WinSpywareProtect

Description:	Rogue Security Program
Risk Level:	High
Date of First Occurence:	Wednesday, April 30, 2008
Software Developer:	(unknown)
Brief Info:	Rogue/Suspect Anti-Spyware Product "Rogue/Suspect" means that these products are of unknown, questionable, or dubious value as anti-spyware protection.
Removal:	This threat can be removed using "Spyware Terminator"

SCAN & REMOVE NOW »

Geographical Distribution of Threat "WinSpywareProtect"

Threat Info

View All

Detected Items

Detected Files: %TEMP%\_addon.exe MD5: 4F070BA9EBAE49FB36D9F3A9D2A49E53 Size:323396 MD5: 2A0B817743249E150639E07184A5537B Size:181371 MD5: 378CDCF65791552B4FA8C1DD0E7D8213 Size:163927 MD5: 8CD56F02C48905478C61898639732185 Size:323444 MD5: 147B0E2D561DF0AD62EA196F04198EC2 Size:323383 MD5: 2AF04F7A616855D0AD51E818FCF6C20F Size:323391 MD5: F9AC08775DF9C61DC4E6F9F97E748700 Size:34556 MD5: FBAAB655D51B39E482F94A5CB266B89E Size:323379 MD5: 9AFA596B2A23A356BDFC03AEFB8A88C1 Size:181487 MD5: D96EC6706847E4121FD8C8C9A664F693 Size:323392 MD5: EDFE2D4A7AA0DA622CBFE415ADB970E9 Size:181429 MD5: 04A7B976F57294DEF6B0C32BAF55179C Size:181361 and more.... %PROGRAMFILES%\AbsoluteTransfer\Uninstall.exe MD5: E458F3047CD13590B92F957D0DEF3770 Size:62910 %PROGRAMFILES%\AbsoluteTransfer\AbsoluteTransfer.dll MD5: 837D30F26831CD7DD979E400F5B6CFB2 Size:247296 MD5: 46D07927760AC6FD80B3DF339184FCBC Size:247296 MD5: 6C202AE4ED11CC5A85A21703A6140875 Size:247296 %ALLUSERS_APPDATA%\Adsl Software Limited\WinSpywareProtect\WinSpywareProtect.exe MD5: 6515831D07BE3F8F13767B3CADEC9697 Size:1224704 MD5: 123D2E5B21577B72281E6EC8F045990C Size:1174528 MD5: 13B2F45EA3826D31E577149437BD22E9 Size:1224192 MD5: A6A110485C3C7E87028FD3507F7E5B06 Size:1174528 MD5: 5EA1B20F7D7650BF184878E67A6C6798 Size:1175040 MD5: 3CD6D7B2C0EFFA72E9478DD5518A0EAC Size:1172480 MD5: 530077CEA17CC2DC2B5AF3FF8BC13BF6 Size:1225728 MD5: 88E862EDC343C9E8B1B0935CBB54F346 Size:1222656 MD5: 9250741378679922EF1835C8BAED40C5 Size:1224192 MD5: 70B6E54D12E787DF683BC16EED48417E Size:1222656 MD5: D270E0E3300AD6D34268F9C862AE07CD Size:1225216 MD5: 947E391F6BA04F05956C1ED18E38474B Size:1174528 and more.... %PROGRAMFILES%\WinSpywareProtect\unins000.exe MD5: B59EB95A1CF8E51CE56C540CA9BBBBDA Size:682330 %PROGRAMFILES%\WinSpywareProtect\WSPLauncher.exe MD5: AFE47FC7F995E61576B1AC3D409D2F98 Size:282624 MD5: DB1F88B0DE7B03C29015B10ECD1056B7 Size:281088 %ALLUSERS_APPDATA%\ADSL SOFTWARE LIMITED\WINSPYWAREPROTECT\WINSPYWAREPROTECT.EXE MD5: 1DB5034ABE12A0874D5D3152D94E3F3D Size:1161216 MD5: 859A3480DCBF6534E703D727B37DE476 Size:1161216 MD5: 869E46C2FD12FC7B7BC85628F1172BA2 Size:1160704 MD5: 1003FC77BE47CD58879AF74AA8D204F2 Size:1160192 MD5: 23EB98A3D113294F7A79075CD352B2AE Size:1160704 %TEMP%\_addon.exe MD5: 18008D90ECBD7CFBA330A7ACB6F48F28 Size:163647 MD5: 5DAAB5ADD21269A4E1A470F1CDCAC559 Size:181512 MD5: 77C00426C092CA72C21D44DE03A3CF2F Size:323395 MD5: 436612AD3D54D69A85C56EF20CF7012C Size:323393 MD5: 7AD4B312C4F4E1F7E7251655B784CFD6 Size:323397 MD5: AAECF6DFB68035034A5898B0563FB25B Size:324184 MD5: 1978757C7904B64166DF4FCCC4759B9A Size:163997 MD5: 418A711641A83B6C810690B34D6B6531 Size:190289 MD5: E5CC566A2E847F2B902B123E1786933B Size:323384 MD5: 2476B7D6D0E8EFC51BA39AAC7BDB18B6 Size:323388 