Friday, November 28, 2008

RegClean Ransomware

Removing RegClean
Categories: Ransomware
A cryptovirus, cryptotrojan or cryptoworm is a type of
malware that encrypts the data belonging to an individual on a computer,
demanding a ransom for its restoration.

The term ransomware is commonly used to describe software that encrypts the data
belonging to an individual on a computer, demanding a ransom for its restoration.
Although the field known as cryptovirology predates the term "ransomware".
Visible Symptoms:
Files in system folders:
[%COMMON_DESKTOPDIRECTORY%]\RegClean.lnk
[%WINDOWS%]\Installer\Tasks\RegClean Scheduled Scan.job
[%COMMON_DESKTOPDIRECTORY%]\RegClean.lnk
[%WINDOWS%]\Installer\Tasks\RegClean Scheduled Scan.job

How to detect RegClean:

Files:
[%COMMON_DESKTOPDIRECTORY%]\RegClean.lnk
[%WINDOWS%]\Installer\Tasks\RegClean Scheduled Scan.job
[%COMMON_DESKTOPDIRECTORY%]\RegClean.lnk
[%WINDOWS%]\Installer\Tasks\RegClean Scheduled Scan.job

Folders:
[%APPDATA%]\RegClean
[%COMMON_PROGRAMS%]\RegClean
[%PROGRAM_FILES%]\RegClean
[%WINDOWS%]\Installer\Installer\{D6938AFF-30C4-409C-B667-3F6503750BB8}

Registry Keys:
HKEY_CLASSES_ROOT\installer\features\ffa8396d4c03c9046b76f3563057b08b
HKEY_CLASSES_ROOT\installer\products\ffa8396d4c03c9046b76f3563057b08b
HKEY_CLASSES_ROOT\installer\upgradecodes\8e650c92721b8364bb774e25145c382a
HKEY_CURRENT_USER\software\regclean
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{d6938aff-30c4-409c-b667-3f6503750bb8}
HKEY_LOCAL_MACHINE\software\regclean

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\installer\folders
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\installer\folders
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\installer\folders
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing RegClean:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Benuti.A!downloader Trojan Symptoms

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)