Direct-antivirus.com
Direct-antivirus.com is a malicious website, used to advertise the popular rogue anti-spyware program Antivirus System Pro. The user is redirected to this website after malicious trojans alter the browser settings. The website appears to be a warning, which convinces the user that whichever website the user has been browsing is malicious. Direct-antivirus.com will then recommend security software to continue browsing safely. Do not trust this website and remove Antivirus System PRO immediately.
File System Modifications
- The following files were created in the system:
# File Name 1 %ProgramFiles%\Antivirus System PRO\conf.cfg 2 %ProgramFiles%\Antivirus System PRO\mbase.vdb 3 %ProgramFiles%\Antivirus System PRO\quarantine.vdb 4 %ProgramFiles%\Antivirus System PRO\queue.vdb 5 c:\WINDOWS\system32\iehelper.dll
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\AvScanHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “system tool”HKEY_LOCAL_MACHINE\SOFTWARE\Antivirus System PROHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BAD4551D-9B24-42cb-9BCD-818CA2DA7B63}HKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOT\CLSID\{BAD4551D-9B24-42cb-9BCD-818CA2DA7B63}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “Antivirus System PRO”HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad “ieModule”HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}Antivirus System PRO
The change from McAfee to Symantec has been a total nightmare. Never had any problem on any of my computers with McAfee but after installing Symantec lost internet connectivity on one computer, continued hangs and freezes on another, and so on. Literally spent most of yesterday with Comcast Symantec tech support with their remote connections via Logmein trying to fix things and still there are problems. I am in the process today of taking Symantec off all the computers and going back to paid McAfee which was totally trouble free for years. This brings back all the bad memories from the distant past when I tried Symantec/Norton Security software before.