HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
To get rid of it, enter serial codes from this list (there is different version of the malware with the same GUI):
ãíèëîçóá
êàðòîôàí
õðåíîâèùå
Run MBAM to remove the infection.
Tuesday, June 29, 2010
Trojan.Ransomware
This trojan opens a Maximized window of a gay pr0n page. It takes a capture of the desktop and displays an On-Top-Fullscreen Window with the capture. Regularly updated to remain on top, the malware prevents users to run/use other softwares . It is registered at:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
To get rid of it, enter serial codes from this list (there is different version of the malware with the same GUI):
ãíèëîçóá
êàðòîôàí
õðåíîâèùå
Run MBAM to remove the infection.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
To get rid of it, enter serial codes from this list (there is different version of the malware with the same GUI):
ãíèëîçóá
êàðòîôàí
õðåíîâèùå
Run MBAM to remove the infection.
