F-Secure
Tools
Rogue:W32/Reanimator.B
Summary
Dishonest antivirus software which tricks users into buying or installing it, usually by infecting a user's computer, or by pretending the computer is infected.Additional Details
The detection Rogue:W32/Reanimator.B refers to a component of a rogue antimalware program that can download the rogue onto the system.
Activity
If present on the system, the Reanimator component will download the rogue program from:
At the time of this analysis, the files in the links are no longer available.
The component also adds the following registry entry:
Activity
If present on the system, the Reanimator component will download the rogue program from:
- http://www.xpsecuritycenter.com/XPSecurityCenter/Binaries1.zip
- http://www.xpsecuritycenter.com/XPSecurityCenter/Binaries2.zip
- http://www.xpsecuritycenter.com/XPSecurityCenter/Binaries3.zip
At the time of this analysis, the files in the links are no longer available.
The component also adds the following registry entry:
- HKEY_LOCAL_MACHINE\SOFTWARE\XP_SecurityCenter