Win32/Ptcasino
Win32/Ptcasino is an online gambling related infection which is dropped through the vulnerabilities of online games websites and steal victim's personal information. Being gambling related infection Win32/Ptcasino does not limit the virus payload to stealing information important for players of online games only. Peculiarities of data exchange between website running online games allows to obtain extended access to a range of infected computers and to retrieve various information, turn the computer into spybot, etc. Win32/Ptcasino usually propagates via online card games, such as Pocker, but also can be sent otherwise. Removal of Win32/Ptcasino is recommended not for online gamers only.
File System Modifications
- The following files were created in the system:
# File Name 1 %Documents and Settings%\[UserName]\Start Menu\Buy.lnk 2 %Documents and Settings%\All Users\Application Data\iosejgfse.dll
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Malware DefenseHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations 'LowRiskFileTypes' = '.exe'HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments 'SaveZoneInformation' = '1'HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce 'SelfdelNT'HKEY_CURRENT_USER\Software\Paladin AntivirusHKEY_LOCAL_MACHINE\SOFTWARE\Malware Defense
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.