HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
To get rid of it, enter serial codes from this list (there is different version of the malware with the same GUI):
ãíèëîçóá
êàðòîôàí
õðåíîâèùå
Run MBAM to remove the infection.
Tuesday, June 29, 2010
Trojan.Ransomware
This trojan opens a Maximized window of a gay pr0n page. It takes a capture of the desktop and displays an On-Top-Fullscreen Window with the capture. Regularly updated to remain on top, the malware prevents users to run/use other softwares . It is registered at:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
To get rid of it, enter serial codes from this list (there is different version of the malware with the same GUI):
ãíèëîçóá
êàðòîôàí
õðåíîâèùå
Run MBAM to remove the infection.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
To get rid of it, enter serial codes from this list (there is different version of the malware with the same GUI):
ãíèëîçóá
êàðòîôàí
õðåíîâèùå
Run MBAM to remove the infection.
Saturday, June 26, 2010
Trojan.Ransomware
This trojan displays an invasive Window and blocks software execution. It copies itself in %TEMP% and register at:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
To get rid of it, try one of these 2 serial codes:
75633922
ZV3232P
Run MBAM to remove the infection.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
To get rid of it, try one of these 2 serial codes:
75633922
ZV3232P
Run MBAM to remove the infection.
Saturday, June 19, 2010
Trojan.Ransomware
This trojan is hidden behind an Adobe Flash Installer.
When executed, it is making a copy of itself in %ALLUSERSPROFILE% and displays an invasive message box in Russian.
To get rid of it, try these 2 serial codes (alternately if needed):
35676549
28527548
To get rid of it, try these serial codes (alternately if needed):
49752406
62907349
or
83675124
29645732
Run MBAM to remove the infection.
When executed, it is making a copy of itself in %ALLUSERSPROFILE% and displays an invasive message box in Russian.
To get rid of it, try these 2 serial codes (alternately if needed):
35676549
28527548
To get rid of it, try these serial codes (alternately if needed):
49752406
62907349
or
83675124
29645732
Run MBAM to remove the infection.
Saturday, June 12, 2010
Defense Center
Defense Center is a fake security application. This rogue prevents legit softwares execution, displays fake alerts and warning messages. Defense Center also detects non existent infections to scare users. It is from the CoreGuard family (Protection Center, Data Protection, Digital Protection, Your Protection, User Protection, Dr. Guard, Paladin Antivirus).
If your PC is infected with Defense Center use MBAM to remove the infection.
If your PC is infected with Defense Center use MBAM to remove the infection.
Thursday, June 3, 2010
AV Security Suite
AV Security Suite is a new fake security application (rogue) (AntiSpyware Soft, Antivirus Suite and Antivirus Soft clone)
The rogue detects fake infections and prevents legit softwares execution, displaying alert messages to scare users.
If your PC is infected with AV Security Suite use MBAM to remove the infection and follow BleepingComputers Removal Guide.
The rogue detects fake infections and prevents legit softwares execution, displaying alert messages to scare users.
If your PC is infected with AV Security Suite use MBAM to remove the infection and follow BleepingComputers Removal Guide.
Sysinternals Antivirus
Sysinternals Antivirus is a fake Antivirus. It is a clone of XJR Antivirus, AKM Antivirus 2010 Pro, Your PC Protector.
Sysinternals Antivirus prevents legit softwares execution, displays fake alerts and blocks random Web pages.
If you need to clean your computer and Sysinternals Antivirus is blocking legit cleaners execution, enter the following serial to register:
threedollarbillyall
If your PC is infected with Sysinternals Antivirus use MBAM to remove the infection.
Sysinternals Antivirus prevents legit softwares execution, displays fake alerts and blocks random Web pages.
If you need to clean your computer and Sysinternals Antivirus is blocking legit cleaners execution, enter the following serial to register:
threedollarbillyall
If your PC is infected with Sysinternals Antivirus use MBAM to remove the infection.
Tuesday, June 1, 2010
Protection Center
Protection Center is a fake security application. This rogue prevents legit softwares execution, displays fake alerts and warning messages. Protection Center also detects non existent infections to scare users. It is from the CoreGuard family (Data Protection, Digital Protection, Your Protection, User Protection, Dr. Guard, Paladin Antivirus clone).
If your PC is infected with Protection Center use MBAM to remove the infection.
If your PC is infected with Protection Center use MBAM to remove the infection.
Subscribe to:
Posts (Atom)
