Category: AntiVirus and Malware


1. You will get more pop-ups of fake anti-virus or advertisements or porn pictures.

2. It keeps popping up at regular intervals.

3. Its a .exe file which gets stored in the following path

c:\Docs and settings\<username>\local setings\Application data\

and also in c:\windows\ prefetch.

4. The file name is the combination of letters and alphabets.

For eg: lkjdkjsh44df.exe, uiwofjoda465a.exe

5. You can find the same .exe file in the registry entry.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

and

HKEY_Current_User\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

6. It also creates some unwanted .dll files in the following location.

C:\Windows\System32

7. It modifies the host file so that whenever you try to open browser it redirects to some other page mostly porn website. Host file is in C:\Windows\system32\drivers\etc\

Advertisements

Did u recently get hit by any of the malware/ spyware?

Do u want to remove it quickly?

Just download the removal which will take care of malwares and spywares.

http://www.bleepingcomputer.com/download/anti-virus/combofix