Malwaresdestructor.com
Malwaresdestructor.com is a browser hijacker promoting the rogue anti-spyware application known as Malware Destructor 2009. Due to affiliated trojans infiltrating the computer via security exploits and modifying the browser settings, web-surfing activitie4s are redirected to the Malwaresdestructor.com domain. Once here, the computer is subject to a fake online scan that displays fictitious and sometimes grossly exaggerated infection results, all in order to intimidate the user into purchasing the fake spyware remover Malware Destructor 2009.
File System Details
Malwaresdestructor.com may create the following file(s):
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | %UserProfile%\Recent\ANTIGEN.sys | |
| 2. | %UserProfile%\Recent\FW.dll | |
| 3. | %UserProfile%\Recent\tempdoc.exe | |
| 4. | %Documents and Settings%\All Users\Application Data\345d567\sqlite3.dll | |
| 5. | %UserProfile%\Recent\ANTIGEN.exe | |
| 6. | %UserProfile%\Recent\FS.sys | |
| 7. | %UserProfile%\Recent\PE.dll | |
| 8. | %Documents and Settings%\All Users\Application Data\345d567\mozcrt19.dll | |
| 9. | %UserProfile%\Local Settings\Temp\del.bat | |
| 10. | %UserProfile%\Recent\energy.exe | |
| 11. | %UserProfile%\Recent\hymt.exe | |
| 12. | %Documents and Settings%\All Users\Application Data\345d567\MD345d.exe | |
| 13. | %UserProfile%\Application Data\Malware Destructor 2009\Instructions.ini | |
| 14. | %UserProfile%\Recent\FS.tmp | |
| 15. | %UserProfile%\Recent\tjd.tmp | |
| 16. | %Documents and Settings%\All Users\Application Data\345d567 | |
| 17. | %Documents and Settings%\All Users\Application Data\345d567\MDestrSys\vd952342.bd | |
| 18. | %WINDOWS%\Temp\IMT7.xml | |
| 19. | %UserProfile%\Application Data\Malware Destructor 2009\cookies.sqlite | |
| 20. | %UserProfile%\Desktop\Malware Destructor 2009.lnk | |
| 21. | %UserProfile%\Recent\energy.tmp | |
| 22. | %UserProfile%\Recent\PE.tmp | |
| 23. | %UserProfile%\Start Menu\Programs\Malware Destructor 2009.lnk | |
| 24. | %Documents and Settings%\All Users\Application Data\345d567\MdestrSys | |
| 25. | %Documents and Settings%\All Users\Application Data\MDestrSys\mdestr.cfg | |
| 26. | %WINDOWS%\Temp\IMT9.xml | |
| 27. | %UserProfile%\Application Data\Malware Destructor 2009 | |
| 28. | %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Malware Destructor 2009.lnk | |
| 29. | %UserProfile%\Recent\cb.drv | |
| 30. | %UserProfile%\Recent\kernel32.drv | |
| 31. | %UserProfile%\Start Menu\Malware Destructor 2009.lnk | |
| 32. | %Documents and Settings%\All Users\Application Data\345d567\384.mof | |
| 33. | %Documents and Settings%\All Users\Application Data\MdestrSys | |
| 34. | %WINDOWS%\Temp\IMT8.xml |
Registry Details
Malwaresdestructor.com may create the following registry entry or registry entries:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft
HKEY_CLASSES_ROOT\MD345d.DocHostUIHandler
HKEY_CLASSES_ROOT\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\
