Antivirus Center
Posted: April 30, 2011
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 10/10 |
|---|---|
| Infected PCs: | 803 |
| First Seen: | May 4, 2011 |
|---|---|
| Last Seen: | June 13, 2023 |
| OS(es) Affected: | Windows |
Antivirus Center is a rogue anti-virus scanner that pretends to find infections on your computer to persuade you to spend money on a key for Antivirus Center's full version. Antivirus Center can't detect any real infections and only has the ability to create false positives that hinder your computer use. In addition to accusing uninfected files of being infected, Antivirus Center may also stop applications from running or exert control over your web browser. When done properly with the help of suitable anti-malware tools, removing Antivirus Center will cure all of these problems and restore your PC to perfect health.
Antivirus Center: All 'Anti' and No 'Antivirus'
Even in the opening stages of attacking your PC, Antivirus Center uses disguises to get into position. Trojans that distribute Antivirus Center are known to fake the appearance of a Microsoft Security Center alert. This fake warning popup will announce that your PC is infected and that you should 'Activate Protection' by downloading anti-malware software to fix the issue.
Antivirus Center isn't the only possible rogue program you may receive on your PC. Antivirus Center, a member of the WinWeb Security family is also related to rogue anti-virus programs like Antivirus Security, System Security, AntiSpyware Pro 2009, Total Security, Total Security 2009, Security Tool, Trojan.RogueAV.a.gen, System Adware Scanner 2010, FakeAlert-KW.e, Advanced Security Tool 2010, System Tool 2011, MS Removal Tool, Security Shield, Personal Shield Pro, Advanced PC Shield 2012, Security Sphere 2012 and Futurro Antivirus. To avoid being infected by Antivirus Center or one of its relatives, only download software updates and new anti-virus programs through official and trusted sources.
You can see some of the fake errors that are used to install Antivirus Center below:
Security Center
Unauthorized remote connection!
Your system is making an unauthorized personal data transfer to a remote computer!
Warning! Unauthorized personal data transfer is detected! It may be your personal credit card details, logins and passwords, browsing habits or information about files you have downloaded.
To protect your private data, please click "Prevent Connection" button below.
Security Center Alert
To help protect your computer, Security Center has blocked some features of this program.
Name: Screen.Grab.J.exe
Risk: High
Antivirus Center has no ability to detect viruses or other infections on your PC, but that won't stop it from creating its own fake warning messages, in addition to the ones you previously saw. Avoid acting on Antivirus Center's recommendations for curing these infections, since it can cause serious harm to your computer.
What You Can Do to Snatch Your Computer Back from Antivirus Center
Some versions of Antivirus Center may also engage in more dangerous attacks on your computer such as causing programs to crash or hijacking your web browser and forcing it to dangerous websites. There are steps you can take to prevent Antivirus Center from launching in the first place, which will put you in a good position to remove Antivirus Center:
- Switch to Safe Mode, which can be accessed in any computer with Windows by hitting F8 while the system loads. Safe Mode stops all unnecessary processes, like Antivirus Center, from running by default. Alternately, if you have a second operating system installed, you can simply reboot into that.
- Now that Antivirus Center is temporarily disabled, deleting Antivirus Center should prove no hard task. However, it's suggested that you use appropriate anti-malware programs instead of trying to do this yourself.
- If you still find that infections are blocking your attempts to download or launch applications, consider renaming the files temporarily to generic names like 'iexplore.exe.' This will break past most filters on rogue programs like Antivirus Center.
File System Modifications
- The following files were created in the system:
# File Name 1 %AllUsersProfile%\Application Data\[RANDOM CHARACTERS].dat 2 %AllUsersProfile%\Application Data\[RANDOM CHARACTERS].ico 3 %Temp%\ins2.tmp 4 %Temp%\mv3.tmp 5 %Temp%\wrk4.tmp 6 %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus Center.lnk 7 %UserProfile%\Desktop\Antivirus Center.lnk 8 C:\Documents and Settings\All Users\Application Data\[RANDOM CHARACTERS].avi 9 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\[RANDOM CHARACTERS].lnk
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “[RANDOM CHARACTERS]“HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{[RANDOM CHARACTERS]}HKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOT\CLSID\{[RANDOM CHARACTERS]}HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List “C:\WINDOWS\system32\rundll32.exe” = 'C:\WINDOWS\system32\rundll32.exe:*:Enabled:Antivirus Center'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | [RANDOM CHARACTERS]
Additional Information on Antivirus Center
- The following messages's were detected:
# Message 1 Antivirus Center Firewall Alert
Suspicious activity in your registry system space was detected. Rogue malware detected in your system. Data leaks and system damage are possible. Please use a deep scan option.2 Antivirus Center
Spyware.IEMonster process is found. The virus is going to send your passwords from Internet browser (Explorer, Mozilla Firefox, Outlook & others) to the third-parties. Click here for further protection of your data with Antivirus Center.
Technical Details
Registry Modifications
Regexp file mask%ALLUSERSPROFILE%\[RANDOM CHARACTERS]-[RANDOM CHARACTERS]-[RANDOM CHARACTERS]-[RANDOM CHARACTERS]-[RANDOM CHARACTERS].dat%ALLUSERSPROFILE%\[RANDOM CHARACTERS]-[RANDOM CHARACTERS]-[RANDOM CHARACTERS]-[RANDOM CHARACTERS]-[RANDOM CHARACTERS]_.mkv%ALLUSERSPROFILE%\[RANDOM CHARACTERS]-[RANDOM CHARACTERS]-[RANDOM CHARACTERS]-[RANDOM CHARACTERS]-[RANDOM CHARACTERS]_[RANDOM CHARACTERS].avi
Just use a anti-malware program via google and it will be fixed. Many thanks
all my dis is out of date