In the Internet started up another infection. Not as terrible as swine flu, of course, but at least unpleasant. At this time, because of the virus in the system, there is the following scenario.After starting the system, vynyrivayet window with the message that you are using unlicensed Windu, and must send SMSku for a specific number. What's it like he saw the owner just did a licensing system? The system no longer works.
The screen may display a window of this type (but not necessarily)
Why is such a long time I have encountered and described in one of the first articles of this blog. And about a relative of such malicious, wrote recently in the article about the removal of the informer, a news feed from your browser. But here problemma more serious than a banner on split-screen browser. Although you can catch her, just the same way, setting the video codec for viewing video on the sites.
Search the network gave several solutions the problem, and describe them.
Anywhere, no SMS not sent.
If you caught the Trojans Winlock.19, then you ... very lucky. In the literal sense. This malware is configured to self-destruct after two hours of work a computer. So the solution is simply the patience. Leave your computer on for several hours, and then restart. If the problem persists, try the following method.
Log in windose in safe mode. For this, during startup, press and hold down the F8 key on your keyboard, then select run in safe mode. On the C drive go at c: / documents and settings / all users / application data / and delete from there two files: blocker.exe and blocker.bin, or any file with the name of blocker. (Any extension). Also need to remove the registry reference to the file, such as HKLM \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ Userinit. After rebooting should work fine. Immediately do a search on the computer, searching for files blocker. (Any extension), and then remove. Just in case, take a deep test antivirus software. By the way, instead of the folder / all users / may need to go to the folder with your vindovsloginom, and then in / application data /.
Make attending disc Live CD (http://www.freedrweb.com/livecd/). Starts with him, and remove blocker.exe blocker.bin the folder: / documents and settings / all users / application data / and then on item 3.
You can also try to find the extra files called WINLOGON.EXE. Only the file has the right nasuschestvovanie in the system in the folder C: \ Windows \ System32. If you find it in another folder - removed immediately. Under this name can be masked by more than a hundred different viruses.
In general, I hope that you have a first or second case. In the future, do not install any video codec to view video on the sites - the virus is often there. To view the online video rather conventional flash player.
The screen may display a window of this type (but not necessarily)
Why is such a long time I have encountered and described in one of the first articles of this blog. And about a relative of such malicious, wrote recently in the article about the removal of the informer, a news feed from your browser. But here problemma more serious than a banner on split-screen browser. Although you can catch her, just the same way, setting the video codec for viewing video on the sites.
Search the network gave several solutions the problem, and describe them.
Anywhere, no SMS not sent.
If you caught the Trojans Winlock.19, then you ... very lucky. In the literal sense. This malware is configured to self-destruct after two hours of work a computer. So the solution is simply the patience. Leave your computer on for several hours, and then restart. If the problem persists, try the following method.
Log in windose in safe mode. For this, during startup, press and hold down the F8 key on your keyboard, then select run in safe mode. On the C drive go at c: / documents and settings / all users / application data / and delete from there two files: blocker.exe and blocker.bin, or any file with the name of blocker. (Any extension). Also need to remove the registry reference to the file, such as HKLM \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ Userinit. After rebooting should work fine. Immediately do a search on the computer, searching for files blocker. (Any extension), and then remove. Just in case, take a deep test antivirus software. By the way, instead of the folder / all users / may need to go to the folder with your vindovsloginom, and then in / application data /.
Make attending disc Live CD (http://www.freedrweb.com/livecd/). Starts with him, and remove blocker.exe blocker.bin the folder: / documents and settings / all users / application data / and then on item 3.
You can also try to find the extra files called WINLOGON.EXE. Only the file has the right nasuschestvovanie in the system in the folder C: \ Windows \ System32. If you find it in another folder - removed immediately. Under this name can be masked by more than a hundred different viruses.
In general, I hope that you have a first or second case. In the future, do not install any video codec to view video on the sites - the virus is often there. To view the online video rather conventional flash player.
No comments:
Post a Comment