Antivirus 2010 RTK

Antivirus 2010 RTK Description

Antivirus 2010 RTK is a rogue anti-virus application used to distribute a dangerous rootkit. Once Antivirus 2010 RTK has installed and executed the rootkit, the rootkit will give a remote attacker access to the compromised system. The remote attacker will be able to steal confidential information from the PC such as pass words, usernames or other data. The rootkit will also monitor a victim's online activities and harvest other types of data. Antivirus 2010 RTK will also display a fake system scanner, security alerts and pop-ups in order to convince a victim that his/her system has malware that can only be removed with the rogueware's full version, which has to be purchased. Do not purchase Antivirus 2010 RTK or believe any of the security alerts it displays. Antivirus 2010 RTK is a criminal application that should be removed from a PC upon detection.

Technical Information

Registry Details

Antivirus 2010 RTK creates the following registry entry or registry entries:
RegistryKey
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DFBCFDBA
HKEY_CLASSES_ROOT\AppID\{3C40236D-990B-443C-90E8-B1C07BCD4A68}
HKEY_CLASSES_ROOT\IEDefender.IEDefenderBHO
HKEY_CLASSES_ROOT\TypeLib\{705FD64B-2B7B-4856-9337-44CA1DA86849}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E972-E325-11CE-BFC1-08002bE10318}\0013
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9CB00F85-D96F-1C82-F5A4-A31D57D6528D}
HKEY_CURRENT_USER\Software\AV2010
HKEY_CLASSES_ROOT\CLSID\{FC8A493F-D236-4653-9A03-2BF4FD94F643}
HKEY_CLASSES_ROOT\Interface\{7BC7565C-5062-43CE-8797-DC2C271140A9}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E972-E325-11CE-BFC1-08002bE10318}\0012
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Windows Gamma Display"
HKEY_CLASSES_ROOT\Interface\{35c95ec8-f789-9a3a-375c-bdb89a3684fd}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\userinit
HKEY_CLASSES_ROOT\AppID\IEDefender.DLL
HKEY_CLASSES_ROOT\IEDefender.IEDefenderBHO.1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC8A493F-D236-4653-9A03-2BF4FD94F643}
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E972-E325-11CE-BFC1-08002bE10318}\0014

Leave a Reply

Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.