MalwareDisasters is a division of MalwareIntelligence. In the same test information is captured about the behavior of malicious code, and also offering the necessary countermeasures to mitigate the malicious actions in question.


Dangerous trojans, keyloggers and Spyware detected in you computer!!!

This is a new variant of ransomware that is In-the-Wild with, so far, a poor detection rate, the report from VirusTotal. Only 9 of 42 detected by antivirus engines.

It's a technique used by some scareware aggressive to try to "compel" the victims to "buy" the alleged antivirus solution is, in fact, the scareware.

In this case, the malware is hidden under a file called avlck.exe (md5: 04cb597a4ffddfbae9a76cde53833ab7). When run blocking access to the system screen showing the image above position which is expressed in an alleged problem of infection.

In that instance the malware connects to the site

Make a copy of itself into the Windows System folder under the name myserv.exe, and a reference in the registry Run key.

KeyMy c:\windows\myserv.exe 


Restart in Safe Mode and delete the file myserv.exe found in the Windows folder.
Delete the reference KeyMy (c:\windows\myserv.exe) located in HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Unlock the system to any of the following keys:


Related information
SMS Ransomware for Windows In-the-Wild
LockScreen. Your computer is infected by Spyware!!!

0 comentarios:

Post a Comment