Diseroad.com
Diseroad.com is a malicious websites that prompts its' victims to purchase the rogueware called Virus Protector. Diseroad.com is inserted into users' browsers by Trojans. Once a victim lands on Diseroad.com a bogus system scanner will be launched and it will report that the system is infected with several dangerous computer parasites. The false reports as well as fake security alerts and pop-ups, are used to trick users into thinking that their systems are infected and persuade them to purchase Virus Protector in order to remove the threats. This is all a scam; users should never believe anything on Diseroad.com.
File System Details
Diseroad.com may create the following file(s):
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | %WINDOWS%\system32\[random].dll | |
| 2. | %WINDOWS%\[random].exe | |
| 3. | %Documents and Settings%\[UserName]\Local Settings\Temp\[random].dll | |
| 4. | %Documents and Settings%\[UserName]\Application Data\[random].exe | |
| 5. | %WINDOWS%\system32\drivers\[random].exe | |
| 6. | %WINDOWS%\[random].dll | |
| 7. | %Program Files%\Internet Explorer\[random].exe | |
| 8. | %Documents and Settings%\[UserName]\Application Data\[random].dll | |
| 9. | %WINDOWS%\system32\drivers\[random].dll | |
| 10. | %WINDOWS%\system32\[random].exe | |
| 11. | %Program Files%\Internet Explorer\[random].dll | |
| 12. | %Documents and Settings%\[UserName]\Local Settings\Temp\[random].exe |
Registry Details
Diseroad.com may create the following registry entry or registry entries:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows "AppInit_DLLs" = "[random].dll"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows "LoadAppInit_DLLs" = "1"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Virus Protector"
