Magic AntiSpy

Description: Rogue Security Program
Risk Level: High
Date of First Occurence: Monday, April 14, 2008
Software Developer: (unknown)
Brief Info: Rogue/Suspect Anti-Spyware Product "Rogue/Suspect" means that these products are of unknown, questionable, or dubious value as anti-spyware protection.
Removal: This threat can be removed using "Spyware Terminator"

REMOVER SPYWARE »

Geographical Distribution of Threat "Magic AntiSpy"

Threat Info

View All

Detected Items

  1. Detected Files: %PROGRAMFILES%\Magicantispy\Uninstall.exe MD5: 69ED5A39465A0AFA3AFF85203F7289DF Size:127488 %PROGRAMFILES%\Magicantispy\Magicantispy.exe MD5: 1D5FF72570C4562605AFD52FE4A4BAC3 Size:401920
  2. Detected Files with variable Filenames: MD5: AC153A4F1FF0C34D58A23555DBC66763 Size: 57344 %PROGRAMFILES%\LiveAntispy\LiveAntispy0.dll %PROGRAMFILES%\AntiSpywareShield\AntiSpywareShield0.dll %SystemDiskRoot%\System Volume Information\_restore{29FD9B63-4F58-4DB0-B2C4-8709D5244F27}\RP916\A0103812.dll %PROGRAMFILES%\MalwareAlarm\malwarealarm0.dll.ren %SystemDiskRoot%\System Volume Information\_restore{64C55BAE-0167-4E29-A424-980E0BCA06F2}\RP712\A0192280.dll %SystemDiskRoot%\System Volume Information\_restore{64C55BAE-0167-4E29-A424-980E0BCA06F2}\RP726\A0196125.dll %SystemDiskRoot%\My Backup -- 08-05-23 1021PM\Program Files\MalwareAlarm\MalwareAlarm0.dll %SystemDiskRoot%\System Volume Information\_restore{1E6799F7-AAE7-47A5-9D97-A23612BF287D}\RP46\A0210810.dll %PROGRAMFILES%\SpyShredder\spyshredder0.dll.ren %PROGRAMFILES%\OnlineGuard\OnlineGuard0.dll %PROGRAMFILES%\Bravesentry\BraveSentry0.dll and next 59 variations. MD5: 6D09C05A4451FA73196E0999FC3117FE Size: 40960 %PROGRAMFILES%\AntiSpywareShield\AntiSpywareShield3.dll %PROGRAMFILES%\MalwareAlarm\malwarealarm3.dll.ren %PROGRAMFILES%\Bravesentry\BraveSentry3.dll %SystemDiskRoot%\program files\MalwareAlarm\MalwareAlarm3.dll %PROGRAMFILES%\SpyShredder\spyshredder3.dll.ren %PROGRAMFILES%\OnlineGuard\OnlineGuard3.dll %PROGRAMFILES%\LiveAntispy\LiveAntispy3.dll %SystemDiskRoot%\Program Files\PestTrap\heur003.dll %PROGRAMFILES%\MalwareAlarm\MalwareAlarm3.dll D:\System Volume Information\_restore{E4F9AEE7-C35B-4967-93DD-E2F56945810A}\RP111\A0010690.dll %SystemDiskRoot%\Program Files\AntiSpywareShield\AntiSpywareShield3.dll and next 50 variations. MD5: DAB8F8DDA92F5A59AAE3346EE28B5BA0 Size: 45056 %PROGRAMFILES%\AntiSpywareShield\AntiSpywareShield1.dll %PROGRAMFILES%\LiveAntispy\LiveAntispy1.dll %PROGRAMFILES%\MalwareAlarm\malwarealarm1.dll.ren %SystemDiskRoot%\System Volume Information\_restore{6B3FD0DA-4208-464B-B95E-977216D2E2BB}\RP455\A0347219.dll %SystemDiskRoot%\System Volume Information\_restore{6B3FD0DA-4208-464B-B95E-977216D2E2BB}\RP455\A0347218.dll %PROGRAMFILES%\SpyShredder\spyshredder1.dll.ren %PROGRAMFILES%\OnlineGuard\OnlineGuard1.dll %PROGRAMFILES%\Alwil Software\Avast4\DATA\moved\AntiSpywareShield1.dll.vir %PROGRAMFILES%\SpyWatchE\SpyWatchE1.dll %PROGRAMFILES%\WinSpyKiller\WinSpyKiller1.dll.ren %PROGRAMFILES%\MalwareAlarm\MalwareAlarm1.dll and next 55 variations.

Detecting items list:

  1. Files by Name %PROGRAMFILES%\Magicantispy\Magicantispy.exe %PROGRAMFILES%\Magicantispy\Magicantispy0.dll %PROGRAMFILES%\Magicantispy\Magicantispy1.dll %PROGRAMFILES%\Magicantispy\Magicantispy3.dll %DESKTOP%\Magicantispy.lnk %START_PROGRAMS%\Magicantispy\Magicantispy.lnk %START_PROGRAMS%\Magicantispy\Uninstall.lnk
  2. Files by MD5 MD5: 9C5D5633D1EC2053E31C8CBF720B746E Size: 39424 MD5: 1D5FF72570C4562605AFD52FE4A4BAC3 Size: 401920 MD5: AC153A4F1FF0C34D58A23555DBC66763 Size: 57344 MD5: DAB8F8DDA92F5A59AAE3346EE28B5BA0 Size: 45056 MD5: 6D09C05A4451FA73196E0999FC3117FE Size: 40960
  3. Files by Directories %PROGRAMFILES%\Magicantispy %START_PROGRAMS%\Magicantispy
  4. Registry Keys HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Magicantispy HKCU\Software\Magicantispy
  5. Registry Values HKCU\Software\Microsoft\Windows\CurrentVersion\Run ValueName=Magicantispy Value=%PROGRAMFILES%\Magicantispy\Magicantispy.exe

« Go to Software Database