MSAntispyware2009

MSAntispyware2009

Found: 
2008-12-15
Known system changes: 

Created Files

  • %Windir%Tasks\At1.job
  • %Windir%Tasks\At2.job
  • %Windir%Tasks\At3.job
  • %Windir%Tasks\At4.job
  • %Windir%Tasks\At5.job
  • %Windir%Tasks\At6.job
  • %Windir%Tasks\At7.job
  • %Windir%Tasks\At8.job
  • %Windir%Tasks\At9.job
  • %Windir%Tasks\At10.job
  • %Windir%Tasks\At11.job
  • %Windir%Tasks\At12.job
  • %Windir%Tasks\At13.job
  • %Windir%Tasks\At14.job
  • %Windir%Tasks\At15.job
  • %Windir%Tasks\At16.job
  • %Windir%Tasks\At17.job
  • %Windir%Tasks\At18.job
  • %Windir%Tasks\At19.job
  • %Windir%Tasks\At20.job
  • %Windir%Tasks\At21.job
  • %Windir%Tasks\At22.job
  • %Windir%Tasks\At23.job
  • %Windir%Tasks\At24.job
  • %Temp%_ad1D.exe
  • %Temp%_ad20.exe

Created Folders

  • C:\Documents and Settings\All Users\Application Data\CrucialSoft Ltd\MS AntiSpyware 2009
  • %StartMenu%Programs\MS AntiSpyware 2009
  • %StartMenu%Program\MS AntiSpyware 2009
  • %ApplicationData%CrucialSoft Ltd
  • c:\Documents and Settings\All Users\Application Data\CrucialSoft Ltd
  • %ApplicationData%LastSun Ltd

Registry Entries

  • Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Drivers\Video\Options
  • Value: 4E8D9EBF-122C-42BD-A8CB-7E59C9CC08BA
  • Data:
  • Key: HKEY_CURRENT_USER\Software\CrucialSoft Ltd\MS AntiSpyware 2009
  • Value:
  • Data:
  • Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\uninstall\MS AntiSpyware 2009 5.7
  • Value:
  • Data:
  • Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
  • Value: MS AntiSpyware 2009
  • Data: "C:\Documents and Settings\All Users\Application Data\CrucialSoft Ltd\MS AntiSpyware 2009\msas2009.exe" /autorun
  • Key: HKEY_CURRENT_USER\Software\CrucialSoft Ltd
  • Value:
  • Data:
  • Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
  • Value: MS AntiSpyware 2009
  • Data: "C:\Documents and Settings\%userprofile%\Desktop\RESEARCH\d5552520ab7657bd15d14f52c8dee289.exe" /autorun
  • Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
  • Value: MS AntiSpyware 2009
  • Data: "C:\Documents and Settings\%userprofile%\Desktop\RESEARCH\1e55d6460824923b5d4d2e50d5d92b3a.exe" /autorun
  • Key: HKEY_CURRENT_USER\Software\LastSun Ltd
  • Value:
  • Data:
  • Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\uninstall\AV AntiSpyware 1.8
  • Value:
  • Data:
  • Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
  • Value: AV AntiSpyware
  • Data: "C:\Documents and Settings\All Users\Application Data\LastSun Ltd\AV AntiSpyware\ava.exe" /autorun