« Antivirus 360
System Security »

MS Antispyware 2009

No Comments
GoldSparrow By GoldSparrow in Rogue Anti-Spyware Program | 144 views
Rate it:
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...

MS AntiSpyware 2009 Description

MS AntiSpyware 2009, from the same family as Pro AntiSpyware 2009, is another phony anti-spyware program. MS AntiSpyware 2009 is advertised through Trojans and shows fake security warnings and pop ups telling you that your PC is infected so that they can trick you into buying their phony software.

Once the user is infected, he/she may receive numerous and deceiving popup messages stating that the user’s computer is infected with spyware. This is a very common tactic used by other rogues to trick users and urge them to purchase the “full” version of the program from a malicious website.

In addition, MS AntiSpyware 2009 may create “malware” files to later detect them with its fake computer scan. All links provided by MS AntiSpyware 2009 will most likely redirect users to MS AntiSpyware 2009’s homepage (MSAntiSpyware2009.com) to further purchase MS AntiSpyware 2009’s full version.

Type: Rogue AntiSpyware Programs

Automatic Detection of MS AntiSpyware 2009

 
 

Download SpyHunter’s Detection Scanner
to Detect MS AntiSpyware 2009.

 
 

MS AntiSpyware 2009 Technical Report

As new MS AntiSpyware 2009 details are reported by our customers and findings from our Threat Research Center, we will update this section.

The following MS AntiSpyware 2009 files with its MD5s were created in the system:

File Name File Size MD5
msas2009.exe 1105920 c24d5d42b004f6b0c3215fb7240d0ade
main[1].exe 1105920 c24d5d42b004f6b0c3215fb7240d0ade
setup_1_1_[1].exe 106496 d87f47fa48fbcdf52ef8e765086c9018
setup_1_2777_[1].exe 102400 22fa68c74e2ba08c3b00a6f1a5d695c3
msas2009.exe 1122304 2de810efab2ed2083baeb523477b1b01
msas2009.exe 1122304 e4064a1ef239993b32bf50325ff59c9e
msas2009.exe 1122304 4d0476e0977d96cd44bab7376ff939a8
msas2009.exe 1130496 64ba6cd9855fb9c4dc2ae41caadd286b
msas2009.exe 2823435 9c93436f56c2b212936ee2b3f522761d
msas2009.exe 1126400 dfc587ea20172869251e3df6f3e62125
msas2009.exe 1126400 c22a639551b776f9748b71d68d211fa7
msas2009.exe 1126400 cabe3237003950e1f52fc1eff3a783fe
msas2009.exe 1126400 f09c33e86a137fc2fa8fd19a013e65ed
msas2009.exe 1126400 6a1c39ed6ac824097ce0334847a9cbb2
msas2009.exe 1126400 75a2f775c3c342076fac1be7afa922fe
setup_1_1_[1].exe 60416 2fb1ec492f7f919598bc18cc0ea2b7f2
msas2009.exe 1130496 2294c81841ed7fb8e48b0afdd4cf2a8e
msas2009.exe 1126400 7d5df90c6a7412cbac832a04dfa18b1a
msas2009.exe 1130496 2078e5406fa53f8afaa84c13adf9783d
msas2009.exe 1130496 d44c569e9a131aec9c1400c2bf7bf379
msas2009.exe 1130496 bff8ab201ff61f654a5bbb612eb31be5
msas2009.exe 1126400 7b47fa7c7a31459a88526444c0c7cd16
msas2009.exe 1126400 ef54e9fd46ffda4acce07760cc01a671
msas2009.exe 1126400 49cf6848cfa5782d6ded61ceffc043d8
msas2009.exe 1130496 19332c00c034ecb8efabe76664c22709
msas2009.exe 1126400 c9e17a3606476e05652dc14496ac515e
msas2009.exe 1204736 1cd01746fa4bec3c4e5216bf1fbf5997
msas2009.exe 1205248 e9c598487467531894273b0cacdc3ce7
setup[1].exe 71691 7366b4ee6a3f61beb50e17cdd42b7579
5994.exe 78859 f985e08ba797e9c9578f70fa4d5ab3ea
msas2009.exe 1094144 116b050258df33dd2c7069bb40903b1c
msas2009.exe 1086464 4cb4b25506ab8ae74e82a43d7987b526
msas2009.exe 1086464 b5c0d11de3a307aa4c63714c8ed85b7d
msctrl.exe 40960 f78be4d4c09c2ae14895722fb959f110
msa.exe 133120 8ccfb57328f9b95015fa29c0da0e329f

MS AntiSpyware 2009 has typically the following processes in memory:

  • %ALLUSERSPROFILE%\Application Data\CrucialSoft Ltd\MS AntiSpyware 2009\msas2009.exe
  • c:\Documents and Settings\All Users\Application Data\CrucialSoft Ltd\MS AntiSpyware 2009\msas2009.exe
  • msas2009.exe
  • %PROGRAMDATA%\crucialsoft ltd\ms antispyware 2009\msas2009.exe

MS AntiSpyware 2009 created the following directories, files, paths:

  • c:\programdata\crucialsoft ltd\ms antispyware 2009
  • %UserProfile%\Start Menu\Programs\MS AntiSpyware 2009
  • %AllUsersProfile%\Application Data\CrucialSoft Ltd\MS AntiSpyware 2009

MS AntiSpyware 2009 creates the following registry entries:

  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “MS AntiSpyware 2009″
  • Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\MS AntiSpyware 2009
  • HKEY_CURRENT_USER\Software\CrucialSoft Ltd\MS AntiSpyware 2009
  • CrucialSoft Ltd\MS AntiSpyware 2009
  • Software\Microsoft\Windows\CurrentVersion\Drivers\Video\Options\4E8D9EBF-122C-42BD-A8CB-7E59C9CC08BA
  • HKEY_CURRENT_USER\Software\CrucialSoft Ltd
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\uninstall\MS AntiSpyware 2009 5.7
  • Microsoft\Windows\CurrentVersion\uninstall\MS AntiSpyware 2009 5.7

Important Article Disclaimer

article disclaimer
ESG Support Center

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Furl
  • StumbleUpon
  • Technorati
  • YahooMyWeb
This entry was posted on 12/15/08 and is filed under Rogue Anti-Spyware Program. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Comment

Note: Abusive comments are not allowed. Please do not post comments regarding technical support issues. ESG customers that have issues with SpyHunter should open a customer support ticket.

*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word

Top Malware

Recommended Products

Featured Videos

Poll

How much money have you spent trying to rid your PC of spyware?
View Results

Recent Articles

Top FAQs


Archives

Home Sitemap RSS Feed Privacy Policy End User License Agreement Copyright 2003-2009. Enigma Software Group USA, LLC. All Rights Reserved.