Title: Antivirus Security Pro
Also known as: AntivirusSecurityPro

Remove Antivirus Security Pro
Removal instructions

 
Severity scale:Antivirus Security Pro severity is 99  (99 / 100)
 

Antivirus Security Pro is a rogue anti-spyware, which belongs to WinWebSec. This program looks just like Attentive AntivirusLive Security PlatinumAVASoft Professional Antivirus and other threats that also hail from this group. However, the new thing about it is that it comes with a digitally-signed installer, which should ensure the trustworthiness of the program. Most likely, it was stolen. Once Antivirus Security Pro gets inside the system, it starts its activity by showing misleading notifications that typically announce about dangerous viruses. Note that it warns its victims only about invented infections or legitimate files that should never be eliminated. That's why you can clearly ignore this application and remove it from the system. If you are interested what's the real purpose of its bogus alerts, the answer is really simple - it is designed to create a need of its licensed version. Definitely, you should never purchase it.

HOW CAN I GET INFECTED WITH Antivirus Security Pro?

Antivirus Security Pro is spread by trojan horse, which exploits security vulnerabilities. It attacks poorly protected systems, so, if you want to avoid its infiltration, you have to make sure that your machine is protected with the latest version of antivirus. Still, if this trojan manages to get inside the system, it secretly downloads files that belong to virus. After that, it modifies the system so that the rogue could start its work every time user reboots the PC. As a result, malware starts showing such alerts:

Warning! Infected file detected.
We strongly recommend activating full edition of your antivirus software for repairing threats. 

Warning! Infected file detected
Location: File SystemSuspicious activity detected in the application notepad.exe to the behavior of the virus Win32/Conficker.X. For your security and to avoid loss of data, the operation of application cmd.exe has been temporarily restricted.

You may also receive such message from this virus:

Warning! Network attack attempt detected.
To keep the computer safe, the threat must be blocked.

Please, ignore every alert that belongs to Antivirus Security Pro because this programs seeks the only thing - to get your money. As soon as you start seeing alerts that belong to this rogue, you should run a full system scan with updated anti-spyware. Also, follow a guide given below to get rid of this infection for good:

HOW TO REMOVE Antivirus Security Pro?

If your PC is infected with Antivirus Security Pro, you should immediately download SpyHunterSTOPzilla or Malwarebytes Anti Malware and run a full system scan. Don't forget to download the latest versions of these programs in order to have a full virus database.

Note that thre are many rogues that block legitimate security applications for preventing their elimination. In this case, you should reboot your machine to Safe Mode with Networking and then stop malicious processes that belong to rogue. Look for [random letters or/and numbers].exe or [protector[random characters].exe processes, stop them and run a full system scan with anti-malware. Don't forget to scan your PC in normal mode to make sure that this virus is gone!



Automatic Antivirus Security Pro removal:

It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use.
By downloading any of provided Anti-spyware software to remove Antivirus Security Pro you agree with our Privacy Policy and Agreement of Use.
SpyHunter is recommended remover to uninstall Antivirus Security Pro. You should confirm using free trial that it detects current version of parasite.

Note: Manual assistance required means that one or all of removers were unable to remove parasite without some manual intervention, please read manual removal instructions below.

If you failed to remove Antivirus Security Pro using SpyHunter, submit question to our support team and provide as much details as possible.
dot
STOPzilla
download
manual required
We are testing STOPzilla's efficiency at removing Antivirus Security Pro (2013-08-23 02:22:08)
dot
Malwarebytes Anti Malware
download
manual required
We are testing Malwarebytes Anti Malware's efficiency at removing Antivirus Security Pro (2013-08-23 02:22:08)
dot
XoftSpySE Anti Spyware
download
manual required
We are testing XoftSpySE Anti Spyware's efficiency at removing Antivirus Security Pro (2013-08-23 02:22:08)
dot
Defender Pro Ultimate
download
manual required
We are testing Defender Pro Ultimate's efficiency at removing Antivirus Security Pro (2013-08-23 02:22:08)

what to do if you failed to remove the infection?
Virus Removal
Phone Support
Help Line to remove Antivirus Security Pro
Antivirus Security Pro snapshot:
 snapshot

Antivirus Security Pro manual removal:

Kill processes:
[random].exe
Delete registry values:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "AA2014" = "%CommonAppData%\WaDprnV7\WaDprnV7.exe"
Delete files:
%CommonAppData%\[random]\
%CommonAppData%\[random]\[random]
%CommonAppData%\[random]\[random].exe
%CommonAppData%\[random]\[random].exe.manifest
%CommonAppData%\[random]\[random].ico
%CommonAppData%\[random]\[random].in
%CommonAppData%\[random]\[random].lg

Geolocation of Antivirus Security Pro:

This map reveals the prevalence of Antivirus Security Pro. Countries and regions that have been affected the most are: India, Philippines, Indonesia, Vietnam and Mexico.

