StorageProtector

Description:	Rogue Security Program
Risk Level:	High
Date of First Occurence:	Monday, April 14, 2008
Software Developer:	(unknown)
Brief Info:	Rogue/Suspect Anti-Spyware Product "Rogue/Suspect" means that these products are of unknown, questionable, or dubious value as anti-spyware protection.
Removal:	This threat can be removed using "Spyware Terminator"

REMOVER SPYWARE »

Geographical Distribution of Threat "StorageProtector"

Threat Info

View All

Detected Items

Detected Files: %COMMONFILES%\StorageProtector\strpmon.exe MD5: 0C209E7CC1464980DB48F7A57477B966 Size:428032 MD5: 0E015082496C8CB4881ED39A347B6957 Size:806912 %PROGRAMFILES%\StorageProtector\ucookw.exe MD5: 243B9B6ACB6F86D8FFDFE5E17DB34825 Size:236544 MD5: 9E7BCF3B87D459841742413372437B32 Size:211968 MD5: BB9A8C1A713F681836D07C180167F114 Size:568320 MD5: 99240627E4BA23F6B382AC5598F4FD25 Size:583680 %PROGRAMFILES%\StorageProtector\transpaid.exe MD5: 097308B6F24932752A1AE6317F7994E0 Size:2051040 MD5: 40CC4E9A96394367395F7B3FF2742CAB Size:4041698 MD5: DBFA57788D615922EDD55EE163880B4E Size:2067555 MD5: 4553FE58B946609A3EDFA3D0F509E684 Size:2106352 MD5: E72E7AA011150810334A5F29D49B8416 Size:2048834 MD5: 3C1244928A4380E583B9625DE498D047 Size:2045592 %PROGRAMFILES%\StorageProtector\msvcr71.dll MD5: 86F1895AE8C5E8B17D99ECE768A70732 Size:348160 %PROGRAMFILES%\StorageProtector\msvcp71.dll MD5: 561FA2ABB31DFA8FAB762145F81667C2 Size:499712 %PROGRAMFILES%\StorageProtector\mfc71.dll MD5: F35A584E947A5B401FEB0FE01DB4A0D7 Size:1060864 %PROGRAMFILES%\StorageProtector\atl71.dll MD5: 8F2097E8B174F38178570C611464935F Size:89088 %PROGRAMFILES%\StorageProtector\unins000.exe MD5: AA73CB8414E91A622AB1B1BE37648BB3 Size:697177 MD5: 635B9F35E8BA6AAF68960BC34C3EB7AC Size:700250 MD5: E82CD91FE2E7D73D09C0D29E4ED69B94 Size:696665 %PROGRAMFILES%\StorageProtector\unins001.exe MD5: 21CACF7AE76519D4C14091D296A90311 Size:698899 %PROGRAMFILES%\StorageProtector\kernel.dll MD5: 6C0E1496372C338B2298377D9AB0795B Size:331776 %PROGRAMFILES%\StorageProtector\SysRep .exe MD5: BBBA35BA953CC34CDD7CC02E98840620 Size:1526784 %PROGRAMFILES%\StorageProtector\SysRep.exe MD5: 6F8CBE9BA4CBA8D621C7FC99A97B5A65 Size:1929216 MD5: FAF6B2675A67DD7E182CCEA593B4F673 Size:1524224 MD5: 26E0E32F3100D71FB3370DD9ECF51E89 Size:1936896
Detected Files with variable Filenames: MD5: F9BE49D2313F3E92B0F9F6A2B83029EA Size: 195616 d:\Documents and Settings\Claudio Pinto\Application Data\setup_en[1].exe %APPDATA%\setup_en[1].exe %PROGRAMFILES%\WinGate\cache\00004H2T.wgc %USERDOCUMENTS%\Mis vdeos\setup_en.exe %TEMP%\x1hrcwy8.exe %TEMP%\ingg4cho.exe %TEMP%\1llyartt.exe %SYSDIR%\config\systemprofile\Local Settings\Temp\m35de2ji.exe %SystemDiskRoot%\Documents and Settings\Default User\Local Settings\Temp\m35de2ji.exe %SystemDiskRoot%\Documents and Settings\Administrator\Local Settings\Temp\m35de2ji.exe %SystemDiskRoot%\RECYCLER\S-1-5-21-126639907-3207847200-972506294-1009\Dc5.exe and next 6 variations. MD5: B00EBC4E12D9DF55534F4D026267D3D3 Size: 161624 %USERPROFILE%\Local Settings\Temporary Internet Files\Content.IE5\SK050D2N\setup_en[1].exe %APPDATA%\setup_en[1].exe %SystemDiskRoot%\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP578\A0975310.exe %ALLUSERSDOCUMENTS%\My Pictures\Sample Pictures\setup_en.exe %SystemDiskRoot%\Documents and Settings\seth\Desktop\setup_en.exe %USERDOCUMENTS%\setup_en.exe d:\Documents and Settings\Compaq_Owner\Application Data\setup_en[1].exe f:\My Documents\\setup_en.exe %SystemDiskRoot%\Documents and Settings\MWRNet User\Application Data\setup_en[1].exe %USERPROFILE%\Anwendungsdaten\setup_en[1].exe %SystemDiskRoot%\System Volume Information\_restore{06C5EF7E-9AFD-4D27-A95F-44C8BCFE23B1}\RP47\A0012555.exe and next 3 variations. MD5: 3DD738B15591DAAECFDB344DC321544F Size: 589824 %COMMONFILES%\SenzaDoppioni\strpmon.exe %COMMONFILES%\TryggPCVerktyg\strpmon.exe %COMMONFILES%\ToolSicuro\strpmon.exe %COMMONFILES%\WinPCDoctor\strpmon.exe %COMMONFILES%\CV=2.4&PN=&PV=&PT=&SN=&SNA=&SNS=&SNE=&SNR=&SNB=&US=SXMEA\strpmon.exe %COMMONFILES%\10\STRPMON.EXE %COMMONFILES%\ProtejaseuDrive\strpmon.exe %SystemDiskRoot%\System Volume Information\_restore{9CBF0446-698A-4CC9-ADD1-5E3E9D06F0E6}\RP289\A0061829.EXE %COMMONFILES%\TryggPCVerktyg\strpmon.exe.ren %SystemDiskRoot%\RECYCLER\NPROTECT\00116213.exe c:\System Volume Information\_restore{98DF0744-E9D0-4D5D-BAFF-085C137ADB1B}\RP669\A0260564.exe and next 3 variations. MD5: EEE89FC1C3E75C467DB189C6F18A9349 Size: 5439488 %PROGRAMFILES%\ToolSicuro\SysRep.exe d:\Program Files\StorageProtector\SysRep.exe %PROGRAMFILES%\SystemErrorFixer\SysRep.exe %PROGRAMFILES%\DiscoSeguro\SysRep.exe %PROGRAMFILES%\SansenDommagement\SysRep.exe %PROGRAMFILES%\ErreurChasseur\SysRep.exe MD5: 8AC244E99D24743923FE4E0F1D20D20F Size: 131072 d:\Program Files\StorageProtector\ugescw.exe %PROGRAMFILES%\SystemErrorFixer\ugescw.exe %PROGRAMFILES%\BugsDestroyer\ugescw.exe MD5: 26E0E32F3100D71FB3370DD9ECF51E89 Size: 1936896 %PROGRAMFILES%\StorageProtector\SysRep.exe %PROGRAMFILES%\StorageProtector\SysRep .exe MD5: B3653FE7C23758CB04DB37E6D5FB59E9 Size: 822272 %COMMONFILES%\STORAGEPROTECTOR\STRPMON .EXE %COMMONFILES%\STORAGEPROTECTOR\STRPMON .EXE %COMMONFILES%\STORAGEPROTECTOR\STRPMON .EXE %COMMONFILES%\STORAGEPROTECTOR\STRPMON .EXE %COMMONFILES%\STORAGEPROTECTOR\STRPMON .EXE %COMMONFILES%\STORAGEPROTECTOR\STRPMON .EXE %COMMONFILES%\STORAGEPROTECTOR\STRPMON .EXE %COMMONFILES%\STORAGEPROTECTOR\STRPMON .EXE %COMMONFILES%\STORAGEPROTECTOR\STRPMON .EXE %COMMONFILES%\STORAGEPROTECTOR\STRPMON .EXE %COMMONFILES%\STORAGEPROTECTOR\STRPMON .EXE and next 43 variations.

