Antivir Pro
Antivir Pro (or AntivirPro) is a rogue security program which spreads via the Internet by using Trojans and fake online security websites. AntivirPro is installed on victim computers without the user's approval. It will secretly enter the system before modifying settings and registry entries to have itself run whenever Windows is operating. Once active, computer users may experience constant security alert pop-ups advertising Antivir Pro. Antivir Pro runs its own virus scan which detects false threats on the computer to mislead users into getting the licensed version of this useless program. AntivirPro poses a huge security threat to PC safety and should be terminated immediately.
File System Modifications
- The following files were created in the system:
# File Name 1 %UserProfile%\Desktop\Antivir Pro.lnk 2 %UserProfile%\Local Settings\Application Data\[random]\[random].exe 3 %UserProfile%\Local Settings\Application Data\[random]\[random]tssd.exe 4 AntivirPro.exe 5 C:\Program Files\Antivir Pro
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AntivirPro.exe HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies \System\DisableTaskMgrHKEY_CURRENT_USER\Software\Antivir ProHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}AntivirPro
I ran a scan on my PC but when attempting to register in order to have the 381 infected files repaired, nothing happens... I clicked "register" ... don't know what else I can do.