AntiVirusProtector

Description:	Rogue Security Program
Risk Level:	Low
Date of First Occurence:	Monday, April 14, 2008
Software Developer:	(unknown)
Brief Info:	Rogue/Suspect Anti-Spyware Product "Rogue/Suspect" means that these products are of unknown, questionable, or dubious value as anti-spyware protection.
Removal:	This threat can be removed using "Spyware Terminator"

REMOVER SPYWARE »

Geographical Distribution of Threat "AntiVirusProtector"

Threat Info

View All

Detected Items

Detected Files: %PROGRAMFILES%\Antivirus Protection\uninst.exe MD5: FBC0AA6649CDC5EDEB0BCE1B55D15392 Size:34894 MD5: 6A1A9E8C44DFAE8B0AE7A9C3A78510F7 Size:34894 MD5: 8F491EA103E64AD9C636397818A20E78 Size:34894 MD5: 7667888CFBA9051F8323AFD58D6230E0 Size:34486 %PROGRAMFILES%\Antivirus Protection\antivirusprotection.exe MD5: 23D69C5D4798F59D43EA21ECE6550771 Size:1851392 MD5: 06D6D4587499F1157975CA8BF0DFB0EB Size:1855488 MD5: 00ADA89F87DB0DB0F3939271C34F865E Size:1979392 MD5: A793DF000E8E0889411437A75EA26051 Size:1851392 %PROGRAMFILES%\Antivirus Protection\ClamWin\bin\test\python23.dll MD5: C5755B74698D492BA095FD9031E2FBE7 Size:974909 %PROGRAMFILES%\Antivirus Protection\ClamWin\bin\test\cygz.dll MD5: EFF2B2DC6D94FF06466667D73654A5B4 Size:66048 %PROGRAMFILES%\Antivirus Protection\ClamWin\bin\test\cygwin1.dll MD5: 704A37ECF297D83C92521D6B5972E93F Size:1295582 %PROGRAMFILES%\Antivirus Protection\ClamWin\bin\test\cygminires.dll MD5: B52513BE6012177855BB13FF88842BDA Size:20992 %PROGRAMFILES%\Antivirus Protection\ClamWin\bin\test\cyggmp-3.dll MD5: CE38BF8D42620EE889D1F21A96FCC1EF Size:170496 %PROGRAMFILES%\Antivirus Protection\ClamWin\bin\test\cygbz2-1.dll MD5: 5BBAB2680A2AF6EBE28AB25F68455D48 Size:56832 %PROGRAMFILES%\Antivirus Protection\ClamWin\bin\test\clamscan.exe MD5: 87206CD6125003E9532A7B4135360A96 Size:339313 %PROGRAMFILES%\Antivirus Protection\SpyWares\Browser Hijack\helper.dll MD5: 1C96DF0985D569010957F4B1EED82CFF Size:356352
Detected Files with variable Filenames: MD5: 41F43646606614DBDE872D63DA71C336 Size: 77824 %PROGRAMFILES%\Antivirus Protection\SpyWares\Browser Hijack\helper.dll %PROGRAMFILES%\Antivirus Protection\SpyWares\Browser Hijack\helper.dll.ren MD5: 00ADA89F87DB0DB0F3939271C34F865E Size: 1979392 %PROGRAMFILES%\Antivirus Protection\antivirusprotection.exe %PROGRAMFILES%\Antivirus Protection\antivirusprotection.exe.ren MD5: 7667888CFBA9051F8323AFD58D6230E0 Size: 34486 %PROGRAMFILES%\Antivirus Protection\uninst.exe %PROGRAMFILES%\Antivirus Protection\uninst.exe.ren MD5: A793DF000E8E0889411437A75EA26051 Size: 1851392 %PROGRAMFILES%\Antivirus Protection\antivirusprotection.exe %PROGRAMFILES%\Antivirus Protection\antivirusprotection.exe.ren

Detecting items list:

Files by Name %PROGRAMFILES%\Antivirus Protection\antivirusprotection.exe %PROGRAMFILES%\Antivirus Protection\uninst.exe %PROGRAMFILES%\Antivirus Protection\ClamWin\bin\test\clamscan.exe %PROGRAMFILES%\Antivirus Protection\ClamWin\bin\test\cygbz2-1.dll %PROGRAMFILES%\Antivirus Protection\ClamWin\bin\test\cyggmp-3.dll %PROGRAMFILES%\Antivirus Protection\ClamWin\bin\test\cygminires.dll %PROGRAMFILES%\Antivirus Protection\ClamWin\bin\test\cygwin1.dll %PROGRAMFILES%\Antivirus Protection\ClamWin\bin\test\cygz.dll %PROGRAMFILES%\Antivirus Protection\ClamWin\bin\test\python23.dll %PROGRAMFILES%\Antivirus Protection\SpyWares\spydb.exe %PROGRAMFILES%\Antivirus Protection\SpyWares\Browser Hijack\helper.dll %START_PROGRAMS%\Antivirus Protection\Antivirus Protection.lnk %START_PROGRAMS%\Antivirus Protection\Uninstall.lnk %START_PROGRAMS%\Antivirus Protection\Website.lnk %DESKTOP%\Antivirus Protection.lnk
Files by Directories %PROGRAMFILES%\Antivirus Protection %START_PROGRAMS%\Antivirus Protection
Registry Keys HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Antivirus Protection HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\AntivirusProtection.exe HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Antivirus Protection HKLM\SOFTWARE\Telecom Advance\Antivirus Protection
Registry Values HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ValueName=AntivirusProtection

« Go to Software Database

Pesquise na nossa Base de Dados de Software

A base de dados Software

Últimas notícias sobre Malware

23. Setembro 2011

Among one of the most active spywares currently is without a doubt Trojan.MicroFake.ba. It attacks in conjunction with Rogue antispyware applications and forces users to purchase these fake applications. Using rootkit techniques is very typical of this Trojan to help it hide from users and the system, making it hard to trace. We recommend regular updating of our database and an active real-time protection with antivirus.

Notícias antigas de malware »