Multimedia Decoder is another fake codec installing malware.
It displays fake alert to install IEDefender Rogue and Hijacks google pages with an alert and a malware p0rn link.
Tuesday, October 30, 2007
Wednesday, October 24, 2007
VirusRay 3.8
A new Rogue has been released: VirusRay.
This rogues looks like: Antivir Gear, VirusProtectPro , SpyDown, SpywareQuake.
This rogues looks like: Antivir Gear, VirusProtectPro , SpyDown, SpywareQuake.
Libellés :
Rogues,
ScreenShots
Saturday, October 6, 2007
Tuesday, October 2, 2007
Spyware.WinAntiVirus
A new version of Spyware.WinAntiVirus has been released.
HijackThis symptoms:
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\System32\printer.exe
O4 - HKLM\..\Run: [WinAVX] C:\WINDOWS\System32\WinAvXX.exe
O4 - HKLM\..\Run: [DoNotDelete] C:\WINDOWS\System32\explore.exe
O4 - HKCU\..\Run: [WinAVX] C:\WINDOWS\System32\WinAvXX.exe
O4 - HKCU\..\Run: [DoNotDelete] C:\WINDOWS\System32\explore.exe
O4 - Startup: info.exe
O4 - Startup: system.exe
O4 - Global Startup: autorun.exe
O4 - Global Startup: info.exe
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O20 - AppInit_DLLs: C:\WINDOWS\System32\sulimo.dat
HijackThis symptoms:
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\System32\printer.exe
O4 - HKLM\..\Run: [WinAVX] C:\WINDOWS\System32\WinAvXX.exe
O4 - HKLM\..\Run: [DoNotDelete] C:\WINDOWS\System32\explore.exe
O4 - HKCU\..\Run: [WinAVX] C:\WINDOWS\System32\WinAvXX.exe
O4 - HKCU\..\Run: [DoNotDelete] C:\WINDOWS\System32\explore.exe
O4 - Startup: info.exe
O4 - Startup: system.exe
O4 - Global Startup: autorun.exe
O4 - Global Startup: info.exe
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O20 - AppInit_DLLs: C:\WINDOWS\System32\sulimo.dat
Libellés :
Malware,
ScreenShots
Subscribe to:
Posts (Atom)