Spyware free software spyware removal Anti Spyware software free spyware check adware spyware remover anti virus downloadAnti Spyware Software
Spyware Detector - HomeSpyware Detector - PurchaseSpyware Detector - AffiliatesSpyware Detector - Download UpdatesSpyware Detector -FAQSpyware Detector -Contact Us

Home/ Spyware Encyclopedia / Fake Anti Spyware.Antivirus2009

 Fake Anti Spyware.Antivirus2009 Technical Details
 Category Fake Anti Spyware
 Discovered   4/15/2005 12:00:00 AM
 Modified   9/16/2008 4:57:31 PM
 Threat Level Critical
 Category Description
These are programs which look like any legitimate program but usually download without users permission, entice users into buying them by showing fake results to improve users PC performance. They may also download spyware and other unwanted programs.
  Description
Antivirus2009 is Rogue Security Program. It is a Fake Anti Spyware; Antivirus2009 is known to be pushed/advertised by various Trojan Horse programs. It uses aggressive and deceptive techniques to frighten the user into purchasing the program. It gives exaggerated report and claims of spyware found or false positives but will not remove spyware unless the user purchases the program.
 Notice

Please note that the following information is not controlled or endorsed by Max Secure Software. They are captured automatically in our Research Lab as a result of executing Spyware Files or browsing Internet. Please contact us if you find any information inappropriate for removal. All the work contained in this report is copyrighted and should not be copied without permission from Max Secure Software.

We do not recommend browsing or removing these entries on your own manually. We do not take any warranty against the use or result of the use of this information.
 Summary
The following http urls were started:
• fastupdateservice.com/zsa9/zs880000.exe
• antivirus-database.com/firstrun.php?product=AV9&aff=77001116&update=0207/av2009&time=...
• mspublic.com/?q=get&id=antivirusxp&pid=6111&v=20
The hosts file was updated with the following url-to-ip mappings:
127.0.0.1 localhost
127.0.0.1 www.
10.18.250.4 ad.doubleclick.net
The following internet connection was established:
84.16.252.138 : 80
208.88.53.114 : 80
212.95.37.154 : 80
 Process AV2009.EXE
 Drivers   N/A
 Folder Created   %PFDIR%\Antivirus 2009
 The following Files were created:
 
Name Version Publisher Signature (MD5) File Size (in KB)
..\akl\akl.exe     0f3ee5d90e31f2817bbf0d761f49b2cf 4096
..\anticipator.dll     65660be2f4ce4b16ee1bcf9408f33e55 4096
..\regm64.dll     65660be2f4ce4b16ee1bcf9408f33e55 4096
..\sncntr.exe     65660be2f4ce4b16ee1bcf9408f33e55 4096
..\winwgpx.exe     65660be2f4ce4b16ee1bcf9408f33e55 4096
..\akttzn.exe     65660be2f4ce4b16ee1bcf9408f33e55 4096
..\medup012.dll     65660be2f4ce4b16ee1bcf9408f33e55 4096
..\hoproxy.dll     65660be2f4ce4b16ee1bcf9408f33e55 4096
..\temp#01.exe     65660be2f4ce4b16ee1bcf9408f33e55 4096
..\ssurf022.dll     65660be2f4ce4b16ee1bcf9408f33e55 4096
..\mwin32.exe     65660be2f4ce4b16ee1bcf9408f33e55 4096
..\winsrc.dll     74b1c6d31f61baa8985efc5b136ce580 327680
..\itunesmusic.exe     0f3ee5d90e31f2817bbf0d761f49b2cf 4096
..\S87EKHV.EXE     A80D03ECAF395177EFFFD98002CBF5A8 23552
..\bdn.com     38594625566c4de1d07e83035024683f 4096
..\QUICK LAUNCH \VIRUSRESPONSE LAB 2009 2.1.LNK       748
..\av2009install_880042.exe     08cff24caa2b3d19b16aa8892189d149 101888
..\VIRUSRESPONSELAB2009 \AVLWARNING.DLL 1.0.0.1   9BD054C3696D2D0752962FFD893F3E26 73728
..\zip2.tmp       4096
..\akl\akl.dll     0f3ee5d90e31f2817bbf0d761f49b2cf 4096
..\antivirus 2009\av2009.exe     b5718af5ce37e0ae5ca69b1f6167b5fb 1015808
..\ieupdates.exe     d12fc1a4bedbdae0029d4670321517fb 75776
..\ssvchost.exe     73f13d47ae112bd7bd3a1ac3fcf827be 4096
..\regc64.dll     65660be2f4ce4b16ee1bcf9408f33e55 4096
..\ps1.exe     65660be2f4ce4b16ee1bcf9408f33e55 4096
 The following Registry Entries were created:
 
