Home / Spyware Encyclopedia / Fake Anti
Spy Reaper | |  | Fake Anti Spyware.Spy Reaper Technical Details |  | |
|
Category |
 |
Fake Anti Spyware |
| Discovered |
|
5/3/2008
11:48:00 AM |
| Modified |
|
5/3/2008
13:00:00 PM |
|
Threat Level |
|
Critical |
|
Description |
|
Spy Reaper is
a rogue anti-spyware
program that purports
to scan and detect
malware or other problems
on the computer, but
which attempts to
dupe or badger users
into purchasing the
program by presenting
the user with intrusive,
deceptive warnings
and/or false, misleading
scan results. |
|
Summary |
|
The hosts file
was updated with the
following url-to-ip
mappings : n/a
The following http
urls were started
: n/a
Generated
smtp traffic :
n/a
there was a new connection
established with a
remote irc server
: n/a
the following hidden
entries created :
n/a
The following
internet connection
was established:
68.178.211.72:21(winhostecn72.prod.mesa1.secureserver.net)
68.178.211.72:3385(winhostecn72.prod.mesa1.secureserver.net)
manual installed fakeantispyware.
|
| Processes |
|
Spy
Reaper Pro.exe |
| Drivers
|
|
N/A |
| Folders
Created |
|
C:\Documents
and Settings\admin\Start
Menu\Programs\P. A.
Larson Enterprises
Software
C:\Documents and Settings\admin\Start
Menu\Programs\P. A.
Larson Enterprises
Software\Spy Reaper
Pro Demo
C:\Program Files\Spy
Reaper Pro Demo |
| Browsed
Sites |
|
N/A |
| When
the Fake Anti Spyware
is executed, it creates
the following files: |
| Name |
Version |
Publisher |
Signature
(MD5) |
File
Size (in Bytes) |
| ..\_1db14703.exe |
|
|
|
|
| ..\spy
reaper pro demo
\spyreaperprodemo.exe |
1.6.0.0 |
p.
a. larson enterprises
|
a04c617068416d76822b1b99cbae10e6 |
921600 |
| ..\spyreaperdemo.msi |
|
|
0355d6fc4e53367a729985e2f2af9a1c |
4353024 |
| ..\desktop
\spy reaper
pro demo.lnk |
|
|
|
2323 |
| ..\temp\msi2db56.log |
|
|
|
678 |
| ..\installer\1a5681.msi |
|
|
d7d395f91f60bf95bf3a7b18624b6094 |
341504 |
|
|
| When
the Fake Anti Spyware
is executed, it creates
the following Registry
entries: |
| • |
..\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628} |
| • |
..\software\microsoft\installer\features\5e375198c2b068e428634e19ddb9e8e9 |
| • |
..\software\microsoft\installer\products\5e375198c2b068e428634e19ddb9e8e9 |
| • |
..\software\vb
and vba program
settings\spy
reaper pro |
| • |
..\software\microsoft\windows\currentversion\uninstall\{891573e5-0b2c-4e86-8236-e491dd9b8e9e} |
| • |
..\software\p.
a. larson enterprises |
|
Snapshot
 |
|
Recommendation to remove Fake Anti Spyware.Spy Reaper |
 |
Spyware Detector can
remove Fake Anti Spyware.Spy
Reaper, and thousands
of other Spyware definitions,
automatically and
instantly.
Click here to
download Spyware Detector
and scan for free. |
| | | | | | | | | |  | Personalized e-Mail support by our Research Team. You send an "Export Log" report to us, we then add new definition and you eliminate spyware found on YOUR PC in the next Live Update. So, not only do you benefit but the whole community enjoys the feedback.
| |  | Speed up your computer and increase browsing performance by deleting Spyware & Adware | | | Enjoy continuous protection and security with frequent spyware definition updates so you never have to worry about new threats and outdated software. | | | Surf the web with confidence knowing your online activities aren't being tracked, and your confidential data is secure from prying eyes. | | | | |  | | | | |  | |  Submit a Threat
Submit a threat to be reviewed by our research team
Submit a Threat | |  | | |
