SpywareStrike

Description:	Rogue Security Program
Risk Level:	Low
Date of First Occurence:	Wednesday, April 16, 2008
Software Developer:	(unknown)
Brief Info:	Rogue/Suspect Anti-Spyware Product "Rogue/Suspect" means that these products are of unknown, questionable, or dubious value as anti-spyware protection.
Removal:	This threat can be removed using "Spyware Terminator"

REMOVER SPYWARE »

Geographical Distribution of Threat "SpywareStrike"

Threat Info

View All

Detected Items

Detected Files: %TEMP%\sa3.exe MD5: 89474491B2DFA3C6EE277E29CB66E988 Size:2701086 %TEMP%\sa1.exe MD5: 91E44B819DE4DA91A32150886DC5A9AD Size:233472 MD5: AC8E5BA37ADD4AF1DC62887BC17CAE21 Size:3186829 MD5: 4A11ADACC7CF89657A500FF0D8745BA0 Size:7612520 MD5: EDA31FFA39A7D7845F951F0D7068B8D8 Size:2989946 MD5: A16521E667BDA1789309F91EB7A51CBD Size:8061056 MD5: F8C8C85D8CE3EFAB1598AC708E8C1400 Size:7612520 MD5: 36B9AE75072821DB3B271E9B77D54056 Size:2604323 MD5: 3069665D268D9E44DF645114E2EA949C Size:8061056 MD5: AFBE280F94CD2C1E3294A7AF17CD9A12 Size:7612520 MD5: A7A38E53DCA16F3606029AA401CC9E66 Size:2983247 MD5: 4471378D4D7649FEFD937304462DBEAC Size:7610368 MD5: 5067898A77D9601DE84EAC52D45C0F9C Size:2980273 and more.... %TEMP%\sa2.exe MD5: 7D4D824527C76A5DBAB4B8B2979C55A1 Size:1318912 MD5: 9A6A909E3EC3AE483250F3A9C55D0E9F Size:7612520 MD5: 8EBC111A9592FF1E414CD32C65033620 Size:2608920 MD5: EBF5393F3FFB0EFCEB77EBA5E93CC3AF Size:2992101 %PROGRAMFILES%\SpywareStrike\uninst.exe MD5: 1084EFCCDEC44D0B86D1BE7398262A0D Size:35084 %PROGRAMFILES%\SpywareStrike\msvcp71.dll MD5: 561FA2ABB31DFA8FAB762145F81667C2 Size:499712 %PROGRAMFILES%\SpywareStrike\msvcr71.dll MD5: 86F1895AE8C5E8B17D99ECE768A70732 Size:348160 %PROGRAMFILES%\SpywareStrike\SpywareStrike.exe MD5: 90FC81A35E7C7169CFB45C8B578A35BA Size:1413120 %USERPROFILE%\local settings\temp\sa1.exe MD5: 7F31E3D101301ABFBEB432407C00C11C Size:8061056 MD5: D7BA95961B3FF5AA0DF583E3B6F72083 Size:876544
Detected Files with variable Filenames: MD5: 9A6A909E3EC3AE483250F3A9C55D0E9F Size: 7612520 %TEMP%\sa2.exe %TEMP%\sa1.exe %TEMP%\sa3.exe MD5: EDA31FFA39A7D7845F951F0D7068B8D8 Size: 2989946 %TEMP%\sa1.exe %TEMP%\sa3.exe MD5: A7A38E53DCA16F3606029AA401CC9E66 Size: 2983247 %TEMP%\sa1.exe %TEMP%\sa2.exe MD5: 5067898A77D9601DE84EAC52D45C0F9C Size: 2980273 %TEMP%\sa1.exe %TEMP%\sa2.exe

Detecting items list:

Files by Name %PROGRAMFILES%\SpywareStrike\SpywareStrike.exe %PROGRAMFILES%\SpywareStrike\uninst.exe %DESKTOP%\SpywareStrike.lnk %START_PROGRAMS%\SpywareStrike\SpywareStrike 2.5 Website.lnk %START_PROGRAMS%\SpywareStrike\SpywareStrike 2.5.lnk %START_PROGRAMS%\SpywareStrike\Uninstall SpywareStrike 2.5.lnk %APPDATA%\Microsoft\Internet Explorer\Quick Launch\SpywareStrike 2.5.lnk %TEMP%\sa1.exe %TEMP%\sa2.exe %TEMP%\sa3.exe %sysdir%\dxole32.exe
Files by Directories %PROGRAMFILES%\SpywareStrike %START_PROGRAMS%\SpywareStrike
Registry Keys HKCR\AppID\SpywareStrike.EXE HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareStrike HKLM\SOFTWARE\SpywareStrike HKCR\Interface\{2C15CDEA-3EF4-4405-90B0-19A1389B36ED} HKCR\Interface\{3115A433-3FA0-483B-AB01-2A61C951FE58} HKCR\Interface\{51FEFA9C-1D5A-41C4-81FE-8C0FBE9254F0} HKCR\Interface\{5CCC8D01-9F75-4F07-9ACF-DEB314176C79} HKCR\Interface\{5E7BF614-960B-4A1F-9236-9EC01AC4C5E2} HKCR\Interface\{66F0AC1C-DED5-4965-9E31-39788DF1B264} HKCR\Interface\{849E056A-D67A-431E-9370-2275F26D39B5} HKCR\Interface\{8B7AFBFD-631C-45BA-9145-F059EB58DD73} HKCR\Interface\{AFEB8519-0B8B-4023-8C15-FFB17D5225F9} HKCR\Interface\{BA9CC151-4581-438E-94AF-4C703201B7CA} HKCR\Interface\{BC74C336-FF2C-40C9-AD4E-3772C208406B} HKCR\Interface\{BDF00F24-A571-4392-95EC-04FDFF82A82C} HKCR\Interface\{C4E953E6-770E-4F59-A5E3-43E9F0D682E2} HKCR\Interface\{E0105E7C-D0C4-4DEA-AA21-B02F2960ECAF} HKCR\Interface\{ED39CB7C-1BF6-429B-A275-F183B4A3EFCB} HKCR\Interface\{F23AA637-31D5-4526-B5C6-9FF89E16202C} HKCR\TypeLib\{C1A4C0C9-DBD0-493A-93F8-0B05EDC96224} HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SpywareStrike.exe
Registry Values HKCR\AppID\{70F17C8C-1744-41B6-9D07-575DB448DCC5} ValueName=SpywareStrike HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ValueName=SpywareStrike

« Go to Software Database

Pesquise na nossa Base de Dados de Software

A base de dados Software

Últimas notícias sobre Malware

23. Setembro 2011

Among one of the most active spywares currently is without a doubt Trojan.MicroFake.ba. It attacks in conjunction with Rogue antispyware applications and forces users to purchase these fake applications. Using rootkit techniques is very typical of this Trojan to help it hide from users and the system, making it hard to trace. We recommend regular updating of our database and an active real-time protection with antivirus.

Notícias antigas de malware »