Home Malware Programs Rogue Anti-Spyware Programs Milestone Antivirus

Milestone Antivirus

Posted: June 8, 2011

Threat Metric

Threat Level: 10/10
Infected PCs: 30
First Seen: June 8, 2011
Last Seen: August 17, 2022
OS(es) Affected: Windows

ScreenshotMilestone Antivirus is a copy of other rogue security programs like Your PC Protector. Although Milestone Antivirus uses a friendly interface to look like an anti-virus program, Milestone Antivirus can neither find nor remove viruses and other threats from your computer. Many Milestone Antivirus infections occur after Milestone Antivirus is installed by a Trojan that attacks your PC through browser security loopholes. Milestone Antivirus will use fake infection warnings to create an appearance of heavy infection on your computer, while blocking different programs from being launched, and for these reasons, Milestone Antivirus should be considered to be a serious security threat.

Milestone Antivirus – More a Clone Than a Milestone in Rogue Security Software Development

Milestone Antivirus shares an identical look with other rogue security programs from the FakeScanti family that use Milestone Antivirus' code. Examples of Milestone Antivirus's relatives include Security Guard, Sysinternals Antivirus, WireShark Antivirus, BlueFlare Antivirus, Wolfram Antivirus, OpenCloud Antivirus, OpenCloud Security, Data Restore, OpenCloud AV, Security Guard 2012, AV Guard Online, Cloud Protection, AV Protection Online, System Protection 2012, AV Security 2012, Sphere Security 2012, AV Protection 2011 and Super AV 2013. It should be noted that Wireshark Antivirus and other threats like Milestone Antivirus aren't related to the legitimate 'Wireshark' brand; this Milestone Antivirus clone simply uses the brand name to fake legitimacy.

Milestone Antivirus will always find fake infections whenever Milestone Antivirus tries to scan your PC, as well as creating inaccurate pop-ups like the ones below:

Warning: Spyware Detected
Windows has found spy programs running on your computer!
Click here to update your Windows antivirus software

Security Warning
There are critical system files on your computer that were modified by malicious program.
It will cause unstable work of your system and permanent data loss.
Click here to undo performed modifications and remove malicious software (Highly recommended).

Security Warning
Your computer continues to be infected with harmful viruses. In order to prevent permanent loss of your information and credit card data theft please activate your antivirus software. Click here to enable protection.

Security Warning
Malicious programs that may steal your private information and prevent your system from working properly are detected on your computer.
Click here to clean your PC immediately.

Warning: Infection is Detected
Windows has found spyware infection on your computer!
Click here to update your Windows antivirus software

svchost.exe has encountered a problem and needs to close. We are sorry for the inconvenience.
If you were in the middle of something, the information you were working on might be lost.
Please tell Microsoft about this problem.
We have created an error report that you can send to us. We will treat this report as confidential and anonymous.
To see what data this error report contains, click here.

Security Warning:
The file [application file path] is infected.
Running of application is impossible.

Milestone Antivirus will tell you that these threats can't be fixed until you purchase a Milestone Antivirus registration key. However, Milestone Antivirus is making these problems up, and you can ignore Milestone Antivirus's pop-ups, as well as Milestone Antivirus' other fake functions, such as the imitation firewall and privacy monitoring features.

Yet Another Good Reason to Remove Milestone Antivirus As Soon As Possible

Milestone Antivirus, like many other rogue security programs, will try to make Milestone Antivirus' fake infection warnings more believable by secretly attacking your PC stability. Other programs that are undamaged and uninfected may be blocked by Milestone Antivirus, especially in the case of programs that could perform anti-virus and security functions. Milestone Antivirus has been reported to use errors such as the ones listed above, to make victims believe that these blocked programs are infected.

Speak with your credit card company about revoking charges and the credit card itself, if you've purchased Milestone Antivirus before realizing that Milestone Antivirus is a malicious application. Letting a credit card that's been compromised by Milestone Antivirus remain active, is likely to result in fraudulent charges being applied repeatedly.

Like the majority of threats, Milestone Antivirus can be stopped from launching by using Safe Mode, or using a CD to boot your operating system. This will disable all of Milestone Antivirus's attacks and let you remove Milestone Antivirus by using your preference of anti-malware software.


ScreenshotScreenshotScreenshotScreenshotScreenshot

File System Modifications

  • The following files were created in the system:
    # File Name
    1 %UserProfile%\Desktop\Milestone Antivirus.exe.txt
    2 %UserProfile%\Desktop\Milestone Antivirus.lnk
    3 %UserProfile%\Start Menu\Programs\Milestone Antivirus\
    4 %UserProfile%\Start Menu\Programs\Milestone Antivirus\Milestone Antivirus.lnk
    5 c:\Program Files\conhost.exe
    6 c:\Program Files\csrss.exe
    7 c:\Program Files\Milestone Antivirus.ico
    8 c:\Program Files\Milestone Antivirus\
    9 c:\Program Files\Milestone Antivirus\Milestone Antivirus.exe
    10 c:\Program Files\nuar.old
    11 c:\Program Files\scdata\
    12 c:\Program Files\scdata\images\
    13 c:\Program Files\scdata\images\i1.gif
    14 c:\Program Files\scdata\images\i2.gif
    15 c:\Program Files\scdata\images\i3.gif
    16 c:\Program Files\scdata\images\j1.gif
    17 c:\Program Files\scdata\images\j2.gif
    18 c:\Program Files\scdata\images\j3.gif
    19 c:\Program Files\scdata\images\jj1.gif
    20 c:\Program Files\scdata\images\jj2.gif
    21 c:\Program Files\scdata\images\jj3.gif
    22 c:\Program Files\scdata\images\l1.gif
    23 c:\Program Files\scdata\images\l2.gif
    24 c:\Program Files\scdata\images\l3.gif
    25 c:\Program Files\scdata\images\pix.gif
    26 c:\Program Files\scdata\images\t1.gif
    27 c:\Program Files\scdata\images\t2.gif
    28 c:\Program Files\scdata\images\Thumbs.db
    29 c:\Program Files\scdata\images\up1.gif
    30 c:\Program Files\scdata\images\up2.gif
    31 c:\Program Files\scdata\images\w1.gif
    32 c:\Program Files\scdata\images\w11.gif
    33 c:\Program Files\scdata\images\w2.gif
    34 c:\Program Files\scdata\images\w3.jpg
    35 c:\Program Files\scdata\images\word.doc
    36 c:\Program Files\scdata\images\wt1.gif
    37 c:\Program Files\scdata\images\wt2.gif
    38 c:\Program Files\scdata\images\wt3.gif
    39 c:\Program Files\scdata\wispex.html
    40 c:\Program Files\scdata\wskinn.exe
    41 c:\Program Files\sh3.dat
    42 c:\Program Files\sh4.dat
    43 c:\Program Files\skynet.dat

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Milestone AntivirusHKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOT\exefile\shell\open\command "(Default)" = 'C:\Program Files\conhost.exe "%1" %*'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\QTUpdate

Additional Information on Milestone Antivirus

  • The following messages's were detected:
    # Message
    1 Security Warning:
    The file C:\Windows\System32\notepad.exe is infected.
    Running of application is impossible.

    Please activate your antivirus software.

    2 Security Warning
    Your computer continues to be infected with harmful viruses. In order to prevent permanent loss of your information and credit card data theft please activate your antivirus software. Click here to enable protection.
    3 Security Warning
    Malicious programs that may steal your private information and prevent your system from working properly are detected on your computer.
    Click here to clean your PC immediately.
    4 Security Warning
    There are critical system files on your computer that were modified by malicious program.
    It will cause unstable work of your system and permanent data loss.
    Click here to undo performed modifications and remove malicious software (Highly recommended).
    5 Warning: Infection is Detected
    Windows has found spyware infection on your computer!
    Click here to update your Windows antivirus software
    6 Warning: Spyware Detected
    Windows has found spy programs running on your computer!
    Click here to update your Windows antivirus software
    7 svchost.exe has encountered a problem and needs to close. We are sorry for the inconvenience.
    If you were in the middle of something, the information you were working on might be lost.
    Please tell Microsoft about this problem.
    We have created an error report that you can send to us. We will treat this report as confidential and anonymous.
    To see what data this error report contains, click here.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



%PROGRAMFILES%\conhost.exe File name: conhost.exe
Size: 101.88 KB (101888 bytes)
MD5: 0db896d10b5b8da528e177e35129a995
Detection count: 28
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%
Group: Malware file
Last Updated: June 8, 2011
%USERPROFILE%\Start Menu\Programs\Startup\csrss.exe File name: csrss.exe
Size: 211.96 KB (211968 bytes)
MD5: 01b754b42f889f45017941a9e4573dcf
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %USERPROFILE%\Start Menu\Programs\Startup
Group: Malware file
Last Updated: June 8, 2011
%APPDATA%\Milestone Antivirus\Milestone Antivirus.exe File name: Milestone Antivirus.exe
Size: 2.44 MB (2441216 bytes)
MD5: 6be284d931aaeffd656d0beab8974bae
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\Milestone Antivirus
Group: Malware file
Last Updated: August 17, 2022

Additional Information

The following directories were created:
%APPDATA%\Milestone Antivirus%ProgramFiles%\Milestone Antivirus
Loading...