Generalscansite.com
Generalscansite.com Description
Generalscansite.com is a scam site that advertises the Live Enterprise Suite rogue software. Generalscansite.com is quite tricky since it is able to modify user’s browsers and make the users visit its domain whether they want to or not. Sly Trojan horses are responsible for this browser redirect phenomenon. When a user enters Generalscansite.com, he/she will receive a lot of pop-ups that informs him/her about some type of malware infections detected. After that, the user will be presented with a fake online scan which is a counterfeit animation aimed at trusting computer users. The user will then be prompted to purchase Live Enterprise Suite in order to remove the “detected” malware. Do not fall for this scam.
Generalscansite.com Automatic Detection Tool (Recommended)
Is your PC infected with Generalscansite.com? To safely & quickly detect Generalscansite.com, we highly recommend you run the malware scanner listed below.
Download SpyHunter's* Malware Scanner to detect Generalscansite.com
What happens if Generalscansite.com does not let you open SpyHunter or blocks the Internet?
File System Modifications
- The following files were created in the system:
# File Name 1 %Documents and Settings%\[UserName]\Application Data\Live Enterprise Suite 2 %Documents and Settings%\[UserName]\Application Data\Live Enterprise Suite\db 3 %Documents and Settings%\[UserName]\Application Data\Live Enterprise Suite\db\config.cfg 4 %Documents and Settings%\[UserName]\Application Data\Live Enterprise Suite\db\Timeout.inf 5 %Documents and Settings%\[UserName]\Application Data\Live Enterprise Suite\db\Urls.inf 6 %Documents and Settings%\[UserName]\Application Data\Live Enterprise Suite\settings.ini 7 %Documents and Settings%\[UserName]\Application Data\Live Enterprise Suite\uill.ini 8 %Documents and Settings%\[UserName]\Application Data\Live Enterprise Suite\unins000.exe 9 %Documents and Settings%\[UserName]\Application Data\Live Enterprise Suite\updateloadlist.ini 10 %Documents and Settings%\[UserName]\Application Data\Microsoft\Windows\winlogon.exe 11 %Documents and Settings%\[UserName]\Local Settings\Application 12 %Documents and Settings%\[UserName]\Local Settings\Application Data\Microsoft\Windows\pguard.ini 13 %Documents and Settings%\[UserName]\Local Settings\Application Data\Microsoft\Windows\services.exe 14 %Documents and Settings%\[UserName]\My Documents\My Pictures\atbyin.exe 15 %Program Files%\Common Files\[random path]calc.exe 16 %Program Files%\Common Files\]random path]char.exe 17 Data\Microsoft\Windows\log.txt
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Live Enterprise Suite”HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Microsoft Windows logon process”HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION “svchost.exe”HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe “Debugger”HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe “RealDebugger”HKEY..\..\..\..{RegistryKeys}HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_HTGRDENGINEHKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HTGrdEngineHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_HTGRDENGINEHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HTGrdEngineHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}567 1.4.2.0_is1Live Enterprise Suite_is1
Posted: March 1, 2010 | By SpywareRemove
MoreThreat Level: 5/10
(No Ratings Yet)
Loading ...Rate this article:
