Home Malware Programs Browser Hijackers New-soft.net

New-soft.net

Posted: January 28, 2010

The rogue anti-spyware program Antivirus Live uses a new corrupt website every couple of days. New-soft.net is a new one that comes armed with a browser hijacker which hacks Internet users' web browsers and redirects them to the rogue website. Do not believe any of the fake warnings New-soft.net may produce and do not click on anything on the webpage, instead remove New-soft.net from your browser and use an effective anti-malware program to rid your PC of any threats related to Antivirus Live.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 %UserProfile%\Local Settings\Application Data\[random]
    2 %UserProfile%\Local Settings\Application Data\[random]\[random]sysguard.exe
    3 [random string]sysguard.exe

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\AvScanHKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = "1"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyOverride = ""HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = "http=127.0.0.1:5555"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = ".exe"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments "SaveZoneInformation" = "1"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[random]"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "[random]"

One Comment

  • Earl says:

    My PC CPU at times is running at 100 percent and looked at running process's then went and run Registery mechanic and several other programs then went in to the Regedit and looked at each key and Found New soft as a registry key , but found little on it except on your site Use bitdefender , comodo firewall and spybot , spyware blaster and registery mechanic but still have a slow Pc with 4 gigs of ram and a 3 gig processor on a Hp desk top . Dumped unused programs and use Windows washer but all the programs seem to do no good . Use XP pro as an OS . So manually going through the Registry and editing some keys . And had questions on Citrix, Gemplus, Mimar Sinan, and Midas Heur Scanner and others . deleted new soft . if it cripples a program have all the back up CD's and OS . Thanks

Loading...