Threat Database Rogue Websites Winpcantivirus2010.com

Winpcantivirus2010.com

By GoldSparrow in Rogue Websites

Winpcantivirus2010.com is a browser hijacker promoting the rogue anti-spyware application known as WinPC Antivirus. Due to affiliated trojans infiltrating the computer and modifying the browser settings, web-surfing activities are redirected to the Winpcantivirus2010.com domain. Here the computer is subject to a fake online scan that reports fictitious and sometimes grossly exaggerated infection results, all in order to intimidate the user into purchasing the fake spyware remover WinPC Antivirus.

File System Details

Winpcantivirus2010.com creates the following file(s):
# File Name Detections
1. c:\WINDOWS\ieocx.dll N/A
2. C:\Documents and Settings\All Users\Ta1HnnaIasEcfgF.exe N/A
3. %UserProfile%\Application Data\pcantivirus.exe N/A
4. %UserProfile%\Start Menu\WinPC Antivirus.LNK N/A
5. %UserProfile%\Desktop\WinPC Antivirus.LNK N/A

Registry Details

Winpcantivirus2010.com creates the following registry entry or registry entries:
HKEY_CLASSES_ROOT\IEocxApp.IEocx.1
HKEY_CLASSES_ROOT\TypeLib\{A54DC52D-7AAD-4D40-A126-337211631EDC}
HKEY_CURRENT_USER\Control Panel\don't load "wscui.cpl"
HKEY_CLASSES_ROOT\IEocxApp.IEocx
HKEY_CLASSES_ROOT\Interface\{9692BE2F-EB8F-49D9-A11C-C24C1EF734D5}
HKEY_CURRENT_USER\Control Panel\don't load "scui.cpl"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "Content"
HKEY_CLASSES_ROOT\CLSID\{96ad72e4-2e2b-4ffc-a5bb-279c2714af12}
HKEY_CLASSES_ROOT\Interface\{4B66E1DF-4DE3-4CDA-83B5-11673EADAB0B}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96ad72e4-2e2b-4ffc-a5bb-279c2714af12}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "sysav"

URLs

Tip: We recommend blocking the domain names as well as the IP addresses associated with them.
The following URL's were found:

win-pc-antivirus2009.com
winpc-antivirus.com
winpc-antivirus09.com
winpc-antivirus2009.com
winpcantivirus2010.com

Trending

Most Viewed

Loading...