Wolfram Antivirus
Posted: August 11, 2011
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 10/10 |
|---|---|
| Infected PCs: | 21 |
| First Seen: | August 11, 2011 |
|---|---|
| Last Seen: | October 23, 2021 |
| OS(es) Affected: | Windows |
Wolfram Antivirus is a recently-emerged rogue anti-virus program that degrades your computer's performance while Wolfram Antivirus offers fake virus protection features. As is usually the case with such fake security programs, SpywareRemove.com malware research team has found that Wolfram Antivirus's top goal is to make you purchase a fully-registered version of Wolfram Antivirus, which is also a fraudulent product that lacks any serious AV functionality. In the meantime, the probability of Wolfram Antivirus causing other problems, such as blocking unrelated applications or hijacking your browser, is very high. Because of these negative attributes and the total lack of anti-virus features, SpywareRemove.com malware research deem Wolfram Antivirus to be something that should be removed with a well-selected anti-malware program as soon as you have the time to do so.
Building a Barrier to Reject Wolfram Antivirus' Fake AV Features from Your PC
Wolfram Antivirus is hot off the presses as of early August 2011 and may not be detected or removed by even slightly out-of-date anti-malware products. Update your virus scanners and other security applications on a regular basis to have the greatest chance of Wolfram Antivirus infections being detected before they can do any real damage.
Circumstantial factors point towards Wolfram Antivirus being capable of exploiting drive-by-download scripts in Flash or Java to infect your PC. Keep these scripts up to date to patch out recent vulnerabilities, and disable them for untrustworthy websites and advertisements. SpywareRemove.com malware research team has noticed a marked tendency for Wolfram Antivirus and similar rogue anti-virus programs also to be installed by fake online system scanners, and you should never trust any system scan unless you've verified the source to be reputable.
What Can Happen if Wolfram Antivirus Rams Its Way Into Your Hard Drive
Aside from Wolfram Antivirus' inclination to use up excessive system resources and thereby worsen your PC performance, Wolfram Antivirus doesn't show any remarkable or unusual traits as a rogue anti-virus program. Standard Wolfram Antivirus characteristics, as noted below, are much in line with similar scamware security programs from the FakeScanti family, including Security Guard, Sysinternals Antivirus, WireShark Antivirus, Milestone Antivirus, BlueFlare Antivirus, OpenCloud Antivirus, OpenCloud Security, Data Restore, AV Guard Online, Cloud Protection, AV Protection Online, System Protection 2012, AV Security 2012, Sphere Security 2012, AV Protection 2011, Security Guard 2012, Super AV 2013 and OpenCloud AV.
- Other programs may be blocked by Wolfram Antivirus, ostensibly to protect you from infections, but in reality to deprive you of the features that these programs may offer. You can expect security and anti-malware products to be targeted specifically to stop you from accessing anything that could help you delete Wolfram Antivirus. However, since the chance of actual damage to these programs is minimal, simply finding a way to turn off Wolfram Antivirus, such as by using Safe Mode, usually will let you use them normally again.
- Likewise, anti-malware and PC security sites may be blocked from within your browser. Other attacks that use similar hijacking techniques may redirect you to hostile websites like Wolfram Antivirus's homepage.
- Wolfram Antivirus also uses a Registry-based startup technique that SpywareRemove.com malware researchers are highly familiar with; this startup routine lets Wolfram Antivirus launch without permission whenever Windows loads.
Since many of Wolfram Antivirus attacks may alter the Windows Registry to function, deleting the files of a Wolfram Antivirus infection is no guarantee that you've deleted all Wolfram Antivirus components. To make sure that you've removed all parts of a Wolfram Antivirus infection, run an appropriate security scanner.
Use SpyHunter to Detect and Remove PC Threats
If you are concerned that malware or PC threats similar to Wolfram Antivirus may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.
* See Free Trial offer below. EULA and Privacy/Cookie Policy.
Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%AppData%\Wolfram Antivirus\csrss.exe
File name: csrss.exeSize: 227.32 KB (227328 bytes)
MD5: 86c383ea1a020d4447a28c42c4766be4
Detection count: 62
File type: Executable File
Mime Type: unknown/exe
Path: %AppData%\Wolfram Antivirus
Group: Malware file
Last Updated: August 16, 2011
%AppData%\Wolfram Antivirus\Wolfram Antivirus.exe
File name: Wolfram Antivirus.exeSize: 2.67 MB (2672640 bytes)
MD5: 301cdd712969cfb7b49422603ecc08ab
Detection count: 26
File type: Executable File
Mime Type: unknown/exe
Path: %AppData%\Wolfram Antivirus
Group: Malware file
Last Updated: August 16, 2011
%AppData%\1800yt251w5336buwum0meg6emc8108i016k0km65
File name: %AppData%\1800yt251w5336buwum0meg6emc8108i016k0km65Group: Malware file
%CommonAppData%\1800yt251w5336buwum0meg6emc8108i016k0km65
File name: %CommonAppData%\1800yt251w5336buwum0meg6emc8108i016k0km65Group: Malware file
%Templates%\1800yt251w5336buwum0meg6emc8108i016k0km65
File name: %Templates%\1800yt251w5336buwum0meg6emc8108i016k0km65Group: Malware file
%Temp%\1800yt251w5336buwum0meg6emc8108i016k0km65
File name: %Temp%\1800yt251w5336buwum0meg6emc8108i016k0km65Group: Malware file
%UserProfile%\Application Data\Wolfram Antivirus\
File name: %UserProfile%\Application Data\Wolfram Antivirus\Group: Malware file
%UserProfile%\Application Data\Wolfram Antivirus\Wolfram Antivirus.exe
File name: %UserProfile%\Application Data\Wolfram Antivirus\Wolfram Antivirus.exeFile type: Executable File
Mime Type: unknown/exe
Group: Malware file
%UserProfile%\Application Data\Wolfram Antivirus\Wolfram Antivirus.ico
File name: %UserProfile%\Application Data\Wolfram Antivirus\Wolfram Antivirus.icoMime Type: unknown/ico
Group: Malware file
%UserProfile%\Application Data\Wolfram Antivirus\csrss.exe
File name: %UserProfile%\Application Data\Wolfram Antivirus\csrss.exeFile type: Executable File
Mime Type: unknown/exe
Group: Malware file
%UserProfile%\Application Data\Wolfram Antivirus\wf.conf
File name: %UserProfile%\Application Data\Wolfram Antivirus\wf.confMime Type: unknown/conf
Group: Malware file
%UserProfile%\Desktop\Wolfram Antivirus.lnk
File name: %UserProfile%\Desktop\Wolfram Antivirus.lnkFile type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
%StartMenu%\Programs\Startup\csrss.exe
File name: %StartMenu%\Programs\Startup\csrss.exeFile type: Executable File
Mime Type: unknown/exe
Group: Malware file
%StartMenu%\Programs\Wolfram Antivirus\
File name: %StartMenu%\Programs\Wolfram Antivirus\Group: Malware file
%StartMenu%\Programs\Wolfram Antivirus\Wolfram Antivirus.lnk
File name: %StartMenu%\Programs\Wolfram Antivirus\Wolfram Antivirus.lnkFile type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
More files
Registry Modifications
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows "load"="%Temp%\csrss.exe"
Additional Information
| # | Message |
|---|---|
| 1 | Security Warning Malicious programs that may steal your private information and prevent your system from working properly are detected on your computer. Click here to clean your PC immediately. |
| 2 | Security Warning There are critical system files on your computer that were modified by malicious software. It may cause permanent data loss. Click here to remove malicious software. |
| 3 | Security Warning Your computer continues to be infected with harmful viruses. In order to prevent permanent loss of your information and credit card data theft please activate your antivirus software. Click here to enable protection. |
| 4 | Warning! Infection found Unauthorized sending E-MAIL with subject “RE:” to was CANCELLED. |
| 5 | Warning! Infection found Unwanted software (malware) or tracking cookies have been found during last scan. It is highly recommended to remove it from your computer. Keylogger Zeus was detected and put in quarantine. Keylogger Zeus is a very dangerous software used by criminals to steal personal data such as credit card information, access to banking accounts, passwords to social networks and e-mails. |
| 6 | Warning: Infection is Detected Windows has found spyware infection on your computer! Click here to update your Windows antivirus software |
| 7 | Warning: Spyware Detected Windows has found spy programs running on your computer! Click here to update your Windows antivirus software |
| 8 | Windows Security Alert To help protect your computer, Windows Firewall has blocked some features of this program. Do you want to keep blocking this program? Zeus Trojan |
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.