Viewworldmy1.com
Viewworldmy1.com is a rogue website that attempts to trick you into believing you lack specific software updates to view online videos that you are trying to open. Viewworldmy1.com promotes the spread of the rogue anti-spyware application WinPC Defender, which is on the list of top most dangerous malwares of the last month.
Trojans dropped into your system alter browser settings so that you are continuously redirected to the Viewworldmy1.com web page, where you will see a warning message with the title: "Message Box Object Error." This alert claims you must update your Video ActiveX Object so that your browser can display the necessary multimedia content. Choosing to "upgrade" your codec will trigger the installation of WinPC Defender without your awareness or consent.
WinPc Defender will cause your PC to become slower with each passing day, and your internet connection speed will continue to degrade.
File System Modifications
- The following files were created in the system:
# File Name 1 %Program Files%\WinPC Defender\data.dat 2 %Program Files%\WinPC Defender\FwHookDrv.sys 3 %Program Files%\WinPC Defender\HOSTS.hst 4 %Program Files%\WinPC Defender\Manual.url 5 %Program Files%\WinPC Defender\options.xml 6 %Program Files%\WinPC Defender\reserve.dat 7 %Program Files%\WinPC Defender\rules 8 %Program Files%\WinPC Defender\Rules.txt 9 %Program Files%\WinPC Defender\siren.wav 10 %Program Files%\WinPC Defender\Support.url 11 %Program Files%\WinPC Defender\svo.scf 12 %Program Files%\WinPC Defender\temp 13 %Program Files%\WinPC Defender\Uninstall.exe 14 %Program Files%\WinPC Defender\Uninstall_st_st_.exe 15 %Program Files%\WinPC Defender\WDefDemo.exe 16 %Program Files%\WinPC Defender\Web.url 17 %UserProfile%\Desktop\Launch WinPC Defender.lnk 18 %UserProfile%\Local Settings\Temp\[Random Name].tmp 19 %UserProfile%\Local Settings\Temp\delwdef2008.bat 20 %WINDOWS%\ieocx.dll
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “sysav”HKEY_CURRENT_USER\Software\WinPC DefenderHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96ad72e4-2e2b-4ffc-a5bb-279c2714af12}HKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOT\CLSID\{96ad72e4-2e2b-4ffc-a5bb-279c2714af12}HKEY_CLASSES_ROOT\IEocxApp.IEocxHKEY_CLASSES_ROOT\IEocxApp.IEocx.1HKEY_CLASSES_ROOT\Interface\{4B66E1DF-4DE3-4CDA-83B5-11673EADAB0B}HKEY_CLASSES_ROOT\Interface\{9692BE2F-EB8F-49D9-A11C-C24C1EF734D5}HKEY_CURRENT_USER\Control Panel\don’t load “scui.cpl”HKEY_CURRENT_USER\Control Panel\don’t load “wscui.cpl”HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run “Content”
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.