Privacy Tools Pack
Privacy Tools Pack, also known as PrivacyToolsPack, is a rogue program that sells itself as an all-in-one security suite. Privacy Tools Pack is usually installed with the help of a Trojan found in a fraudulent website called Porn Tube. If you're surfing this website and try to watch a video, you'll be tricked into installing a program to watch the video, this program is the actual Trojan that downloads and installs Privacy Tools Pack. Privacy Tools Pack offers to various utilities (Cookie guarder, Secure channel, Memory wizard, Surf Protector, Registry Doctor, System Monitor) but in reality, they are of no use.
Once Privacy Tools Pack is installed, it may run its fake system scanner and generate a list of supposed spyware infections found in your computer system. To remove these "threats" you'll be lured into purchasing Privacy Tools Pack's full version. Privacy Tools Pack may start on every Windows startup.
File System Modifications
- The following files were created in the system:
# File Name 1 %UserProfile%\Application Data\Privacy components 2 %UserProfile%\Application Data\Privacy components\dbases 3 %UserProfile%\Application Data\Privacy components\dbases\cg.dat 4 %UserProfile%\Application Data\Privacy components\dbases\mw.dat 5 %UserProfile%\Application Data\Privacy components\dbases\rd.dat 6 %UserProfile%\Application Data\Privacy components\dbases\sc.dat 7 %UserProfile%\Application Data\Privacy components\dbases\sm.dat 8 %UserProfile%\Application Data\Privacy components\dbases\sp.dat 9 %UserProfile%\Application Data\Privacy components\keys 10 %UserProfile%\Application Data\Privacy components\keys\cg.key 11 %UserProfile%\Application Data\Privacy components\keys\rd.key 12 %UserProfile%\Application Data\Privacy components\keys\sc.key 13 %UserProfile%\Application Data\Privacy components\keys\sp.key 14 %UserProfile%\Application Data\Privacy components\temp 15 %UserProfile%\Application Data\Privacy components\temp\settings.ini 16 %UserProfile%\Application Data\Privacy components\temp\spfilter 17 %UserProfile%\Desktop\Privacy components.lnk 18 %UserProfile%\Start Menu\Programs\Privacy components 19 %UserProfile%\Start Menu\Programs\Privacy components\Privacy components.lnk 20 c:\Program Files\Privacy components 21 c:\Program Files\Privacy components\agent.exe 22 c:\Program Files\Privacy components\faq 23 c:\Program Files\Privacy components\faq\guide.html 24 c:\Program Files\Privacy components\faq\images 25 c:\Program Files\Privacy components\faq\images\gimg1.jpg 26 c:\Program Files\Privacy components\faq\images\gimg10.jpg 27 c:\Program Files\Privacy components\faq\images\gimg2.jpg 28 c:\Program Files\Privacy components\faq\images\gimg3.jpg 29 c:\Program Files\Privacy components\faq\images\gimg4.jpg 30 c:\Program Files\Privacy components\faq\images\gimg5.jpg 31 c:\Program Files\Privacy components\faq\images\gimg6.jpg 32 c:\Program Files\Privacy components\faq\images\gimg7.jpg 33 c:\Program Files\Privacy components\faq\images\gimg8.jpg 34 c:\Program Files\Privacy components\faq\images\gimg9.jpg 35 c:\Program Files\Privacy components\pc.exe 36 c:\Program Files\Privacy components\sounds 37 c:\Program Files\Privacy components\sounds\1.mp3 38 c:\Program Files\Privacy components\sounds\3.mp3 39 c:\Program Files\Privacy components\tools 40 c:\Program Files\Privacy components\tools\sc 41 c:\Program Files\Privacy components\tools\sc\ca.crt 42 c:\Program Files\Privacy components\tools\sc\libeay32.dll 43 c:\Program Files\Privacy components\tools\sc\libssl32.dll 44 c:\Program Files\Privacy components\tools\sc\OemWin2k.inf 45 c:\Program Files\Privacy components\tools\sc\openvpn.exe 46 c:\Program Files\Privacy components\tools\sc\tap0801.sys 47 c:\Program Files\Privacy components\tools\sc\tapinstall.exe 48 c:\Program Files\Privacy components\tools\sp 49 c:\Program Files\Privacy components\tools\sp\sp.dll 50 c:\Program Files\Privacy components\uninstall.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" => "C:\Program Files\Privacy components\pc.exe"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "agent.exe"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D032570A-5F63-4812-A094-87D007C23012}HKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOT\CLSID\{D032570A-5F63-4812-A094-87D007C23012}HKEY_CLASSES_ROOT\sp.TIEAdvBHOHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}Privacy components
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.