Pcsecurity-2009.com
Pcsecurity-2009.com is a rogue website sponsoring the fake spyware remover called PC Security 2009. In order to achieve this goal, trojans infiltrate your computer through security vulnerabilities and alter the browser settings, causing web-surfing activities to be interrupted and diverted to the Pcsecurity-2009.com web page. Once here, your PC is subject to a fake online scan that reports fabricated infections results, in order to scare you into purchasing the rogue anti-spyware PC Security 2009.
File System Modifications
- The following files were created in the system:
# File Name 1 %Documents and Settings%\All Users\Application Data\hipeh.vbs 2 %Documents and Settings%\All Users\Application Data\imevata.exe 3 %Documents and Settings%\All Users\Application Data\juvugyx.sys 4 %Documents and Settings%\All Users\Application Data\tihavodyru.dl 5 %Documents and Settings%\All Users\Documents\emytijy.bat 6 %Documents and Settings%\All Users\Documents\etycipifez._sy 7 %Documents and Settings%\All Users\Documents\uzasezo.bat 8 %Program Files%\Common Files\edydule.db 9 %Program Files%\Common Files\sisejemaqy.pif 10 %Program Files%\Common Files\wepyta._sy 11 %Program Files%\PC_Security2009 12 %Program Files%\PC_Security2009\AVEngn.dll 13 %Program Files%\PC_Security2009\data 14 %Program Files%\PC_Security2009\data\daily.cvd 15 %Program Files%\PC_Security2009\htmlayout.dll 16 %Program Files%\PC_Security2009\Microsoft.VC80.CRT 17 %Program Files%\PC_Security2009\Microsoft.VC80.CRT\Microsoft.VC80.CRT.manifest 18 %Program Files%\PC_Security2009\Microsoft.VC80.CRT\msvcm80.dll 19 %Program Files%\PC_Security2009\Microsoft.VC80.CRT\msvcp80.dll 20 %Program Files%\PC_Security2009\Microsoft.VC80.CRT\msvcr80.dll 21 %Program Files%\PC_Security2009\PC_Security2009.exe 22 %Program Files%\PC_Security2009\pthreadVC2.dll 23 %Program Files%\PC_Security2009\Uninstall.exe 24 %Program Files%\PC_Security2009\wscui.cpl 25 %UserProfile%\Application Data\ciwizatyvo.vbs 26 %UserProfile%\Application Data\equcetovyf.scr 27 %UserProfile%\Application Data\huwo.lib 28 %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\PC_Security2009.lnk 29 %UserProfile%\Application Data\netekoh.pif 30 %UserProfile%\Cookies\qyciq.exe 31 %UserProfile%\Cookies\tufubyvyv.inf 32 %UserProfile%\Desktop\PC_Security2009.lnk 33 %UserProfile%\Local Settings\Application Data\dofevura.ban 34 %UserProfile%\Local Settings\Temporary Internet Files\ehyzubi.ban 35 %UserProfile%\Local Settings\Temporary Internet Files\teqiqu.dl 36 %UserProfile%\Local Settings\Temporary Internet Files\xujite.vbs 37 %UserProfile%\Start Menu\Programs\PC_Security2009 38 %UserProfile%\Start Menu\Programs\PC_Security2009\PC_Security2009.lnk 39 %UserProfile%\Start Menu\Programs\PC_Security2009\Uninstall.lnk 40 %WINDOWS%\bezyneluri.dll 41 %WINDOWS%\hitamoja.db 42 %WINDOWS%\jagavodo._dl 43 %WINDOWS%\system32\_scui.cpl 44 %WINDOWS%\system32\exeneqaze.vbs 45 %WINDOWS%\system32\ezecep.scr 46 %WINDOWS%\system32\loturyk.db 47 %WINDOWS%\uwojevuk.reg 48 %WINDOWS%\xyqimomyte.inf 49 %WINDOWS\system32\xyluny.dat
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\SOFTWARE\PC_Security2009HKEY..\..\..\..{RegistryKeys}HKEY_CURRENT_USER\Control Panel\don't load "scui.cpl"HKEY_CURRENT_USER\Control Panel\don't load "wscui.cpl"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "PC Security 2009"HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}PC_Security2009
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.