Antivirzilla.com

Antivirzilla.com Description

Antivirzilla.com or Antivirzilla.net is a misleading website that is typically encountered by users infected with Virus Protector. Antivirzilla.com is inserted into a victim's Hosts file by Trojans, thus causing the victim's browser to be frequently redirected to the harmful website. Antivirzilla.com prompts users to purchase the full version of Virus Protector which is a useless application. Users should avoid Antivirzilla.com and never purchase anything on this website.

Technical Information

File System Details

Antivirzilla.com creates the following file(s):
# File Name Detection Count
1 %Documents and Settings%\[UserName]\Local Settings\Temp\[random].exe N/A
2 %Program Files%\Internet Explorer\[random].dll N/A
3 %WINDOWS%\system32\[random].exe N/A
4 %WINDOWS%\system32\drivers\[random].dll N/A
5 %Documents and Settings%\[UserName]\Application Data\[random].dll N/A
6 %Program Files%\Internet Explorer\[random].exe N/A
7 %WINDOWS%\[random].dll N/A
8 %WINDOWS%\system32\drivers\[random].exe N/A
9 %Documents and Settings%\[UserName]\Application Data\[random].exe N/A
10 %Documents and Settings%\[UserName]\Local Settings\Temp\[random].dll N/A
11 %WINDOWS%\[random].exe N/A
12 %WINDOWS%\system32\[random].dll N/A

Registry Details

Antivirzilla.com creates the following registry entry or registry entries:
Registry key
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows "AppInit_DLLs" = "[random].dll"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows "LoadAppInit_DLLs" = "1"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Virus Protector"