Threat Database Rogue Websites Security-pc-care.com

Security-pc-care.com

Security-pc-care.com is a malicious website that promotes rogueware such as XP AntiMalware 2010 and Windows Defender 2010. The type of rogueware advertised on Security-pc-care.com depends on the operating system running on a compromised PC as well as the Trojan that inserts the rogueware into the system. These Trojans modify the Hosts file and insert Security-pc-care.com, thus causing a victim to be frequently redirected to the misleading domain. Users that have already been infected with rogueware, such as XP AntiMalware 2010, will also encounter Security-pc-care.com when they click on any of the security alerts or pop-up messages displayed by the rogueware. Ensure that your PC is protected with a reliable and periodically updated anti-spyware application in order to avoid getting infected with rogueware and harmful websites.

File System Details

Security-pc-care.com creates the following file(s):
# File Name Detections
1. %UserProfile%\Local Settings\Application Data\ave.exe N/A
2. Ave.exe N/A

Registry Details

Security-pc-care.com creates the following registry entry or registry entries:
HKEY_CURRENT_USER\Software\Classes\.exe\shell
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas
HKEY_CURRENT_USER\Software\Classes\.exe\shell\start\command
HKEY_CURRENT_USER\Software\Classes\secfile\shell
HKEY_CURRENT_USER\Software\Classes\secfile\shell\runas
HKEY_CURRENT_USER\Software\Classes\secfile\shell\start\command
HKEY_CURRENT_USER\Software\Classes\.exe | @ = "secfile"
HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command | IsolatedCommand = "%1" %*
HKEY_CURRENT_USER\Software\Classes\.exe\DefaultIcon
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command
HKEY_CURRENT_USER\Software\Classes\.exe\shell\start
HKEY_CURRENT_USER\Software\Classes\secfile\DefaultIcon
HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command
HKEY_CURRENT_USER\Software\Classes\secfile\shell\start
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command | IsolatedCommand = "%1" %*
HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command | @ = "%AppData%\ave.exe" /START "%1" %*
HKEY_CURRENT_USER\Software\Classes\.exe
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open
HKEY_CURRENT_USER\Software\Classes\.exe\shell\runas\command
HKEY_CURRENT_USER\Software\Classes\secfile
HKEY_CURRENT_USER\Software\Classes\secfile\shell\open
HKEY_CURRENT_USER\Software\Classes\secfile\shell\runas\command
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command | @ = "%AppData%\ave.exe" /START "%1" %*
HKEY_CURRENT_USER\Software\Classes\.exe | Content Type = "application/x-msdownload"

Trending

Most Viewed

Loading...