Categories: Adware,Ransomware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.
A cryptovirus, cryptotrojan or cryptoworm is a type of
malware that encrypts the data belonging to an individual on a computer,
demanding a ransom for its restoration.
The term ransomware is commonly used to describe software that encrypts the data
belonging to an individual on a computer, demanding a ransom for its restoration.
Although the field known as cryptovirology predates the term "ransomware".
Visible Symptoms:
Files in system folders:
[%PROFILE_TEMP%]\ASZLanguage.ini
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\AntiSpyZone 4.7.lnk
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\AntiSpyZone 5.4.lnk
[%DESKTOP%]\AntiSpyZone 5.4.lnk
[%PROFILE%]\LOCAL.EXE
[%PROGRAM_FILES%]\AntiSpyZone 5.4\AntiSpyZone 5.4.exe
[%STARTMENU%]\AntiSpyZone 4.7.lnk
[%STARTMENU%]\AntiSpyZone 5.4.lnk
[%APPDATA%]\microsoft\internet explorer\quick launch\antispyzone 4.6.lnk
[%APPDATA%]\microsoft\internet explorer\quick launch\antispyzone 4.7.lnk
[%APPDATA%]\microsoft\internet explorer\quick launch\antispyzone 4.9.lnk
[%DESKTOP%]\antispyzone 4.6.lnk
[%DESKTOP%]\antispyzone 4.7.lnk
[%DESKTOP%]\antispyzone 4.9.lnk
[%PROFILE_TEMP%]\aszlanguage.ini
[%PROFILE_TEMP%]\aszone.dat
[%PROGRAMS%]\antispyzone 4.6
[%PROGRAMS%]\antispyzone 4.7
[%PROGRAMS%]\antispyzone 4.9
[%PROFILE_TEMP%]\ASZLanguage.ini
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\AntiSpyZone 4.7.lnk
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\AntiSpyZone 5.4.lnk
[%DESKTOP%]\AntiSpyZone 5.4.lnk
[%PROFILE%]\LOCAL.EXE
[%PROGRAM_FILES%]\AntiSpyZone 5.4\AntiSpyZone 5.4.exe
[%STARTMENU%]\AntiSpyZone 4.7.lnk
[%STARTMENU%]\AntiSpyZone 5.4.lnk
[%APPDATA%]\microsoft\internet explorer\quick launch\antispyzone 4.6.lnk
[%APPDATA%]\microsoft\internet explorer\quick launch\antispyzone 4.7.lnk
[%APPDATA%]\microsoft\internet explorer\quick launch\antispyzone 4.9.lnk
[%DESKTOP%]\antispyzone 4.6.lnk
[%DESKTOP%]\antispyzone 4.7.lnk
[%DESKTOP%]\antispyzone 4.9.lnk
[%PROFILE_TEMP%]\aszlanguage.ini
[%PROFILE_TEMP%]\aszone.dat
[%PROGRAMS%]\antispyzone 4.6
[%PROGRAMS%]\antispyzone 4.7
[%PROGRAMS%]\antispyzone 4.9 How to detect AntiSpyZone:
Files:
[%PROFILE_TEMP%]\ASZLanguage.ini
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\AntiSpyZone 4.7.lnk
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\AntiSpyZone 5.4.lnk
[%DESKTOP%]\AntiSpyZone 5.4.lnk
[%PROFILE%]\LOCAL.EXE
[%PROGRAM_FILES%]\AntiSpyZone 5.4\AntiSpyZone 5.4.exe
[%STARTMENU%]\AntiSpyZone 4.7.lnk
[%STARTMENU%]\AntiSpyZone 5.4.lnk
[%APPDATA%]\microsoft\internet explorer\quick launch\antispyzone 4.6.lnk
[%APPDATA%]\microsoft\internet explorer\quick launch\antispyzone 4.7.lnk
[%APPDATA%]\microsoft\internet explorer\quick launch\antispyzone 4.9.lnk
[%DESKTOP%]\antispyzone 4.6.lnk
[%DESKTOP%]\antispyzone 4.7.lnk
