It displays fake alert to install IEDefender Rogue and Hijacks google pages with an alert and a malware p0rn link.
Tuesday, October 30, 2007
Multimedia Decoder
Multimedia Decoder is another fake codec installing malware.
It displays fake alert to install IEDefender Rogue and Hijacks google pages with an alert and a malware p0rn link.
It displays fake alert to install IEDefender Rogue and Hijacks google pages with an alert and a malware p0rn link.
Wednesday, October 24, 2007
VirusRay 3.8
A new Rogue has been released: VirusRay.
This rogues looks like: Antivir Gear, VirusProtectPro , SpyDown, SpywareQuake.
This rogues looks like: Antivir Gear, VirusProtectPro , SpyDown, SpywareQuake.
Saturday, October 6, 2007
Tuesday, October 2, 2007
Spyware.WinAntiVirus
A new version of Spyware.WinAntiVirus has been released.
HijackThis symptoms:
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\System32\printer.exe
O4 - HKLM\..\Run: [WinAVX] C:\WINDOWS\System32\WinAvXX.exe
O4 - HKLM\..\Run: [DoNotDelete] C:\WINDOWS\System32\explore.exe
O4 - HKCU\..\Run: [WinAVX] C:\WINDOWS\System32\WinAvXX.exe
O4 - HKCU\..\Run: [DoNotDelete] C:\WINDOWS\System32\explore.exe
O4 - Startup: info.exe
O4 - Startup: system.exe
O4 - Global Startup: autorun.exe
O4 - Global Startup: info.exe
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O20 - AppInit_DLLs: C:\WINDOWS\System32\sulimo.dat
HijackThis symptoms:
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\System32\printer.exe
O4 - HKLM\..\Run: [WinAVX] C:\WINDOWS\System32\WinAvXX.exe
O4 - HKLM\..\Run: [DoNotDelete] C:\WINDOWS\System32\explore.exe
O4 - HKCU\..\Run: [WinAVX] C:\WINDOWS\System32\WinAvXX.exe
O4 - HKCU\..\Run: [DoNotDelete] C:\WINDOWS\System32\explore.exe
O4 - Startup: info.exe
O4 - Startup: system.exe
O4 - Global Startup: autorun.exe
O4 - Global Startup: info.exe
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O20 - AppInit_DLLs: C:\WINDOWS\System32\sulimo.dat
Subscribe to:
Posts (Atom)
