We received the file ACTIVERISANTIMALWARE.EXE and detected that ACTIVERISANTIMALWARE.EXE is not good.
ACTIVERISANTIMALWARE.EXE is Adware. You should remove the file ACTIVERISANTIMALWARE.EXE.
Kill the process ACTIVERISANTIMALWARE.EXE and remove ACTIVERISANTIMALWARE.EXE from Windows.
Malware Analysis of ACTIVERISANTIMALWARE.EXE
Full path on a computer: %Program Files%\Activeris AntiMalware\ActiverisAntiMalware.exe
Detected by UnHackMe:
ACTIVERISANTIMALWARE.EXE
Default location: %Program Files%\Activeris AntiMalware\ActiverisAntiMalware.exe
Removal Results: Success
Number of reboot: 1
ACTIVERISANTIMALWARE.EXE is known as:
Adware.PUP.AdvancedSystemProtector.A
ACTIVERISANTIMALWARE.EXE hash:
- MD5: 9954420455d68234c426f448ccabf379
The file tries to connect to the dangerous web site.
How to quickly detect ACTIVERISANTIMALWARE.EXE presence?
![]( "Registry")
Registry:
![]( "Folders")
Folders:
![]( "Files")
Files:
Registry:- HKLM\Software\Classes\CLSID\{6EC77D09-02CB-4E1F-E3C4-FB141B2610B3}\InprocServer32\: “%Program Files Common%\System\ado\msado15.dll”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Activeris AntiMalware_startup: “”%Program Files%\Activeris AntiMalware\ActiverisAntiMalware.exe” autolaunch”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\94EAE98D-444B-4817-858C-13DB943DF4F1_Activeris_A~741EE3A2_is1\DisplayName: “Activeris AntiMalware”
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\94EAE98D-444B-4817-858C-13DB943DF4F1_Activeris_A~741EE3A2_is1\UninstallString: “”%Program Files%\Activeris AntiMalware\unins000.exe”"
- HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Activeris AntiMalware_is1\UninstallString: “”%Program Files%\Activeris AntiMalware\unins000.exe” /silent”
Folders:- %Appdata%\Activeris
- %Appdata%\Activeris\Activeris AntiMalware
- %Appdata%\Activeris\Activeris AntiMalware\1.0.0.1
- %Common Appdata%\Activeris
- %Common Appdata%\Activeris\Activeris AntiMalware
- %Common Appdata%\Activeris\Activeris AntiMalware\1.0.0.1
- %Common Appdata%\Activeris\Activeris AntiMalware\signatures
- %Common Appdata%\Activeris\Activeris AntiMalware\updates
- %Common Startmenu%\Programs\Activeris AntiMalware
- %Program Files%\Activeris AntiMalware
- %Program Files%\Activeris AntiMalware\clamunpack
Files:- %Appdata%\Activeris\Activeris AntiMalware\1.0.0.1\ASPLog.txt
- %Appdata%\Activeris\Activeris AntiMalware\QDetail.db
- %Appdata%\Activeris\Activeris AntiMalware\Settings.db
- %Appdata%\Activeris\Activeris AntiMalware\Update.ini
- %Local Appdata%\Google\Chrome\User Data\Default\Cache\f_00007d
- %Local Appdata%\Google\Chrome\User Data\Default\Cache\f_00007e
- %Local Appdata%\Google\Chrome\User Data\Default\Extension Rules\000024.log
- %Local Appdata%\Google\Chrome\User Data\Default\Extension Rules\MANIFEST-000023
- %Local Appdata%\Google\Chrome\User Data\Default\Extension State\000008.ldb
- %Local Appdata%\Google\Chrome\User Data\Default\Extension State\000009.log
- %Local Appdata%\Google\Chrome\User Data\Default\Extension State\MANIFEST-000007
- %Local Appdata%\Google\Chrome\User Data\Default\Session Storage\000031.ldb
- %Local Appdata%\Google\Chrome\User Data\Default\Session Storage\000032.log
- %Local Appdata%\Google\Chrome\User Data\Default\Session Storage\MANIFEST-000030
- %Local Appdata%\Google\Chrome\User Data\lockfile
- %Local Appdata%\Google\Chrome\User Data\Safe Browsing Bloom_new
- %Local Appdata%\Google\Chrome\User Data\Safe Browsing Csd Whitelist_new
- %Local Appdata%\Google\Chrome\User Data\Safe Browsing Download Whitelist_new
