The Emsisoft malware research team has discovered a new outbreak of the Antivirii 2011. Emsisoft Anti-Malware detects this malware as Rogue.Win32.Antivirii2011.

Antivirii 2011 is a rogue application. A rogue application tries to trick you by displaying false positive or misleading scan results report, which says that your computer has a problem, or infected with viruses or trojan, but you will not be able to fix it before you purchase.

Create new files:

• %SystemRoot%\llwzhxdd.exe
• %SystemRoot%\antivirii.exe

Create new registry entries:

• HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Run\
  Security = %SystemRoot%\llwzhxdd.exe

• HKEY_LOCAL_MACHINE\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe\
  Debugger = C:\xhergjui.exe

Screenshots:

How to remove the infection of Antivirii 2011 (Rogue.Win32.Antivirii2011)?

To delete this malware infection, please download and install Emsisoft Anti-Malware. Run a full scan on all drives and move all detected items to the quarantine.

The Emsisoft malware research team has discoverd a new outbreak of the Smart Defragmenter adware. Emsisoft Anti-Malware detects this malware as Adware.Win32.SmartDefragmenter.

Smart Defragmenter is a rogue application, this is another variant of HDD Defragmenter, and System Defragmenter. A rogue application tries to trick you by displaying false positive/misleading scan results report, which says that your computer has a problem, or infected with viruses or trojan, but you will not be able to fix it before you purchase.

Create new files:

• %UserProfile%\Desktop\Smart Defragmenter.lnk
• %UserProfile%\Local Settings\Temp\%random%.bmp
• %UserProfile%\Local Settings\Temp\%random%.exe
• %UserProfile%\Local Settings\Temp\%random%
• %UserProfile%\Start Menu\Programs\Smart Defragmenter\
• %UserProfile%\Start Menu\Programs\Smart Defragmenter\Smart Defragmenter.lnk
• %UserProfile%\Start Menu\Programs\Smart Defragmenter\Uninstall Smart Defragmenter.lnk

Create new registry entry:

• HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
  (String) %random% = %UserProfile%\Local Settings\Temp\%random%.exe

Screenshots:

How to remove the infection of Smart Defragmenter (Adware.Win32.SmartDefragmenter)?

To delete this malware infection, please download and install Emsisoft Anti-Malware. Run a full scan on all drives and move all detected items to the quarantine.

The Emsisoft malware research team has discoverd a new outbreak of the Antivir Solution Pro adware. Emsisoft Anti-Malware detects this malware as Adware.Win32.AntivirSolutionPro.

Antivir Solution Pro is a rogue security program, this is a new variant from AVSecuritySuite, Antivirus Suite, and Antivirus Soft. A rogue application tries to trick you by displaying false positive/misleading scan results report, which says that your computer is infected with viruses or trojan, but you will not be able to delete them before you purchase.

Create new file:

• %UserProfile%\Local Settings\Application Data\%random%\%random%.exe

Create new registry entries:

• HKEY_LOCAL_MACHINE\software\AVSolution
• HKEY_LOCAL_MACHINE\software\AVSuitE
• HKEY_CURRENT_USER\software\AVSolution
• HKEY_CURRENT_USER\software\AVSuitE
• HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Run, “%random%”
• HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Run, “%random%”
• HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Internet Settings
  ProxyServer = http=127.0.0.1:5643
  ProxyOverride = <local>
• HKEY_CURRENT_USER\software\Microsoft\Internet Explorer\PhishingFilter
  EnabledV8 = 0×00000000 (0)
  Enabled = 0×00000000 (0)

Screenshots:

How to remove the infection of Antivir Solution Pro (Adware.Win32.Antivir Solution Pro)?

To delete this malware infection, please download and install Emsisoft Anti-Malware. Run a full scan on all drives and move all detected items to the quarantine.