Dangerous trojans, keyloggers and Spyware detected in you computer!!!
This is a new variant of ransomware that is In-the-Wild with, so far, a poor detection rate, the report from VirusTotal. Only 9 of 42 detected by antivirus engines.
It's a technique used by some scareware aggressive to try to "compel" the victims to "buy" the alleged antivirus solution is, in fact, the scareware.
In this case, the malware is hidden under a file called avlck.exe (md5: 04cb597a4ffddfbae9a76cde53833ab7). When run blocking access to the system screen showing the image above position which is expressed in an alleged problem of infection.
In that instance the malware connects to the site
Make a copy of itself into the Windows System folder under the name myserv.exe, and a reference in the registry Run key.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
KeyMy c:\windows\myserv.exe
Restart in Safe Mode and delete the file myserv.exe found in the Windows folder.
Delete the reference KeyMy (c:\windows\myserv.exe) located in HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Unlock the system to any of the following keys:
PozisyonAyarla
HerZamanUstte
Related information
SMS Ransomware for Windows In-the-Wild
LockScreen. Your computer is infected by Spyware!!!
0 comentarios:
Post a Comment