MainPrivacy

MainPrivacy

Found: 
2011-01-13
Description: 

Win32.FraudTool.MainPrivacy is a rogue privacy cleanup application. It may give exaggerated threat reports on the compromised computer then ask the user to purchase a registered version to remove those reported threats.

 

Credit: Tachikoma

Known system changes: 


Files

%Desktop%\��������̹��.lnk

Folders

%ProgramFiles%\MainPrivacy
%StartMenu%\��������̹��

RegistryEntries

Key: HKEY_LOCAL_MACHINE\SOFTWARE\MainPrivacy
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MainPrivacy.exe
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MainPrivacy
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value: MainPrivacy
Data: "C:\Program Files\MainPrivacy\MainPrivacy.exe" /run1