Viewworldmy1.com
Viewworldmy1.com is a browser hijacker promoting the distribution of the rogue anti-spyware application known as WinPC Defender. Due to affiliated trojans infiltrating the computer via security exploits and modifying the browser settings, web-surfing activities are redirected to the Viewworldmy1.com domain. Once here, the computer is subject to a fake online scan that displays fictitious and sometimes grossly exaggerated infection results, all in order to intimidate the user into purchasing the fake spyware remover WinPC Defender.
File System Details
Viewworldmy1.com may create the following file(s):
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | %UserProfile%\Local Settings\Temp\delwdef2008.bat | |
| 2. | %Program Files%\WinPC Defender\FwHookDrv.sys | |
| 3. | %WINDOWS%\ieocx.dll | |
| 4. | %Program Files%\WinPC Defender\Uninstall_st_st_.exe | |
| 5. | %Program Files%\WinPC Defender\WDefDemo.exe | |
| 6. | %Program Files%\WinPC Defender\Uninstall.exe | |
| 7. | %Program Files%\WinPC Defender\data.dat | |
| 8. | %Program Files%\WinPC Defender\svo.scf | |
| 9. | %Program Files%\WinPC Defender\reserve.dat | |
| 10. | %Program Files%\WinPC Defender\siren.wav | |
| 11. | %UserProfile%\Desktop\Launch WinPC Defender.lnk | |
| 12. | %Program Files%\WinPC Defender\temp | |
| 13. | %Program Files%\WinPC Defender\Support.url | |
| 14. | %Program Files%\WinPC Defender\options.xml | |
| 15. | %Program Files%\WinPC Defender\Rules.txt | |
| 16. | %Program Files%\WinPC Defender\Web.url | |
| 17. | %UserProfile%\Local Settings\Temp\[Random Name].tmp | |
| 18. | %Program Files%\WinPC Defender\HOSTS.hst | |
| 19. | %Program Files%\WinPC Defender\Manual.url | |
| 20. | %Program Files%\WinPC Defender\rules |
Registry Details
Viewworldmy1.com may create the following registry entry or registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “sysav”
HKEY_CLASSES_ROOT\CLSID\{96ad72e4-2e2b-4ffc-a5bb-279c2714af12}
HKEY_CLASSES_ROOT\IEocxApp.IEocx.1
HKEY_CURRENT_USER\Control Panel\don’t load “wscui.cpl”
HKEY_CURRENT_USER\Software\WinPC Defender
HKEY_CLASSES_ROOT\IEocxApp.IEocx
HKEY_CLASSES_ROOT\Interface\{9692BE2F-EB8F-49D9-A11C-C24C1EF734D5}
HKEY_CURRENT_USER\Control Panel\don’t load “scui.cpl”
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run “Content”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96ad72e4-2e2b-4ffc-a5bb-279c2714af12}
HKEY_CLASSES_ROOT\Interface\{4B66E1DF-4DE3-4CDA-83B5-11673EADAB0B}