- %Local Appdata%\Google\Chrome\User Data\Safe Browsing Extension Blacklist_new
- %Local Appdata%\Google\Chrome\User Data\Safe Browsing IP Blacklist_new
- %Temp%\etilqs_FjJEr4ua0hbuwDh
- %Common Appdata%\Activeris\Activeris AntiMalware\AddonSafelist
- %Common Appdata%\Activeris\Activeris AntiMalware\log.xslt
- %Common Appdata%\Activeris\Activeris AntiMalware\signatures\1545CompleteDatabase.db
- %Common Appdata%\Activeris\Activeris AntiMalware\updates\1545completedatabase.zip
- %Common Appdata%\Activeris\Activeris AntiMalware\updates\1734mupdate.zip
- %Common Appdata%\Activeris\Activeris AntiMalware\updates\1735update.zip
- %Common Appdata%\Activeris\Activeris AntiMalware\updates\1736update.zip
- %Common Appdata%\Activeris\Activeris AntiMalware\updates\1737update.zip
- %Common Appdata%\Activeris\Activeris AntiMalware\updates\1738update.zip
- %Common Desktopdirectory%\Activeris AntiMalware.lnk
- %Common Startmenu%\Programs\Activeris AntiMalware\Activeris AntiMalware.lnk
- %Common Startmenu%\Programs\Activeris AntiMalware\Register Activeris AntiMalware.lnk
- %Common Startmenu%\Programs\Activeris AntiMalware\Uninstall Activeris AntiMalware.lnk
- %Program Files%\Activeris AntiMalware\acrissys.dll
- %Program Files%\Activeris AntiMalware\ActiverisAntiMalware.exe
- %Program Files%\Activeris AntiMalware\ActiverisAntiMalware.exe.config
- %Program Files%\Activeris AntiMalware\AppManager.exe
- %Program Files%\Activeris AntiMalware\AppResource.dll
- %Program Files%\Activeris AntiMalware\asp.ico
- %Program Files%\Activeris AntiMalware\categories.ini
- %Program Files%\Activeris AntiMalware\Chinese_asp_ZH-CN.ini
- %Program Files%\Activeris AntiMalware\clamunpack\clamscan.exe
- %Program Files%\Activeris AntiMalware\clamunpack\libclamav.dll
- %Program Files%\Activeris AntiMalware\clamunpack\readme.txt
- %Program Files%\Activeris AntiMalware\danish_asp_DA.ini
- %Program Files%\Activeris AntiMalware\dutch_asp_NL.ini
- %Program Files%\Activeris AntiMalware\eng_asp_en.ini
- %Program Files%\Activeris AntiMalware\filetypehelper.exe
- %Program Files%\Activeris AntiMalware\Finnish_asp_FI.ini
- %Program Files%\Activeris AntiMalware\french_asp_FR.ini
- %Program Files%\Activeris AntiMalware\german_asp_DE.ini
- %Program Files%\Activeris AntiMalware\Interop.IWshRuntimeLibrary.dll
- %Program Files%\Activeris AntiMalware\italian_asp_IT.ini
- %Program Files%\Activeris AntiMalware\japanese_asp_JA.ini
- %Program Files%\Activeris AntiMalware\loading_withWhiteBG.avi
- %Program Files%\Activeris AntiMalware\Microsoft.Win32.TaskScheduler.DLL
- %Program Files%\Activeris AntiMalware\norwegian_asp_NO.ini
- %Program Files%\Activeris AntiMalware\portuguese_asp_PT-BR.ini
- %Program Files%\Activeris AntiMalware\russian_asp_ru.ini
- %Program Files%\Activeris AntiMalware\scandll.dll
- %Program Files%\Activeris AntiMalware\spanish_asp_ES.ini
- %Program Files%\Activeris AntiMalware\swedish_asp_SV.ini
- %Program Files%\Activeris AntiMalware\System.Core.dll
- %Program Files%\Activeris AntiMalware\System.Data.SQLite.dll
- %Program Files%\Activeris AntiMalware\unins000.dat
- %Program Files%\Activeris AntiMalware\unins000.exe
- %Program Files%\Activeris AntiMalware\unins000.msg
- %Program Files%\Activeris AntiMalware\unrar.dll
- %Program Files%\Activeris AntiMalware\Xceed.Compression.dll
- %Program Files%\Activeris AntiMalware\Xceed.Compression.Formats.dll
- %Program Files%\Activeris AntiMalware\Xceed.FileSystem.dll
- %Program Files%\Activeris AntiMalware\Xceed.Zip.dll
- %SysDir%\acrisnative32.exe