Winwarepro.microsoft.com
Winwarepro.microsoft.com is an untrustworthy webpage that informs victims that they were previously browsing a malicious website. The victim will then be recommended to purchase the rogue anti-spyware program Antivirus System PRO, in order to proceed safely. Users will only encounter Winwarepro.microsoft.com if they have been infected by browser modifying Trojans, connected to Antivirus System PRO. Winwarepro.microsoft.com cannot be trusted and Antivirus System PRO should be removed immediately.
File System Details
Winwarepro.microsoft.com may create the following file(s):
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | iehelper.dll | |
| 2. | c:\WINDOWS\sysguard.exe | |
| 3. | %ProgramFiles%\Antivirus System PRO\uninstall.exe | |
| 4. | %ProgramFiles%\Antivirus System PRO\Antivirussystempro.exe |
Registry Details
Winwarepro.microsoft.com may create the following registry entry or registry entries:
HKEY_LOCAL_MACHINE\SOFTWARE\Antivirus System PRO
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad “ieModule”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BAD4551D-9B24-42cb-9BCD-818CA2DA7B63}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “Antivirus System PRO”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “system tool”
HKEY_CLASSES_ROOT\CLSID\{BAD4551D-9B24-42cb-9BCD-818CA2DA7B63}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Antivirus System PRO
HKEY_CURRENT_USER\Software\AvScan
