Threat Database Viruses Bitdefender.exe

Bitdefender.exe

By ESGI Advisor in Viruses

BitDefender.exe is the main executable file and process originating from the rogue anti-spyware program BitDefender 2011. Bitdefender.exe can create start-up registry entry to run automatically everytime when the computer system initiates. The main goal of Bitdefender.exe is to mislead the affected users and persuade them into purchasing fake security application BitDefender 2011. Bitdefender.exe process can create, delete or make modifications to files on the disk. Bitdefender.exe illustrates falsified pop-up alerts to announce you that your computer system is infected with malware threats. If BitDefender.exe process is not stopped before any file removal, it will run in the background and cannot be deleted as it is in use.

File System Details

Bitdefender.exe may create the following file(s):
# File Name Detections
1. c:\Program Files\BitDefender 2011\bitdefender.exe
2. %AllUsersProfile%\Start Menu\BitDefender 2011\Uninstall.lnk
3. C:\Documents and Settings\\Start Menu\BitDefender 2011\
4. %Temp%\srvED4.tmp
5. c:\Program Files\BitDefender 2011\
6. %Temp%\srvED4.ini
7. %UserProfile%\Desktop\BitDefender 2011.lnk
8. C:\Documents and Settings\\Start Menu\BitDefender 2011\BitDefender 2011.lnk

Registry Details

Bitdefender.exe may create the following registry entry or registry entries:
HKEY_CURRENT_USER\Software\EVAEC2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\opera.exe "Debugger" = 'msiexecs.exe -sb'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safari.exe "Debugger" = 'msiexecs.exe -sb'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "BitDefender 2011" = 'C:\Program Files\BitDefender 2011\bitdefender.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iexplore.exe "Debugger" = 'msiexecs.exe -sb'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\firefox.exe "Debugger" = 'msiexecs.exe -sb'
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyEnable" = '0'
HKEY_CURRENT_USER\Software\MonEC2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\chrome.exe "Debugger" = 'msiexecs.exe -sb'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform "WinNT-EVI 21.04.2011"

Trending

Most Viewed

Loading...