AV Protection 2011

By | November 19, 2011 | 0 Comment

AV Protection 2011 is a security application conceptualized to steal money from naïve computer owners. It may not directly solicit from the end-user but its behavior leads to fraudulent acts that fall in the same manner.

Trojans are the primary instruments to spread AV Protection 2011 to every computers linked via the Internet. The malware comes uninvited masquerading as useful applications or upgrades to a popular program. In some instances, Trojans may alter configuration of Internet browser that instigate every requested page to be redirected to unknown web sites. Additionally, AV Protection 2011 barred the compromised unit from visiting web sites that are security-related.

This harmful application is destined to be more detrimental than its previous version called System Security 2011. Once AV Protection 2011 enters the computer, it focuses on delivering deceiving pop-up alert and messages. It pours an effort to entice users to purchase the registered version of the program in an unlikely pattern.

AV Protection 2011 not only works to endorse itself through various ambiguous attempts. It also ensures protection to keep its presence on the computer. It easily pinpoints tools and software that can endanger AV Protection 2011 occurrences and terminates essential processes to halt its operation. During this period, computer is left helpless and unusable.

To help you resolve this issue, we come up with simple solution to remove AV Protection 2011. All you need to do is carefully follow the step-by-step guide to eliminate the threat.

Type Rogue
Sub-Type FakeAV
Systems Affected Windows

Symptoms

When AV Protection 2011 is installed on the computer, it will commence a virus scan that produces a number of infected items. It requires you to remove these threats by purchasing the activation code first.

AV Protection 2011 Scanner

The rogue program also reveals a number of security risks and infected documents or programs. These fake alerts may contain the following messgaes:

Security Software has found infected documents or programs.
You can lose your personal data and infect other network computers.

Items Detected Alert

Security Warning!
The file “filename.exe” is infected.
Running of application is impossible.
Please activate your antivirus software.

Fake Security Warning

Security Warning
Malicious programs that may steal your private information and prevent your system from working properly are detected on your computer. Click here to clean your PC immediately.

Fake Detection

Other Detection Name for AV Protection 2011

AntiVir TR/Offend.KD.413539
BitDefender Trojan.Generic.KD.413539
ClamAV Trojan.Win32.Heur.Gen
DrWeb Trojan.DownLoader5.16195
Emsisoft Trojan.Win32.FakeAV!IK
Kaspersky Trojan-FakeAV.Win32.OpenCloud.i
MalwareBytes Anti-Malware Trojan.FakeAlert.CLGen
McAfee Artemis!3CA46F40D191
Panda Trj/CI.A

System Changes

The malware will load using the process:
av protection 2011v121.exe

Malicious files created by AV Protection 2011 are the following:
c:\Users\im-infected\AppData\Roaming\ldr.ini
c:\Users\im-infected\AppData\Roaming\dwme.exe
c:\Users\im-infected\AppData\Roaming\ol9htxqjueiroy\av protection 2011v121.exe
c:\Users\im-infected\AppData\Roaming\microsoft\C91F\BCB.exe

AV Protection 2011 will create the following registry entries:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Y9jOP6bZTkTyMNS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Load
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\B5aQH6dWKfLgXjC8234A
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\BCB.exe

Leave a Reply

Your email address will not be published. Required fields are marked *