MD5: 62CED755E902392C99C01A8B23F470EE Size:338 MD5: E35C8568F34E9D8CD2DF020A86C47DD2 Size:323393 and more.... %TEMP%\temp.dll MD5: B93A1BCE34F9ACA04D6FFAB7248FF196 Size:247296 MD5: A2360DDDE058B7F5CEC5ABE475E5444B Size:247296 MD5: 215F6E7D702C91E0ED9F30AF0754FD12 Size:247296 MD5: 437FEF98EB71B112146E2C6675D16A2E Size:247296 MD5: C170903B1D049E80775C449A13E1C874 Size:247296 MD5: 29842E02BBDEA24963A5FBC6022890BA Size:247296 MD5: 88178B01A2A760CE19072C953F79822B Size:247296 MD5: C09ACDE6AEF6AD8A6441640A9E5A0C6C Size:247296 MD5: EFA01491D5C07B844EFFAA54C58A267C Size:247296 MD5: 1F879F64A5BDB98310E374AC00D3D65C Size:247296 MD5: 3A99FDA586A9014DC471396902CC9085 Size:247296 MD5: 7A7A2D5ACABC69AEB7215E02F11A4877 Size:247296 and more.... %TEMP%\_addon.exe MD5: D3BABF8BF881782DA8D26A6B6DA0F8DA Size:323400 MD5: 6D28A12A2331B052FC6A11E1534F83D9 Size:163680 MD5: C8AE3B786114401B6791F9D4FEF03660 Size:179 MD5: 14B6911F7E02E391008633B8FB46C810 Size:323400 MD5: 087CA34E1285C129885EF61EF3DAE993 Size:323392 MD5: 8764169AD14629C47FA74A7E1C3C0326 Size:323392 MD5: 40927DF286EFD0A31D3B3300675CF5C5 Size:67952 MD5: CBCF0B6297838782D94004516D55ABB5 Size:163782 MD5: 5163F090BEE552115F7368F67089169A Size:323392 MD5: 02510704CA4663CFD6B4171F56D07CFB Size:57113 MD5: 6A0094DA03A2416CDF15B1F36E7D9C61 Size:190281 MD5: 84A3930E21E6F6DE7328522EAE8B2E5A Size:190262 and more.... %TEMP%\_addon.exe MD5: CCEAA975CA9910A57A0CCF701F61CFEC Size:163669 MD5: BCE2EB9E2E18657256DB578772C2DE61 Size:190205 MD5: A1D05C3D541F2E32BBE683E8D2B77839 Size:190416 MD5: 66D0E9791E930545FDDD4541989889CC Size:190489 MD5: D09561AF01C4F1A39CEBBD2BF78F1317 Size:190371 MD5: AF028D82E6B9B73CF2B62455D6564FD5 Size:190364 MD5: AE4BFFBC7A4F7F2DE7A96F8EDA5A9315 Size:190341 MD5: FEADABB04E08019B4FED1DD73B049483 Size:190287 MD5: EFC3856E59B78425ADD869E36CEC6438 Size:190146 MD5: 833322D6207D7E5081DC67F5D951C3AB Size:190315 MD5: AAA7F05A7399410AF884123360696ECB Size:181375 MD5: CF6727601E81A85E8F4721269153BB9B Size:163928 and more.... %ALLUSERS_APPDATA%\Adsl Software Limited\WinSpywareProtect\WinSpywareProtect.exe MD5: 346DA0CCC6B08C002101705E4E1F7726 Size:1224704 MD5: CFCCE432CD92C51B3D13D4984A1EFE95 Size:1338880 MD5: 2CAAA5DF164E18F562FDBA41E4D29EDF Size:1159680 MD5: 375063AC9006CF25670524CA89377BCC Size:1222144 MD5: EC111864414C40E6B09A44DA78E83C65 Size:1162752 MD5: 4DE0F99EDB7C2B4FB341A2F5B8D39806 Size:1224192 MD5: 7E49A3F1B231E91CE829F26FF2C3E4A6 Size:1666560 MD5: 300F812554F42F69E2F25F7AB20EEDC9 Size:1175040 MD5: 3531ED71D2B58CB0FD9EDC893969EEF9 Size:1353692 MD5: 70B6E54D12E787DF683BC16EED48417E MD5: CB323F130036B3C4748D3821381D00F0 Size:1176064 %TEMP%\_addon.exe MD5: F9365CE383B23CF2D39C165EC6C6EB02 Size:190527 MD5: F973BBDC61B20E04E4535B981DA44F70 Size:34268 MD5: 3F513402B02B3F6932EA4290FE7B2F43 Size:190126 MD5: 88762AFD16D7A65408068699AD11FA1A Size:112029 MD5: B1B18082D40061762919A74FB471CD7E Size:190583 MD5: 2260B66587DC727793C18C824C72F9C4 Size:190432 MD5: 8077F4DFC6EE0D90FA771F298057AD88 Size:163730 MD5: C633C94B69C714C3430768422BA877A1 Size:190159 MD5: 030413E5103CD2034781C72CAA24540C Size:190413 MD5: 87F1370719D35B3B2985CB1FB067165C Size:181368 MD5: 67ECCEA0D882C8B3432C71E876232851 Size:181462 MD5: 6D996808686B636874C2FF378B059F0C