« Internet Antivirus
MS Antivirus 2008 »

AntiVir64

No Comments
GoldSparrow By GoldSparrow in Rogue Anti-Spyware Program | 102 views
Rate it:
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...

AntiVir64 Description

 
 
Image Screenshot
[+] Click Image to Enlarge
 
 

Antivir64 or Antivir 64, is a rogue anti-spyware program and clone of Power Antivirus 2009 and Antispyware2008. Antivir64 may have been installed by a Trojan (Zlob, Vundo or Downloader) found on fake video codec downloads. Once the Trojan is installed, it may generate imaginary system notifications stating that the user’s computer is infected with spyware. In order to remove the imaginary infections, Antivir64 will offer Antivir64’s full version of the program. Antivir64’s rogue messages may redirect the user to Antivir64’s website (scanner.antivir64.com) to further download the full Antivir64 program. Antivir64 may also use its fake system scan to emulate a computer system scan and generate erroneous scan results.

Type: Rogue AntiSpyware Programs

How Can You Detect AntiVir64?

 
 

Download SpyHunter’s Detection Scanner
to Detect AntiVir64.

 
 

AntiVir64 Technical Report

As new AntiVir64 details are reported by our customers and findings from our Threat Research Center, we will update this section.

The following AntiVir64 files with its MD5s were created in the system:

File Name File Size MD5
Install[1].exe 796152 fb6a1411915cc9be1699de0d140a43db
Antivir64.exe 700408 5edadf1f77f67d9f570301df1cec0310
Antivir64.exe 1530880 bf8694a9c4e59b2801b0b4c2cfe6ac22

AntiVir64 Video Demo

Click on the “How AntiVir64 Infects Your Computer” video to see a AntiVir64 infection in action! See through the eyes of an unsuspecting Internet user while him/her is being victimized by AntiVir64.

At the end of this video, there’s a link to download SpyHunter’s Free Spyware Scanner. SpyHunter’s Free Spyware Scanner is for detection purposes only. To remove AntiVir64, you must purchase SpyHunter’s full version.

Tip: Turn your sound ON and watch the video in Full Screen mode to fully experience how AntiVir64 infects a computer. The video contains clickable buttons.

AntiVir64 has typically the following processes in memory:

  • Antivir64.exe
  • c:\Program Files\Antivir64\Uninstall.exe
  • c:\Program Files\Antivir64\Antivir64.exe

AntiVir64 created the following directories, files, paths:

  • %AppData%\Antivir64
  • %ProgramFiles%\Antivir64

AntiVir64 creates the following registry entries:

  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Antivir64″

Important Article Disclaimer

ESG Support Center

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Furl
  • StumbleUpon
  • Technorati
  • YahooMyWeb
This entry was posted on 08/18/08 and is filed under Rogue Anti-Spyware Program. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Comment

Note: Abusive comments are not allowed. Please do not post comments regarding technical support issues. ESG customers that have issues with SpyHunter should open a customer support ticket.

*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word

Top Malware

Recommended Products

Featured Videos

Poll

How much money have you spent trying to rid your PC of spyware?
View Results

Recent Articles

Top FAQs


Archives

Home Sitemap RSS Feed Privacy Policy End User License Agreement Copyright 2003-2010. Enigma Software Group USA, LLC. All Rights Reserved.