Description is a browser hijacker that is involved in the distribution of the rogue security program Cyber Security. displays a warning page that notifies a user of malignant internet activity. The user will then be directed to purchase Cyber Security in order to continue browsing safely. All warnings and software advertised on are malicious and not to be trusted.

Technical Information

File System Details creates the following file(s):
# File Name Detection Count
1 %WINDOWS%\system32\iehelpmod.dll N/A
2 %Program Files%\CS\tsc.exe N/A
3 %Documents and Settings%\All Users\Start Menu\CS\Cyber Security.lnk N/A
4 %Documents and Settings%\All Users\Start Menu\CS\Security Center.lnk N/A
5 %AppData%\Microsoft\Internet Explorer\Quick Launch\CS.lnk N/A
6 %Program Files%\Common Files\CSUninstall\Uninstall.lnk N/A
7 %Documents and Settings%\All Users\Start Menu\CS\Computer Scan.lnk N/A
8 %Documents and Settings%\All Users\Start Menu\CS\Registration.lnk N/A
9 %Documents and Settings%\All Users\Start Menu\CS\Update.lnk N/A
10 %Program Files%\Common Files\CSUninstall N/A
11 %Documents and Settings%\All Users\Start Menu\CS N/A
12 %Documents and Settings%\All Users\Start Menu\CS\Help.lnk N/A
13 %Documents and Settings%\All Users\Start Menu\CS\Settings.lnk N/A
14 %UserProfile%\Desktop\Cyber Security.lnk N/A
15 %Program Files%\CS N/A

Registry Details creates the following registry entry or registry entries:
Registry key
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "CS"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC}

Related Posts