Wireshark Antivirus

August 5th, 2010
Home » Rogue Antispyware » Wireshark Antivirus
Repair and protect your computer easily. Download Wireshark Antivirus removal tool  

Wireshark Antivirus description

Wireshark Antivirus is a fake security tool that pretends it is able to detect and remove viruses and other computer malware. The parasite is a clone of Windows Antivirus Pro and Sysinternals Antivirus scams. All applications are fraudulent and act in the same way.

Wireshark Antivirus is a rogue anti-spyware application which spreads via trojan. It downloads and installs itself automatically without user’s knowledge and consent. Once installed it imitates computer scans and displays mass of fake warning messages stating about PC’s infections. Malware also offers to purchase illegal version of the program which supposedly will clean viruses from your machine. This is a lie and none of the information should be trusted.

However, the bogus system has an ability to hijack your web browser to counterfeit websites that sell the application. Even if it looks like legitimate program this is just a mask of the scam. It seeks user to pay small fees for the program. We assure you this is a theft that hackers want to commit. Do not pay attention to these offers or fake warning messages. They are not real. Choose decent anti-spyware tool and terminate Wireshark Antivirus as soon as possible.

Manual Wireshark Antivirus Removal


Wireshark Antivirus processes:

Wireshark Antivirus.exe
alggui.exe
svchost.exe
Sysinternals Antivirus.exe
dbsinit.exe
ccsmn.exe
ccsrr.exe
Help: A Guideline of Killing Malicious Processes


Wireshark Antivirus registry values:

HKEY_CURRENT_USER\Software\Wireshark Antivirus
HKEY_CLASSES_ROOT\CLSID{149256D5-E103-4523-BB43-2CFB066839D6}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ExplorerBrowser Helper Objects{149256D5-E103-4523-BB43-2CFB066839D6}
HKEY_LOCAL_MACHINE\SYSTEM\Current\Control\SetServices\AdbUpd
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "novavapp"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "novavappr"
Help: How to edit windows registry entries


Wireshark Antivirus DLLs:

adc_w32.dll
adc32.dll


Other malicious Wireshark Antivirus files:

C:\Program Files\Wireshark Antivirus\Wireshark Antivirus.exe
c:\Program Files\adc_w32.dll
c:\Program Files\alggui.exe
c:\Program Files\extra1.dat
c:\Program Files\extra2.dat
c:\Program Files\nuar.old
c:\Program Files\skynet.dat
c:\Program Files\svchost.exe
c:\Program Files\wp3.dat
c:\Program Files\wp4.dat
c:\Program Files\scdata
c:\Program Files\scdata\dbsinit.exe
c:\Program Files\scdata\wispex.html
c:\Program Files\scdata\images
c:\Program Files\scdata\images\i1.gif
c:\Program Files\scdata\images\i2.gif
c:\Program Files\scdata\images\i3.gif
c:\Program Files\scdata\images\j1.gif
c:\Program Files\scdata\images\j2.gif
c:\Program Files\scdata\images\j3.gif
c:\Program Files\scdata\images\jj1.gif
c:\Program Files\scdata\images\jj2.gif
c:\Program Files\scdata\images\jj3.gif
c:\Program Files\scdata\images\l1.gif
c:\Program Files\scdata\images\l2.gif
c:\Program Files\scdata\images\l3.gif
c:\Program Files\scdata\images\pix.gif
c:\Program Files\scdata\images\t1.gif
c:\Program Files\scdata\images\t2.gif
c:\Program Files\scdata\images\Thumbs.db
c:\Program Files\scdata\images\up1.gif
c:\Program Files\scdata\images\up2.gif
c:\Program Files\scdata\images\w1.gif
c:\Program Files\scdata\images\w11.gif
c:\Program Files\scdata\images\w2.gif
c:\Program Files\scdata\images\w3.jpg
c:\Program Files\scdata\images\word.doc
c:\Program Files\scdata\images\wt1.gif
c:\Program Files\scdata\images\wt2.gif
c:\Program Files\scdata\images\wt3.gif
c:\Program Files\Sysinternals Antivirus
c:\Program Files\Sysinternals Antivirus\Sysinternals Antivirus.exe
%UserProfile%\Application Data\Microsoft\Internet Explorer\ccsmn.exe
%UserProfile%\Application Data\Microsoft\Internet Explorer\ccsmn151.acf
%UserProfile%\Application Data\Microsoft\Internet Explorer\ccsmn151.ltd
%UserProfile%\Application Data\Microsoft\Internet Explorer\ccsmn151.lti
%UserProfile%\Application Data\Microsoft\Internet Explorer\ccsmn151_0.acb
%UserProfile%\Application Data\Microsoft\Internet Explorer\ccsmn151_0.aci
%UserProfile%\Application Data\Microsoft\Internet Explorer\ccsmn151_0.mt
%UserProfile%\Application Data\Microsoft\Internet Explorer\ccsrr.exe
%UserProfile%\Application Data\Microsoft\Internet Explorer\lleod150
%UserProfile%\Application Data\Microsoft\Internet Explorer\wmharun.log
%UserProfile%\Application Data\Microsoft\Internet Explorer\wmrun.log
%UserProfile%\Start Menu\Programs\Sysinternals Antivirus
%UserProfile%\Start Menu\Programs\Sysinternals Antivirus\Sysinternals Antivirus.lnk

The manual removal of files and registries should be performed by experienced users. A system can be badly affected if any error is done during the manual removal. We recommend using automatic removal tools to delete Wireshark Antivirus, if you are not familiar with deleting malware manually.

Tags:

Trackbacks /
Pingbacks

  1. Remove White Shark Virus, White Shark Virus removal guide

Leave a Reply