Sunday, March 6, 2011

Remove Antivirus Monitor virus

Antivirus Monitor is a new fake antivirus software. The misleading application is a clone of Antivirus Scan malware. This malware reports false infections and displays a lot of fake security alerts in order to trick you into purchasing its so-called full version.


HijackThis shows Antivirus Monitor infection:

O4 – HKCU\..\Run: [{RANDOM}] %Temp%\{RANDOM}\{RANDOM}.exe

What Antivirus Monitor does

Antivirus Monitor is distributed through the use of trojans that come from various misleading websites. When the trojan is started, it will install this malware. On first run, AntivirusMonitor will configure itself to start automatically when Windows loads. Next, the fake antivirus will simulate a system scan and list a lot of false infections that actually does not exist!

Screen shoot of Antivirus Monitor


Antivirus Monitor will state that your computer is infected with adware, trojans, worms or malware with one purpose - to scare you into thinking that your PC in danger. Obviously, such results are a fraud, so you can freely ignore them.

While Antivirus Monitor is running, it will flood your computer with fake security alert and notifications from Windows task bar. Moreover, the rogue will disable Task Manager and hijack Internet Explorer so, that it will display a misleading notification that states - "Internet Explorer Warning – visiting this web site may harm your computer!". Of course, all of these alerts and messages are a fake and like false scan results should be ignored.

Remember, AntivirusMonitor is absolutely useless and what is more, even dangerous software. Most importantly, do not purchase it. Instead, please use the Antivirus Monitor virus removal guide in order to remove this malware from your computer for free.

Antivirus Monitor associated files and registry keys:
%Temp%\[RANDOM]\
%Temp%\[RANDOM]\[RANDOM].exe

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PhishingFilter | “Enabled” = “0″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings | “ProxyOverride” = “”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings | “ProxyServer” = “http=127.0.0.1:32115″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings | “ProxyEnable” = “1″
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | [RANDOM]
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | [RANDOM]

No comments:

Post a Comment