9 Spyware Found Popup
"9 Spyware Found" popup is a fake security alert from fake spyware remover WinBlueSoft. The popup reads as follows:
"9 SPYWARE Found.
Attention: DANGER!
WinBlueSoft has detected 9 Critical SPYWARE Objects while scanning the system. Following object will shortly interrupt system running by: annoying advertisements wasting your traffic; slow page downloading speed. Web browser is not working properly; cyber thieves get access to credit card; criminals will steal your personal data and photos; hackers will get access to email box, personals, hosting and Internet services. They will use your computer and IP address for illegal purposes. Register WinBlueSoft to block or remove threatening objects. Click "Remove" to register the version to render revealed threats."
Following this fake notifications prompts, you will get tricked into purchasing and downloading WinBlueSoft, which will afford your PC absolutely no protection.
File System Modifications
- The following files were created in the system:
# File Name 1 c:\Documents and Settings\All Users\Desktop\WinBlueSoft.lnk 2 c:\Documents and Settings\All Users\Start Menu\Programs\WinBlueSoft 3 c:\Documents and Settings\All Users\Start Menu\Programs\WinBlueSoft\1 WinBlueSoft.lnk 4 c:\Documents and Settings\All Users\Start Menu\Programs\WinBlueSoft\2 Homepage.lnk 5 c:\Documents and Settings\All Users\Start Menu\Programs\WinBlueSoft\3 Uninstall.lnk 6 c:\Program Files\WinBlueSoft Software 7 c:\Program Files\WinBlueSoft Software\WinBlueSoft 8 c:\Program Files\WinBlueSoft Software\WinBlueSoft\data.bin 9 c:\Program Files\WinBlueSoft Software\WinBlueSoft\license.txt 10 c:\Program Files\WinBlueSoft Software\WinBlueSoft\uninstall.exe 11 c:\Program Files\WinBlueSoft Software\WinBlueSoft\WinBlueSoft.exe 12 C:\Windows\System32\blocker.dll
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\WinBlueSoftHKEY_LOCAL_MACHINE\SOFTWARE\WinBlueSoftHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "WinBlueSoft"HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}WinBlueSoft
Thank you. You solved my Anti Virus System Pro. I think? Time will tell.
Chuck Oneto