Fake Windows Malicious Software Removal Tool

Fake Windows Malicious Software Removal Tool Description

Fake Windows Malicious Software Removal Tool is a fake security application that pretends to be the MSRT or Malicious Software Removal Tool which is a legitimate security program offered by Microsoft. Fake Windows Malicious Software Removal Tool is designed by hackers to trick computer users into purchasing a fake security application. Fake Windows Malicious Software Removal Tool is exploited through a Trojan infection which is known to populate the program files directory with a malicious executable named "MalwareRemoval.exe" and install a "MalwareRemoval" directory with the "Security Center.exe" file.

Upon starting up of Windows, MalwareRemoval.exe will load and then display a screen that resembles the legitimate MSRT application in hopes that a computer user will click on a function to remove certain infections that it supposedly found. If clicked on, Fake Windows Malicious Software Removal Tool may redirect you to a malicious site that sells other security applications.

Technical Information

File System Details

Fake Windows Malicious Software Removal Tool creates the following file(s):
# File Name Detection Count
1 C:\Program Files\MalwareRemoval\Security Center.exe N/A
2 C:\Program Files\MalwareRemoval\MalwareRemoval.exe N/A
3 %UserProfile%\Application Data\MalwareRemoval N/A
4 %UserProfile%\Application Data\SetupMalwareRemoval\spl.ini N/A
5 C:\Documents and Settings\All Users\Start Menu\Programs\MalwareRemoval N/A
6 %UserProfile%\Application Data\SetupMalwareRemoval N/A
7 C:\Program Files\MalwareRemoval N/A
8 %UserProfile%\Application Data\MalwareRemoval\MalwareRemoval.ini N/A

Registry Details

Fake Windows Malicious Software Removal Tool creates the following registry entry or registry entries:
RegistryKey
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "WindowsMaliciou SoftwareRemovalTool"