Virus Shortcut Microsoft.Ink

Labels: | 23 comments


Shortcut virus Microsoft.Ink virus which my mother autorun.inf file in the estimate, in which there is a script-script which is executed when the folder or drive the infected opened. This virus spread quickly to all folders and drives available. Although the delete file with live cd WinMiniPE, does not work, even to spread and develop. Booting the live cd Knoppiox 5.10 also can not mendelete it. When this virus menginfeksi, nama_folder.Ink create a shortcut or nama_file (exe). Ink, in every folder that infected.



Files carried the virus is:

autorun.inf

Microsoft.Ink

Desktop.ini

Ink Shortcut_New_Harry_potter .....Ink

Tumb.db

I try to delete them with booting linux slax via USb flash, and files on the virus does not return.  Congratulations and best wishes for success try
Removal tool 
Download (36 kb) 
The instruction for using Yuyun (Microsoft.lnk) Removal 
  1. Go to run type msconfig.msc and clear check box : database.mdb and Update Microsoft office update.
  2. Restart computer
  3. Extract yuyun (virus Microsof.lnk) removal tool
  4. Copy yuyun removal tool to every drive /path like D: E: F: etc....or flashdsik drive (except drive C: or drive where was your windows there is, becouse its execution in drive (C:) will delete shortcut of program). 
Or Manual Remove:
Really this virus named Yayuk Cantix, but this popular call Microsoft.lnk. If your anti virus can't detected the main trojan file, it will show Yayuk Cantix on your desktop. So, for clean this virus is :
  1. Klick Run on sart menu program, write gpedit.msc - system - Administrative Template -     System - Prevent Access registry tool - right klick - properties, set to disable, while you in the gpedit, go to run and enter regedit. find WSscript.exe //e:VBscript and delete the string. find with type Yayuk Cantix, if the string found in the folder, delete with the folder yayuk too.
  2. After finish, go to start program - search - write with type *.lnk, delete all shortcut folder, (don't delete shortcut program).
  3. Seacrh Thumb.db on my computer, choose More Advanced Option and klick for search hidden file folder, and delete.
  4. Search for database.mdb in my computer, and delete.
  5. Go to run again type msconfig.msc and clear check box : database.mdb and Update Microsoft office update.
  6. Restart computer. it will be normally again.

Read More......
Bookmark and Share

Posted by MrMKWingzero at 1/31/2009 11:17:00 AM

Bittorrent VPNlife.com offer without the VPN can be known is the fraud, which came VPN 4 Life PC.exe

Labels: | 0 comments

Date 08/01/2009 

Surprising use VPN without terditeksi line, behind only the fraudster to send a copy of AnchorFree. 

Anonymous BitTorrent VPN4Life Service is a scam, or cheat. News services VPN4Life with PPTP jaluar offering $ 50 for forever internet user was untrue. 

Reports obtained from the user VPN4Life who have to pay through Paypal. In fact the account is not required here, and even receive the file in the form of exe-VPN 4 Life PC.exe 
Not yet known what the file is sent by the exe VPN4Life VPN 4 Life PC.exe. 
He said the file is only part of the software when using public WIFI service AnchorFree.com. 
It is very easy indeed, with the original file name to the name of the file-VPN 4 Life PC.exe. 

Files from VPN4Life apparently contains a note with the same property Anchorfree. As the signature under this proves that the same data 
4b34079841d43799e5d0849ac16feb61 HSS-1.10-install-anchorfree-76-conduit.exe 
4b34079841d43799e5d0849ac16feb61 VPN 4 Life PC.exe


Quote from http://obengware.com

Read More......
Bookmark and Share

Posted by MrMKWingzero at 1/12/2009 10:44:00 AM

Naked Celeb link false, in Linkedin.com Malicious code contains Exploit-IFrame.gen.c and Troj / Decdec-A

Labels: | 1 comments

Date 07/01/2009 

Be careful to open the link in Linkedin.com what the words are no longer naked, likely will be directed to the site more malware. 

Trend Micro to provide new information from LinkedIn that link Exploit-IFrame.gen.c in the name of movie stars as related Malicious code. Especially the link that is naked, naked pictures and video. 
Artists such as Beyonce Knowles, Victoria Beckham, Christina Ricci, Kirsten Dunst, Salma Hayek, and Kate Hudson, whose name dicatut already identified by antivirus companies. 

Even McAfee's Avert Labs Blog Labs has provided a screen shot. If it be (should be) it will show that there is a link, such as in the rabbit hole. Each reload of the application that will be connected to switch the domain name. Meanwhile, Graham Cluley of Sophos found many false profile of the artists, but with a different use malware Troj / A-Decdec JavaScript. Troj / Decdec-A has terditeksi in April 2007, but operated more visible again. Unfortunately, the manager of the site Linkedin.com not attempt to clean malware spread disitus them. Sometimes site owners deliberately let their rating in order to increase the Search Engine. 

Antivirus company's records, given the link that usually ends with a warning Missing Video Codec or showed anti-counterfeit. Stories spread of malware that old trick user Netter. Only the more I play mutar not so far into terditeksi.


Quote from http://obengware.com

Read More......
Bookmark and Share

Posted by MrMKWingzero at 1/12/2009 10:36:00 AM

Subscribe to: Posts (Atom)

MKwingzero Fans Visitor