Fake Windows Malicious Software Removal Tool Removal Report

Fake Windows Malicious Software Removal Tool is a fake security application that pretends to be the MSRT or Malicious Software Removal Tool which is a legitimate security program offered by Microsoft. Fake Windows Malicious Software Removal Tool is designed by hackers to trick computer users into purchasing a fake security application. Fake Windows Malicious Software Removal Tool is exploited through a Trojan infection which is known to populate the program files directory with a malicious executable named “MalwareRemoval.exe” and install a “MalwareRemoval” directory with the “Security Center.exe” file.

Upon starting up of Windows, MalwareRemoval.exe will load and then display a screen that resembles the legitimate MSRT application in hopes that a computer user will click on a function to remove certain infections that it supposedly found. If clicked on, Fake Windows Malicious Software Removal Tool may redirect you to a malicious site that sells other security applications.

File System Details

Fake Windows Malicious Software Removal Tool may create the following file(s):

Expand All
|

Collapse All

#

File Name

Detections

Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.

1.

C:\Program Files\MalwareRemoval\Security Center.exe

Name:

C:\Program Files\MalwareRemoval\Security Center.exe

C:\Program Files\MalwareRemoval\Security Center.exe

Type:

Executable File

Executable File

2.

C:\Program Files\MalwareRemoval\MalwareRemoval.exe

Name:

C:\Program Files\MalwareRemoval\MalwareRemoval.exe

C:\Program Files\MalwareRemoval\MalwareRemoval.exe

Type:

Executable File

Executable File

3.

%UserProfile%\Application Data\MalwareRemoval

Name:

%UserProfile%\Application Data\MalwareRemoval

%UserProfile%\Application Data\MalwareRemoval

4.

%UserProfile%\Application Data\SetupMalwareRemoval\spl.ini

Name:

%UserProfile%\Application Data\SetupMalwareRemoval\spl.ini

%UserProfile%\Application Data\SetupMalwareRemoval\spl.ini

5.

C:\Documents and Settings\All Users\Start Menu\Programs\MalwareRemoval

Name:

C:\Documents and Settings\All Users\Start Menu\Programs\MalwareRemoval

C:\Documents and Settings\All Users\Start Menu\Programs\MalwareRemoval

6.

%UserProfile%\Application Data\SetupMalwareRemoval

Name:

%UserProfile%\Application Data\SetupMalwareRemoval

%UserProfile%\Application Data\SetupMalwareRemoval

7.

C:\Program Files\MalwareRemoval

Name:

C:\Program Files\MalwareRemoval

C:\Program Files\MalwareRemoval

8.

%UserProfile%\Application Data\MalwareRemoval\MalwareRemoval.ini

Name:

%UserProfile%\Application Data\MalwareRemoval\MalwareRemoval.ini

%UserProfile%\Application Data\MalwareRemoval\MalwareRemoval.ini

Registry Details

Fake Windows Malicious Software Removal Tool may create the following registry entry or registry entries:

HKEY..\..\..\..{RegistryKeys}

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “WindowsMaliciou SoftwareRemovalTool”