Fake Anti Spyware.TotalSecure2009 - Spyware Detector

Spyware free software spyware removal Anti Spyware software free spyware check adware spyware remover anti virus download

Home/ Spyware Encyclopedia / Fake Anti Spyware.TotalSecure2009

Fake Anti Spyware.TotalSecure2009 Technical Details

Category		Fake Anti Spyware
Discovered		8/20/2005 12:00:00 AM
Modified		7/2/2009 2:42:31 PM
Threat Level		Critical

Category Description

These are programs which look like any legitimate program but usually download without users permission, entice users into buying them by showing fake results to improve users PC performance. They may also download spyware and other unwanted programs.

Notice

Please note that the following information is not controlled or endorsed by Max Secure Software. They are captured automatically in our Research Lab as a result of executing Spyware Files or browsing Internet. Please contact us if you find any information inappropriate for removal. All the work contained in this report is copyrighted and should not be copied without permission from Max Secure Software.

We do not recommend browsing or removing these entries on your own manually. We do not take any warranty against the use or result of the use of this information.

Summary

The following http urls were started:

• fastupdateservice.com/zsa9/zs880000.exe
• antivirus-database.com/firstrun.php?product=AV9&aff=77001116&update=0207/av2009&time=...
• mspublic.com/?q=get&id=antivirusxp&pid=6111&v=20

The hosts file was updated with the following url-to-ip mappings:

217.20.175.74	antivirus-2009pro.com
217.20.175.74	antivirusa2.com
217.20.175.74	browsersecuritycenter.com

The following internet connection was established:

85.92.158.75 : 80
127.0.0.1 : 1516
84.16.252.138 : 80

The following Files were created:

Name	Version	Publisher	Signature (MD5)	File Size (in KB)
..\QIP\IERCPT.DLL	1.0.0.1	WITABETT ENTERPRISES LTD	74c463eae775b2a4ad312c33d82673dd	110592
..\CLEANER2009 FREEWARE \IEVIEWER.EXE	1.0.0.1	todo:	380852b4fd381b0695d962f9f5bfc446	253952
..\CODECBHO.DLL	1.0.0.1	TODO:	12251f13977829b6cebe330f9642c649	155648
..\QIP\IERCPT.DLL	1.0.0.1	SysytemBooster2009 Inc.	74c463eae775b2a4ad312c33d82673dd	110592
..\system doctor free \systemdoc.exe	1.1.180.7	SYSTEMDOCTOR, LTD.	00bb47fac87974127de24e2bf06dbf24	3772416
..\system doctor free \insthelp.exe	1.0.1.0	systemdoctor, inc.	db8fbbb4a1b1267d6a89889b3acaa425	110592
..\system doctor free \systemdoc.exe	1.1.180.3	systemdoctor inc.	00bb47fac87974127de24e2bf06dbf24	3792896
..\SISETUP.EXE	1.0.0.0	SPYWAREISO2008.COM	92edb65deceec03a03d6ccdfb26afc6b	1838290
..\QIP\IERCPT.DLL	1.0.1.0	PersonalAntiSpy Inc.	74c463eae775b2a4ad312c33d82673dd	110592
..\pcprivacycleaner\pcpc.exe	1.0.22.3	PCPRIVACYCLEANER INC.	094ea62f28c446673ba066f72f64fce4	934864
..\system doctor free \insthelp.exe	1.0.1.0	INSTHELP	db8fbbb4a1b1267d6a89889b3acaa425	110592
..\CLEANER2009 FREEWARE \IEVIEWER.EXE	1.0.2.0	CLEANER2009, INC.	380852b4fd381b0695d962f9f5bfc446	253952
..\CLEANER2009 FREEWARE\UCLN.EXE	1.0.10.0	CLEANER2009, INC.	02c623f3b578b73db79842c19f6ae526	1385984
..\TEMP\CLN_2009FREESETUP.EXE	1.0.16.0	Cleaner2009, Inc	317165030e290c0d0c49864141bbb72d	4093952
..\CLEANER2009 FREEWARE\UCLN.EXE	1.0.16.0	Cleaner2009, Inc	02c623f3b578b73db79842c19f6ae526	1799680
..\QIP\IERCPT.DLL	1.0.0.1	CLEANER2009 INC.	74c463eae775b2a4ad312c33d82673dd	110592
..\TEMP\CLN_2009FREESETUP.EXE	1.0.10.0	CLEANER2009 INC.	317165030e290c0d0c49864141bbb72d	3748864
..\pcprivacycleaner\pcpc.exe	1.0.21.2	AntiSpywareSolutionPro, Inc.	094ea62f28c446673ba066f72f64fce4	934352
..\QIP\IERCPT.DLL	1.0.0.1	AntiSpywareSolutionPro Inc.	74c463eae775b2a4ad312c33d82673dd	110592
..\pcprivacycleaner\pcpc.exe	1.0.24.0	AntiSpywareSolutionPro Inc.	094ea62f28c446673ba066f72f64fce4	3252224
..\QIP\IERCPT.DLL	1.0.44.0	AntiSpywareSolution Inc.
..\TS2009\SCAN.EXE	1.2.0.0		2901bedfc10f163706f49c6eab20ae56	7223808
..\IEEXPLORER32.EXE			5ae0604cc4b44c052b0ccacb8324b971	119296
..\SYSGYCNAFEKB.EXE			c10a1158d50591181fe47a2972d2227b	54306
..\SYSRAGFCHQSB.EXE			9db748dbeaa2e300d1af66567ee8d56f	40994
..\ULTIMATECLEANER_INSTALLER.EXE			28ffc7b681afb1fbf2dd06fe6f2bcefc	147280
..\WMCODEC_UPDATE.EXE			39ab28cd98db92dc1a84306f01492a5c	436640