..\Software\Classes\Clsid\{000000da-0786-4633-87c6-1aa7a4429ef1}
..\Software\Classes\Clsid\{5c7f15e1-f31a-44fd-aa1a-2ec63aaffd3a}
..\Software\Classes\Clsid\{0b682cc1-fb40-4006-a5dd-99edd3c9095d}
..\Software\Microsoft\Windows\CurrentVersion\Uninstall\golden palace casino new
..\Software\89726823528565589720360071261189
..\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b8c0220d-763d-49a4-95f4-61dfdec66ee6}
..\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{037c7b8a-151a-49e6-baed-cc05fcb50328}
..\Software\Microsoft\Windows\CurrentVersion\run\"33048443963708047047908338193422"\"%pf%\antivirus 2009\av2009.exe"
..\Software\Microsoft\Windows\CurrentVersion\Run\ \"64449999829050617046620642126590"\"%PF%\ANTIVIRUS 2009\AV2009.EXE"
..\Software\22554992353667021099384118309009
..\Software\Microsoft\Windows\CurrentVersion\CONTROLS FOLDER\"WMSRCPID"\"8800002102"
..\Software\LICENSES\"{IE367A82967A76C2D}"
..\Software\VIRUSRESPONSELAB2009
..\Software\Microsoft\Windows\CurrentVersion\App Paths\VIRUSRESPONSELAB2009
..\Software\Microsoft\Windows\CurrentVersion\run\"59814798268080378598239958469924"\"%pf%\antivirus 2009\av2009.exe"
..\Software\Classes\Interface\{967a494a-6aec-4555-9caf-fa6eb00acf91}
..\Software\Classes\Clsid\{037c7b8a-151a-49e6-baed-cc05fcb50328}
..\Software\Classes\Clsid\{9dd4258a-7138-49c4-8d34-587879a5c7a4}
..\Software\Microsoft\Windows\CurrentVersion\Uninstall\inet delivery
..\Software\HOLLOL
..\Software\inet delivery
..\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9DD4258A-7138-49C4-8D34-587879A5C7A4}
..\Software\Microsoft\Windows\CurrentVersion\Run\\"93646575292190376837667159322287"
..\Software\Microsoft\Windows\CurrentVersion\run\"39247163632169364003994714568076"\"%pf%\antivirus 2009\av2009.exe"
..\Software\Microsoft\Windows\CurrentVersion\Run\ \"22554992353667021099384118309009"\"%PF%\ANTIVIRUS 2009\AV2009.EXE"
 Snapshot
Recommendation to remove Fake Anti Spyware.Antivirus2009
Spyware Detector can remove Fake Anti Spyware.Antivirus2009, and thousands of other Spyware automatically and instantly. Click here to download Spyware Detector and scan for free.
Download Spyware Detector and Scan for FREE
 
Personalized E-mail support by our Research Team. You send an "Export Log" report to us, we then add new definition and you eliminate spyware found on YOUR PC in the next Live Update. So, not only do you benefit but the whole community enjoys the feedback.
Speed up your computer and increase browsing performance by deleting Spyware & Adware
Enjoy continuous protection and security with frequent spyware definition updates so you never have to worry about new threats and outdated software.
Surf the web with confidence knowing your online activities aren't being tracked, and your confidential data is secure from prying eyes.
 
Free Spyware Scan
 Search Threats
Testimonials

Read More
Information Desk
Spyware & Adware Categories we scan
  
List of Spyware &
Adware we remove
Submit a Threat
Submit a threat to be reviewed by our research team

Submit a Threat
Home| About Us| Purchase| Contact Us| FAQ| Privacy Policy
Copyrights© 2003-2008 Max Secure Software. All rights reserved