FraudTool.WinAntiVirus.r

Description:	Rogue Security Program
Risk Level:	High
Date of First Occurence:	Monday, June 16, 2008
Software Developer:	(unknown)
Brief Info:	Rogue/Suspect Anti-Spyware Product "Rogue/Suspect" means that these products are of unknown, questionable, or dubious value as anti-spyware protection.
Removal:	This threat can be removed using "Spyware Terminator"

ELIMINAR SPYWARE »

Geographical Distribution of Threat "FraudTool.WinAntiVirus.r"

Threat Info

View All

Detected Items

Detected Files: %PROGRAMFILES%\VAV\vav.exe MD5: 2ED5D70C5AF906B4935931F2FA63D1AF Size:324608 MD5: 61443BCEE1A021D525DDEE68108787B3 Size:324608 MD5: DE297CCE23C90492D99766C84120D12D Size:324608 MD5: 0D865F94F90C31FE4C66EE4BB75EB15D Size:398336 MD5: 02912ABC25202444FF182C16E3A25B74 Size:398336 MD5: D0E67B47216B27AE27DEF8964AB79E72 Size:369152 MD5: F002B6758D69F4E03BCF89D7F22431DF Size:324608 MD5: 5646D22F40BDD0A2B349D3357EC9FCEF Size:326144 MD5: 50C5C947BDC6CEB2EC0F0597183F10F4 Size:324608 MD5: 19FD44A8558B963A06650441AC12876D Size:324608 MD5: 3FB94D5E3F516F8D9460EE2DD16AB382 Size:325632 MD5: 825F11A4629ED2A2074D44DC74EC1AB7 Size:324608 and more.... %PROGRAMFILES%\VAV\VAV.exe MD5: 49F1C66F6328006961B4F160FB3F07E5 Size:1714637 %PROGRAMFILES%\VAV\Vav.exe MD5: 4D0BFC4402D85272E9A8B887542CB2DC Size:920064 %PROGRAMFILES%\VAV\vav.exe MD5: 755F37CD9AA78AD1F80B1E85E8A7E473 Size:427008 MD5: B4316784DF5715402CEB494703B927A1 Size:324608 MD5: 8A7C7B41819EE6EACC6F83FEBD15C5C1 Size:410112 MD5: 0438B5B3710C3A1FCA3A0CAC0CADC08E Size:400896 MD5: 825F11A4629ED2A2074D44DC74EC1AB7 MD5: 816A4A3C40D207CBD3E56579CD6976B2 Size:326144 MD5: 2ED5D70C5AF906B4935931F2FA63D1AF MD5: 5BC53EBCF8798C3FFDE143D68A01B991 Size:336384 MD5: F648AF8555DE7E2E8F20A72EB163574B Size:324608 MD5: 8299CA7EAFF174BB1078582F38815396 Size:335360 MD5: 3599E0A65C6EDB77BC3D66C605FE8975 Size:382976 MD5: 4F94513287F9F829D4EF2B0BD177BD5E Size:325632 and more.... %PROGRAMFILES%\VAV\vav.exe MD5: D568CED10E67BA809011EA2C726555AE Size:325632 MD5: 75EDE02FBBFE150038E35060502B7C1D Size:325632 MD5: E2930B66ED6A0759344FFAAE908CEE77 MD5: 17ECDF827FC4295D324A24A355D36416 Size:325632
Detected Files with variable Filenames: MD5: 02912ABC25202444FF182C16E3A25B74 Size: 398336 %PROGRAMFILES%\VAV\vav.exe C:\Program Files\VAV\vav.exe MD5: E2930B66ED6A0759344FFAAE908CEE77 Size: 325632 %SystemDiskRoot%\RECYCLER\S-1-5-21-3296001094-2246649547-2959218723-1016\Dc12\vav.exe %PROGRAMFILES%\VAV\vav.exe %SystemDiskRoot%\System Volume Information\_restore{78C1AC5A-6EB7-46B3-9F94-6C2FFF4CCA4C}\RP130\A0157300.exe %PROGRAMFILES%\VAV\vav.exe.ren %SystemDiskRoot%\System Volume Information\_restore{0AF59319-765D-4E4A-9919-B5DCA421ADFE}\RP75\A0115726.exe %SystemDiskRoot%\System Volume Information\_restore{417521C6-33D5-4C0D-878A-36CFF12A1AD2}\RP425\A0658875.exe D:\Program Files\VAV\vav.exe %SystemDiskRoot%\System Volume Information\_restore{CD53596A-5812-49DB-AF84-A72B9BECDE4F}\RP418\A0057742.exe MD5: 3E14D456A140CE143CD205C542CB4B5E Size: 880104 c:\escritorio\torrent paola\install_1216_MHwyN3wxMDAwMDAwMDAwfHx8fHx8fHw_.exe %USERPROFILE%\Local Settings\Temporary Internet Files\Content.IE5\SWC9P8OK\install_1216_MHwyN3wxMDEwMDAwMDAwfHx8fHx8fHw_[1].exe %USERPROFILE%\Local Settings\Temporary Internet Files\Content.IE5\E550RNDC\install_1216_MHwyN3wxMDEwMDAwMDAwfHx8fHx8fHw_[2].exe %TEMP%\~7.tmp %TEMP%\~102.tmp E:\Documents and Settings\Jane\Local Settings\Temporary Internet Files\Content.IE5\QN27Q9AF\install_1216_MHwyN3wxMDEwMDAwMDAwfHx8fHx8fHw_[3].exe E:\Documents and Settings\Jane\Local Settings\Temporary Internet Files\Content.IE5\QN27Q9AF\install_1216_MHwyN3wxMDEwMDAwMDAwfHx8fHx8fHw_[1].exe E:\Documents and Settings\Jane\Local Settings\Temporary Internet Files\Content.IE5\QN27Q9AF\install_1216_MHwyMHwxMDEwMDAwMDAwfHx8fHx8fHw_[1].exe E:\Documents and Settings\Jane\Local Settings\Temporary Internet Files\Content.IE5\OL81E3S5\install_1216_MHwyNnwxMDEwMDAwMDAwfHx8fHx8fHw_[1].exe E:\Documents and Settings\Jane\Local Settings\Temporary Internet Files\Content.IE5\OL81E3S5\install_1216_MHwyMHwxMDEwMDAwMDAwfHx8fHx8fHw_[1].exe E:\Documents and Settings\Jane\Local Settings\Temporary Internet Files\Content.IE5\I28RAN5B\install_1216_MHwyMHwxMDEwMDAwMDAwfHx8fHx8fHw_[2].exe and next 8 variations.

Detecting items list:

Files by Name %PROGRAMFILES%\VAV\vav.exe
Files by MD5 MD5: 3E14D456A140CE143CD205C542CB4B5E Size: 880104 MD5: E2930B66ED6A0759344FFAAE908CEE77 Size: 325632 MD5: 3E14D456A140CE143CD205C542CB4B5E Size: 880104

« Go to Software Database

Búsquedas en Nuestra Base de Datos del Software

Buscar en la Base de Datos del Software

Últimas Noticias Sobre Malware

23. septiembre 2011

Entre los spywares de la actualidad el Trojan MicroFake.ba. es sin duda el más activo. Ataca en conjunto con las aplicaciones antispyware Rogue y obliga a los usuarios a adquirir estas aplicaciones falsas. El uso de técnicas de rootkit es muy típico de este troyano para ayudarse a ocultarse de los usuarios y del sistema, por lo que es difícil de rastrear. Se recomienda la actualización periódica de nuestra base de datos y una activa protección en tiempo real con el antivirus.

Noticias más antiguas sobre malware »