Description is a rogue webpage created to promote the fake anti-spyware program, Personal Security. is inserted into a victims hosts file by sneaky Trojans that change the settings to ensure that the victim is continuously redirected to advertises Personal Security as the "Best Spyware Protection". Don't be fooled, Personal Security is a useless application and cannot be trusted.

Technical Information

File System Details creates the following file(s):
# File Name Detection Count
1 %WINDOWS%\system32\win32extension.dll N/A
2 %Program Files%\PSecurity\psecurity.exe N/A
3 %Program Files%\Common Files\PSecurityUninstall\Uninstall.lnk N/A
4 %Documents and Settings%\All Users\Start Menu\PSecurity\Help.lnk N/A
5 %Documents and Settings%\All Users\Start Menu\PSecurity\Security Center.lnk N/A
6 %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\PSecurity.lnk N/A
7 %Program Files%\Common Files\PSecurityUninstall N/A
8 %Documents and Settings%\All Users\Start Menu\PSecurity\Computer Scan.lnk N/A
9 %Documents and Settings%\All Users\Start Menu\PSecurity\Registration.lnk N/A
10 %Documents and Settings%\All Users\Start Menu\PSecurity\Update.lnk N/A
11 %Program Files%\PSecurity N/A
12 %Documents and Settings%\All Users\Start Menu\PSecurity N/A
13 %Documents and Settings%\All Users\Start Menu\PSecurity\Personal Security.lnk N/A
14 %Documents and Settings%\All Users\Start Menu\PSecurity\Settings.lnk N/A
15 %UserProfile%\Desktop\Personal Security.lnk N/A

Registry Details creates the following registry entry or registry entries:
Registry key
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "PSecurity"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\post platform "WinTSI 01.12.2009"