Best-av.info
Best-av.info is a browser hijacker promoting the rogue anti-spyware application known as AntivirusBEST. Due to affiliated trojans infiltrating the computer via security exploits and modifying the browser settings, web-surfing activities are redirected to the Best-av.info domain. Once here, the computer is subject to a fake online scan that displays fictitious and sometimes grossly exaggerated infection results, in order to intimidate the user into purchasing the fake spyware remover AntivirusBEST.
File System Details
Best-av.info may create the following file(s):
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | %Documents and settings%\All Users\Application Data\AB\QWProtect.dll | |
| 2. | %Documents and settings%\All Users\Application Data\AB\Installer.exe | |
| 3. | %Documents and settings%\All Users\Application Data\AB\abest.exe | |
| 4. | %Documents and settings%\All Users\Application Data\AB\svchost.exe | |
| 5. | %Documents and settings%\All users\Start Menu\Programs\antivirusbest\Uninstall.lnk | |
| 6. | %Documents and settings%\All users\Start Menu\Programs\antivirusbest\AntivirusBEST.lnk | |
| 7. | %Documents and settings%\all users\Desktop\AntivirusBEST.lnk | |
| 8. | %Documents and settings%\All Users\Start Menu\Programs\AntiVirusBEST | |
| 9. | %Documents and settings%\All Users\Application Data\AB\ABEST.CAB |
Registry Details
Best-av.info may create the following registry entry or registry entries:
HKEY_CLASSES_ROOT\Interface\{296a8a7f-b5ac-4789-9b33-f32c2f9a6abd}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{44b2c9f5-608d-46de-82e1-26c5bcb85193}
HKEY_CLASSES_ROOT\AppID\QWProtect.dll
HKEY_CLASSES_ROOT\TypeLib\{684a7904-2593-4bbe-a90e-cdaf2ac606ae}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{44b2c9f5-608d-46de-82e1-26c5bcb85193}
HKEY_CLASSES_ROOT\AppID\{296a8a7f-b5ac-4789-9b33-f32c2f9a6abd}
HKEY_CLASSES_ROOT\qwprotect.qwprotectbho
HKEY_CLASSES_ROOT\CLSID\{44b2c9f5-608d-46de-82e1-26c5bcb85193}
HKEY_CLASSES_ROOT\qwprotect.qwprotectbho.1
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.