[%DESKTOP%]\antispyzone 4.9.lnk
[%PROFILE_TEMP%]\aszlanguage.ini
[%PROFILE_TEMP%]\aszone.dat
[%PROGRAMS%]\antispyzone 4.6
[%PROGRAMS%]\antispyzone 4.7
[%PROGRAMS%]\antispyzone 4.9
[%PROFILE_TEMP%]\ASZLanguage.ini
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\AntiSpyZone 4.7.lnk
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\AntiSpyZone 5.4.lnk
[%DESKTOP%]\AntiSpyZone 5.4.lnk
[%PROFILE%]\LOCAL.EXE
[%PROGRAM_FILES%]\AntiSpyZone 5.4\AntiSpyZone 5.4.exe
[%STARTMENU%]\AntiSpyZone 4.7.lnk
[%STARTMENU%]\AntiSpyZone 5.4.lnk
[%APPDATA%]\microsoft\internet explorer\quick launch\antispyzone 4.6.lnk
[%APPDATA%]\microsoft\internet explorer\quick launch\antispyzone 4.7.lnk
[%APPDATA%]\microsoft\internet explorer\quick launch\antispyzone 4.9.lnk
[%DESKTOP%]\antispyzone 4.6.lnk
[%DESKTOP%]\antispyzone 4.7.lnk
[%DESKTOP%]\antispyzone 4.9.lnk
[%PROFILE_TEMP%]\aszlanguage.ini
[%PROFILE_TEMP%]\aszone.dat
[%PROGRAMS%]\antispyzone 4.6
[%PROGRAMS%]\antispyzone 4.7
[%PROGRAMS%]\antispyzone 4.9
Folders:
[%PROGRAMS%]\AntiSpyZone 4.7
[%PROGRAMS%]\AntiSpyZone 5.0
[%PROGRAMS%]\AntiSpyZone 5.4
[%PROGRAM_FILES%]\AntiSpyZone
[%PROGRAM_FILES%]\AntiSpyZone 4.6
[%PROGRAM_FILES%]\AntiSpyZone 4.7
[%PROGRAM_FILES%]\AntiSpyZone 5.4
[%PROGRAM_FILES%]\AntiSpyZone 4.9
Registry Keys:
HKEY_CLASSES_ROOT\CLSID\{A4591AB7-7BDD-791C-C9A2-A44D727FD102}
HKEY_CLASSES_ROOT\interface\{18c6eff0-9a46-47de-ac4d-8d41d550b35b}
HKEY_CLASSES_ROOT\interface\{2a895b3a-432f-478d-99e4-7c5888b9f60b}
HKEY_CLASSES_ROOT\interface\{3110b2b8-3cef-479a-a170-36cf1bd5c2d0}
HKEY_CLASSES_ROOT\interface\{35dfd15c-20a3-4b9a-8074-9a5cb42cfaca}
HKEY_CLASSES_ROOT\interface\{4374734d-e189-4a01-894c-a8e410f06d75}
HKEY_CLASSES_ROOT\interface\{44b81fd0-d641-486f-adb6-a5c94fd78a4b}
HKEY_CLASSES_ROOT\interface\{48ab5840-bd96-40be-ad08-c7bdd8a99fb8}
HKEY_CLASSES_ROOT\interface\{577ff186-8a1a-4b60-ab67-33d5786a0d30}
HKEY_CLASSES_ROOT\interface\{5b629edf-20cf-4a29-ae73-f7dfb1cb0802}
HKEY_CLASSES_ROOT\interface\{9402ca68-4ce1-4ce6-91eb-95853a32f355}
HKEY_CLASSES_ROOT\interface\{d30a5825-8cb1-4ba0-8d50-669f391dd93a}
HKEY_CLASSES_ROOT\interface\{d41b41d3-2aef-4413-bd7d-d09535b4b642}
HKEY_CLASSES_ROOT\interface\{da50098c-37d3-47a3-977c-b093cdc99630}
HKEY_CLASSES_ROOT\interface\{e5122f58-8d45-4281-b92e-f5d17bcdddce}
HKEY_CLASSES_ROOT\interface\{f2c583b5-65bc-45e9-b49b-17ca06f358c2}
HKEY_CLASSES_ROOT\interface\{f9a74184-345e-4d66-8178-6695f866e461}
HKEY_CLASSES_ROOT\typelib\{ac91c7bb-4f2a-4e02-a8c6-950eb6c31423}
HKEY_CLASSES_ROOT\Interface\{0F6385B2-6CE3-4BBD-BB0D-C69AC771931A}
HKEY_CLASSES_ROOT\Interface\{169E3DE5-B2F9-4164-A3C1-35D8F14C855E}
HKEY_CLASSES_ROOT\Interface\{2A21BA9B-B974-439E-92A6-9A1312D41E3E}
HKEY_CLASSES_ROOT\Interface\{4D036BF4-D6D4-4D2E-9DD4-1191BF1BC3C8}
HKEY_CLASSES_ROOT\Interface\{5554969E-0F2E-44E2-B32C-EF46C6889AAB}
