Defender-review.com
Defender-review.com is a rogue website that promotes the fake anti-spyware application Personal Defender 2009. Once the PC is infected the user’s homepage will be redirected to the rogue site. False pop-ups and alerts will appear stating that Trojan-Spy.Win32.Banker.aiw has infected the user’s computer. It is important to remember that these fabricated infections and alerts appear for the sole purpose of misleading the user into purchasing the full version Personal Defender 2009 application. It is advisable that the user remove the infection without hesitation.
Table of Contents
File System Details
Defender-review.com may create the following file(s):
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | ictun.exe | |
| 2. | isfun.exe | |
| 3. | pmmon.exe | |
| 4. | VideoAccessCodecInstall.exe | |
| 5. | zafhemm.dll | |
| 6. | isfmntr.exe | |
| 7. | isfmm.exe | |
| 8. | msmsgs.exe | |
| 9. | xbaqktfv.exe | |
| 10. | gtawclv.dll | |
| 11. | icmntr.exe | |
| 12. | icun.exe | |
| 13. | nvctrl.exe | |
| 14. | spwoqbmv.exe | |
| 15. | duzakwq.dll | |
| 16. | Security Troubleshooting.url | |
| 17. | Online Security Guide.url |
Registry Details
Defender-review.com may create the following registry entry or registry entries:
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{aa6d4f53-4c8d-4549-84d2-02d584acc4e9}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IExplorer Security Plug-in
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D61D7E1A-6613-49CA-B6F9-51DB248E209D}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Explorer Secure Bar
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70d17a5f-ef27-4295-90f5-20ad6f24834f}
URLs
Defender-review.com may call the following URLs:
| Defender-review.com |
