Fake Anti Spyware.POWER-ANTIVIRUS-2009 - Spyware Detector

Home / Spyware Encyclopedia / Fake Anti Spyware.POWER-ANTIVIRUS-2009

Fake Anti Spyware.POWER-ANTIVIRUS-2009 Technical Details

Category	Fake Anti Spyware
Discovered	1/12/2006 8:09:00 PM
Modified	9/22/2009 4:42:54 PM
Threat Level	Critical

Category Description

These are programs which look like any legitimate program but usually download without users permission, entice users into buying them by showing fake results to improve users PC performance. They may also download spyware and other unwanted programs.

Notice

Summary

The following http urls were started:

•a1.mxlivemedia.com/bc/nsi_install.php?aff_id=default&inst_result=success&id=25f3f9a07...

•ulog.drivecleaner.com/?action=1&lid=dc6e_100&aid=ippuamg_in_en&lp=100&addt=keyin&cnt=...

•ulog.drivecleaner.com/?action=13&lid=dc6e_100&aid=ippuamg_in_en&lp=100&addt=keyin&cnt...

The hosts file was updated with the following url-to-ip mappings: NA

The following internet connection was established:

85.255.117.214 : 80

85.92.158.75 : 80

127.0.0.1 : 1516

The following Files were created:

Name	Version	Publisher	Signature (MD5)	File Size (in KB)
..\system doctor free \systemdoc.exe	1.1.180.7	SYSTEMDOCTOR, LTD.	00bb47fac87974127de24e2bf06dbf24	3772416
..\system doctor free \insthelp.exe	1.0.1.0	systemdoctor, inc.	db8fbbb4a1b1267d6a89889b3acaa425	110592
..\system doctor free \systemdoc.exe	1.1.180.3	systemdoctor inc.	00bb47fac87974127de24e2bf06dbf24	3792896
..\1BD43A81.EXE	2.6.0.0	POWER-ANTIVIRUS-2009 SOLUTIONS, LTD.	976546bf7258fc5c5ca59d9af4bb5974	707584
..\SETUP_1096_MTAYOHWZNXWW_.EXE	2.6.0.0	POWER-ANTIVIRUS-2009 SOLUTIONS, LTD.	4dd5ddffce225652b4da2aa02bdc93ca	707072
..\pcpc_setup_free.exe	1.0.22.4	PCPrivacyCleaner Inc.	4427a246b1c00d3c9529dbcbe8f7af8d	934864
..\PLLIB.DLL	1.0.0.25	LEXSOLUTIONS, LTD	a28024a2e99d17504839141d4ceb4662	300032
..\system doctor free \insthelp.exe	1.0.1.0	INSTHELP	db8fbbb4a1b1267d6a89889b3acaa425	110592
..\drivecleaner freeware \udcpchk.dll	1.0.94.0	drivecleaner, inc.	bdb67f3cef24e2d613bf992c84303bee	33792
..\drivecleaner freeware \insthelp.exe	1.0.15.0	drivecleaner, inc.	b2b7973974844cc85a1e36435ed29b31	122880
..\drivecleaner freeware\pv.exe	1.0.0.1	drivecleaner, inc.	6682ef77c466173f912c24827bcab011	53248
..\drivecleaner freeware\udc.exe	1.0.111.0	drivecleaner, inc.	2b9ade23cf3bd1ad5d74ed060e9dba40	1344000
..\drivecleaner freeware\pv.exe	1.0.0.1	drivecleaner, inc.		53248
..\drivecleaner freeware \insthelp.exe	1.0.15.0	drivecleaner, inc.		122880
..\drivecleaner freeware \udcpchk.dll	1.0.94.0	drivecleaner, inc.		33792
..\drivecleaner freeware\udc.exe	1.0.111.0	drivecleaner, inc.		1344000
..\temp \installdrivecleanerstart.exe	1.0.22.2	drivecleaner inc.	8a4bce88c20a35ecdd945a57ad90e3ea	123928
..\drivecleaner freeware \udc6_cw.exe	1.0.6.0	drivecleaner inc.	1e12858f122f550df0ac0e8514fe97b7	147456
..\pcpc_setup_free.exe	1.0.21.2	AntiSpywareSolutionPro, Inc.	4427a246b1c00d3c9529dbcbe8f7af8d	934352
..\advancedcleaner free\uadc.exe	1.0.88.0	ADVANCEDCLEANER, INC.	31139cfe363096cd26f466bddec8f97d	1558016
..\uadc_0001_d10m0502 \installer.exe	1.0.52.2	advancedcleaner inc.	ebeb1ffb5e62b6d85896d742d5e425ba	4963616
..\temp\002.exe	1.0.0.0	1000 oaks	082176b99b47edac516969c80c08a443	167936
..\3AF5702A\Desc.dat				39610
..\3AF5702A\base.dat				3261
..\3AF5702A\base2.dat				6832
..\3AF5702A\spline.dat				4400
..\PWX\PWX.EXE	1.0.0.1		420c1103c26296402980d0e42354ef1b	395776

The following Registry Entries were created:

•	..\Software\Microsoft\Windows\CurrentVersion\Uninstall\pcprivacycleaner
•	..\Software\Microsoft\Windows\CurrentVersion\drivers
•	..\Software\Microsoft\84fd8446
•	..\Software\Microsoft\vsplugin
•	..\Software\Classes\siteentry
•	..\Software\Classes\sunpornwrrb325
•	..\Software\Classes\sunporn
•	..\Software\Classes\udcpchk.udcpchk
•	..\Software\Classes\xvideoplugin.jetvideoplugin.1
•	..\Software\Classes\xvideoplugin.jetvideoplugin
•	..\Software\Classes\xvideoplugin.jetmimefiltr.1
•	..\Software\Classes\xvideoplugin.jetmimefiltr
•	..\Software\gt15j4r49v
•	..\Software\malwarealarm
•	..\Software\drivecleaner freeware
•	..\Software\system doctor free
•	..\Software\siteentry
•	..\Software\{5222008a-dd62-49c7-a735-7bd18ecc7350}
•	..\Software\virusremover2008
•	..\Software\5110000c29c7164c
•	..\Software\pcprivacycleaner
•	..\Software\{65de966d-11d1-4bb1-bf7e-b8a273514daf}
•	..\Software\colorutility
•	..\Software\Microsoft\Windows\CurrentVersion\Run\ \"SYSTEMDOCTOR FREE"\"%PF%\SYSTEM DOCTOR FREE\SYSTEMDOC.EXE /MIN"

Recommendation to remove Fake Anti Spyware.POWER-ANTIVIRUS-2009

Spyware Detector can remove Fake Anti Spyware.POWER-ANTIVIRUS-2009, and thousands of other Spyware automatically and instantly. Click here to download Spyware Detector and scan for free.

Download Spyware Detector and Scan for FREE

Search Threats