PcGkimi
PcGkimi
Found:
2011-03-01
Description:
Win32.FraudTool.PcGkimi is a rogue anti-spyware application. It may give exaggerated threat reports on the compromised computer then ask the user to purchase a registered version to remove those reported threats.
Known system changes:
Files
Folders
%ProgramFiles%\PcGkimi
RegistryEntries
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\PcGkimi.exe
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PcGkimi
Key: HKEY_LOCAL_MACHINE\SOFTWARE\PcGkimi
Key: HKEY_LOCAL_MACHINE\SOFTWARE\PcGkimiPartner
Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value: PcGkimi
Data: "C:\Program Files\PcGkimi\PcGkimi.exe" /run1