Christian Mairoll 237 Posted September 24, 2010 Report Share Posted September 24, 2010 The Emsisoft malware research team has discoverd a new outbreak of the Antivirus IS adware. Emsisoft Anti-Malware detects this malware as Adware.Win32.AntivirusIS. Antivirus IS is a rogue security program, this is a new variant from Security Suite, AV Security Suite, Antivirus Suite, and Antivirus Soft. A rogue application tries to trick you by displaying false positive/misleading scan results report, which says that your computer is infected with viruses or trojan, but you will not be able to delete them before you purchase. Create new file: %UserProfile%Local SettingsApplication Data%random%%random%.exe Create/modify registry entries: HKEY_CURRENT_USERsoftwareMicrosoftInternet ExplorerDownload(DWORD) RunInvalidSignatures = 0×00000001 (1) HKEY_CURRENT_USERsoftwareMicrosoftWindowsCurrentVersionPoliciesAssociations(SZ) LowRiskFileTypes = .exe HKEY_CURRENT_USERsoftwareMicrosoftWindowsCurrentVersionPoliciesAttachments(DWORD) SaveZoneInformation = 0×00000001 (1) HKEY_CURRENT_USERsoftwareMicrosoftWindowsCurrentVersionRun(SZ) %random% = %UserProfile%Local SettingsApplication Data%random%%random%.exe HKEY_CURRENT_USERsoftwareMicrosoftInternet ExplorerDownload(SZ) CheckExeSignatures = no Screenshots: How to remove the infection of Antivirus IS (Adware.Win32.AntivirusIS)? To delete this malware infection, please download and install Emsisoft Anti-Malware. Run a full scan on all drives and move all detected items to the quarantine. Related Posts: Antivirus Suite Adware Removal Instructions AV Security Suite Adware Removal Instructions Antivir Solution Pro Adware Removal Instructions Antivirus Soft Adware Removal Instructions AVDefender 2011 Adware Removal Instructions View the full article Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.