QR code for Antivirus Security Pro removal instructions:

Antivirus Security Pro qrcode
QR is short for Quick Response. They can be read quickly by the mobile phones. QR codes can store more data than standard barcodes, including url links, geo coordinates, and text.

The reason we add QR code to the website is that parasites like Antivirus Security Pro are really hard to remove on infected computer. you can quicly scan the QR code with your mobile device and have manual removal instructions to uninstall Antivirus Security Pro right in your pocket.

Simply use the QR scanner and read removal instructions from mobile device.

Removal guides in other languages

Information added: 2013-12-05 01:51:54
Information updated: 2013-12-05 01:51:54

Ask us discussions:

Modern viruses are really hard to remove. They have random file names, random registry entries, they can immitale legal products and files. Removal instructions sometimes can't Help to remove infection manually. Please take a look at our discussion where users like you share they experience in fighting the parasite:

Additional resources:

Attention: If you know know a reputable website reated to security threats, please add a link here: add url

1
0
Ed Oliver
I was attempting to clean a coworkers personal computer which had been infected with this program. My personal first step doing this is to run Malwarebytes, as you recommend. As his computer could not access the internet I was installing Malwarebytes from a USB drive However, Antivirus Security Pro has apparently been "improved" and would not even allow the installer to run, claiming to have blocked a malicious program that destroys files. Also block Vipre Internet Security installer. And, at least on this machine, it automatically shut down windows as soon as it got to the desktop when booting into safe mode with networking (tried 3 times, same result every time). Finally tried RKill, and had to use three of the name variants of that, as the first two I tried were also blocked. When one finally run, though, it worked. Installed Malwarebytes, found and removed a bunch of stuff with it, including this one, then installed and ran Vipre which got rid of a couple more.
1
0
Luis
Hello, I have discovered additional routes and keys (Windows 7):
HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun (contains the random value)
HKEY_LOCAL_MACHINESoftwareMicrosoftWindows NTCurrentVersionWinlogonuserinit (reset to: C:Windowssystem32userinit.exe,)
HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftDirect3DMostRecentApplicationName (set it blank)
2
0
glynn
Maybe you should say it will cost to use this program
0
0
ROB
i was fooled by an email. i figured it got in the junk mail by accident. it as saying i had a voice message on whatsapp which i made an account but never use it. it came in .exe form and the icon was a .wav icon. idk what malwarebytes does truefully because it didnt pick it up so i ran it and here i am infected. luckily i have another laptop and blank dvds to try and remove it. right now i am using a bootable windows defender dvd i downloaded off Microsofts site. it booted and started a "quick scan" which didnt find anything. i am now running a full scan and its saying it might have found something harmful on the hard drive.

also with this threat you cant boot into safemode.however you could fool the virus and download another task manager and name it something like explorer.exe and from what i read it should allow it to open and then you kill the process install your removal software and you should be good to go.
0
0
John
It seems theyve made another improvement. Not only ca you NOT go into safe mode but RKILL shows everything as OK. RKILL runs when named iexplore.exe but finds nothing amiss.
0
0
Sabrina
Ive encountered the same as Rob and John and am still unsuccessful in removing this beast of a virus. Any suggestions how to get it off again?
Malwarebytes did find the virus, and supposedly delete it but when I started up my computer again after removal of files, nothing had changed and the virus ran first. I am unable to start my computer in any type of safe mode, the virus overrides that possibility, forcing a restart in normal mode.