Size:323391 and more.... %TEMP%\_addon.exe MD5: 21FA12FAFA3DEF036117A4F2870AA390 Size:152090 MD5: E746A7012F24330B0244CACBA05FA68F Size:181590 MD5: 305C1A707AE2E243F54D3D0E9CBD7E45 Size:163904 MD5: C46882F93900A802D62352763F45E091 Size:181436 MD5: DE4C5CDAADE821A25AC8E169BBBF1028 Size:163917 MD5: 2DB1BC4E67D05E34879BC9DED8D81FC7 Size:181353 MD5: 97DF33DAFEAAC9367B3F564401D90181 Size:181454 MD5: 49A1F217A6FD9DCD32EAEEC8B2AD3B52 Size:181659 MD5: 589E5C94FA521DF4CE2D1E84248DCAEB Size:163965 MD5: 4EF0D4621BBD1DEE194FB7E6DF070B36 Size:181368 MD5: 1DAE221C6C443FB5A6D7BE223C5B585B Size:163861 MD5: 01673B7E4A0FA688264BB608447910FB Size:181503 and more.... %TEMP%\_addon.exe MD5: 44E7169FC365F0AAA6DC626837B28ACC Size:181356 MD5: D32357F932B7C212711755787CCE79F1 Size:323377 MD5: C79843E82BEDE2DDF249B22E338DA9AE Size:181565 MD5: 527011D9003A1E0AA545953F53B20275 Size:163966 MD5: C6E11373B070042A590475786AD6AD13 Size:163762 MD5: 0E1D50A9D945EC44EECBCCB6CA838A5E Size:181268 MD5: E8B5772692E5405738B4A19011ABA8C3 Size:323392 MD5: F0D5905BDE224752884C336D45B4D48B Size:163915 MD5: F12DC3DB0DB446D7B9824AF19A30C5B5 Size:181513 MD5: CB2E2DCB46E4C9CC96991778B4877EFB Size:34556 MD5: 6A2C5F7BE469E4356C035C41147F4863 Size:323396 MD5: B64453311D2E8F77B02B0402AB1E570E Size:163926 and more.... %TEMP%\_addon.exe MD5: 3EFD0DC06FD0A77BC6420BCBADCD11F2 Size:163940 MD5: ABB2FECDDC470CAC584A29E4CCEACE96 Size:181374 MD5: C7F8F4473664D793B8F08EC6B9E67A34 Size:163915 MD5: 2F86F05EEFECB905D6AC767792DD4436 Size:163851 MD5: A9594DF0F89408BD783714A4D069C8D9 Size:163856 MD5: DC9EAD47007D3DC2BA893B5DF8762BDF Size:163839 MD5: 53F5F2DAE70E4A1D72B93CEC65AE0313 Size:2164 MD5: A392FFC9A12262065BA7E4299F8D2786 Size:163762 MD5: 1DD1ED3DD06CFEB1C86B13F45111B5C7 Size:163916 MD5: EC93F0669D01866CE9A18EC32AB68A96 Size:163729 MD5: FFC3A96B94D1A479FF37BACD3374E127 Size:163964 MD5: 44E0CA66FB44BF0CC73798BC58115C14 Size:163959 and more.... %TEMP%\_addon.exe MD5: D77ABAC70189672D36613D72920956AE Size:163747 MD5: 6C7653CFD4FB28C69789B7452FEA474C Size:2144 MD5: 18CCA6F058DD980336103F92444EBFC6 Size:163843 MD5: 0F9C3DA96D9A33C0F6542DDC3EA44F96 Size:163909 MD5: 64B17F4EAFA11F87E407ABCB7E5088D1 Size:163680 MD5: 383724D3EAD23463C1E20A00078F3459 Size:163943 MD5: 80630EBD4DEE1B1AA794A614CD36AE80 Size:163893 MD5: E80711A6DEB089F0BE9B1E11D58A4FF8 Size:66868 MD5: FE991F38648127B242AE7861AE9AD1CD Size:163718 MD5: FAB5238181344C1DC4E5C7E315A0B89F Size:323389 MD5: 775B23F20C4655BF0D59FA668F200464 Size:163912 MD5: 0C2EF3C71B4DB99436D60B54CF1375CC Size:163794 and more.... %TEMP%\_addon.exe MD5: 11C2EF6E17A3269F045B8A526F9E7D20 Size:163710 MD5: 9A298D294CA1BD4F616351191A3AB0F9 Size:163799 MD5: 2B2F8A67E35DCDB5A3AD867841FF333A Size:163749 MD5: 43DAC9CDA9619EC90A8B50532EFBA376 Size:163717 MD5: CE0517384846CF8C238851516B888178 Size:1970 MD5: 071D86EE5A9E0D0FFBB08003CBE5A73B Size:163698 MD5: 1EE0BFB2FA06D9A867E07F671C116616 Size:163832 MD5: 63D5D4C4680B7849AB52276396642322 Size:163706 MD5: 305B461EA9244B82AA92AA29FFBF045E Size:323389 MD5: 49EDBC3D3220685E5C0C73F79883B7D1 Size:163697 MD5: 807B34DDA99B46015A284C0DEF407890 Size:163652 MD5: 245C09FF1D357011120E1B6928D3D8F0 Size:163713 and more.... %TEMP%\_addon.exe MD5: 14B6239C0F7D7C232758C92926E0A8F3 Size:323396 MD5: 