Svetore.com
Svetore.com is a malicious domain used to advertise and distribute the rogue called Antivirus Action. Svetore.com is typically encountered by users already infected with the supposed trial version of Antivirus Action. Antivirus Action will display fake security alerts with recommendations to purchase its "full version" to remove the detected malware. Never purchase Antivirus Action and don?t trust anything on Svetore.com.
File System Modifications
- The following files were created in the system:
# File Name 1 %Temp%\[random]\ 2 %Temp%\[random]\[random]agnz.exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PhishingFilter "Enabled" = "0"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyEnable" = "1"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyOverride" = ""HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = "http=127.0.0.1:33921"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunHKEY_CURRENT_USER\Software\[random]HKEY..\..\..\..{RegistryKeys}"[random]agnz.exe"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.