My-protection.info
My-protection.info is a browser hijacker promoting the rogue anti-spyware application known as Fast Antivirus 2009. Due to affiliated trojans infiltrating the computer via security exploits and reconfiguring the browser settings, web-surfing activities are redirected to the My-protection.info domain. Once here, the computer is subject to a fake online scan that displays fictitious and sometimes grossly exaggerated infection results, all in order to intimidate the user into purchasing the fake spyware remover Fast Antivirus 2009.
File System Details
My-protection.info may create the following file(s):
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | %Documents and Settings%\\All Users\Application Data\9adee5b\sqlite3.dll | |
| 2. | %UserProfile%\Recent\CLSV.dll | |
| 3. | %UserProfile%\Recent\energy.sys | |
| 4. | %UserProfile%\Recent\SICKBOY.dll | |
| 5. | %Documents and Settings%\\All Users\Application Data\9adee5b\mozcrt19.dll | |
| 6. | %UserProfile%\Recent\cid.dll | |
| 7. | %UserProfile%\Recent\dudl.dll | |
| 8. | %UserProfile%\Recent\PE.sys | |
| 9. | %Documents and Settings%\\All Users\Application Data\9adee5b\FastAV.exe | |
| 10. | %UserProfile%\Recent\ANTIGEN.sys | |
| 11. | %UserProfile%\Recent\ddv.dll | |
| 12. | %UserProfile%\Recent\gid.exe | |
| 13. | %UserProfile%\Recent\tempdoc.sys | |
| 14. | %Documents and Settings%\\All Users\Application Data\9adee5b\SysFld | |
| 15. | %Documents and Settings%\\All Users\Application Data\SysFld\fastav.cfg | |
| 16. | %UserProfile%\Application Data\Fast Antivirus 2009\Instructions.ini | |
| 17. | %UserProfile%\Recent\CLSV.tmp | |
| 18. | %UserProfile%\Recent\fix.drv | |
| 19. | %UserProfile%\Recent\PE.tmp | |
| 20. | %Documents and Settings%\\All Users\Application Data\9adee5b\17.mof | |
| 21. | %Documents and Settings%\\All Users\Application Data\SysFld | |
| 22. | %UserProfile%\Application Data\Fast Antivirus 2009\cookies.sqlite | |
| 23. | %UserProfile%\Desktop\Fast Antivirus 2009.lnk | |
| 24. | %UserProfile%\Recent\eb.tmp | |
| 25. | %UserProfile%\Recent\PE.drv | |
| 26. | %UserProfile%\Start Menu\Programs\Fast Antivirus 2009.lnk | |
| 27. | %Documents and Settings%\All Users\Application Data\9adee5b | |
| 28. | %Documents and Settings%\\All Users\Application Data\9adee5b\SysFld\vd952342.bd | |
| 29. | %UserProfile%\Application Data\Fast Antivirus 2009 | |
| 30. | %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Fast Antivirus 2009.lnk | |
| 31. | %UserProfile%\Recent\eb.drv | |
| 32. | %UserProfile%\Recent\hijackthis.log.lnk | |
| 33. | %UserProfile%\Start Menu\Fast Antivirus 2009.lnk |
Registry Details
My-protection.info may create the following registry entry or registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Fast Antivirus 2009"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform "898701124903"
HKEY_CLASSES_ROOT\FastAV.DocHostUIHandler