HKEY_CLASSES_ROOT\Interface\{59F18BE7-C991-4A3A-AC20-E023B3454281}
HKEY_CLASSES_ROOT\Interface\{5BF88860-3EFD-4DE1-8D5E-D775FE715D00}
HKEY_CLASSES_ROOT\Interface\{5E0E8E5D-E365-49A5-BC45-436FCA0EFCC5}
HKEY_CLASSES_ROOT\Interface\{605106D2-8EF3-4903-8811-E9F345F9FD2D}
HKEY_CLASSES_ROOT\Interface\{A369DF09-814F-461E-A52B-08423B2B1C2B}
HKEY_CLASSES_ROOT\Interface\{AB0B71D3-E9D4-40C5-ADDC-45D7E2F397D8}
HKEY_CLASSES_ROOT\Interface\{AC1B2E43-DEDB-4B7D-9BC5-4751C2DEAB7D}
HKEY_CLASSES_ROOT\Interface\{BA3A6B06-0E13-427B-857F-C7E775FE000E}
HKEY_CLASSES_ROOT\Interface\{C4892324-B47F-4B6F-B29A-84F663C7A735}
HKEY_CLASSES_ROOT\Interface\{D5878CCF-D246-4F37-855F-8C2829F424D3}
HKEY_CLASSES_ROOT\Interface\{E830D202-66A8-4661-BB63-F2FA92B25335}
HKEY_CLASSES_ROOT\TypeLib\{DEE6B1D4-9D0E-4231-82D4-BFA701502C50}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4591AB7-7BDD-791C-C9A2-A44D727FD102}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0F6385B2-6CE3-4BBD-BB0D-C69AC771931A}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{169E3DE5-B2F9-4164-A3C1-35D8F14C855E}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2A21BA9B-B974-439E-92A6-9A1312D41E3E}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4D036BF4-D6D4-4D2E-9DD4-1191BF1BC3C8}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5554969E-0F2E-44E2-B32C-EF46C6889AAB}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{59F18BE7-C991-4A3A-AC20-E023B3454281}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5BF88860-3EFD-4DE1-8D5E-D775FE715D00}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5E0E8E5D-E365-49A5-BC45-436FCA0EFCC5}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{605106D2-8EF3-4903-8811-E9F345F9FD2D}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A369DF09-814F-461E-A52B-08423B2B1C2B}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AB0B71D3-E9D4-40C5-ADDC-45D7E2F397D8}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AC1B2E43-DEDB-4B7D-9BC5-4751C2DEAB7D}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BA3A6B06-0E13-427B-857F-C7E775FE000E}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C4892324-B47F-4B6F-B29A-84F663C7A735}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D5878CCF-D246-4F37-855F-8C2829F424D3}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E830D202-66A8-4661-BB63-F2FA92B25335}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{DEE6B1D4-9D0E-4231-82D4-BFA701502C50}
HKEY_CLASSES_ROOT\clsid\{a4591ab7-7bdd-791c-c9a2-a44d727fd102}
HKEY_CLASSES_ROOT\interface\{081a69ac-4076-4445-b929-717a345197de}
HKEY_CLASSES_ROOT\interface\{0db204c3-846b-4585-8f0d-12a9dbf4652f}
HKEY_CLASSES_ROOT\interface\{2af5f685-a020-4c32-acb4-0775acaa726d}
HKEY_CLASSES_ROOT\interface\{31e578da-db12-4b21-8c84-ee0bb155bccf}
HKEY_CLASSES_ROOT\interface\{341fde82-84bb-4ff2-9ff7-42436f9b000b}
