Home Malware Programs Rogue Anti-Virus Programs Antivirus XP Pro

Antivirus XP Pro

Posted: January 19, 2009

Antivirus XP Pro, also known as AntivirusXP, Antivirus XP, Antivirus XP 2008 or Antivirus XP Pro 2009, is a rogue anti-spyware application that is known to display several fake results during an automatic scan of your system. Antivirus XP Pro may be a newer version of Antivirus 2009, which is another fake anti-spyware application. It is possible that Antivirus XP Pro is automatically downloaded and installed from a Trojan infection that comes from a fake video codec download.

Antivirus XP Pro, once installed, loads at startup of Windows. While Antivirus XP Pro is running it will display repeated security alerts from the Windows taskbar. The messages usually state that your computer has a security risk. If the alerts are clicked on, it will initiate a system scan. Antivirus XP Pro forces computer users into purchasing a full version making them think that it will remove the parasites that Antivirus XP Pro finds during its system scan. Technically, Antivirus XP Pro is unable to detect or remove any type of legitimate computer parasite. Therefore, it is recommended that Antivirus XP Pro be removed.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\AntivirusXP.lnk
    2 %UserProfile%\Desktop\AntivirusXP.lnk
    3 %UserProfile%\Start Menu\Programs\AntivirusXP
    4 %UserProfile%\Start Menu\Programs\AntivirusXP\AntivirusXP.lnk
    5 c:\Program Files\AntivirusXP
    6 c:\Program Files\AntivirusXP\AntivirusXP.exe
    7 c:\Program Files\AntivirusXP\Infected
    8 c:\Program Files\AntivirusXP\Suspicious

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\AntivirusXPHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "AntivirusXP.exe"

Related Posts

One Comment

  • Trey says:

    Also, whenever I tried getting on iexplorer, it kept booting me off. So before you download this, pull up he Windows Task Manager, go processes, and make sure this is ended: av.exe... That i the virus's code in the WTM.

Loading...