Home Malware Programs Rogue Anti-Virus Programs RTS Antivirus 2010

RTS Antivirus 2010

Posted: May 6, 2010

RTS Antivirus 2010 (RTSAntivirus2010) is a rogue antivirus program that uses malicious Trojans to do its dirty work. A malicious trojan will redirect the browser to a rogue website related to RTS Antivirus 2010. The corrupt site acts like a system scan which produces bogus results claiming the PC is infected with malware. Soon the hapless user will be bombarded by popup warnings urging the purchase of RTS Antivirus 2010. Do not fall for this trickery and have the Trojans related to RTSAntivirus2010 removed using a reliable antivirus program.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 %Desktop%\RTS Antivirus 2010.lnk
    2 %ProgramFiles%\adc32.dll
    3 %ProgramFiles%\alggui.exe
    4 %ProgramFiles%\nuar.old
    5 %ProgramFiles%\rst antivirus 2010\comdlg32.dll
    6 %ProgramFiles%\rst antivirus 2010\dwmapi.dll
    7 %ProgramFiles%\rst antivirus 2010\libclamav.dll
    8 %ProgramFiles%\rst antivirus 2010\oledlg.dll
    9 %ProgramFiles%\rst antivirus 2010\pthreadvc2.dll
    10 %ProgramFiles%\rst antivirus 2010\rst antivirus 2010.exe
    11 %ProgramFiles%\rst antivirus 2010\uninstall.bat
    12 %ProgramFiles%\rst antivirus 2010\wininet.dll
    13 %ProgramFiles%\skynet.dat
    14 %ProgramFiles%\svchost.exe
    15 %ProgramFiles%\wp3.dat
    16 %ProgramFiles%\wp4.dat
    17 %Programs%\RTS Antivirus 2010.lnk

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKCU\Software\RTS Antivirus 2010HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{77DC0Baa-3235-4ba9-8BE8-aa9EB678FA02}HKEY..\..\..\..{RegistryKeys}HKCR\CLSID\{77DC0Baa-3235-4ba9-8BE8-aa9EB678FA02}HKLM\SYSTEM\CurrentControlSet\Services\AdbUpd
Loading...