Defendersiteblock.com
The defendersiteblock.com domain produces a fake browser warning that encourages people to buy a license for the Cyber Security rogue anti-spyware program. Defendersiteblock.com hijacks Internet Explorer and causes browser redirections. Defendersiteblock.com spews out annoying and fake warnings and recommends installing Cyber Security. Cyber Security is capable of disrupting the Operating System by messing up the Registry and making it impossible to use System Restore, Task Manager and Safe Mode. Defendersiteblock.com is the shortest way to Cyber Security intrusion. It is advisable to get rid of this browser hijacker immediately.
File System Modifications
- The following files were created in the system:
# File Name 1 %AppData%\Microsoft\Internet Explorer\Quick Launch\CS.lnk 2 %Documents and Settings%\All Users\Start Menu\CS 3 %Documents and Settings%\All Users\Start Menu\CS\Computer Scan.lnk 4 %Documents and Settings%\All Users\Start Menu\CS\Cyber Security.lnk 5 %Documents and Settings%\All Users\Start Menu\CS\Help.lnk 6 %Documents and Settings%\All Users\Start Menu\CS\Registration.lnk 7 %Documents and Settings%\All Users\Start Menu\CS\Security Center.lnk 8 %Documents and Settings%\All Users\Start Menu\CS\Settings.lnk 9 %Documents and Settings%\All Users\Start Menu\CS\Update.lnk 10 %Program Files%\Common Files\CSUninstall 11 %Program Files%\Common Files\CSUninstall\Uninstall.lnk 12 %Program Files%\CS 13 %Program Files%\CS\tsc.exe 14 %UserProfile%\Desktop\Cyber Security.lnk 15 %WINDOWS%\system32\iehelpmod.dll
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "CS"HKEY_LOCAL_MACHINE\SOFTWARE\5FFB10D58FFCF482208906E6A889FD56HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC}HKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOT\CLSID\{35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC}HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}CS
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.