Expert AntiVirus
|
Description:
|
Rogue Security Program
|
|
Risk Level:
|
Low
|
|
Date of First Occurence:
|
Tuesday, August 12, 2008
|
|
Software Developer:
|
(unknown)
|
|
Brief Info:
|
Rogue/Suspect Anti-Spyware Product
"Rogue/Suspect" means that these products are of unknown, questionable, or dubious value as anti-spyware protection.
|
|
Removal:
|
This threat can be removed using "Spyware
Terminator"
|
SUPPRIMER SPYWARE »
Geographical Distribution of Threat "Expert AntiVirus"
Threat Info
View All
Detected Items
- Detected Files:
%WINDIR%\wincom137.dll
MD5: 508AD6502860BA3796DE7E50810F1A72 Size:32816
- Detected Files with variable Filenames:
Detecting items list:
- Files by Name
%PROGRAMFILES%\ExpertAntivirus\ExpertAntivirus.EXE
%PROGRAMFILES%\ExpertAntivirus\extension.dll
%PROGRAMFILES%\ExpertAntivirus\plugin.dll
%PROGRAMFILES%\ExpertAntivirus\SpamBlocker.dll
%PROGRAMFILES%\ExpertAntivirus\uninst.exe
%START_PROGRAMS%\ExpertAntivirus\ExpertAntivirus v4.1 Un-Installer.lnk
%START_PROGRAMS%\ExpertAntivirus\ExpertAntivirus v4.1 Website.lnk
%START_PROGRAMS%\ExpertAntivirus\ExpertAntivirus v4.1.lnk
%DESKTOP%\ExpertAntivirus v4.1.lnk
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\ExpertAntivirus v4.1.lnk
%WINDIR%\system\ext32inc.dll
%WINDIR%\wincom137.dll
- Files by Directories
%PROGRAMFILES%\ExpertAntivirus %START_PROGRAMS%\ExpertAntivirus
- Files by CLSID or Name
CLSID=16DD131D-C09F-4F83-A1E7-A2CF506EA27C
CLSID=69EBF0DB-F6B5-4479-8352-AA632F522D34
CLSID=7C1530BD-16B0-41A9-B428-17EE8CBD3E06
CLSID=D7ABE914-B8CF-4602-9145-6BDAAEDA21AA
CLSID=9EC61371-C3B9-FCC1-EE6F-2E4E8D12DFFC
- Registry Keys
HKCR\ExpertAntivirus.Addin
HKCR\ExpertAntivirus.Addin.1
HKCR\spamdet.SpamDetector
HKCR\spamdet.SpamDetector.1
HKLM\SOFTWARE\ExpertAntivirus
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ExpertAntivirus.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ExpertAntivirus
HKCU\Software\Microsoft\Office\Outlook\Addins\ExpertAntivirus.Addin.1
HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\AdLoader
HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Trace7
HKCU\Software\Microsoft\Windows\CurrentVersion\Shell\1das
HKCU\Software\Microsoft\Windows\CurrentVersion\Shell\dnl7
HKCR\AppID\ad-protect.EXE
HKCR\AppID\spamdet.DLL
HKCR\AppID\{9DA1990B-9BCA-4c80-AEFB-11A40FA849F9}
HKCR\AppID\{C628512D-A058-4BD4-B47B-B036F45FA02B}
HKCR\ExpertAntivirus.Addin
HKCR\ExpertAntivirus.Addin.1
HKCR\Interface\{214345B8-BB69-498D-A168-29F58F15D806}
HKCR\Interface\{3E67E9DC-7294-44C3-BC99-EA6E29E74076}
HKCR\Interface\{7C1530BD-16B0-41A9-B428-17EE8CBD3E06}
HKCR\Interface\{D59B2DD5-0609-4BDC-AB47-A9A28ABC482A}
HKCR\Interface\{F82FD7D4-2EC8-40B3-A141-DE051C98DCE9}
HKCR\TypeLib\{B60F5AFA-EDD2-417D-A438-57F3EBD9E639}
HKCR\TypeLib\{DFCDA823-80C5-4F55-B328-7EFD4AFBD9A0}
HKCR\spamdet.SpamDetector
HKCR\spamdet.SpamDetector.1
HKLM\SOFTWARE\ExpertAntivirus
- Registry Values
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ValueName=ExpertAntivirus
«
Go to Software Database
