The Emsisoft malware research team has discoverd a new outbreak of the Antivir Solution Pro adware. Emsisoft Anti-Malware detects this malware as Adware.Win32.AntivirSolutionPro.
Antivir Solution Pro is a rogue security program, this is a new variant from AVSecuritySuite, Antivirus Suite, and Antivirus Soft. A rogue application tries to trick you by displaying false positive/misleading scan results report, which says that your computer is infected with viruses or trojan, but you will not be able to delete them before you purchase.
Create new file:
- %UserProfile%\Local Settings\Application Data\%random%\%random%.exe
Create new registry entries:
- HKEY_LOCAL_MACHINE\software\AVSolution
- HKEY_LOCAL_MACHINE\software\AVSuitE
- HKEY_CURRENT_USER\software\AVSolution
- HKEY_CURRENT_USER\software\AVSuitE
- HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Run, “%random%”
- HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Run, “%random%”
- HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Internet Settings
ProxyServer = http=127.0.0.1:5643
ProxyOverride = <local> - HKEY_CURRENT_USER\software\Microsoft\Internet Explorer\PhishingFilter
EnabledV8 = 0×00000000 (0)
Enabled = 0×00000000 (0)
Screenshots:
How to remove the infection of Antivir Solution Pro (Adware.Win32.Antivir Solution Pro)?
To delete this malware infection, please download and install Emsisoft Anti-Malware. Run a full scan on all drives and move all detected items to the quarantine.