The following Registry Entries were created:

•	..\Software\Microsoft\Windows\CurrentVersion\Run\\"CPL32VER"\"%WIN.SYS32%\CPL32VER.EXE"
•	..\Software\Microsoft\Windows\CurrentVersion\Run\\"TOTALSECURE2009"\"%PF%\TOTALSECURE2009\SCAN.EXE"
•	..\Software\Classes\Clsid\{037c7b8a-151a-49e6-baed-cc05fcb50328}
•	..\Software\Classes\Clsid\{18cb1a7b-94cd-4582-8022-ada16851e44b}
•	..\Software\Classes\Interface\{967a494a-6aec-4555-9caf-fa6eb00acf91}
•	..\Software\ANTIVIRUSDOC
•	..\System\CurrentControlSet\Services\cbevtsvc
•	..\System\CurrentControlSet\Services\tcpsr
•	..\Software\Microsoft\Windows\CurrentVersion\Uninstall\TOTAL SECURE 2009
•	..\Software\TOTALSECURE2009
•	..\Software\Microsoft\Windows NT\CurrentVersion\WINLOGON\"SHELL"\"EXPLORER.EXE %WIN%\SHELL.EXE"
•	..\Software\Microsoft\Windows\CurrentVersion\Run\\"PRINTER"\"%WIN.SYS32%\PRINTER.EXE"
•	..\Software\Microsoft\Windows\CurrentVersion\Run\\"system doctor free"\"%pf%\system doctor free\systemdoc.exe -scan"
•	..\Software\Microsoft\Windows\CurrentVersion\Run\\"TOTALSECURE2009"\"%PF%\TS2009\SCAN.EXE"
•	..\Software\{5222008a-dd62-49c7-a735-7bd18ecc7350}
•	..\Software\{65de966d-11d1-4bb1-bf7e-b8a273514daf}
•	..\Software\Classes\Typelib\{8b8df25f-2c47-4473-8e1c-7f54ac7ef481}
•	..\Software\Classes\Typelib\{a8954909-1f0f-41a5-a7fa-3b376d69e226}
•	..\Software\Microsoft\54751dcb
•	..\Software\77140383467376036967628349677876
•	..\Software\Microsoft\Windows\CurrentVersion\Uninstall\altcompare
•	..\Software\Microsoft\bind

Recommendation to remove Fake Anti Spyware.TotalSecure2009

Spyware Detector can remove Fake Anti Spyware.TotalSecure2009, and thousands of other Spyware automatically and instantly. Click here to download Spyware Detector and scan for free.

	Personalized E-mail support by our Research Team. You send an "Export Log" report to us, we then add new definition and you eliminate spyware found on YOUR PC in the next Live Update. So, not only do you benefit but the whole community enjoys the feedback.
	Speed up your computer and increase browsing performance by deleting Spyware & Adware
	Enjoy continuous protection and security with frequent spyware definition updates so you never have to worry about new threats and outdated software.
	Surf the web with confidence knowing your online activities aren't being tracked, and your confidential data is secure from prying eyes.

Search Threats

Testimonials

Information Desk

	Spyware & Adware Categories we scan

	List of Spyware & Adware we remove


	Submit a Threat Submit a threat to be reviewed by our research team Submit a Threat