Home / Spyware Encyclopedia / Fake Anti Spyware.AntiMalware << Back

Recommendation to Automatically remove Fake Anti Spyware.AntiMalware


Our products can remove Fake Anti Spyware.AntiMalware and thousands of other Virus and Spyware automatically and instantly.

Fake Anti Spyware.AntiMalware Details


  • Category Fake Anti Spyware
  • Discovered 11/10/2009 11:39:16 AM
  • Modified 8/9/2023 3:10:13 PM
  • Threat Level Critical
  • Category Description
    These are programs which look like any legitimate program but usually download without users permission, entice users into buying them by showing fake results to improve users PC performance. They may also download spyware and other unwanted programs.

The following Files were created:
VALUEFILESIZECOMPANYNAMEVERSIONSIGNATUREDate
lfs_14.exe 190976  65b35ddc85561642f5268bb1fb54697b 
odb.exe 233984  54f8e10908f4d7709ce1718709b06a6709/08/2023
fa_antivirusinstaller.exe 682008Корпорация Майкрософт5.1.2600.02380271de25589c85b59370b10b95cbf 
kb3216191.exe 1040896Корпорация Майкрософт5.1.2600.0b2a807643e062315b68fc21c07ae9e7b 
wmdrtc32.dll 40960  03ebc053c8eec6b4f4afbbb5dc64b169 
tmp0841856.log 235008  2713e280f8b1710d5d7c9b796be7f2c5 
svc.exe 235008  2713e280f8b1710d5d7c9b796be7f2c5 
lkmldh.sys 5477  3ecc72712703b51f3cd4bcefe38ea758 
q1.exe 261120  539f252d7f1e332a9f77c532645eae08 
odb.exe 233984  54f8e10908f4d7709ce1718709b06a67 

The following Registry Entries were created:
..\System\CurrentControlSet\Services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\"%das.au.ls%\temp\4_pinnew.exe"\"%root%\docume~1\admin\locals~1\temp\4_pinnew.exe:*:enabled:enabled"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"antimalware"\""%pf%\antimalware\antimalware.exe" -noscan"
..\Software\Microsoft\Windows\CurrentVersion\Uninstall\antimalware\(Default)
..\System\CurrentControlSet\Enum\root\legacy_ndisfileservices32\(Default)
..\System\CurrentControlSet\Services\ndisfileservices32\(Default)
..\Software\mediasolaris\(Default)
..\Software\active security\(Default)
..\Software\Microsoft\Windows\CurrentVersion\\"tr"
..\Software\Microsoft\Windows\CurrentVersion\\"cf"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"poprock"\"%das.au.ls%\temp\b.exe"

Notice
Please note that the following information is not controlled or endorsed by Max Secure Software. They are captured automatically by tools in our malware Research Lab as a result of executing Spyware Files or browsing Internet in virtual environment. Please contact us if you find any information inappropriate for removal. All the work contained in this report is copyrighted and should not be copied without permission from Max Secure Antivirus. We do not recommend browsing or removing these entries on your own manually. We do not take any warranty against the use or result of the use of this information.

Home / Malware Encyclopedia << Back

Max Total Security can detect & quarantine this Malware


Useful Links

Copyright © 2022 Max Secure Software. All rights reserved.