AntiVirusProtector
|
Description:
|
Rogue Security Program
|
|
Risk Level:
|
Low
|
|
Date of First Occurence:
|
Monday, April 14, 2008
|
|
Software Developer:
|
(unknown)
|
|
Brief Info:
|
Rogue/Suspect Anti-Spyware Product
"Rogue/Suspect" means that these products are of unknown, questionable, or dubious value as anti-spyware protection.
|
|
Removal:
|
This threat can be removed using "Spyware
Terminator"
|
SCAN & REMOVE NOW »
Geographical Distribution of Threat "AntiVirusProtector"
Threat Info
View All
Detected Items
- Detected Files:
%PROGRAMFILES%\Antivirus Protection\uninst.exe
MD5: 7667888CFBA9051F8323AFD58D6230E0 Size:34486
MD5: FBC0AA6649CDC5EDEB0BCE1B55D15392 Size:34894
MD5: 6A1A9E8C44DFAE8B0AE7A9C3A78510F7 Size:34894
%PROGRAMFILES%\Antivirus Protection\antivirusprotection.exe
MD5: 00ADA89F87DB0DB0F3939271C34F865E Size:1979392
MD5: 06D6D4587499F1157975CA8BF0DFB0EB Size:1855488
MD5: A6F631EF8EC93D83596960B70DEDB32F Size:1859584
MD5: A793DF000E8E0889411437A75EA26051 Size:1851392
MD5: 23D69C5D4798F59D43EA21ECE6550771 Size:1851392
%PROGRAMFILES%\Antivirus Protection\SpyWares\spydb.exe
MD5: A413513C143F69400F77D2DA158680D6 Size:75653
MD5: 5512828DAF37237DB5E24DED6E30AB30 Size:142093
%PROGRAMFILES%\Antivirus Protection\SpyWares\Browser Hijack\helper.dll
MD5: 1C96DF0985D569010957F4B1EED82CFF Size:356352
- Detected Files with variable Filenames:
MD5: 41F43646606614DBDE872D63DA71C336 Size: 77824
%PROGRAMFILES%\Antivirus Protection\SpyWares\Browser Hijack\helper.dll
%PROGRAMFILES%\Antivirus Protection\SpyWares\Browser Hijack\helper.dll.ren
MD5: A793DF000E8E0889411437A75EA26051 Size: 1851392
%PROGRAMFILES%\Antivirus Protection\antivirusprotection.exe
%PROGRAMFILES%\Antivirus Protection\antivirusprotection.exe.ren
Detecting items list:
- Files by Name
%PROGRAMFILES%\Antivirus Protection\antivirusprotection.exe
%PROGRAMFILES%\Antivirus Protection\uninst.exe
%PROGRAMFILES%\Antivirus Protection\ClamWin\bin\test\clamscan.exe
%PROGRAMFILES%\Antivirus Protection\ClamWin\bin\test\cygbz2-1.dll
%PROGRAMFILES%\Antivirus Protection\ClamWin\bin\test\cyggmp-3.dll
%PROGRAMFILES%\Antivirus Protection\ClamWin\bin\test\cygminires.dll
%PROGRAMFILES%\Antivirus Protection\ClamWin\bin\test\cygwin1.dll
%PROGRAMFILES%\Antivirus Protection\ClamWin\bin\test\cygz.dll
%PROGRAMFILES%\Antivirus Protection\ClamWin\bin\test\python23.dll
%PROGRAMFILES%\Antivirus Protection\SpyWares\spydb.exe
%PROGRAMFILES%\Antivirus Protection\SpyWares\Browser Hijack\helper.dll
%START_PROGRAMS%\Antivirus Protection\Antivirus Protection.lnk
%START_PROGRAMS%\Antivirus Protection\Uninstall.lnk
%START_PROGRAMS%\Antivirus Protection\Website.lnk
%DESKTOP%\Antivirus Protection.lnk
- Files by Directories
%PROGRAMFILES%\Antivirus Protection %START_PROGRAMS%\Antivirus Protection
- Registry Keys
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Antivirus Protection
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\AntivirusProtection.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Antivirus Protection
HKLM\SOFTWARE\Telecom Advance\Antivirus Protection
- Registry Values
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ValueName=AntivirusProtection
«
Go to Software Database