42AFE093DA0F990F64048B32B8DC2147 Size:323396 MD5: 65E0152CB6C1CEAF02168449B3938BE7 Size:323391 MD5: 727D7C92BFEB832C130A57D49F8EBEDA Size:33932 MD5: 779CE97EBCCEEA1C5A262AED3776F559 Size:323391 MD5: 1CED6E452F5BDF76974AA104D1388232 Size:58188 MD5: 1835B79B290899D84F8538434D6435F6 Size:258 MD5: 469B4367C9DE8061F5B3E44603CF0BD3 Size:104828 MD5: 0D8B810FC6081274D9723C4BC816DF15 Size:2765 MD5: 7286152292FCC124532C85465A2BE7BB Size:150716 MD5: 51BF22E0F94AF076BA986122D8182C53 Size:110172 MD5: 8AA5C3CB0D6E0AAD8232A03ADBDA9015 Size:137718 and more.... %TEMP%\temp.dll MD5: AB80B7ABD81A603D58565B5FC79119C6 Size:247296 MD5: ABC8E8D9A0F18D69E17C4307312E1C46 Size:247296 MD5: EC3A7DE7729917657F3D4CC2F1EA60BC Size:247296 MD5: 75FE0CCB129A01858A8FF6A7036FB0D1 Size:247296 MD5: 53E57BEA2578F81E197A5F5387C9AE1A Size:247296 MD5: A751538F5BA267A846EEB55A47007939 Size:247296 MD5: DD39F713F452B1999E6AF620F74B44D2 Size:247296 %TEMP%\_addon.exe MD5: 12C33C3F712ED8418816A1047483360D Size:323391 MD5: FF8D3EC10E03D2D1D6E34CFC7050E39A Size:323390 MD5: 7277807807BD4FE9956903A3BF2D0BF8 Size:323391 MD5: 1EEC90FE1FF42B922B8F844B14BCB1FA Size:323391 MD5: D55684612E3DFB2B82D0AEF6E9F7B975 Size:323400
Detected Files with variable Filenames: MD5: 46273FE2557D7CFD7745BA7CBE6CAFBB Size: 247296 %TEMP%\temp.dll %PROGRAMFILES%\AbsoluteTransfer\AbsoluteTransfer.dll MD5: 00A4DCB1BC8FD85B1B31B530AA9C6B24 Size: 247296 %TEMP%\temp.dll %PROGRAMFILES%\AbsoluteTransfer\AbsoluteTransfer.dll MD5: C5534F82E82E24F2D14E8173DDB4A923 Size: 247296 %PROGRAMFILES%\CableRouting\CableRouting.dll %TEMP%\temp.dll MD5: AAECF6DFB68035034A5898B0563FB25B Size: 324184 %TEMP%\_addon.exe %SystemDiskRoot%\Documents and Settings\wadih\Local Settings\Temp\_addon.exe %SystemDiskRoot%\My Backup -- 08-07-06 1142AM\Documents and Settings\Owner.YOUR-06A3B8E925\Local Settings\Temporary Internet Files\Content.IE5\DZJIJF42\setup[1].exe %SystemDiskRoot%\My Backup -- 08-07-06 1142AM\Documents and Settings\Owner.YOUR-06A3B8E925\Local Settings\Temp\_addon.exe MD5: 215F6E7D702C91E0ED9F30AF0754FD12 Size: 247296 %TEMP%\temp.dll %PROGRAMFILES%\AbsoluteTransfer\AbsoluteTransfer.dll MD5: C8AE3B786114401B6791F9D4FEF03660 Size: 179 %TEMP%\_addon.exe %ALLUSERS_APPDATA%\Adsl Software Limited\WinSpywareProtect\WinSpywareProtect.exe MD5: 50C6A72AC26E529EE358CBAC1DD78F89 Size: 63555 %SystemDiskRoot%\RECYCLER\S-1-5-21-2911240418-3797675333-3803052634-1007\Dc1043\Uninstall.exe %PROGRAMFILES%\ColorUtility\Uninstall.exe %PROGRAMFILES%\AbsoluteTransfer\Uninstall.exe i:\Program Files\Uninstall.exe %SystemDiskRoot%\System Volume Information\_restore{4E0CDC0E-6918-468C-8F02-20EFA7F3FEBD}\RP156\A0143478.exe %SystemDiskRoot%\System Volume Information\_restore{D6EAE65B-DB8C-4CD8-9DC8-84EC967ECC50}\RP122\A0152671.exe %SystemDiskRoot%\My Backup -- 08-07-06 1142AM\Program Files\Uninstall.exe %SystemDiskRoot%\My Backup -- 08-07-06 1142AM\Program Files\CenterLock\Uninstall.exe %PROGRAMFILES%\BurstWriting\Uninstall.exe %PROGRAMFILES%\LogicFunctions\Uninstall.exe MD5: 29842E02BBDEA24963A5FBC6022890BA Size: 247296 %TEMP%\temp.dll %PROGRAMFILES%\AbsoluteTransfer\AbsoluteTransfer.dll MD5: 3A99FDA586A9014DC471396902CC9085 Size: 247296 %TEMP%\temp.dll %PROGRAMFILES%\AbsoluteTransfer\AbsoluteTransfer.dll

