Cyber Protection System
» If you can't view the screen shot, you may have to click the screen shot when you put the mouse over the it.
» Dependant upon your browser settings.
This sleek program is another to watch out for. So be don't be tricked.
It appears
that the client was browsing the internet when their browser was hijacked and redirected to
another site. The client was duped into installing this program. The file downloaded was Inst_15s1.exe (125,952 bytes).
Below are entries found in the Registry(If you are unfamiliar with the registry...Leave this page NOW)
and files associated with the program.
-
Key Name: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
Class Name:
Last Write Time:
Value 0
Name: CSec
Type: REG_SZ
Data: C:\Program Files\CSec\cs.exe
-
Key Name: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\CSec
Class Name:
Last Write Time: **/**/2009 - 2:42 PM
Value 0
Name: DisplayIcon
Type: REG_SZ
Data: C:\Program Files\CSec\cs.exe
Value 1
Name: DisplayName
Type: REG_SZ
Data: Cyber Security
Value 2
Name: UninstallString
Type: REG_SZ
Data: C:\Program Files\CSec\cs.exe -uninst
-
Key Name: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART
Class Name:
Last Write Time: **/**/2009 - 2:42 PM
Value 0
Name: cs.exe
Type: REG_DWORD
Data: 0x1
-
Key Name: HKEY_USERS\S-1-5-21-****-****-****-****\Software\Microsoft\Windows\CurrentVersion\Run
Class Name:
Last Write Time: **/**/2009 - 2:42 PM
Value 0
Name: CSec
Type: REG_SZ
Data: C:\Program Files\CSec\cs.exe
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cyber Protection System"
You will find shortcuts to the program in the C:\Documents and Settings\All Users\Start Menu\CSec folder:
- 662 bytes » Security Center.lnk
- 1,510 bytes » Registration.lnk
- 1,466 bytes » Help.lnk
- 1,502 bytes » Settings.lnk
- 1,498 bytes » Update.lnk
- 1,514 bytes » Computer Scan.lnk
- 652 bytes » Cyber Security.lnk
in the C:\Program Files\Common Files\CSecUninstall folder
- 654 bytes » Uninstall.lnk
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The following is a list of files you may find in the:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"C:\Program Files\CSec" Folder
Size
Name
- 1,203,712 bytes » cs.exe
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The following is a list of files you may find in the:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"C:\Program Files\Common Files\CSecUninstall" Folder
Size
Name
- 654 bytes » Uninstall.lnk
Remember to always check here:
C:\WINDOWS\Prefetch
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-
-
-
-
-
-
-
-
-
-
-
