||||
Symantec.com > Business > Security Response > MalwareBurn
PRINT THIS PAGE

MalwareBurn

Printer Friendly Page

Updated: July 27, 2007 11:56:48 AM
Type: Potentially Unwanted App
Risk Impact: Medium
Systems Affected: Windows 98, Windows 95, Windows XP, Windows Me, Windows NT, Windows Server 2003, Windows 2000

When the program is executed, it creates the following files:
  • %ProgramFiles%\MalwareBurn 6.9\Lang\English.ini
  • %ProgramFiles%\MalwareBurn 6.9\MalwareBurn 6.9.url
  • %ProgramFiles%\MalwareBurn 6.9\mwdb.dat
  • %ProgramFiles%\MalwareBurn 6.9\Lang\English.ini
  • %ProgramFiles%\MalwareBurn 6.9\MalwareBurn 6.9.exe
  • %ProgramFiles%\MalwareBurn 6.9\MalwareBurn 6.9.url
  • %ProgramFiles%\MalwareBurn 6.9\msvcp71.dll
  • %ProgramFiles%\MalwareBurn 6.9\msvcr71.dll
  • %ProgramFiles%\MalwareBurn 6.9\mwdb.dat
  • %ProgramFiles%\MalwareBurn 6.9\uninst.exe
  • %UserProfile%\Local Settings\Temp\MWLanguage.ini
  • %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\MalwareBurn 6.9.lnk
  • %UserProfile%\Desktop\MalwareBurn 6.9.lnk
  • %UserProfile%\Start Menu\Programs\MalwareBurn 6.9\MalwareBurn 6.9 Website.lnk
  • %UserProfile%\Start Menu\Programs\MalwareBurn 6.9\MalwareBurn 6.9.lnk
  • %UserProfile%\Start Menu\Programs\MalwareBurn 6.9\Uninstall MalwareBurn 6.9.lnk
  • %UserProfile%\Start Menu\MalwareBurn 6.9.lnk

It then creates the following subkeys:
HKEY_CLASSES_ROOT\AppID\MalwareWipe.EXE
HKEY_CLASSES_ROOT\AppID\{70F17C8C-1744-41B6-9D07-575DB448DCC5}
HKEY_CLASSES_ROOT\Interface\{0F5C9DFD-CDFA-43B9-8553-1E5489597F5A}
HKEY_CLASSES_ROOT\Interface\{10291329-0B60-4620-BE2D-53AFB276EB6E}
HKEY_CLASSES_ROOT\Interface\{186094BE-1A83-48B7-98D6-89C1E58E62E1}
HKEY_CLASSES_ROOT\Interface\{2DC578A2-8283-484E-A890-0ED54F0A08E3}
HKEY_CLASSES_ROOT\Interface\{2EAABB73-4C9D-490D-8B02-F7B9F4AFB43C}
HKEY_CLASSES_ROOT\Interface\{4252A994-4060-4059-B358-B9B48220251E}
HKEY_CLASSES_ROOT\Interface\{44F6897B-76A4-441A-A4C7-2F94E34C5059}
HKEY_CLASSES_ROOT\Interface\{70A51ADF-998C-401D-A3E9-14F524751916}
HKEY_CLASSES_ROOT\Interface\{8C272D06-2569-4E55-9193-FD2BC27FBDDC}
HKEY_CLASSES_ROOT\Interface\{90111041-7D2C-495B-9892-0F22029DE2DF}
HKEY_CLASSES_ROOT\Interface\{91A84911-65BC-4C55-A81D-F5821C716A5F}
HKEY_CLASSES_ROOT\Interface\{9A780FEA-46F0-494F-8497-C38BD47EDE89}
HKEY_CLASSES_ROOT\Interface\{B867288A-985A-46F0-9F1F-3FF418798E5E}
HKEY_CLASSES_ROOT\Interface\{C1EC6006-4D5A-4FA7-9D2A-4E538901F649}
HKEY_CLASSES_ROOT\Interface\{E8A31FE3-F478-4187-8791-9FD84C0E886F}
HKEY_CLASSES_ROOT\Interface\{ECEA1581-2B1F-44BA-8310-F32D7F7666A3}
HKEY_CLASSES_ROOT\TypeLib\{8000A61D-4BBF-4C7E-AD3E-9BECBCFA103F}
HKEY_LOCAL_MACHINE\SOFTWARE\MalwareBurn 6.9
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MalwareBurn 6.9.exe 6.9
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MalwareBurn 6.9
HKEY_LOCAL_MACHINE\SOFTWARE\Licenses\{IEE33530D7BE2DE7F}
HKEY_LOCAL_MACHINE\SOFTWARE\Licenses\{0EE33530D7BE2DE7F}

It may also create the following clean registry subkey:
HKEY_CLASSES_ROOT\CLSID\{47DC4218-AE5B-32B9-3EF8-C7F9CF2B564F}

The program also creates the following entry, so that it starts when Windows starts:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\"MalwareBurn 6.9.exe 6.9" = ""C:\Program Files\MalwareBurn 6.9\MalwareBurn 6.9.exe" /h"

When the application is run, it displays a window that allows the user to scan the computer for security threats.



The program may give exaggerated reports of threats on the computer when a scan is run.
Search by name
Example: W32.Beagle.AG@mm
Symantec DeepSight Screensaver
©1995 - 2010 Symantec Corporation
Site Map|
Legal Notices|
Privacy Policy|
|
Contact Us|
Global Sites|
License Agreements|
RSS