Detecting items list:

Files by Name %PROGRAMFILES%\StorageProtector\SysRep.exe %PROGRAMFILES%\StorageProtector\ugescw.exe %COMMONFILES%\StorageProtector\strpmon.exe
Files by MD5 MD5: EEE89FC1C3E75C467DB189C6F18A9349 Size: 5439488 MD5: 8AC244E99D24743923FE4E0F1D20D20F Size: 131072 MD5: 3DD738B15591DAAECFDB344DC321544F Size: 589824 MD5: B00EBC4E12D9DF55534F4D026267D3D3 Size: 161624
Files by Directories %PROGRAMFILES%\StorageProtector %COMMONFILES%\StorageProtector
Registry Keys HKLM\SOFTWARE\StorageProtector HKCU\Software\StorageProtector HKLM\SOFTWARE\Purchased Products\System Error Repair
Registry Values HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ValueName=StorageProtector HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ValueName=ugdccw Value=?%SystemDiskRoot%\PROGRA~?\STORAG~?\UGDCcw.exe? -start HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ValueName=Salestart* Value=?%COMMONFILES%\StorageProtector\strpmon.exe*

« Go to Software Database

Pesquisar em nosso banco de dados de software

Navegar pelo Banco de dados

Últimas notícias sobre Malware

23. Setembro 2011

Among one of the most active spywares currently is without a doubt Trojan.MicroFake.ba. It attacks in conjunction with Rogue antispyware applications and forces users to purchase these fake applications. Using rootkit techniques is very typical of this Trojan to help it hide from users and the system, making it hard to trace. We recommend regular updating of our database and an active real-time protection with antivirus.

Notícias anteriores sobre malware »