So how can I get this virus off on my own or do I have to pay the professionals to do it for me?
0
0
Rob M.
I encountered the same thing as Rob and John. I saw my particular bad file was llrnhg6a.exe.manifest plus 5 others with the llrnhg6a name. I did a search to see where they were. C:Docs & SettingsAll UsersAppDatallrnhg6a. When I tried to go through command prompt, it just gave me C:Docs & SettingsOwner. It couldnt find it. So I unhid files like it said to do here. Did an explore on App Data file. Right clicked and tried to delete whichever it let me which was 2 of the 6 bad files. Then I right clicked on the .exe file (I think) and started Malware...make sure you update Malware before you start this removal. Now, this thing wont let Malware launch so you have to go into All Programs, scroll over Malware until you find the Chameleon feature. Start this...I had to go to #5 before Malware launched. After an hour, it found 15 infections...restarted...ran FULL scan again for an hour...3 infections...ran FULL scan again...0 infections. FINALLY!! I tried to find any more of the llrnhg6a in Explore App Data...there was an llrnhg6a file there but it was empty but I right clicked on it anyway and permanently deleted it with Webroot...which wasnt able to do that prior to the FULL Malware scan. MalwareBytes/Chameleon ROCKS...I might actually have to pay for Malware now since my Webroot failed me BIG TIME!! Good Luck
0
0
xDrewX
This a nasty wee infection, ultimately easily removed though, naive programming. Moderator does not permit bad language or threats but I know what I’d like to say and do to virus writers......
Many access tools are disabled by the virus, anti-virus, ‘Safe Mode’ also. Windows Explorer still functions though, turn on view hidden, system etc files. Shortcuts on the desktop obligingly reveal where the main ingredients lurk, in this case C:ProgramDatagaDrXnns. The nasty files cannot be removed or renamed because ‘In Use’. Also lurking is a batch file which reboots the system if Safe Mode is attempted. It can be renamed but is regenerated. Didn’t occur to me but perhaps altering the contents whilst leaving the file size unaltered (and maybe setting the date if you have the utility) would fool the process. Try that first.
‘Restore’ was disabled but easily switched back on, C:windowssystem32rstrui.exe. Restore points hadn’t been deleted, virus writers are unimaginative, ignorant and stooopid. Once restored to the day before infection, the directory (folder) can be removed. Then a deep boot scan (thanks Avast) followed by fragment clean up (and thanks CCleaner). Internet connection is reqd for anti-virus installations, Avast anyway, but after the main malware ingredients are removed download was fine. Best to remove other anti-virus before installing Avast (or your chosen one) because they tend to throw hissy fits at each other. Norton, even AVG, but especially McAfee which has been known to target other anti-virus as malware. Upshot is crawling performance, failed installation and sometimes BSOD. Actually it’s more difficult eradicating some anti-virus progs than this virus.
If the virus progresses beyond this primitive level one could insert a batch file to kill and delete the Safe Mode disabler, I didn’t have to resort to that. One could also boot from a boot disk (lots of freebies available) and eradicate the active ingredients from there prior to full disinfection. You have to alter the BIOS of course to boot first from CD.
It’s much easier working on an infected machine if you can run alongside a clean machine for research. Incidentally this instance was on Win7 Home Edition. XP restore is different, disabling restore (I think) deletes restore points, different exe file too so one could try altering the .bat file contents first or use a boot disk to access the malware files if that fails.
Be of good heart, it may look hideous but it’s not difficult to remove and it doesn’t seem to generate collateral damage. Flashy but badly written by persons of paltry skill and intellect. If you are reasonably competent with Windows interstices you won’t have trouble getting rid of it. Takes a few hours doing it’s thing -- while watching Dr Who at the same time. If you are not comfortable there are screeds of people who could do it for you, just ask around, your local school if there are competent kids, much cheaper than High Street outlets.
0
0
Aubree
Do what the instructions say, but reboot in safe mode first.
(Shutdown, restart, then hold F8 while computer reboots until screen loads, then scroll down to safe mode with networking.)
0
0
Jim
The first thing I try when attacking a virus is to download a "free trial" of a reputable Antivirus to a clean computer and burn it to a CD-R. Then I install the downloaded file on the infected system.
0
0
c kuhns
Download roguekiller on a different computer
copy to usb drive
boot in normal mode
run cmd in administrator mode
find roguekiller on usb drive, rename it to iexplore.exe
run iexplore
scan and cure
other antimalwares will now run.

Post Comment:

Attention: Use this form only if you have additional information about Antivirus Security Pro parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.
Home page Name



«


* All field required
Like us on Facebook
Latest spyware news:
Subscribe to spyware news
Please enter your e-mail address:
If you do not want to receive our spyware
newsletter please unsubscribe here
48600 Subscribers
Ask us
I failed to remove Antivirus Security Pro using SpyHunter.

Email


Close

Spreading the knowledge:

It is very hard to fight against computer parasites on the Internet alone. If you have a website, we would be more than happy if you would like to cooperate and help us spread the information about latest threats. Remember, knowledge is the most powerful weapon. Help your visitors protect their computers!
add text box
rss feed
help other