Home Rogue Websites WinBlueSoft.com

WinBlueSoft.com

Posted: June 5, 2009

WinBlueSoft.com is a rogue website sponsoring the fake spyware remover WinBlueSoft. To achieve this goal, affiliated Trojans infiltrate your computer through security vulnerabilities and alter the browser settings, causing web-surfing activities to be diverted to the WinBlueSoft.com web page. Once here, your PC is subject to a fake online scan that reports various fabricated infection results in order to intimidate you into purchasing WinBlueSoft.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 %Documents and Settings%\All Users\Desktop\WinBlueSoft.lnk
    2 %Documents and Settings%\All Users\Start Menu\Programs\WinBlueSoft
    3 %Documents and Settings%\All Users\Start Menu\Programs\WinBlueSoft\1 WinBlueSoft.lnk
    4 %Documents and Settings%\All Users\Start Menu\Programs\WinBlueSoft\2 Homepage.lnk
    5 %Documents and Settings%\All Users\Start Menu\Programs\WinBlueSoft\3 Uninstall.lnk
    6 %Program Files%\WinBlueSoft Software
    7 %Program Files%\WinBlueSoft Software\WinBlueSoft
    8 %Program Files%\WinBlueSoft Software\WinBlueSoft\data.bin
    9 %Program Files%\WinBlueSoft Software\WinBlueSoft\license.txt
    10 %Program Files%\WinBlueSoft Software\WinBlueSoft\uninstall.exe
    11 %Program Files%\WinBlueSoft Software\WinBlueSoft\WinBlueSoft.exe
    12 %Windows%\System32\blocker.dll

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\WinBlueSoftHKEY_LOCAL_MACHINE\SOFTWARE\WinBlueSoftHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "WinBlueSoft"HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}WinBlueSoft

One Comment

  • DonMcFarland says:
    June 24, 2009 at 5:37 pm

    THANK YOU--THANK YOU!!!!! I thougt I was going nuts-{should be all caps} Everything I tried--would come back and bit me in the a--. I am a "newbee" at the computer,any of my friends will tell you so. I have a very good friend who,lucky me, does understand computers. I tried to send him an e-mail whil all this was going on--had a hard time. I was ready to throw this damn thing away--not worth the worry and effort. YOU HAVE RESTORED MY FAITH-- THANKS AGAIN
    donmc from richardson, texas

Loading...