Av1-best-protect.info

By JubileeX in Rogue Websites

Translate To:

Av1-best-protect.info is a rogue website promoting the fake spyware remover Anti-Virus-1 (also known as Antivirus 1). Due to the corresponding Vundo trojan that has managed to infiltrate your system through security exploits and modified your browser settings, you will find that all web-surfing activities are almost always redirected to the Av1-best-protect.info domain. Here your computer will be subject to a free – albeit fake – online scan, which reports dozens of fraudulent infections on your computer. All this is in order to intimidate you into purchasing the counterfeit anti-spyware application, Anti-Virus-1.

File System Details

Av1-best-protect.info may create the following file(s):

Expand All | Collapse All

#	File Name	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	%Documents and Settings%\All Users\Application Data\AV1\AV1i2.exe
Name: %Documents and Settings%\All Users\Application Data\AV1\AV1i2.exe Type: Executable File
2.	%Documents and Settings%\All Users\Application Data\AV1\AV1i.exe
Name: %Documents and Settings%\All Users\Application Data\AV1\AV1i.exe Type: Executable File
3.	%Documents and Settings%\All Users\Application Data\AV1\svchost.exe
Name: %Documents and Settings%\All Users\Application Data\AV1\svchost.exe Type: Executable File
4.	%Documents and Settings%\All Users\Application Data\AV1\av1.exe
Name: %Documents and Settings%\All Users\Application Data\AV1\av1.exe Type: Executable File
5.	%Documents and Settings%\All Users\Application Data\AV1\QWProtect.dll
Name: %Documents and Settings%\All Users\Application Data\AV1\QWProtect.dll Type: Dynamic link library
6.	%Documents and Settings%\All Users\Application Data\AV1\AV1.cab
Name: %Documents and Settings%\All Users\Application Data\AV1\AV1.cab
7.	%Documents and Settings%\All Users\Start Menu\Programs\Anti-virus-1\Uninstall.lnk
Name: %Documents and Settings%\All Users\Start Menu\Programs\Anti-virus-1\Uninstall.lnk Type: Shortcut
8.	%Documents and Settings%\All Users\Start Menu\Programs\Anti-virus-1
Name: %Documents and Settings%\All Users\Start Menu\Programs\Anti-virus-1
9.	%Documents and Settings%\All Users\Start Menu\Programs\Anti-virus-1\Anti-virus-1.lnk
Name: %Documents and Settings%\All Users\Start Menu\Programs\Anti-virus-1\Anti-virus-1.lnk Type: Shortcut
10.	%Documents and Settings%\All Users\Application Data\AV1
Name: %Documents and Settings%\All Users\Application Data\AV1
11.	%Documents and Settings%\All Users\Desktop\Anti-virus-1.lnk
Name: %Documents and Settings%\All Users\Desktop\Anti-virus-1.lnk Type: Shortcut

Registry Details

Av1-best-protect.info may create the following registry entry or registry entries:

HKEY..\..\..\..{RegistryKeys}

HKEY_CLASSES_ROOT\AppID\{29256442-2C14-48CA-B756-3EE0F8BDC774}

HKEY_CLASSES_ROOT\Interface\{051C9A06-FB08-486F-B09B-8B33B261637D}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{70FEAD04-A7FD-4B89-B814-8A8251C90EF7}

HKEY_CURRENT_USER\Software\AV1\AV1\{F275E931-AFEC-4f70-B0D4-CC2731B945E0}

HKEY_CLASSES_ROOT\CLSID\{70FEAD04-A7FD-4B89-B814-8A8251C90EF7}

HKEY_CLASSES_ROOT\TypeLib\{512E801E-2F02-4ADE-ACAA-58F08A22B2F8}

HKEY_CURRENT_USER\Software\AV1

HKEY_CLASSES_ROOT\AppID\QWProtect.DLL

HKEY_CLASSES_ROOT\QWProtect.QWProtectBHO

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Monitor calibration"

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Av1-best-protect.info

File System Details

Registry Details

Submit Comment

Trending

Rzfu Ransomware

Safe Search Eng

Findtheirreport.com

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen