Home Malware Programs Rogue Anti-Virus Programs Wolfram Antivirus

Wolfram Antivirus

Posted: August 11, 2011

Threat Metric

Threat Level: 10/10
Infected PCs: 14
First Seen: August 11, 2011
Last Seen: October 23, 2021
OS(es) Affected: Windows

Wolfram AntivirusWolfram Antivirus is a recently-emerged rogue anti-virus program that degrades your computer's performance while Wolfram Antivirus offers fake virus protection features. As is usually the case with such fake security programs, SpywareRemove.com malware research team has found that Wolfram Antivirus's top goal is to make you purchase a fully-registered version of Wolfram Antivirus, which is also a fraudulent product that lacks any serious AV functionality. In the meantime, the probability of Wolfram Antivirus causing other problems, such as blocking unrelated applications or hijacking your browser, is very high. Because of these negative attributes and the total lack of anti-virus features, SpywareRemove.com malware research deem Wolfram Antivirus to be something that should be removed with a well-selected anti-malware program as soon as you have the time to do so.

Building a Barrier to Reject Wolfram Antivirus' Fake AV Features from Your PC

Wolfram Antivirus is hot off the presses as of early August 2011 and may not be detected or removed by even slightly out-of-date anti-malware products. Update your virus scanners and other security applications on a regular basis to have the greatest chance of Wolfram Antivirus infections being detected before they can do any real damage.

Circumstantial factors point towards Wolfram Antivirus being capable of exploiting drive-by-download scripts in Flash or Java to infect your PC. Keep these scripts up to date to patch out recent vulnerabilities, and disable them for untrustworthy websites and advertisements. SpywareRemove.com malware research team has noticed a marked tendency for Wolfram Antivirus and similar rogue anti-virus programs also to be installed by fake online system scanners, and you should never trust any system scan unless you've verified the source to be reputable.

What Can Happen if Wolfram Antivirus Rams Its Way Into Your Hard Drive

Aside from Wolfram Antivirus' inclination to use up excessive system resources and thereby worsen your PC performance, Wolfram Antivirus doesn't show any remarkable or unusual traits as a rogue anti-virus program. Standard Wolfram Antivirus characteristics, as noted below, are much in line with similar scamware security programs from the FakeScanti family, including Security Guard, Sysinternals Antivirus, WireShark Antivirus, Milestone Antivirus, BlueFlare Antivirus, OpenCloud Antivirus, OpenCloud Security, Data Restore, OpenCloud AV, Security Guard 2012, AV Guard Online, Cloud Protection, AV Protection Online, System Protection 2012, AV Security 2012, Sphere Security 2012, AV Protection 2011 and Super AV 2013.

  • Other programs may be blocked by Wolfram Antivirus, ostensibly to protect you from infections, but in reality to deprive you of the features that these programs may offer. You can expect security and anti-malware products to be targeted specifically to stop you from accessing anything that could help you delete Wolfram Antivirus. However, since the chance of actual damage to these programs is minimal, simply finding a way to turn off Wolfram Antivirus, such as by using Safe Mode, usually will let you use them normally again.
  • Likewise, anti-malware and PC security sites may be blocked from within your browser. Other attacks that use similar hijacking techniques may redirect you to hostile websites like Wolfram Antivirus's homepage.
  • Wolfram Antivirus also uses a Registry-based startup technique that SpywareRemove.com malware researchers are highly familiar with; this startup routine lets Wolfram Antivirus launch without permission whenever Windows loads.

Since many of Wolfram Antivirus attacks may alter the Windows Registry to function, deleting the files of a Wolfram Antivirus infection is no guarantee that you've deleted all Wolfram Antivirus components. To make sure that you've removed all parts of a Wolfram Antivirus infection, run an appropriate security scanner.


Wolfram Antivirus 2Wolfram Antivirus 3Wolfram Antivirus 4Wolfram Antivirus 5Wolfram Antivirus 6Wolfram Antivirus 7Wolfram Antivirus 8

