Onlinescanservice.com
Onlinescanservice.com is another browser hijacker and rogue website promoting a fake anti-spyware application. This time the fake anti-spyware application is called System Security. A back door Trojan will invade your system and modify specific files and registry entries. This will cause the browser settings to be changed and for you to be redirected to the rogue website. The usual free online scan will be offered and report an exaggerated number of infections; all of which are nonexistent. You will be told that the only way that you can remove these nonexistent infections is to purchase the full paid version of the fake anti-spyware application System Security. This charade is to mislead you into purchasing the System Security program. In addition phony pop up ads and security alerts will be displayed to try and trick you into purchasing the fake System Security application. Do not become a victim of this despicable scam. Delete the infections without hesitation and avoid the rogue website Onlinescanservice.com.
File System Modifications
- The following files were created in the system:
# File Name 1 %\Documents and Settings%\All Users\Application Data\538654387 2 %\Documents and Settings%\All Users\Application Data\538654387\1632575944.exe 3 %\Documents and Settings%\All Users\Application Data\538654387\config.udb 4 %\Documents and Settings%\All Users\Application Data\538654387\init.udb 5 %\Documents and Settings%\All Users\Application Data\538654387\Languages 6 %\Documents and Settings%\All Users\Application Data\538654387\Languages\English.lng 7 %\Documents and Settings%\All Users\Application Data\538654387\Languages\German.lng 8 %\Documents and Settings%\All Users\Application Data\538654387\Languages\Spanish.lng 9 %UserProfile%\Desktop\System Security.lnk 10 %UserProfile%\Start Menu\Programs\System Security 11 %UserProfile%\Start Menu\Programs\System Security\System Security.lnk
Registry Modifications
- The following newly produced Registry Values are:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "1632575944"
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.