MSA Security Center
MSA Security Center is a rogue malware application which fraudulently presents itself as a security suite program. MSA Security Center can install itself onto the user's PC without their knowledge or consent. MSA Security Center comes installed and bundled with infected programs and Trojans. MSA Security Center will generate fake pop-up ads and alerts in order to persuade the user into purchasing the full paid version of the rogue application. MSA Security Center can also cause a slow down in the PC's performance.
File System Details
MSA Security Center may create the following file(s):
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | %Windir%\sysutils\sysutil_s.exe | |
| 2. | %Windir%\sysutils\sysutil.exe | |
| 3. | %Windir%\iebho.dll | |
| 4. | %Windir%\sysutils\winsystip.exe | |
| 5. | %Windir%\sysutils\uninstall.exe | |
| 6. | %Windir%\sysutils\sounds\02.wav | |
| 7. | %Windir%\sysutils\warning\alertpage.jpg | |
| 8. | %Windir%\sysutils\sounds\01.wav | |
| 9. | %Windir%\sysutils\warning\spacer.gif | |
| 10. | %Windir%\sysutils\settings.ini | |
| 11. | %Windir%\sysutils\sounds\03.wav | |
| 12. | %Windir%\sysutils\warning\warningpage.html |
Registry Details
MSA Security Center may create the following registry entry or registry entries:
HKEY_CLASSES_ROOT\clsid\{f3642b57-3ea8-4eea-a643-9de138381a57}\inprocserver32 threadingmodel
HKEY_CLASSES_ROOT\clsid\{f3642b57-3ea8-4eea-a643-9de138381a57}\inprocserver32
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{f3642b57-3ea8-4eea-a643-9de138381a57}
HKEY_CLASSES_ROOT\clsid\{f3642b57-3ea8-4eea-a643-9de138381a57}
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run MSASecurityCenter
