FraudTool.BestSeller.a.3

Description: Rogue Security Program
Risk Level: High
Date of First Occurence: Thursday, April 24, 2008
Software Developer: (unknown)
Brief Info: Rogue/Suspect Anti-Spyware Product "Rogue/Suspect" means that these products are of unknown, questionable, or dubious value as anti-spyware protection.
Removal: This threat can be removed using "Spyware Terminator"

SCAN & REMOVE NOW »

Geographical Distribution of Threat "FraudTool.BestSeller.a.3"

Threat Info

View All

Detected Items

  1. Detected Files: %SYSDIR%\Drivers\dhlp.sys MD5: D2A9A5AA05260DF1ACF2A5DFC006D72D Size:46592 MD5: 0F8FD4F3689EEBAC3E3BE7FDE1084522 Size:46592 MD5: 9D51DA08543F1496FD0E6039D49BF9C9 MD5: FB7878E37F4C772B37C0F1F000C45252 Size:43520
  2. Detected Files with variable Filenames: MD5: 9D51DA08543F1496FD0E6039D49BF9C9 Size: 46592 %SYSDIR%\Drivers\dhlp.sys %SystemDiskRoot%\System Volume Information\_restore{8F92269A-0C6B-4B8F-BD3A-55C933E1D9E8}\RP43\A0018193.sys %SystemDiskRoot%\System Volume Information\_restore{8F92269A-0C6B-4B8F-BD3A-55C933E1D9E8}\RP34\A0006954.sys %SystemDiskRoot%\System Volume Information\_restore{864AFD4C-1FBA-4561-BCB2-DBD479CC7D05}\RP40\A0212819.sys F:\WINDOWS\system32\drivers\dhlp.sys D:\WINDOWS\system32\drivers\dhlp.sys %SystemDiskRoot%\winblows\system32\drivers\dhlp.sys %SystemDiskRoot%\System Volume Information\_restore{DF556B55-0439-4E84-961B-0226F0FA725E}\RP183\A0196060.sys %PROGRAMFILES%\Alwil Software\Avast4\DATA\moved\A0019863.sys.vir %SystemDiskRoot%\System Volume Information\_restore{8FCD77E6-BC32-4ABE-ACAB-4CF06CDCEAEE}\RP44\A0017567.sys %SystemDiskRoot%\System Volume Information\_restore{4CF67817-512B-44A4-A755-85AFC8705469}\RP21\A0003412.sys and next 2 variations.

Detecting items list:

  1. Files by Name %SYSDIR%\drivers\dhlp.sys
  2. Files by MD5 MD5: 9D51DA08543F1496FD0E6039D49BF9C9 Size: 46592

« Go to Software Database