Detecting items list:

Files by Name %PROGRAMFILES%\WinSpywareProtect\WSPLauncher.exe %ALLUSERS_APPDATA%\Adsl Software Limited\WinSpywareProtect\WinSpywareProtect.exe %TEMP%\Perflib_Perfdata_4ac.dat %TEMP%\_addon.exe %TEMP%\temp.dll %PROGRAMFILES%\AbsoluteTransfer\AbsoluteTransfer.dll %PROGRAMFILES%\AbsoluteTransfer\Uninstall.exe %ALLUSERS_APPDATA%\Adsl Software Limited\WinSpywareProtect\LOG\20080612100348289.log %PROGRAMFILES%\AbsoluteTransfer\uninstall.dat
Files by MD5 MD5: D4AD7ACCDAE853E3D675AD4E1D8ECC7B Size: 281088 MD5: 99FD28D6F50FB4A83A1540ADB33F0FE2 Size: 1172480 MD5: AAECF6DFB68035034A5898B0563FB25B Size: 324184 MD5: C5534F82E82E24F2D14E8173DDB4A923 Size: 247296
Files by Directories %PROGRAMFILES%\WinSpywareProtect
Files by CLSID or Name CLSID=18CB1A7B-94CD-4582-8022-ADA16851E44B
Registry Keys HKLM\\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18CB1A7B-94CD-4582-8022-ADA16851E44B} HKLM\\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7C4BCD17-BDBA-4078-9D8C-8CA8B7EABE77} HKLM\\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7C4BCD17-BDBA-4078-9D8C-8CA8B7EABE77}

« Go to Software Database

Search in Our Software Database

Browse Software Database

Latest Malware News

September 23, 2011

Among one of the most active spywares currently is without a doubt Trojan.MicroFake.ba. It attacks in conjunction with Rogue antispyware applications and forces users to purchase these fake applications. Using rootkit techniques is very typical of this Trojan to help it hide from users and the system, making it hard to trace. We recommend regular updating of our database and an active real-time protection with antivirus.

Older malware news »