AntivirSolution
AntivirSolution aka Antivir Solution is a rogue anti-virus from the same family as Antivir Solution Pro. On infiltrating a system, AntivirSolution will fabricate numerous security alerts and warnings in order to scare a victim into purchasing it as a remedy. Antivir Solution may also redirect a victim's browser to malicious websites that further promote the rogueware. AntivirSolution is a useless application that can neither detect nor remove legitimate computer threats.
File System Details
AntivirSolution may create the following file(s):
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | HKEY_LOCAL_MACHINE\SOFTWARE\AVSolution | |
| 2. | HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyOverride" = "" | |
| 3. | HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "" | |
| 4. | HKEY_CURRENT_USER\Software\AVSuitE | |
| 5. | HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PhishingFilter "Enabled" = "0" | |
| 6. | HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyEnable" = "1" | |
| 7. | HKEY_CURRENT_USER\Software\AVSolution | |
| 8. | HKEY_LOCAL_MACHINE\SOFTWARE\AVSuitE | |
| 9. | HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = "http=127.0.0.1:5643" | |
| 10. | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "" |
Registry Details
AntivirSolution may create the following registry entry or registry entries:
[HKEY_CLASSES_ROOT\.exe\shell\open\command]
[-HKEY_CLASSES_ROOT\secfile]
[HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command]
"Content Type"="application/x-msdownload"
[HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command]
[HKEY_CLASSES_ROOT\.exe]@="exefile"
