system from working properly are detected on your computer.
Click here to clean your PC immediately.
Security Warning
There are critical system files on your computer that were modified by malicious software.
It may cause permanent data loss.
Click here to remove malicious software.
Warning: Infection is Detected
Windows has found spyware infection on your computer!
Click here to update your Windows antivirus software
Warning: Spyware Detected
Windows has found spy programs running on your computer!
Click here to update your Windows antivirus software
Windows Security Center
Serious security vulnerabilities were detected on this computer. Your privacy and personal data may be unsafe. Do you want to protect your PC?
The safest thing for your PC is for you to ignore these errors and get back to deleting AV Protection Online with a robust anti-malware application, since following their advice risks causing additional harm to your computer.
AV Protection Online Automatic Detection Tool (Recommended)
Is your PC infected with AV Protection Online? To safely & quickly detect AV Protection Online, we highly recommend you run the malware scanner listed below.
Download SpyHunter's* Malware Scanner to detect AV Protection Online
What happens if AV Protection Online does not let you open SpyHunter or blocks the Internet?
Visual & GUI Characteristics
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read
the tutorials on how to find malware,
kill unwanted processes,
remove malicious DLLs and
delete other harmful files. Always be
sure to back up your PC before making any changes.
- The following files were created in the system:
# File Name Detection Count 1 %AppData%\ svhostu.exe 396 2 %WINDIR%\ system32\ atxP0ycS1b3n4.exe 337 3 %Documents and Settings%\[UserName]\Start Menu\Programs\AV Protection Online\AV Protection Online.lnk N/A 4 %Documents and Settings%\[UserName]\Desktop\AV Protection Online.lnk N/A 5 %Documents and Settings%\[UserName]\Local Settings\Temp\[RANDOM CHARACTERS].tmp N/A 6 %Documents and Settings%\[UserName]\Application Data\ldr.ini N/A 7 %Documents and Settings%\[UserName]\Application Data\[RANDOM CHARACTERS]\ N/A 8 %Documents and Settings%\[UserName]\Start Menu\Programs\AV Protection Online\ N/A 9 %Windows%\system32\[RANDOM CHARACTERS].exe N/A 10 %AppData%\dvS2obF4pGsJdKg\AV Protection Online.ico N/A
Registry Modifications
Tutorial: To edit and delete registry entries manually, read the tutorial on
how to remove malicious registry entries.
Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyEnable=00000001?HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer=http=127.0.0.1:53717"HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections "DefaultConnectionSettings=3C0000000B0000000…"HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections "SavedLegacySettings=3C0000006B0000000…”HKEY_LOCAL_MACHINE\system\CurrentControlSet\Hardware Profiles\0001\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyEnable=00000001?
Posted: October 18, 2011 | By SpywareRemove
MoreThreat Level: 10/10
(No Ratings Yet)
Loading ...Rate this article:
Detection Count: 28
Need help hope I do not have a virus!!!
Thank you very much for microsoft’s excellent service to all PC users, and for the free anti virus!