Renamehomepage.com/security/xp/
Renamehomepage.com/security/xp/ is a browser hijacker that redirects your homepage to the rogue site Renamehomepage.com. Your computer screen will display false
security alert pop ups stating that your computer is infected in order to con you into purchasing the fraudulent programs Advanced Antivirus, Ultimate Antivirus 2008, Spyware Preventer or Windows Antivirus 2008 programs. You will see this warning displayed on your screen:
"Warning! W32.Myzor.FK@yf is a virus that infects files with .exe extensions. It attempts to steal passwords and private information from the infected computer. If you are infected with this hijacker you will receive warnings in your task bar stating that you are infected with
spyware and to run its special anti-spyware tool."
You will be unable to visit other sites once your browser is hijacked by
Renamehomepage.com/security/xp/. Don't be fooled by the scam warnings and do NOT purchase the useless software offered on the Renamehomepage.com rogue site.
File System Modifications
- The following files were created in the system:
# File Name 1 gtawclv.dll 2 icmntr.exe 3 icthis.exe 4 ictun.exe 5 icun.exe 6 isfmm.exe 7 isfmntr.exe 8 isfun.exe 9 msmsgs.exe 10 nvctrl.exe 11 Online Security Guide.url 12 pmmon.exe 13 Security Troubleshooting.url 14 spwoqbmv.exe 15 VideoAccessCodecInstall.exe 16 xbaqktfv.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70d17a5f-ef27-4295-90f5-20ad6f24834f}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D61D7E1A-6613-49CA-B6F9-51DB248E209D}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{aa6d4f53-4c8d-4549-84d2-02d584acc4e9}HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}IExplorer Security Plug-inInternet Explorer Secure Bar
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.