Sotrshop.com

Posted: February 21, 2011

Sotrshop.com Description

Sotrshop.com is a promotional website for the dangerous rogue security product AntiVira Av. In addition to promoting an illegal and harmful program, Sotrshop.com may also attempt to install malware on your system without your permission. Information given to Sotrshop.com is as good as given to criminals, and any attempt to purchase Sotrshop.com products will be met with exploitation. Steer far from the Sotrshop.com website, and if your browser redirects to Sotrshop.com, enact appropriate security scans to catch hijacker that's probably hiding on your computer.

AntiVira Av – Sotrshop.com's Partner in Crime

Sotrshop.com's flagship product, AntiVira Av, is purely a threat of the worst order. Though AntiVira Av may initially fool computer users with polished looks, even a casual analysis of AntiVira Av's behavior indicates it as a real danger to your computer.

  • AntiVira Av can't detect or remove infections from your system. Instead of doing this, AntiVira Av will spawn corrupt files to fake the existence of other infections, and then accuse these files of various kinds of attacks and damage. The threatening messages and scan results will not stop until AntiVira Av itself is stopped – by completely deleting it.
  • The AntiVira Av malware will also close programs you try to run that actually have the ability to isolate and exterminate infections. Error messages generated in this case are just another kind of smokescreen; because of this behavior, AntiVira Av is best deleted when you've prevented it from running at all.
  • While AntiVira Av is on your computer, your web browser will be redirected towards Sotrshop.com. This is often done through altering your search results, but even your homepage may be violated and set to Sotrshop.com regardless of how many times you change it back to your old one. All warning messages and advertisements that block normally safe sites are to be viewed with great distrust, since they're likely to be just more hijacking attempts with a more elegant disguise.

The Danger of Sotrshop.com Itself to Your Computer

Computer users who are sure that AntiVira Av isn't on their machine may still be at risk from Sotrshop.com. Even a brief contact with the Sotrshop.com domain can result in Trojans and other infections slinking onto your system with nary a warning. Prolonged interaction, of course, only increases this risk! Having extremely defensive browser and security settings will usually keep your computer safe during casual contact with malicious domains. The catch is that many legitimate websites require enabling certain settings, such as JavaScript or plugins, which can then be abused by dangerous sites like Sotrshop.com. Therefore, keeping far from the site entirely is your best protection.

If you've already given information or money to Sotrshop.com, don't despair immediately. In many cases, a well-reasoned conversation with your credit card company will allow you to cancel any charges made for a fraudulent product. Be aware of the potential danger of unwanted charges and identity theft; however, Sotrshop.com may look like a professional site, but the pros behind Sotrshop.com's wheel are the hackers with no regard for the law.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 %Temp%\[RANDOM CHARACTERS]\
    2 %Temp%\[random]\[RANDOM CHARACTERS].exe

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PhishingFilter "Enabled" = "0?HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyOverride" = ""HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer"= “http=127.0.0.1:33921?HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “ProxyEnable” = "1?HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[RANDOM CHARACTERS].exe"HKEY_CURRENT_USER\Software\[RANDOM CHARACTERS]

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Sotrshop.com may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.