MalwareDisasters is a division of MalwareIntelligence. In the same test information is captured about the behavior of malicious code, and also offering the necessary countermeasures to mitigate the malicious actions in question.


Litter Korean rogue lurking III

PCScan is another rogue Koreans that have appeared in recent days, in addition to the two previously showed. - - DACOM-NET LG DACOM

The IP also resolves the following domains:

Setup.exe (a85900759318ea66dc94ba789aae2cfe)
PCScan.exe (665b846b82d959843744d9d3a7b39bdc)
PCScanMon.exe (01cdb8f8955a4df6eebb1aca04d6a43c)
Uninstall.exe (76cd1340bded9d96050df30999f6274d)

Unistaller.exe file simulates the uninstaller antivirus program assumes, however, no effect arises because it’s false.

Check the following pages:


Terminate the processes called PCScan.exe. You can use the ProcessExplorer to view and terminate processes.

Remove PCScan folder (which houses six files) located in C:\Program Files\pcscan\

Delete the system registry pcscan key from HKLM\SOFTWARE\Microsoft\Windows\ CurrentVersion\Run, which refers to "C:\Program Files\pcscan\pcscan.exe". You can use the Autoruns to view and delete the key.

Delete the desktop shortcut.

Running updated antivirus

Related information

Litter Korean rogue lurking II
Litter Korean rogue lurking I
PC Defender Antivirus rogue update system registry
Phoenix Exploit's Kit and Pay-per-Install via PC Defender Antivirus
Dangerous trojans, keyloggers and Spyware detected in you computer!!!
Desktop Hijack by Internet Security 2010. Your System Is Infected!

0 comentarios:

Post a Comment