Fake Windows Malicious Software Removal Tool Removal Report
Fake Windows Malicious Software Removal Tool is a fake security application that pretends to be the MSRT or Malicious Software Removal Tool which is a legitimate security program offered by Microsoft. Fake Windows Malicious Software Removal Tool is designed by hackers to trick computer users into purchasing a fake security application. Fake Windows Malicious Software Removal Tool is exploited through a Trojan infection which is known to populate the program files directory with a malicious executable named “MalwareRemoval.exe” and install a “MalwareRemoval” directory with the “Security Center.exe” file.
Upon starting up of Windows, MalwareRemoval.exe will load and then display a screen that resembles the legitimate MSRT application in hopes that a computer user will click on a function to remove certain infections that it supposedly found. If clicked on, Fake Windows Malicious Software Removal Tool may redirect you to a malicious site that sells other security applications.
Mục lục bài viết
File System Details
Fake Windows Malicious Software Removal Tool may create the following file(s):
Expand All
|
Collapse All
#
File Name
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
1.
C:\Program Files\MalwareRemoval\Security Center.exe
Name:
C:\Program Files\MalwareRemoval\Security Center.exe
C:\Program Files\MalwareRemoval\Security Center.exe
Type:
Executable File
Executable File
2.
C:\Program Files\MalwareRemoval\MalwareRemoval.exe
Name:
C:\Program Files\MalwareRemoval\MalwareRemoval.exe
C:\Program Files\MalwareRemoval\MalwareRemoval.exe
Type:
Executable File
Executable File
3.
%UserProfile%\Application Data\MalwareRemoval
Name:
%UserProfile%\Application Data\MalwareRemoval
%UserProfile%\Application Data\MalwareRemoval
4.
%UserProfile%\Application Data\SetupMalwareRemoval\spl.ini
Name:
%UserProfile%\Application Data\SetupMalwareRemoval\spl.ini
%UserProfile%\Application Data\SetupMalwareRemoval\spl.ini
5.
C:\Documents and Settings\All Users\Start Menu\Programs\MalwareRemoval
Name:
C:\Documents and Settings\All Users\Start Menu\Programs\MalwareRemoval
C:\Documents and Settings\All Users\Start Menu\Programs\MalwareRemoval
6.
%UserProfile%\Application Data\SetupMalwareRemoval
Name:
%UserProfile%\Application Data\SetupMalwareRemoval
%UserProfile%\Application Data\SetupMalwareRemoval
7.
C:\Program Files\MalwareRemoval
Name:
C:\Program Files\MalwareRemoval
C:\Program Files\MalwareRemoval
8.
%UserProfile%\Application Data\MalwareRemoval\MalwareRemoval.ini
Name:
%UserProfile%\Application Data\MalwareRemoval\MalwareRemoval.ini
%UserProfile%\Application Data\MalwareRemoval\MalwareRemoval.ini
Registry Details
Fake Windows Malicious Software Removal Tool may create the following registry entry or registry entries:
HKEY..\..\..\..{RegistryKeys}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “WindowsMaliciou SoftwareRemovalTool”
