Need help? Ask the community or hire an expert.
Go to Avira Answers
Virus:ADWARE/BProtector.E
Date discovered:02/12/2013
Type:Adware
In the wild:No
Reported Infections:Medium
Distribution Potential:Low
Damage Potential:Low
Static file:Yes
File size:1.958.880 Bytes
MD5 checksum:86958C2C033219F56C9F0B3A181B4628
VDF version:7.11.117.84 - Monday, December 2, 2013
IVDF version:7.11.117.84 - Monday, December 2, 2013

 General Method of propagation:
   • No own spreading routine


Aliases:
   •  Symantec: Adware.BL
   •  Mcafee: Artemis!86958C2C0332
   •  Sophos: BProtector
   •  Microsoft: TrojanDropper:Win64/Rotbrow.H
   •  AhnLab: Trojan/Win32.Rotbrow


Platforms / OS:
   • Windows XP
   • Windows 2003
   • Windows Vista
   • Windows Server 2008
   • Windows 7

 Registry The following registry key is added:

– [HEKY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\Bitguard.exe]

 Miscellaneous String:
Furthermore it contains the following strings:
   • bProtector Start Page
   • Local\{C15730E2-145C-4c5e-B005-3BC753F42475}-once-flag

Description inserted by Soe-liang Tan on Tuesday, December 3, 2013
Description updated by Soe-liang Tan on Tuesday, December 3, 2013

Back . . . .