Everscan4.info
Everscan4.info is a web browser hijacker sponsoring the rogue anti-spyware program called Internet Antivirus Pro. It performs this honorable duty by infecting your PC with a backdoor trojan that modifies your browser settings in order to divert your web-surfing activities to the Everscan4.info webpage. Here your system is scanned by a false online scanner, that reports various infections on your computer - also fake. Once you are frightened or intimidated enough by all of these fictitious warning alert notifications, you are persuaded to purchase and install Internet Antivirus Pro - an application that does not assist your PC whatsoever.
File System Modifications
- The following files were created in the system:
# File Name 1 %APPDATA%\Microsoft\Windows\winlogon.exe 2 %LOCAL APPDATA%\Microsoft\Internet Explorer\iv.exe 3 %LOCAL APPDATA%\Microsoft\Windows\services.exe 4 %Program Files%\Internet Antivirus Pro\iapro.exe 5 iainstall.exe 6 iapro.exe 7 install.exe 8 InternetAntivirusPro.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Internet Antivirus ProHKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\Explorer\run "iv":HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Run "Internet Antivirus Pro"HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Runonce "3p_udec_ia"
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.