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



%AppData%\Wolfram Antivirus\Wolfram Antivirus.exe File name: Wolfram Antivirus.exe
Size: 2.68 MB (2680832 bytes)
MD5: 56bcd58bac41d598cd035a2aecb942b6
Detection count: 65
File type: Executable File
Mime Type: unknown/exe
Path: %AppData%\Wolfram Antivirus
Group: Malware file
Last Updated: January 8, 2020
%AppData%\Wolfram Antivirus\csrss.exe File name: csrss.exe
Size: 227.32 KB (227328 bytes)
MD5: 86c383ea1a020d4447a28c42c4766be4
Detection count: 62
File type: Executable File
Mime Type: unknown/exe
Path: %AppData%\Wolfram Antivirus
Group: Malware file
Last Updated: August 16, 2011
%AppData%\Wolfram Antivirus\Wolfram Antivirus.exe File name: Wolfram Antivirus.exe
Size: 2.67 MB (2672640 bytes)
MD5: 301cdd712969cfb7b49422603ecc08ab
Detection count: 26
File type: Executable File
Mime Type: unknown/exe
Path: %AppData%\Wolfram Antivirus
Group: Malware file
Last Updated: August 16, 2011
%AppData%\Wolfram Antivirus\Wolfram Antivirus.exe File name: Wolfram Antivirus.exe
Size: 2.68 MB (2687520 bytes)
MD5: 34abfcc392d8e98844c8ce8ed544d725
Detection count: 24
File type: Executable File
Mime Type: unknown/exe
Path: %AppData%\Wolfram Antivirus
Group: Malware file
Last Updated: August 16, 2011
%AppData%\Wolfram Antivirus\Wolfram Antivirus.exe File name: Wolfram Antivirus.exe
Size: 2.44 MB (2448896 bytes)
MD5: 1757ed31774a4f11c7f213e5e4b36fd0
Detection count: 22
File type: Executable File
Mime Type: unknown/exe
Path: %AppData%\Wolfram Antivirus
Group: Malware file
Last Updated: August 16, 2011
%AppData%\1800yt251w5336buwum0meg6emc8108i016k0km65 File name: %AppData%\1800yt251w5336buwum0meg6emc8108i016k0km65
Group: Malware file
%CommonAppData%\1800yt251w5336buwum0meg6emc8108i016k0km65 File name: %CommonAppData%\1800yt251w5336buwum0meg6emc8108i016k0km65
Group: Malware file
%Templates%\1800yt251w5336buwum0meg6emc8108i016k0km65 File name: %Templates%\1800yt251w5336buwum0meg6emc8108i016k0km65
Group: Malware file
%Temp%\1800yt251w5336buwum0meg6emc8108i016k0km65 File name: %Temp%\1800yt251w5336buwum0meg6emc8108i016k0km65
Group: Malware file
%UserProfile%\Application Data\Wolfram Antivirus\ File name: %UserProfile%\Application Data\Wolfram Antivirus\
Group: Malware file
%UserProfile%\Application Data\Wolfram Antivirus\Wolfram Antivirus.exe File name: %UserProfile%\Application Data\Wolfram Antivirus\Wolfram Antivirus.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
%UserProfile%\Application Data\Wolfram Antivirus\Wolfram Antivirus.ico File name: %UserProfile%\Application Data\Wolfram Antivirus\Wolfram Antivirus.ico
Mime Type: unknown/ico
Group: Malware file
%UserProfile%\Application Data\Wolfram Antivirus\csrss.exe File name: %UserProfile%\Application Data\Wolfram Antivirus\csrss.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
%UserProfile%\Application Data\Wolfram Antivirus\wf.conf File name: %UserProfile%\Application Data\Wolfram Antivirus\wf.conf
Mime Type: unknown/conf
Group: Malware file
%UserProfile%\Desktop\Wolfram Antivirus.lnk File name: %UserProfile%\Desktop\Wolfram Antivirus.lnk
File type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
%StartMenu%\Programs\Startup\csrss.exe File name: %StartMenu%\Programs\Startup\csrss.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
%StartMenu%\Programs\Wolfram Antivirus\ File name: %StartMenu%\Programs\Wolfram Antivirus\
Group: Malware file
%StartMenu%\Programs\Wolfram Antivirus\Wolfram Antivirus.lnk File name: %StartMenu%\Programs\Wolfram Antivirus\Wolfram Antivirus.lnk
File type: Shortcut
Mime Type: unknown/lnk
Group: Malware file

Registry Modifications

The following newly produced Registry Values are:

HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows "load"="%Temp%\csrss.exe"

Additional Information

The following directories were created:
%AppData%\Wolfram Antivirus
The following messages's were detected:
# Message
1Security Warning Malicious programs that may steal your private information and prevent your system from working properly are detected on your computer. Click here to clean your PC immediately.
2Security Warning There are critical system files on your computer that were modified by malicious software. It may cause permanent data loss. Click here to remove malicious software.
3Security Warning Your computer continues to be infected with harmful viruses. In order to prevent permanent loss of your information and credit card data theft please activate your antivirus software. Click here to enable protection.
4Warning! Infection found Unauthorized sending E-MAIL with subject “RE:” to was CANCELLED.
5Warning! Infection found Unwanted software (malware) or tracking cookies have been found during last scan. It is highly recommended to remove it from your computer. Keylogger Zeus was detected and put in quarantine. Keylogger Zeus is a very dangerous software used by criminals to steal personal data such as credit card information, access to banking accounts, passwords to social networks and e-mails.
6Warning: Infection is Detected Windows has found spyware infection on your computer! Click here to update your Windows antivirus software
7Warning: Spyware Detected Windows has found spy programs running on your computer! Click here to update your Windows antivirus software
8Windows Security Alert To help protect your computer, Windows Firewall has blocked some features of this program. Do you want to keep blocking this program? Zeus Trojan

Loading...