Threat Database Rogue Websites Secure1.protection-av.com

Secure1.protection-av.com

Secure1.protection-av.com aka Secure1.protection-av.net is a deceptive website created to promote My Security Shield. A browser redirection to Secure1.protection-av.com takes place due to the surreptitious modification of a victim's internet settings by Trojans associated with rogueware. If you encounter Secure1.protection-av.com ensure that you do not trust or purchase anything on the website. To stop the frequent redirection to Secure1.protection-av.com, use a legitimate anti-spyware application to remove My Security Shield.

File System Details

Secure1.protection-av.com may create the following file(s):
# File Name Detections
1. %Documents and Settings%\[UserName]\Recent\cid.dll
2. %Documents and Settings%\[UserName]\Recent\ddv.sys
3. %Documents and Settings%\[UserName]\Recent\std.exe
4. %Documents and Settings%\[UserName]\Recent\ANTIGEN.exe
5. %Documents and Settings%\[UserName]\Recent\ddv.dll
6. %Documents and Settings%\[UserName]\Recent\PE.sys
7. %Documents and Settings%\[UserName]\Recent\runddlkey.dll
8. %Documents and Settings%\All Users\Application Data\8d7ca11\MS8d7c_2155.exe
9. %Documents and Settings%\[UserName]\Recent\DBOLE.sys
10. %Documents and Settings%\[UserName]\Recent\PE.exe
11. %Documents and Settings%\[UserName]\Recent\tjd.sys
12. %Documents and Settings%\All Users\Application Data\8d7ca11\MSS.ico
13. %Documents and Settings%\[UserName]\Application Data\My Security Shield\
14. %Documents and Settings%\[UserName]\Recent\ANTIGEN.drv
15. %Documents and Settings%\[UserName]\Recent\FS.drv
16. %Documents and Settings%\[UserName]\Recent\PE.tmp
17. %Documents and Settings%\[UserName]\StartMenu\Programs\My Security Shield.lnk
18. %Documents and Settings%\All Users\Application Data\8d7ca11\25.mof
19. %Documents and Settings%\[UserName]\Application Data\Microsoft\Internet Explorer\Quick Launch\My Security Shield.lnk
20. %Documents and Settings%\[UserName]\Desktop\My Security Shield.lnk
21. %Documents and Settings%\[UserName]\Recent\energy.tmp
22. %Documents and Settings%\[UserName]\Recent\PE.drv
23. %Documents and Settings%\[UserName]\StartMenu\My Security Shield.lnk
24. %Documents and Settings%\All Users\Application Data\8d7ca11\
25. %Documents and Settings%\All Users\Application Data\8d7ca11\MSSSys\vd952342.bd
26. %Documents and Settings%\[UserName]\Application Data\My Security Shield\cookies.sqlite
27. %Documents and Settings%\[UserName]\Recent\CLSV.drv
28. %Documents and Settings%\[UserName]\Recent\gid.drv
29. %Documents and Settings%\[UserName]\Recent\tjd.drv

Registry Details

Secure1.protection-av.com may create the following registry entry or registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "My Security Shield"
HKEY_CLASSES_ROOT\MSSSys.DocHostUIHandler
HKEY_CURRENT_USER\Software\3

Trending

Most Viewed

Loading...