Virussweeper-scan.net
Virussweeper-scan.net is a rogue website sponsoring the fake spyware remover known as Malware Catcher 2009 (otherwise called Malware Catcher). To achieve this goal, trojans infiltrate your computer through security holes and alter the browser settings, causing web-surfing activities to be interrupted and diverted to the Virussweeper-scan.net web page. Here your PC is subject to a fake online scan that reports fabricated infection results in order to scare you into purchasing Malware Catcher.
File System Modifications
- The following files were created in the system:
# File Name 1 %Documents and Settings%\All Users\Application Data\7c69f0c 2 %Documents and Settings%\All Users\Application Data\7c69f0c\MCatcher.exe 3 %Documents and Settings%\All Users\Application Data\7c69f0c\SystemFeed 4 %Documents and Settings%\All Users\Application Data\7c69f0c\SystemFeed\vd952342.bd 5 %Documents and Settings%\All Users\Application Data\SystemFeed 6 %Documents and Settings%\All Users\Application Data\SystemFeed\mctch.ini 7 %UserProfile%\Application Data\Malware Catcher 2009 8 %UserProfile%\Application Data\Malware Catcher 2009\Instructions.ini 9 %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Malware Catcher 2009.lnk 10 %UserProfile%\Desktop\Malware Catcher 2009.lnk 11 %UserProfile%\Recent\cb.tmp 12 %UserProfile%\Recent\CLSV.dll 13 %UserProfile%\Recent\CLSV.drv 14 %UserProfile%\Recent\eb.tmp 15 %UserProfile%\Recent\energy.exe 16 %UserProfile%\Recent\energy.sys 17 %UserProfile%\Recent\energy.tmp 18 %UserProfile%\Recent\exec.dll 19 %UserProfile%\Recent\fix.sys 20 %UserProfile%\Recent\PE.drv 21 %UserProfile%\Recent\PE.sys 22 %UserProfile%\Recent\std.drv 23 %UserProfile%\Recent\tjd.exe 24 %UserProfile%\Recent\tjd.tmp 25 %UserProfile%\Start Menu\Malware Catcher 2009.lnk 26 %UserProfile%\Start Menu\Programs\Malware Catcher 2009.lnk
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform "6989019803"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform "[xSP_2:2092962508]"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Malware Catcher 2009"HKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOT\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}HKEY_CLASSES_ROOT\MCatcher.DocHostUIHandler
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.