Fake Anti Spyware.POWER-ANTIVIRUS-2009 - Spyware Detector

Spyware free software spyware removal Anti Spyware software free spyware check adware spyware remover anti virus download

Home/ Spyware Encyclopedia / Fake Anti Spyware.POWER-ANTIVIRUS-2009

Fake Anti Spyware.POWER-ANTIVIRUS-2009 Technical Details

Category		Fake Anti Spyware
Discovered		1/12/2006 8:09:00 PM
Modified		11/19/2008 4:25:32 PM
Threat Level		Critical

Category Description

These are programs which look like any legitimate program but usually download without users permission, entice users into buying them by showing fake results to improve users PC performance. They may also download spyware and other unwanted programs.

Notice

Please note that the following information is not controlled or endorsed by Max Secure Software. They are captured automatically in our Research Lab as a result of executing Spyware Files or browsing Internet. Please contact us if you find any information inappropriate for removal. All the work contained in this report is copyrighted and should not be copied without permission from Max Secure Software.

We do not recommend browsing or removing these entries on your own manually. We do not take any warranty against the use or result of the use of this information.

Summary

The following http urls were started:

• 217.170.77.150/hjk/pibzero.exe
• bot.gribokk.com/exe.php?ex=6082
• bot.gribokk.com/v18/exe.php?aff_id=6082

The hosts file was updated with the following url-to-ip mappings:

217.20.175.74	antivirus-2009pro.com
217.20.175.74	antivirusa2.com
217.20.175.74	browsersecuritycenter.com

The following internet connection was established:

85.92.158.75 : 80
127.0.0.1 : 1516
85.255.117.214 : 80

The following Files were created:

Name	Version	Publisher	Signature (MD5)	File Size (in KB)
..\systemdefender_installer.exe			53483ee2432ad2c0fe90c9011133e744	98677
..\SETUP_1096_MTAYOHWZNXWW_.EXE	2.6.0.0	POWER-ANTIVIRUS-2009 SOLUTIONS, LTD.	4DD5DDFFCE225652B4DA2AA02BDC93CA	707072
..\SETUP_1096_MTAYOHWZNXWW_ \SPLINE.DAT
..\SETUP_1096_MTAYOHWZNXWW_ \DESC.DAT
..\SETUP_1096_MTAYOHWZNXWW_ \BASE2.DAT
..\SETUP_1096_MTAYOHWZNXWW_ \BASE.DAT
..\SEVLOD.EXE			C329DB4DDEEE5C1A6A9881B51B2B56C3
..\XONTHKC.EXE			168BF8EC3E188D7249C610054D93BCA1
..\2335.EXE			980CF6B767D95DCC785B7F2BA004A107
..\LEXLIBINSTALLER_1_5475101.EXE	4.57.0.0	IGOR PAVLOV	BC7DF270467E3E9EEB22FD42FD4FA2C2	247147
..\79AA9AD4.EXE			A06B0EC8CECD60ABCAD508BCBDF467E4	698880
..\622FBB3D.EXE			EB446243144AB16C48C6196B5588BA76	705536
..\msliksurcredo.dll
..\msliksurdns.dll
..\cpuserv.dll			117d1ac1072af5ac25abc49e10c5a956
..\4.tmp	5.1.2600.2180			53760
..\x.exe			cfd211345cd8e66e9de420719999999c
..\7.tmp				8505
..\5.tmp				33098
..\1BD43A81.EXE	2.6.0.0	POWER-ANTIVIRUS-2009 SOLUTIONS, LTD.	976546BF7258FC5C5CA59D9AF4BB5974	707584
..\TEMP\1BD43A81.EXE	2.6.0.0	POWER-ANTIVIRUS-2009 SOLUTIONS, LTD.	976546BF7258FC5C5CA59D9AF4BB5974	707584
..\1BD43A81\SPLINE.DAT
..\1BD43A81\DESC.DAT
..\1BD43A81\BASE2.DAT
..\1BD43A81\BASE.DAT

The following Registry Entries were created:

•	..\Software\Classes\Clsid\{18cb1a7b-94cd-4582-8022-ada16851e44b}
•	..\Software\Classes\Clsid\{befc54ba-36eb-4cfc-ba55-587361577a26}
•	..\Software\Classes\Clsid\{8e569e70-9e91-4cf9-820c-99ddc3a05a0c}
•	..\Software\Classes\Clsid\{1094613f-84b6-4131-aec1-71df88291044}
•	..\Software\Classes\Typelib\{8b8df25f-2c47-4473-8e1c-7f54ac7ef481}
•	..\Software\Classes\Typelib\{3a596471-ecbe-4aee-b543-79ae8c8ff7a9}
•	..\Software\Classes\Appid\pllib.dll
•	..\Software\Classes\Appid\{b0ed4726-5bc8-4e22-a7a8-3074a73ce64e}
•	..\Software\Microsoft\Windows\CurrentVersion\Uninstall\usysd_is1
•	..\Software\Microsoft\Windows\CurrentVersion\Uninstall\1_is1
•	..\Software\Microsoft\Windows\CurrentVersion\Uninstall\virusremover2008
•	..\Software\Microsoft\Windows\CurrentVersion\Uninstall\uadc_is1
•	..\Software\Microsoft\Windows\CurrentVersion\Uninstall\webvideo
•	..\Software\Microsoft\Windows\CurrentVersion\Uninstall\malwarealarm
•	..\Software\Microsoft\Windows\CurrentVersion\Uninstall\siteentry
•	..\Software\Microsoft\Windows\CurrentVersion\Uninstall\udc_install_is1
•	..\Software\Microsoft\Windows\CurrentVersion\Uninstall\pcprivacycleaner
•	..\Software\Microsoft\Windows\CurrentVersion\drivers
•	..\Software\Microsoft\84fd8446
•	..\Software\Microsoft\vsplugin
•	..\Software\Classes\siteentry
•	..\Software\Classes\sunpornwrrb325
•	..\Software\Classes\sunporn
•	..\Software\Classes\udcpchk.udcpchk
•	..\Software\Classes\xvideoplugin.jetvideoplugin.1

Recommendation to remove Fake Anti Spyware.POWER-ANTIVIRUS-2009

Spyware Detector can remove Fake Anti Spyware.POWER-ANTIVIRUS-2009, and thousands of other Spyware automatically and instantly. Click here to download Spyware Detector and scan for free.

	Personalized E-mail support by our Research Team. You send an "Export Log" report to us, we then add new definition and you eliminate spyware found on YOUR PC in the next Live Update. So, not only do you benefit but the whole community enjoys the feedback.
	Speed up your computer and increase browsing performance by deleting Spyware & Adware
	Enjoy continuous protection and security with frequent spyware definition updates so you never have to worry about new threats and outdated software.
	Surf the web with confidence knowing your online activities aren't being tracked, and your confidential data is secure from prying eyes.

Search Threats

Testimonials

Information Desk

	Spyware & Adware Categories we scan

	List of Spyware & Adware we remove


	Submit a Threat Submit a threat to be reviewed by our research team Submit a Threat