Threat Database Fake Error Messages 'Warning! Spyware detected on your computer!'

'Warning! Spyware detected on your computer!'

By JubileeX in Fake Error Messages

'Warning! Spyware detected on your computer! Install an antivirus or spyware remover to clean your computer' is a falsified blue/yellow security warning that is displayed on your screen if your computer system is corrupted by a Trojan. 'Warning! Spyware detected on your computer! Install an antivirus or spyware remover to clean your computer' is created by the Trojan itself, which makes effort to force you into downloading and purchasing a bogus anti-virus application. The Trojan creates the .bmp and .scr files in the C:\Windows\System32 folder and its own values in Windows registry after deleting the initial ones. 'Warning! Spyware detected on your computer! Install an antivirus or spyware remover to clean your computer' is accompanied with a full pack of other infected files that create irritating pop-ups.

File System Details

'Warning! Spyware detected on your computer!' may create the following file(s):
# File Name Detections
1. %System%\cidrules.dll
2. lspak.dll
3. %UserProfile%\Local Settings\Temp\wincore.dll
4. %System%\wincore.dll
5. %UserProfile%\Local Settings\Temp\cidrules.dll
6. %System%\winupd.dll
7. virtumonde.dll
8. C:\WINDOWS\system32\[RANDOM CHARACTERS].scr
9. C:\WINDOWS\system32\[RANDOM CHARACTERS].bmp

Registry Details

'Warning! Spyware detected on your computer!' may create the following registry entry or registry entries:
HKEY_CURRENT_USER\Control Panel\Desktop SCRNSAVE.EXE "C:\WINDOWS\system32\[RANDOM CHARACTERS].scr"
\{FDA4DFFB-2C3D-4730-8D7E-28523C7F2F67}
HKEY_CLASSES_ROOT\DosSpecFolder.DosSpecFolder.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CA21E6FA-41D9-4F05-9650-8B3FBE72124D}scan
HKEY_CLASSES_ROOT\CLSID\{FDA4DFFB-2C3D-4730-8D7E-28523C7F2F67}
HKEY_USERS\S-1-5-21-1887652994-1477516851-2064603551-500\Software\Microsoft
HKEY_CURRENT_USER\Control Panel\Desktop Wallpaper "C:\WINDOWS\system32\[RANDOM CHARACTERS].bmp"
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats
HKEY_CLASSES_ROOT\DosSpecFolder.DosSpecFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IEpl.IEPl.1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tdev
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA21E6FA-41D9-4F05-9650-8B3FBE72124D}
HKEY_CURRENT_USER\Control Panel\Desktop OriginalWallpaper "C:\WINDOWS\system32\[RANDOM CHARACTERS].bmp"
HKEY_CURRENT_USER\Control Panel\Desktop ConvertedWallpaper "C:\WINDOWS\system32\[RANDOM CHARACTERS].bmp"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDA4DFFB-2C3D-4730-8D7E-28523C7F2F67}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IEpl.IEpl
HKEY_LOCAL_MACHINE\SOFTWARE\TargetSoft
\Windows\CurrentVersion\Ext\Stats\{CA21E6FA-41D9-4F05-9650-8B3FBE72124D}

Trending

Most Viewed

Loading...