Monday, December 1, 2008

MalwareDestructor Ransomware

Removing MalwareDestructor
Categories: Ransomware
A cryptovirus, cryptotrojan or cryptoworm is a type of
malware that encrypts the data belonging to an individual on a computer,
demanding a ransom for its restoration.

The term ransomware is commonly used to describe software that encrypts the data
belonging to an individual on a computer, demanding a ransom for its restoration.
Although the field known as cryptovirology predates the term "ransomware".
Visible Symptoms:
Files in system folders:
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\MalwareDestructor 4.5.lnk
[%DESKTOP%]\MalwareDestructor 4.5.lnk
[%STARTMENU%]\MalwareDestructor 4.5.lnk
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\MalwareDestructor 4.5.lnk
[%DESKTOP%]\MalwareDestructor 4.5.lnk
[%STARTMENU%]\MalwareDestructor 4.5.lnk

How to detect MalwareDestructor:

Files:
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\MalwareDestructor 4.5.lnk
[%DESKTOP%]\MalwareDestructor 4.5.lnk
[%STARTMENU%]\MalwareDestructor 4.5.lnk
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\MalwareDestructor 4.5.lnk
[%DESKTOP%]\MalwareDestructor 4.5.lnk
[%STARTMENU%]\MalwareDestructor 4.5.lnk

Folders:
[%PROGRAM_FILES%]\MalwareDestructor
[%PROGRAMS%]\MalwareDestructor

Registry Keys:
HKEY_CLASSES_ROOT\appid\malwaredestruct.exe
HKEY_CLASSES_ROOT\clsid\{a301fab7-0853-9f4d-ba0d-be2f421e5a18}
HKEY_CLASSES_ROOT\clsid\{d0367d41-1c19-4e98-8f5d-006213c5b1bb}
HKEY_CLASSES_ROOT\interface\{4ed5e198-e576-4676-93b8-2c401d1a67d0}
HKEY_CLASSES_ROOT\malwaredestruct.server
HKEY_CLASSES_ROOT\malwaredestruct.server.1
HKEY_CLASSES_ROOT\typelib\{f8ff4547-4fa4-4fea-b689-7190c2a40364}
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\menuorder\start menu\programs\malwaredestructor
HKEY_LOCAL_MACHINE\software\malwaredestructor
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\malwaredestructor
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\malwaredestructor

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing MalwareDestructor:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
JS.Puzzle Trojan Removal
Automatic.Screen.Observer Spyware Removal instruction
Stealth.Keyboard.Interceptor.Professional Spyware Cleaner
QZap103 Trojan Removal

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)