Wireshark Antivirus

Threat Scorecard

Threat Level: 100 % (High)
Infected Computers: 1,236
First Seen: August 9, 2010
Last Seen: February 18, 2019
OS(es) Affected: Windows

Wireshark Antivirus is a fake anti-virus application that uses the name of a legitimate company to gain the trust of users. The Wireshark development team has issued a noticed informing the public that they "do not and have never made antivirus software". The rogue Wireshark Antivirus spreads via sneaky Trojans that can infiltrate computer systems undetected. Once inside a system, Wireshark Antivirus will create a registry entry that will ensure it is executed each time the system is started up.

Wireshark Antivirus will then display a number of bogus security alerts and pop-up warnings in order to convince a victim that his/her machine is infected and the only solution is to purchase the "licensed" version of Wireshark Antivirus. The "licensed" version of Wireshark Antivirus does not exist and this malicious application can neither detect nor remove any real computer malware.

As a member of the FakeScanti family, Wireshark Antivirus has many clones. Among Wireshark Antivirus' clones are Security Guard, Sysinternals Antivirus, Milestone Antivirus, BlueFlare Antivirus, WolfRam AntiVirus, OpenCloud Antivirus, OpenCloud Security, Data Restore, OpenCloud AV, Security Guard 2012, AV Guard Online, Guard Online, Cloud Protection, AV Protection Online, System Protection 2012, AV Security 2012, Sphere Security 2012, AV Protection 2011, Super AV 2013.

Aliases

15 security vendors flagged this file as malicious.

Anti-Virus Software Detection
Symantec Trojan.FakeAV
Panda Suspicious file
McAfee Artemis!EAC83866829C
F-Secure Suspicious:W32/Malware!Gemini
Authentium W32/FraudLoad.A!Generic
Microsoft Trojan:Win32/FakeScanti
eTrust-Vet Win32/WiresharkAntivirus.A
Sophos Troj/Agent-OGQ
DrWeb Trojan.Fakealert.18638
BitDefender Trojan.Generic.4556294
ClamAV Trojan.FraudLoad-3279
NOD32 a variant of Win32/Kryptik.FXJ
McAfee Artemis!E620D288CC1D
CAT-QuickHeal Trojan.Agent.gen
Panda Trj/CI.A

SpyHunter Detects & Remove Wireshark Antivirus

File System Details

Wireshark Antivirus may create the following file(s):
# File Name MD5 Detections
1. csrss.exe 85b5fdac0847ed27253f0a88e68df94f 739
2. csrss.exe f85a29f090092c747ebd491fcda7bd2d 196
3. csrss.exe 81a808ac02d294be0b8544f33aec2df2 71
4. csrss.exe 07ca563d3a6c64a4c437cf480c8e339b 56
5. csrss.exe 3f7c32412147440ac3b51e1738d7a3ed 36
6. csrss.exe 88bcad7e684c575f8f80d082ac098831 32
7. csrss.exe 40c08e31033fde69d006246a0ca0308d 28
8. csrss.exe eac83866829c9bd338f9c4d205592bee 26
9. csrss.exe ea0fedab522b7760b5ff014ceac82b0d 16
10. csrss.exe 3265f606a47abaef678ea879d0663b19 16
11. csrss.exe 1d08e72cd241509610fe341187c9d057 14
12. shk_v10.dll 3946288b67aa158b914fcbd8922f6a73 5
13. conhost.exe e620d288cc1d5ef70a1bbd52371f2ed9 0
14. wskinn.exe ac87a1dcaa66a5b0ef19f10ac6cc4022 0
15. Wireshark Antivirus.exe e9160325ae778f90078b37251995b63c 0

Directories

Wireshark Antivirus may create the following directory or directories:

%systemdrive%\Wireshark Antivirus

Trending

Most Viewed

Loading...