HKEY_CLASSES_ROOT\interface\{39a12f82-970b-473c-a873-e30010c30c13}
HKEY_CLASSES_ROOT\interface\{4440c928-46f1-49c5-b3fc-86e9577215b0}
HKEY_CLASSES_ROOT\interface\{47f75d3d-18c4-4c1e-a5e1-07c82cd6d314}
HKEY_CLASSES_ROOT\interface\{51b6c6b8-f9de-4874-8890-8c051857946b}
HKEY_CLASSES_ROOT\interface\{56538e2e-4786-48f4-a217-3564614302a0}
HKEY_CLASSES_ROOT\interface\{684cd8bc-f21a-4bc3-b3e2-82cbd3947eac}
HKEY_CLASSES_ROOT\interface\{6893f6e0-6242-449f-9e1e-bd4a6316cef6}
HKEY_CLASSES_ROOT\interface\{69b2dfed-db60-4ec8-adea-2510920054c5}
HKEY_CLASSES_ROOT\interface\{6afeae7f-c7a2-4f05-b26e-f950c4879a81}
HKEY_CLASSES_ROOT\interface\{6b0edc3a-c29f-4389-84cd-f228e7e9639b}
HKEY_CLASSES_ROOT\interface\{6f3490cf-9f42-4197-b3b7-1ebc0e891829}
HKEY_CLASSES_ROOT\interface\{75d606d3-e322-4e29-8c1c-485f0dfc56ee}
HKEY_CLASSES_ROOT\interface\{79c0464e-485e-42c5-b9dc-b2f7dd117e11}
HKEY_CLASSES_ROOT\interface\{7a738d1f-8b06-41eb-b327-16660e0b6e64}
HKEY_CLASSES_ROOT\interface\{8009c188-067b-4167-87d7-c6f9f74a91f7}
HKEY_CLASSES_ROOT\interface\{958095d6-b6c0-4fdc-9800-8c3d8657844f}
HKEY_CLASSES_ROOT\interface\{9982a17f-7ded-43b6-821e-817bedf1381e}
HKEY_CLASSES_ROOT\interface\{9ad5d1b8-71c0-41d0-8315-e827926b3628}
HKEY_CLASSES_ROOT\interface\{bbf4c3ec-4901-4194-a2fd-cd859d9b2698}
HKEY_CLASSES_ROOT\interface\{bef96896-ede0-40c8-9036-64284b7b8738}
HKEY_CLASSES_ROOT\interface\{c1f4c8dd-7d29-4b5c-a9bb-857ff92e085e}
HKEY_CLASSES_ROOT\interface\{c3c1c7a3-ad38-4f9f-8bcd-c73e3c85e79b}
HKEY_CLASSES_ROOT\interface\{ca679db4-4c3f-460f-ae24-a49d78d72c6a}
HKEY_CLASSES_ROOT\interface\{dd67b31d-6d7f-45f7-883e-e713e11c99b8}
HKEY_CLASSES_ROOT\interface\{dfd0f9e2-d2e9-4c18-9ac8-3bd5475932a9}
HKEY_CLASSES_ROOT\interface\{e281dd06-0e2c-4366-96cc-9ac69c2d7708}
HKEY_CLASSES_ROOT\interface\{fd55f9f1-ab5f-4f18-a274-d0aae138e123}
HKEY_CLASSES_ROOT\typelib\{2784d535-7c78-44b7-9f88-89c25ce19cee}
HKEY_CLASSES_ROOT\typelib\{6c04136a-2061-4164-8137-c64e695c828b}
HKEY_LOCAL_MACHINE\software\antispyzone 4.6
HKEY_LOCAL_MACHINE\software\antispyzone 4.7
HKEY_LOCAL_MACHINE\software\antispyzone 4.9
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\antispyzone 4.6.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\antispyzone 4.7.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\antispyzone 4.9.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\antispyzone 4.6
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\antispyzone 4.7
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\antispyzone 4.9
Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Removing AntiSpyZone:
You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.
Or buy it to remove ALL viruses from your computer.Also Be Aware of the Following Threats:
Removing Mariano Trojan
Nuclear.Uploader Trojan Information
TotalRC RAT Removal
Exploit.URLSpoof.gen Trojan Information
No comments:
Post a Comment