Secure1.protection-av.com
Secure1.protection-av.com aka Secure1.protection-av.net is a deceptive website created to promote My Security Shield. A browser redirection to Secure1.protection-av.com takes place due to the surreptitious modification of a victim's internet settings by Trojans associated with rogueware. If you encounter Secure1.protection-av.com ensure that you do not trust or purchase anything on the website. To stop the frequent redirection to Secure1.protection-av.com, use a legitimate anti-spyware application to remove My Security Shield.
File System Details
Secure1.protection-av.com creates the following file(s):
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | %Documents and Settings%\[UserName]\Recent\cid.dll | N/A |
| 2. | %Documents and Settings%\[UserName]\Recent\ddv.sys | N/A |
| 3. | %Documents and Settings%\[UserName]\Recent\std.exe | N/A |
| 4. | %Documents and Settings%\[UserName]\Recent\ANTIGEN.exe | N/A |
| 5. | %Documents and Settings%\[UserName]\Recent\ddv.dll | N/A |
| 6. | %Documents and Settings%\[UserName]\Recent\PE.sys | N/A |
| 7. | %Documents and Settings%\[UserName]\Recent\runddlkey.dll | N/A |
| 8. | %Documents and Settings%\All Users\Application Data\8d7ca11\MS8d7c_2155.exe | N/A |
| 9. | %Documents and Settings%\[UserName]\Recent\DBOLE.sys | N/A |
| 10. | %Documents and Settings%\[UserName]\Recent\PE.exe | N/A |
| 11. | %Documents and Settings%\[UserName]\Recent\tjd.sys | N/A |
| 12. | %Documents and Settings%\All Users\Application Data\8d7ca11\MSS.ico | N/A |
| 13. | %Documents and Settings%\[UserName]\Application Data\My Security Shield\ | N/A |
| 14. | %Documents and Settings%\[UserName]\Recent\ANTIGEN.drv | N/A |
| 15. | %Documents and Settings%\[UserName]\Recent\FS.drv | N/A |
| 16. | %Documents and Settings%\[UserName]\Recent\PE.tmp | N/A |
| 17. | %Documents and Settings%\[UserName]\StartMenu\Programs\My Security Shield.lnk | N/A |
| 18. | %Documents and Settings%\All Users\Application Data\8d7ca11\25.mof | N/A |
| 19. | %Documents and Settings%\[UserName]\Application Data\Microsoft\Internet Explorer\Quick Launch\My Security Shield.lnk | N/A |
| 20. | %Documents and Settings%\[UserName]\Desktop\My Security Shield.lnk | N/A |
| 21. | %Documents and Settings%\[UserName]\Recent\energy.tmp | N/A |
| 22. | %Documents and Settings%\[UserName]\Recent\PE.drv | N/A |
| 23. | %Documents and Settings%\[UserName]\StartMenu\My Security Shield.lnk | N/A |
| 24. | %Documents and Settings%\All Users\Application Data\8d7ca11\ | N/A |
| 25. | %Documents and Settings%\All Users\Application Data\8d7ca11\MSSSys\vd952342.bd | N/A |
| 26. | %Documents and Settings%\[UserName]\Application Data\My Security Shield\cookies.sqlite | N/A |
| 27. | %Documents and Settings%\[UserName]\Recent\CLSV.drv | N/A |
| 28. | %Documents and Settings%\[UserName]\Recent\gid.drv | N/A |
| 29. | %Documents and Settings%\[UserName]\Recent\tjd.drv | N/A |
Registry Details
Secure1.protection-av.com creates the following registry entry or registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "My Security Shield"
HKEY_CLASSES_ROOT\MSSSys.DocHostUIHandler
HKEY_CURRENT_USER\Software\3
