XP Antimalware 2011
XP Antimalware 2011 is a rogue anti-spyware program created to pilfer money out of unsuspecting users. XP Antimalware 2011 spreads via Trojans and creates a start-up registry entry by modifying the browser settings. Then XP Antimalware 2011 will simulate a fake system scanner and display fake security alerts or pop-ups, all claiming that the system is infected. A victim will be prompted to purchase the "full version" of XP Antimalware 2011 in order to remove all the detected infections. XP Antimalware 2011 is unable to detect or remove computer infections; do not trust this application.
File System Modifications
- The following files were created in the system:
# File Name 1 %UserProfile%\AppData\Local\MSASCui.exe 2 %UserProfile%\AppData\Local\opRSK 3 %UserProfile%\AppData\Local\pw.exe 4 %UserProfile%\Local Settings\Application Data\MSASCui.exe 5 %UserProfile%\Local Settings\Application Data\opRSK 6 %UserProfile%\Local Settings\Application Data\pw.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}[HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command][HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command]HKEY..\..\..\..{RegistryKeys}"Content Type"="application/x-msdownload"@="exefile"[HKEY_CLASSES_ROOT\.exe\shell\open\command][HKEY_CLASSES_ROOT\.exe][HKEY_CLASSES_ROOT\secfile]
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.