Threat Database Rogue Websites Vrusstatuscheck.com

Vrusstatuscheck.com

Vrusstatuscheck.com is a browser hijacker promoting the rogue anti-spyware application called Personal Antivirus. Typically you are diverted to this malicious website due to trojan viruses infiltrating your system via security exploits and modifying your browser settings. Once you finally hit Vrusstatuscheck.com, you are subject to a fake online scan that reports fabricated infection results. This is all in order to intimidate you into purchasing Personal Antivirus, under the assumption it will actually help protect your system.

File System Details

Vrusstatuscheck.com may create the following file(s):
# File Name Detections
1. %UserProfile%\Local Settings\Application Data\Microsoft\Windows\services.exe
2. %UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iv.exe
3. %UserProfile%\Application Data\Personal Antivirus\unins000.exe
4. %UserProfile%\Application Data\Microsoft\Windows\winlogon.exe
5. %Program Files%\Personal Antivirus\PerAvir.exe
6. %UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iPSh.png
7. %Documents and Settings%\All Users\Desktop\Personal Antivirus.lnk
8. %Documents and Settings%\All Users\Start Menu\Programs\Personal Antivirus\Personal Antivirus.lnk
9. %Program Files%\Personal Antivirus\db\ia080614.db
10. %Program Files%\Personal Antivirus\Languages\IAEs.lng
11. %Program Files%\Personal Antivirus\Languages\IAIt.lng
12. %Program Files%\Personal Antivirus\activate.ico
13. %Program Files%\Personal Antivirus\uninstall.ico
14. %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Personal Antivirus.lnk
15. %UserProfile%\Application Data\Personal Antivirus\uill.ini
16. %UserProfile%\Application Data\Personal Antivirus\db\config.cfg
17. %UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iMSh.png
18. %UserProfile%\Local Settings\Application Data\Microsoft\Windows\pguard.ini
19. %Documents and Settings%\All Users\Start Menu\Programs\Personal Antivirus\Personal Antivirus Home Page.lnk
20. %Program Files%\Personal Antivirus\db\DBInfo.ver
21. %Program Files%\Personal Antivirus\Languages
22. %Program Files%\Personal Antivirus\Languages\IAGer.lng
23. %Program Files%\Personal Antivirus
24. %Program Files%\Personal Antivirus\unins000.dat
25. %Documents and Settings%\All Users\Start Menu\Programs\Personal Antivirus\Purchase License.lnk
26. %UserProfile%\Application Data\Personal Antivirus\settings.ini
27. %UserProfile%\Application Data\Personal Antivirus\db
28. %UserProfile%\Application Data\Personal Antivirus\db\Urls.inf
29. %UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iGSh.png
30. %UserProfile%\Local Settings\Application Data\Microsoft\Windows\log.txt
31. %Documents and Settings%\All Users\Start Menu\Programs\Personal Antivirus
32. %Program Files%\Personal Antivirus\db
33. %Program Files%\Personal Antivirus\db\ia080618x.db
34. %Program Files%\Personal Antivirus\Languages\IAFr.lng
35. %WINDOWS%\system32\log.txt
36. %Program Files%\Personal Antivirus\Explorer.ico
37. %Program Files%\Personal Antivirus\working.log
38. %UserProfile%\Application Data\Personal Antivirus
39. %UserProfile%\Application Data\Personal Antivirus\Uninstall Personal Antivirus.lnk
40. %UserProfile%\Application Data\Personal Antivirus\db\Timeout.inf

Registry Details

Vrusstatuscheck.com may create the following registry entry or registry entries:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ITGrdEngine
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ITGRDENGINE
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Personal Antivirus"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Personal Antivirus_is1
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer "PrS"

Trending

Most Viewed

Loading...