Protection-estore.com

By GoldSparrow in Rogue Websites

Translate To:

Protection-estore.com is a rogue webpage created to promote the fake anti-spyware program, Personal Security. Protection-estore.com is inserted into a victims hosts file by sneaky Trojans that change the settings to ensure that the victim is continuously redirected to Protection-estore.com. Protection-estore.com advertises Personal Security as the "Best Spyware Protection". Don't be fooled, Personal Security is a useless application and Protection-estore.com cannot be trusted.

File System Details

Protection-estore.com may create the following file(s):

Expand All | Collapse All

#	File Name	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	%WINDOWS%\system32\win32extension.dll
Name: %WINDOWS%\system32\win32extension.dll Type: Dynamic link library
2.	%Program Files%\PSecurity\psecurity.exe
Name: %Program Files%\PSecurity\psecurity.exe Type: Executable File
3.	%Program Files%\Common Files\PSecurityUninstall\Uninstall.lnk
Name: %Program Files%\Common Files\PSecurityUninstall\Uninstall.lnk Type: Shortcut
4.	%Documents and Settings%\All Users\Start Menu\PSecurity\Help.lnk
Name: %Documents and Settings%\All Users\Start Menu\PSecurity\Help.lnk Type: Shortcut
5.	%Documents and Settings%\All Users\Start Menu\PSecurity\Security Center.lnk
Name: %Documents and Settings%\All Users\Start Menu\PSecurity\Security Center.lnk Type: Shortcut
6.	%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\PSecurity.lnk
Name: %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\PSecurity.lnk Type: Shortcut
7.	%Program Files%\Common Files\PSecurityUninstall
Name: %Program Files%\Common Files\PSecurityUninstall
8.	%Documents and Settings%\All Users\Start Menu\PSecurity\Computer Scan.lnk
Name: %Documents and Settings%\All Users\Start Menu\PSecurity\Computer Scan.lnk Type: Shortcut
9.	%Documents and Settings%\All Users\Start Menu\PSecurity\Registration.lnk
Name: %Documents and Settings%\All Users\Start Menu\PSecurity\Registration.lnk Type: Shortcut
10.	%Documents and Settings%\All Users\Start Menu\PSecurity\Update.lnk
Name: %Documents and Settings%\All Users\Start Menu\PSecurity\Update.lnk Type: Shortcut
11.	%Program Files%\PSecurity
Name: %Program Files%\PSecurity
12.	%Documents and Settings%\All Users\Start Menu\PSecurity
Name: %Documents and Settings%\All Users\Start Menu\PSecurity
13.	%Documents and Settings%\All Users\Start Menu\PSecurity\Personal Security.lnk
Name: %Documents and Settings%\All Users\Start Menu\PSecurity\Personal Security.lnk Type: Shortcut
14.	%Documents and Settings%\All Users\Start Menu\PSecurity\Settings.lnk
Name: %Documents and Settings%\All Users\Start Menu\PSecurity\Settings.lnk Type: Shortcut
15.	%UserProfile%\Desktop\Personal Security.lnk
Name: %UserProfile%\Desktop\Personal Security.lnk Type: Shortcut

Registry Details

Protection-estore.com may create the following registry entry or registry entries:

HKEY..\..\..\..{RegistryKeys}

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "PSecurity"

HKEY_LOCAL_MACHINE\SOFTWARE\5FFB10D58FFCF482208906E6A889FD56

HKEY_CLASSES_ROOT\CLSID\{35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\post platform "WinTSI 01.12.2009"

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Protection-estore.com

File System Details

Registry Details

Submit Comment

Trending

Rzfu Ransomware

Safe Search Eng

Findtheirreport.com

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen