Home Malware Programs Rogue Anti-Spyware Programs Scanner

Scanner

Posted: December 24, 2010

Threat Metric

Ranking: 2,303
Threat Level: 10/10
Infected PCs: 19,894
First Seen: December 28, 2010
Last Seen: December 6, 2021
OS(es) Affected: Windows

ScreenshotScanner is a bogus defragmentation program which pretends to scan a system and check for system errors. Scanner comes from a long line of fake defragmenter tools such as HDD Defragmenter, Win HDD, HDD Plus, HDD Rescue, HDD Diagnostic, and HDD Doctor, just to name a few. Scanner may appear to look like a real program at first sight but, in reality, it is a scam and does not have any optimization or defragmentation capabilities. With the help of stealthy Trojans, Scanner installs itself automatically without the user's permission.

Once installed, Scanner displays several bogus warning messages stating that the computer contains many errors, and it can only be fixed with the purchase of the program. Some of the bogus results Scanner lists are:

32% of HDD space is unreadable
Read time of hard drive clusters less than 500 ms
Bad sectors on hard drive or damaged file allocation table
Requested registry access is not allowed. Registry defragmentation required
Drive C initializing error
Ram Temperature is 83 C. Optimization is required for normal operation.
Hard drive doesn't respond to system commands
Registry Error - Critical Error
Data Safety Problem. System integrity is at risk.
GPU RAM temperature is critically high. Urgent RAM memory optimization is required to prevent system crash

If you decide to use the defragmenter, it will inform you that it has to run in Safe Mode. The Safe Mode interface is actually fake. Whenever you attempt to open a program, it states that the hardware is corrupted. To create even further havoc and survive in the system, Scanner may prevent some anti-virus programs from executing. Scanner will also make sure to prevent certain folders from displaying any data. Instead of seeing a list of files on C:\Windows\System32\, for example, Scanner will make it appear empty or display another folder's data.

Do not trust Scanner or any website associated with it. If you want to prevent your system from being in the hands of a hazardous program, then instantly remove Scanner with a genuine anti-spyware program that is capable of detecting Scanner from every location on your computer.

ScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshot

Aliases

Generic4.AOUF [AVG]eZula.CommonElements [Sunbelt]TR/BHO.iuj.15175 [AntiVir]not-a-virus:AdWare.Win32.EZula.hkp [Kaspersky]Artemis!0A8E0D337A0C [McAfee]Packed/Win32.Krap [AhnLab-V3]Packed/Win32.Krap.gen [Antiy-AVL]TR/Agent.ar.15 [AntiVir]Trojan.DownLoader1.51475 [DrWeb]Packed.Win32.Krap.ar [Kaspersky]W32.Koobface [Symantec]Win32/Koobface.NDI [NOD32]Cryptic.BTR [AVG]Gen:Variant.Kazy.7102 [BitDefender]Win32:FakeSysdef-K [Avast]
More aliases (284)

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Scanner may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria .

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



%TEMP%\ElkTBhTOiqUEWYN.exe File name: ElkTBhTOiqUEWYN.exe
Size: 468.99 KB (468992 bytes)
MD5: 92e8a9f7fead7937380b9fb4ee3f4ab9
Detection count: 108
File type: Executable File
Mime Type: unknown/exe
Path: %TEMP%\
Group: Malware file
Last Updated: December 28, 2010
%TEMP%\qykcmjln.exe File name: qykcmjln.exe
Size: 162.81 KB (162816 bytes)
MD5: 711ca3091ac4d0c371a3ab3aa7627d1a
Detection count: 96
File type: Executable File
Mime Type: unknown/exe
Path: %TEMP%\
Group: Malware file
Last Updated: December 28, 2010
%ALLUSERSPROFILE%\Application Data\9f3d96\PI9f3_231.exe File name: PI9f3_231.exe
Size: 3.87 MB (3874816 bytes)
MD5: a965b83a1b2c1eca6a11ac36d14eaa3c
Detection count: 92
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\Application Data\9f3d96\
Group: Malware file
Last Updated: January 2, 2011
%WINDIR%\system32\cdosys3232.dll File name: cdosys3232.dll
Size: 363.52 KB (363520 bytes)
MD5: 6118baeb1ef1165b4d272d7d54a06a4f
Detection count: 85
File type: Dynamic link library
Mime Type: unknown/dll
Path: %WINDIR%\system32\
Group: Malware file
Last Updated: January 2, 2011
%TEMP%\nbtkfQpFdxB.exe File name: nbtkfQpFdxB.exe
Size: 468.99 KB (468992 bytes)
MD5: adf38c340367f9772fa352414984a944
Detection count: 73
File type: Executable File
Mime Type: unknown/exe
Path: %TEMP%\
Group: Malware file
Last Updated: December 28, 2010
C:\driverwinx.exe\driverwinx.exe File name: driverwinx.exe
Size: 394.81 KB (394819 bytes)
MD5: b4f5ea42cb3404fe522f876ec4e9e445
Detection count: 71
File type: Executable File
Mime Type: unknown/exe
Path: C:\driverwinx.exe\
Group: Malware file
Last Updated: December 28, 2010
%APPDATA%\dwm.exe File name: dwm.exe
Size: 140.8 KB (140800 bytes)
MD5: 8f79cca56199cd842146c4b2e1a89321
Detection count: 65
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\
Group: Malware file
Last Updated: January 2, 2011
%Temp%\qYfoKD6PzadEEhF.exe File name: qYfoKD6PzadEEhF.exe
Size: 380.92 KB (380928 bytes)
MD5: 969A26E89B4F13ADF66226B82FADB6C9
Detection count: 56
File type: Executable File
Mime Type: unknown/exe
Path: %Temp%\
Group: Malware file
Last Updated: December 28, 2010
%ALLUSERSPROFILE%\LBSYdYrDlalNvk.exe File name: LBSYdYrDlalNvk.exe
Size: 467.45 KB (467456 bytes)
MD5: 9811765f5136490618dfd95f6beae0d1
Detection count: 54
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\
Group: Malware file
Last Updated: January 5, 2011
%Temp%\qp4iReRF.exe File name: qp4iReRF.exe
Size: 383.48 KB (383488 bytes)
MD5: 58ad6a013e1747137018ca3b66c1571e
Detection count: 45
File type: Executable File
Mime Type: unknown/exe
Path: %Temp%\
Group: Malware file
Last Updated: December 28, 2010
%WINDIR%\mike149.exe File name: mike149.exe
Size: 164.35 KB (164352 bytes)
MD5: 7f4db3946a4e554f6ed093b7d678afdf
Detection count: 33
File type: Executable File
Mime Type: unknown/exe
Path: %WINDIR%\
Group: Malware file
Last Updated: January 12, 2011
%WINDIR%\system32\Apphlpdm32.dll File name: Apphlpdm32.dll
Size: 417.79 KB (417792 bytes)
MD5: c59fd7d299581486ecb47af70d76123c
Detection count: 31
File type: Dynamic link library
Mime Type: unknown/dll
Path: %WINDIR%\system32\
Group: Malware file
Last Updated: January 2, 2011
%APPDATA%\MSA\bbaka14.exe File name: bbaka14.exe
Size: 165.88 KB (165888 bytes)
MD5: 657e6c7efd339a2efa60c5338ce1ba5b
Detection count: 26
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\MSA\
Group: Malware file
Last Updated: January 2, 2011
%TEMP%\4886746.exe File name: 4886746.exe
Size: 382.46 KB (382464 bytes)
MD5: 2073e7be4ece0e69d59a1ebb492677ac
Detection count: 21
File type: Executable File
Mime Type: unknown/exe
Path: %TEMP%\
Group: Malware file
Last Updated: December 28, 2010
%USERPROFILE%\Start Menu\Programs\Startup\syscron.exe File name: syscron.exe
Size: 82.94 KB (82944 bytes)
MD5: 37bf2db6d12d6b53addaf3753e87cb52
Detection count: 14
File type: Executable File
Mime Type: unknown/exe
Path: %USERPROFILE%\Start Menu\Programs\Startup\
Group: Malware file
Last Updated: January 5, 2011
%APPDATA%\hmm.exe File name: hmm.exe
Size: 237.56 KB (237568 bytes)
MD5: e7a659d0edf6c6f157fe98efcac37e2c
Detection count: 12
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\
Group: Malware file
Last Updated: January 2, 2011
%APPDATA%\defender.exe File name: defender.exe
Size: 1.77 MB (1775104 bytes)
MD5: bc5a96fd997763db076a4724a404ccae
Detection count: 12
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\
Group: Malware file
Last Updated: January 2, 2011
%APPDATA%\75961\bbzzkzz17.exe File name: bbzzkzz17.exe
Size: 3.84 MB (3845632 bytes)
MD5: a60c0eb12877e2bd55d5d8696cdf71e6
Detection count: 12
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\75961\
Group: Malware file
Last Updated: January 2, 2011
%APPDATA%\Microsoft\conhost.exe File name: conhost.exe
Size: 122.88 KB (122880 bytes)
MD5: 34b5af6dd06b27ca15c938318990aa5a
Detection count: 7
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\Microsoft\
Group: Malware file
Last Updated: December 28, 2010
%TEMP%\{6FC2601D-C798-4220-AE11-63D6D0317522}\13b9.dll File name: 13b9.dll
Size: 131.58 KB (131584 bytes)
MD5: 330b8b95adb8fd70022827a52d4059a1
Detection count: 5
File type: Dynamic link library
Mime Type: unknown/dll
Path: %TEMP%\{6FC2601D-C798-4220-AE11-63D6D0317522}\
Group: Malware file
Last Updated: January 2, 2011
%APPDATA%\SystemProc\lsass.exe File name: lsass.exe
Size: 100.86 KB (100864 bytes)
MD5: 3a2179180d149df7b3d04110927b4c26
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%\SystemProc\
Group: Malware file
Last Updated: January 2, 2011

More files

Additional Information

The following messages's were detected:
# Message
1Windows Disk Diagnostics
Windows detected a hard disk error.
A problem with the hard drive sectors has been detected. It is recommended to download the following sertified software to fix the detected hard drive problems. Do you want to download recommended software?

Related Posts