MaCatte Antivirus 2009

LoneStar By LoneStar in Rogue Anti-Spyware Program | 0 views
Rate it:
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...

MaCatte Antivirus 2009 Description

 
 
Image Screenshot
[+] Click Image to Enlarge
 
 

MaCatte Antivirus 2009 is a bogus anti-spyware application that mimics the McAfee security program. MaCatte Antivirus 2009 is not able to detect or remove computer parasites. If you have MaCatte Antivirus 2009 installed on your system, then you may notice the many parasites that it supposedly finds during system scans. Each of these parasites are nonexistent. MaCatte Antivirus 2009 is not a trusted security program.

MaCatte Antivirus 2009 is designed to load at startup where it will display multiple misleading threat alerts and asks you to update the application which can redirect you to a site to purchase a full version of MaCatte Antivirus 2009. In addition, MaCatte Antivirus 2009 has the ability to block any installed security applications which can make MaCatte Antivirus 2009 difficult to successfully remove.

Type: Rogue AntiSpyware Programs

How Can You Detect MaCatte Antivirus 2009?

 
 

Download SpyHunter’s Detection Scanner
to Detect MaCatte Antivirus 2009.

 
 

MaCatte Antivirus 2009 Technical Report

As new MaCatte Antivirus 2009 details are reported by our customers and findings from our Threat Research Center, we will update this section.

The following MaCatte Antivirus 2009 files with its MD5s were created in the system:

File Name File Size MD5
mass.exe 23792640 a22d88fcf65314727d715788d2b65d82
MaCatte[1].exe 13242007 742be485208fbc4c59fb950e60c0c826

MaCatte Antivirus 2009 has typically the following processes in memory:

  • mstdl.exe
  • C:\Documents and Settings\All Users\Start Menu\Programs\msca\mstdl.exe
  • MaCatte[1].exe
  • C:\Program Files\msca\msc.exe
  • WPtect.dll

MaCatte Antivirus 2009 created the following directories, files, paths:

  • %AllUsersProfile%\Start Menu\Programs\ MaCatte

MaCatte Antivirus 2009 creates the following registry entries:

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A73890FC-177F-4198-AE3D-C64F7D9E69D8}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{459b6bf8-5320-4c41-8833-85baedf31086}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce “msca”
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPost “0″
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{459b6bf8-5320-4c41-8833-85baedf31086}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{459b6bf8-5320-4c41-8833-85baedf31086}
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “msc”
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\msca
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnonBadCertRecving “0″
  • HKEY_CURRENT_USER\Software\msca
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel\NameSpace\{459b6bf8-5320-4c41-8833-85baedf31086}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\NetworkNeighborhood\NameSpace\{459b6bf8-5320-4c41-8833-85baedf31086}
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “wsc”
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect “0″

Important Article Disclaimer

ESG Support Center

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Furl
  • StumbleUpon
  • Technorati
  • YahooMyWeb
This entry was posted on 11/5/09 and is filed under Rogue Anti-Spyware Program. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Comment

Note: Abusive comments are not allowed. Please do not post comments regarding technical support issues. ESG customers that have issues with SpyHunter should open a customer support ticket.

*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word

Poll

How much money have you spent trying to rid your PC of spyware?
View Results
Follow Us on Twitter

Archives

Home Sitemap RSS Feed Privacy Policy End User License Agreement Copyright 2003-2010. Enigma Software Group USA, LLC. All Rights Reserved.