PCPrivacyTool

Description:	Rogue Security Program
Risk Level:	High
Date of First Occurence:	Friday, April 25, 2008
Software Developer:	(unknown)
Brief Info:	Rogue/Suspect Anti-Spyware Product "Rogue/Suspect" means that these products are of unknown, questionable, or dubious value as anti-spyware protection.
Removal:	This threat can be removed using "Spyware Terminator"

REMOVER SPYWARE »

Geographical Distribution of Threat "PCPrivacyTool"

Threat Info

View All

Detected Items

Detected Files: %PROGRAMFILES%\PCPrivacyTool\plug\GDCW.exe MD5: EF8F4DF3064DC35001375120FFA3F87C Size:282624
Detected Files with variable Filenames:

Detecting items list:

Files by Name %APPDATA%\Microsoft\Internet Explorer\Quick Launch\PCPrivacyTool unregistered.lnk %DESKTOP%\Install PCPrivacyTool .lnk %DESKTOP%\PCPrivacyTool unregistered.lnk
Files by Directories %START_PROGRAMSALL%\PCPrivacyTool %ProgramFiles%\PCPrivacyTool
Files by CLSID or Name CLSID=B33DE756-DEEE-4D7A-87DB-1D905BA2AA21
Registry Keys HKCU\Software\PCPrivacyTool HKCR\?\shellex\ContextMenuHandlers\secure_del HKCR\.exe\shellex\ContextMenuHandlers\secure_del HKCR\.lnk\ShellEx\ContextMenuHandlers\secure_del HKCR\Directory\Background\shellex\ContextMenuHandlers\secure_del HKCR\Directory\shellex\ContextMenuHandlers\secure_del HKCR\Drive\shellex\ContextMenuHandlers\secure_del HKCR\Folder\shellex\ContextMenuHandlers\secure_del HKCR\SystemFileAssociations\Directory.Audio\shellex\ContextMenuHandlers\secure_del HKCR\SystemFileAssociations\Directory.Image\shellex\ContextMenuHandlers\secure_del HKCR\SystemFileAssociations\Directory.Video\shellex\ContextMenuHandlers\secure_del HKCR\exefile\shellex\ContextMenuHandlers\secure_del HKCR\lnkfile\shellex\ContextMenuHandlers\secure_del HKLM\SOFTWARE\PCPrivacyTool HKLM\SOFTWARE\ugdccw
Registry Values HKCU\Software\Microsoft\Windows\CurrentVersion\Run ValueName=PCPrivacyTool HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ValueName=PCPrivacyTool HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ValueName=ugdccw HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved ValueName={B33DE756-DEEE-4D7A-87DB-1D905BA2AA21}

« Go to Software Database

Pesquise na nossa Base de Dados de Software

A base de dados Software

Últimas notícias sobre Malware

23. Setembro 2011

Among one of the most active spywares currently is without a doubt Trojan.MicroFake.ba. It attacks in conjunction with Rogue antispyware applications and forces users to purchase these fake applications. Using rootkit techniques is very typical of this Trojan to help it hide from users and the system, making it hard to trace. We recommend regular updating of our database and an active real-time protection with antivirus.

Notícias antigas de malware »