At the Heart of Another Rogue Is Sanitar Diska

Title: Sanitar Diska

Also Known as: PCPrivacyTool

Severity scale: 100 (100 / 100)

Over the years new rogue applications have become more dangerous to your privacy and Sanitar Diska is one of the newest privacy risks. What Sanitar Diska does is not completely known, but it is known that it is associated with a group of rogue applications known as PCPrivacyTool.

Download Sanitar Diska Remover

AKA:

SanitarDiska
FraudTool.Win32.SanitarDiska

Sanitar Diska file contents:

%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\PCPrivacyTool unregistered.lnk
%UserProfile%\Desktop\PCPrivacyTool unregistered.lnk
%UserProfile%\Desktop\Install PCPrivacyTool .lnk

Running Processes:
AntiVirusInstallFree_en[1].exe

Registry values:
HKEY_ALL_USERS\Software\Microsoft\Windows\CurrentVersion\Run\”PCPrivacyTool” = “C:\Program Files\PCPrivacyTool\GDC.exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\”PCPrivacyTool” = “C:\Program Files\PCPrivacyTool\GDC.exe”
HKEY_ALL_USERS\Software\PCPrivacyTool
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\secure_del
HKEY_CLASSES_ROOT\.exe\shellex\ContextMenuHandlers\secure_del
HKEY_CLASSES_ROOT\Drive\shellex\ContextMenuHandlers\secure_del
HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\secure_del
HKEY_CLASSES_ROOT\CLSID\{B33DE756-DEEE-4D7A-87DB-1D905BA2AA21}
HKEY_CLASSES_ROOT\Directory\shellex\ContextMenuHandlers\secure_del
HKEY_CLASSES_ROOT\.lnk\ShellEx\ContextMenuHandlers\secure_del
HKEY_CLASSES_ROOT\Directory\Background\shellex\ContextMenuHandlers\secure_del
HKEY_CLASSES_ROOT\SystemFileAssociations\Directory.Image\shellex\ContextMenuHandlers\secure_del
HKEY_CLASSES_ROOT\SystemFileAssociations\Directory.Video\shellex\ContextMenuHandlers\secure_del
HKEY_CLASSES_ROOT\exefile\shellex\ContextMenuHandlers\secure_del
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GDC_is1
HKEY_LOCAL_MACHINE\SOFTWARE\PC Drive Tool
HKEY_LOCAL_MACHINE\SOFTWARE\PCPrivacyTool
HKEY_LOCAL_MACHINE\SOFTWARE\ugdccw
HKEY_CLASSES_ROOT\lnkfile\shellex\ContextMenuHandlers\secure_del
HKEY_CLASSES_ROOT\SystemFileAssociations\Directory.Audio\shellex\ContextMenuHandlers\secure_del
HKEY_LOCAL_MACHINE\SOFTWARE\Purchased Products\PC Drive Tool
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\”ugdccw” = “C:\PROGRA~1\PCPRIV~1\UGDCcw.exe” -start”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\”{B33DE756-DEEE-4D7A-87DB-1D905BA2AA21}” = “secure_del”

Unregistered DLLs:
HKEY_ALL_USERS\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\PCPrivacyTool = C:\\Program Files\\PCPrivacyTool\\GDC.exe HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\PCPrivacyTool = C:\\Program Files\\PCPrivacyTool\\GDC.exe HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\ugdccw = C:\\PROGRA~1\\PCPRIV~1\\UGDCcw.exe -start HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Shell Extensions\\Approved\\{B33DE756-DEEE-4D7A-87DB-1D905BA2AA21} = secure_del HKEY_ALL_USERS\\Software\\PCPrivacyTool HKEY_CLASSES_ROOT\\*\\shellex\\ContextMenuHandlers\\secure_del HKEY_CLASSES_ROOT\\.exe\\shellex\\ContextMenuHandlers\\secure_del HKEY_CLASSES_ROOT\\.lnk\\ShellEx\\ContextMenuHandlers\\secure_del HKEY_CLASSES_ROOT\\CLSID\\{B33DE756-DEEE-4D7A-87DB-1D905BA2AA21} HKEY_CLASSES_ROOT\\Directory\\Background\\shellex\\ContextMenuHandlers\\secure_del HKEY_CLASSES_ROOT\\Directory\\shellex\\ContextMenuHandlers\\secure_del HKEY_CLASSES_ROOT\\Drive\\shellex\\ContextMenuHandlers\\secure_del HKEY_CLASSES_ROOT\\Folder\\shellex\\ContextMenuHandlers\\secure_del HKEY_CLASSES_ROOT\\SystemFileAssociations\\Directory.Audio\\shellex\\ContextMenuHandlers\\secure_del HKEY_CLASSES_ROOT\\SystemFileAssociations\\Directory.Image\\shellex\\ContextMenuHandlers\\secure_del HKEY_CLASSES_ROOT\\SystemFileAssociations\\Directory.Video\\shellex\\ContextMenuHandlers\\secure_del HKEY_CLASSES_ROOT\\exefile\\shellex\\ContextMenuHandlers\\secure_del HKEY_CLASSES_ROOT\\lnkfile\\shellex\\ContextMenuHandlers\\secure_del HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\GDC_is1 HKEY_LOCAL_MACHINE\\SOFTWARE\\PC Drive Tool HKEY_LOCAL_MACHINE\\SOFTWARE\\PCPrivacyTool HKEY_LOCAL_MACHINE\\SOFTWARE\\Purchased Products\\PC Drive Tool HKEY_LOCAL_MACHINE\\SOFTWARE\\ugdccw
Associated Files:
%ProgramFiles%\PCPrivacyTool
C:\Documents and Settings\All Users\Start Menu\Programs\PCPrivacyTool

Recommended Action:  Immediate Removal

If during a scan of you computer with a reliable malware protection and removal program you come across Sanitar Diska than it is a sure bet your computer is infected with some type of rogue application. To remove the threats associated with Sanitar Diska it is a good idea to use a 100% guaranteed malware removal and protection program like Spyzooka. With Spyzooka your computer will be 100% guaranteed to be rid of Sanitar Diska.

Download Sanitar Diska Remover
 

Leave a Reply

Yes Scan My PcFor FREE!

  • Error Doctor 2009 Is Fake Antispyware

    Too often people are duped into investing in fake antispyware software that does nothing but harm their computers and put their personal information at risk. Error doctor 2009 is one of these programs, and if you have found it on your computer, it is imperative that you take steps to remove it immediately. The longer [...]

  • Spyware Profile for Win32.Allaple

    Win32.Allaple is able to enter your system as a backdoor Trojan.  Its Trojan abilities allow it to enter secretly and it will continue to run silently and undetected.  Once it has entered, it will open up a backdoor that will allow a hacker to enter.  The hacker will be able to have complete control of [...]

  • Avoid Antispyware Pro 2009

    When spyware developers stumble across a scam that works, you can bet they’ll run with it until they can run no more. They’ll take a “successful” program and replicate it over and over, just changing the name enough to avoid major detection. Such is the case with antispyware pro 2009, a rogue antispyware application in [...]

  • Remove WindowSystemSuite

    WindowSystemSuite is a rogue security program designed by hackers to convince users that their computer is infected, and that they must buy their program in order to eliminate these threats. WindowSystemSuite uses aggressive and misleading security alerts to alarm the user. This malware may install additional spyware, and is capable of disabling or deleting system [...]

© 2010 SpyZooka Blog – Easy Spyware Removal All rights reserved. Powered by Wordpress. Designed by Woo Themes