Fake Anti Spyware.TotalSecure2009 - Spyware Detector

Spyware free software spyware removal Anti Spyware software free spyware check adware spyware remover anti virus download

Home/ Spyware Encyclopedia / Fake Anti Spyware.TotalSecure2009

Fake Anti Spyware.TotalSecure2009 Technical Details

Category		Fake Anti Spyware
Discovered		8/20/2005 12:00:00 AM
Modified		11/19/2008 4:25:32 PM
Threat Level		Critical

Category Description

These are programs which look like any legitimate program but usually download without users permission, entice users into buying them by showing fake results to improve users PC performance. They may also download spyware and other unwanted programs.

Notice

Please note that the following information is not controlled or endorsed by Max Secure Software. They are captured automatically in our Research Lab as a result of executing Spyware Files or browsing Internet. Please contact us if you find any information inappropriate for removal. All the work contained in this report is copyrighted and should not be copied without permission from Max Secure Software.

We do not recommend browsing or removing these entries on your own manually. We do not take any warranty against the use or result of the use of this information.

Summary

The following http urls were started:

• a1.mxlivemedia.com/bc/nsi_install.php?aff_id=default&inst_result=success&id=25f3f9a07...
• a1.mxlivemedia.com/bc/nsi_install.php?aff_id=mxlivemedia&inst_result=success&id=84d10...
• lntoplive.com/getupdate.php?v=1&uid=384&cid=128d11b974f0d736cb664573fb759c77

The hosts file was updated with the following url-to-ip mappings:

217.20.175.74	antivirus-2009pro.com
217.20.175.74	antivirusa2.com
217.20.175.74	browsersecuritycenter.com

The following internet connection was established:

85.92.158.75 : 80
127.0.0.1 : 1516
85.255.120.124 : 80

The following Files were created:

Name	Version	Publisher	Signature (MD5)	File Size (in KB)
..\MQGLDFVO.EXE			3D8C30F99663D210048C4BE203BF1BF8
..\1F357E0DADMINISTRATOR.DAT
..\DUMP154D.TMP
..\IEEXPLORER32.EXE			5AE0604CC4B44C052B0CCACB8324B971	119296
..\A9INSTALLER_77027901.EXE			087E3BA4FC9BBB7967F78F9BB72370C1
..\SAMPLES\SISETUP.EXE	1.0.0.0	SPYWAREISO2008.COM	92EDB65DECEEC03A03D6CCDFB26AFC6B	1838290
..\YAYWXYOF.DLL			5165501226CEC41E9D0FB1AE05FBF1C1
..\ANTIVIRUSDOC.LNK
..\APPBASE\ECDCREAT4.DAT
..\APPBASE\FRNTPAGE.DAT
..\APPBASE\GETRIGHT.DAT
..\APPBASE\HOTDOGPR.DAT
..\APPBASE\IMGREADY3.DAT
..\APPBASE\LVIEW.DAT
..\APPBASE\MICDES.DAT
..\APPBASE\MPAINT.DAT
..\APPBASE\MSOFFICE.DAT
..\APPBASE\NERO.DAT
..\APPBASE\PHPCODER.DAT
..\APPBASE\REALDOWN.DAT
..\APPBASE\SONIQUE.DAT
..\APPBASE\ULTRAED.DAT
..\APPBASE\UVIDSTUD.DAT
..\APPBASE\WINACE.DAT
..\APPBASE\WISEINST.DAT

The following Registry Entries were created:

•	..\Software\{5222008a-dd62-49c7-a735-7bd18ecc7350}
•	..\Software\Classes\Typelib\{a8954909-1f0f-41a5-a7fa-3b376d69e226}
•	..\Software\Classes\codecbho.xmldomdocumenteventssink
•	..\Software\Microsoft\Windows\CurrentVersion\drivers
•	..\Software\Classes\labelcommand.labelcommand.1
•	..\Software\virusremover2008
•	..\Software\Microsoft\Windows\CurrentVersion\Uninstall\virusremover2008
•	..\Software\Microsoft\Windows\CurrentVersion\Uninstall\TOTAL SECURE 2009
•	..\Software\Microsoft\Windows\CurrentVersion\Run\\"GSCNS384"\"%DAS.AU.APP DATA%\PCPRIV.EXE"
•	..\Software\Microsoft\Windows\CurrentVersion\Run\\"CLEANER2009 FREEWARE"\""%PF%\CLEANER2009 FREEWARE\UCLN.EXE" /MIN"
•	..\Software\Classes\Appid\{2482E52B-2324-4619-89C0-5C7A2EB286AB}
•	..\Software\Classes\Clsid\{2A8D06B4-1B40-009F-E531-629A59080F43}
•	..\Software\Classes\Clsid\{5E986219-D37C-4509-A4E4-D33C14033AA3}
•	..\Software\Classes\Interface\{6CD310BC-5316-43AC-9061-6BBA53AFF605}
•	..\Software\Classes\Interface\{771360E4-E3F5-4944-AC29-88412B1C5011}
•	..\Software\Classes\Typelib\{A6FBD2E4-1C7E-4EAB-80DD-01DE2645566A}
•	..\Software\Classes\Clsid\{F22B7E8D-83B6-4369-A6B6-35312541D85F}
•	..\Software\GSCNS384
•	..\Software\Classes\IERCPT.IERCPTBHO.1
•	..\System\CurrentControlSet\Services\KXG22
•	..\Software\Microsoft\Windows\CurrentVersion\Uninstall\QUICKINSTALLPACK
•	..\System\CurrentControlSet\Control\SAFEBOOT\MINIMAL\KXG22.SYS
•	..\Software\Microsoft\Internet Explorer\Toolbar\\"{2D8F572A-0382-4212-B2DD-F4D95B508189}"
•	..\Software\Microsoft\Windows\CurrentVersion\Run\\"TOTALSECURE2009"\"%PF%\TS2009\SCAN.EXE"

Recommendation to remove Fake Anti Spyware.TotalSecure2009

Spyware Detector can remove Fake Anti Spyware.TotalSecure2009, and thousands of other Spyware automatically and instantly. Click here to download Spyware Detector and scan for free.

	Personalized E-mail support by our Research Team. You send an "Export Log" report to us, we then add new definition and you eliminate spyware found on YOUR PC in the next Live Update. So, not only do you benefit but the whole community enjoys the feedback.
	Speed up your computer and increase browsing performance by deleting Spyware & Adware
	Enjoy continuous protection and security with frequent spyware definition updates so you never have to worry about new threats and outdated software.
	Surf the web with confidence knowing your online activities aren't being tracked, and your confidential data is secure from prying eyes.

Search Threats

Testimonials

Information Desk

	Spyware & Adware Categories we scan

	List of Spyware & Adware we remove


	Submit a Threat Submit a threat to be reviewed by our research team Submit a Threat