AdWare Pro 2007
AdWare Pro 2007 is a fake anti-spyware program that uses fake system messages as a scare tactic. AdWare Pro 2007 is a clone of Antivirus 2008, Vista Antivirus 2008 and Antivir64. AdWare Pro 2007 is often downloaded and installed by a Trojan, through browser security holes, or via other unconventional and unethical mechanisms.
AdWare Pro 2007 attempts to get computer users to believe that they must purchase the full version of AdWare Pro 2007 to "fix" their computer. AdWare Pro 2007 may come from a Trojan infection or a malicious website. AdWare Pro 2007 may be difficult to manually remove in some cases.
File System Modifications
- The following files were created in the system:
# File Name 1 %ProgramFiles%\AdwarePro\AdwareProv7.exe 2 %ProgramFiles%\AdwarePro\Launcher.exe 3 %ProgramFiles%\AdwarePro\unins000.dat 4 %ProgramFiles%\AdwarePro\unins000.exe 5 %ProgramFiles%\AdwarePro\www.adwarepro[1] 6 %UserProfile%\Application Data\'AdwarePro'\DataBase.ref 7 %UserProfile%\Application Data\'AdwarePro'\Log\log_2008_01_04_16_06_44.log 8 %UserProfile%\Application Data\'AdwarePro'\Log\log_2008_01_04_16_06_45.log 9 %UserProfile%\Application Data\'AdwarePro'\Registry Backups 10 %UserProfile%\Application Data\'AdwarePro'\Settings\CustomScan.stg 11 %UserProfile%\Application Data\'AdwarePro'\Settings\IgnoreList.stg 12 %UserProfile%\Application Data\'AdwarePro'\Settings\ScanInfo.stg 13 %UserProfile%\Application Data\'AdwarePro'\Settings\SelectedFolders.stg 14 %UserProfile%\Application Data\'AdwarePro'\Settings\Settings.stg 15 %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\AdwarePro.lnk 16 %Windir%\Tasks\'AdwarePro' Scheduled Scan.job 17 C:\Documents and Settings\All Users\Desktop\AdwarePro.lnk 18 C:\Documents and Settings\All Users\Start Menu\Programs\AdwarePro\AdwarePro on the Web.url 19 C:\Documents and Settings\All Users\Start Menu\Programs\AdwarePro\AdwarePro.lnk 20 C:\Documents and Settings\All Users\Start Menu\Programs\AdwarePro\Uninstall AdwarePro.lnk
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\'AdwarePro'HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\"'AdwarePro'" = "%ProgramFiles%\AdwarePro\'AdwarePro'.exe - boot"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\"'AdwarePro'" = "%ProgramFiles%\AdwarePro\'AdwarePro'.exe - boot"HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}AdwarePro_is1
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.