Farenivå: 
9
9
Type: Rogue Anti-Spyware
Vanlige infeksjoner symptomer:
- Installerer seg uten tillatelse
- Kobler til Internett uten tillatelse
- Viser kommersiell reklame
- Treg Internett forbindelse
- Systemkrasj
- Plagsomme popuper
- Treg maskin
Strong Malware DefenderTil tross for nettsikkerhetsbransjens forsøk på å utdanne forbrukerne angående farene ved å slippe falske sikkerhetsverktøy inn på systemene sine, faller mange PC-eiere fremdeles for de ondskapsfulle løgnene til falske antispionprogrammer som Strong Malware Defender. Dette falske programmet er slett ikke designet for å være til nytte for en PC – i stedet fungerer det som et verktøy for nettkriminelle som ønsker å svindle databrukere for penger. Strong Malware Defender vil komme seg inn på systemet uten brukerens kjennskap eller samtykke, og vil deretter starte et angrep på PC-en i et forsøk på å presse penger fra brukeren. Det vil starte angrepet sitt ved å starte en falsk sikkerhetsskanning som vil informere brukeren om at PC-en hans er under angrep. Dette vil kort tid etter følges opp av diverse falske sikkerhetsadvarsler som informerer brukeren om det samme. Strong Malware Defender vil tilby seg å beskytte systemet og fjerne de rapporterte truslene, men bare når brukeren har betalt for lisensen til Strong Malware Defender. For å beskytte PC-en din mot ødeleggelsene Strong Malware Defender vil påføre og gjenopprette PC-ens sikkerhet og personvern, bør du kvitte deg med Strong Malware Defender umiddelbart. Dette er enklest ved hjelp av et kraftig sikkerhetsverktøy. Dette vil ikke bare slette Strong Malware Defender, men også beskytte PC-en din mot lignende angrep i framtiden. | ||||||||
|
Last ned
Strong Malware Defender
infeksjons skanner
| ||||||||
|
Hvordan fjerne Strong Malware Defender selv
Filer assosiert med Strong Malware Defender infeksjon:
%UserProfile%\Recent\tjd.dll
%UserProfile%\Recent\ppal.sys
%UserProfile%\Recent\PE.tmp
%UserProfile%\Recent\PE.exe
%UserProfile%\Recent\kernel32.tmp
%UserProfile%\Recent\grid.sys
%UserProfile%\Recent\fix.sys
%UserProfile%\Recent\energy.tmp
%UserProfile%\Recent\eb.drv
%UserProfile%\Recent\ddv.dll
%UserProfile%\Recent\DBOLE.tmp
%UserProfile%\Recent\CLSV.sys
%UserProfile%\Desktop\Strong Malware Defender.lnk
%StartMenu%\Programs\Strong Malware Defender.lnk
%StartMenu%\Strong Malware Defender.lnk
%CommonAppData%\SMICFD\SMSIFRIED.cfg
%CommonAppData%\SMICFD\
%CommonAppData%\79b35\Quarantine Items\
%CommonAppData%\79b35\HMCSys\
%CommonAppData%\79b35\BackUp\
%CommonAppData%\79b35\sqlite3.dll
%CommonAppData%\79b35\mozcrt19.dll
%CommonAppData%\79b35\717.mof
%CommonAppData%\79b35\SMD.ico
%CommonAppData%\79b35\SMa76.exe
%CommonAppData%\79b35\
%AppData%\Microsoft\Internet Explorer\Quick Launch\Strong Malware Defender.lnk
%AppData%\Strong Malware Defender\ScanDisk_.exe
%AppData%\Strong Malware Defender\Instructions.ini
%AppData%\Strong Malware Defender\cookies.sqlite
%AppData%\Strong Malware Defender\
%UserProfile%\Recent\ppal.sys
%UserProfile%\Recent\PE.tmp
%UserProfile%\Recent\PE.exe
%UserProfile%\Recent\kernel32.tmp
%UserProfile%\Recent\grid.sys
%UserProfile%\Recent\fix.sys
%UserProfile%\Recent\energy.tmp
%UserProfile%\Recent\eb.drv
%UserProfile%\Recent\ddv.dll
%UserProfile%\Recent\DBOLE.tmp
%UserProfile%\Recent\CLSV.sys
%UserProfile%\Desktop\Strong Malware Defender.lnk
%StartMenu%\Programs\Strong Malware Defender.lnk
%StartMenu%\Strong Malware Defender.lnk
%CommonAppData%\SMICFD\SMSIFRIED.cfg
%CommonAppData%\SMICFD\
%CommonAppData%\79b35\Quarantine Items\
%CommonAppData%\79b35\HMCSys\
%CommonAppData%\79b35\BackUp\
%CommonAppData%\79b35\sqlite3.dll
%CommonAppData%\79b35\mozcrt19.dll
%CommonAppData%\79b35\717.mof
%CommonAppData%\79b35\SMD.ico
%CommonAppData%\79b35\SMa76.exe
%CommonAppData%\79b35\
%AppData%\Microsoft\Internet Explorer\Quick Launch\Strong Malware Defender.lnk
%AppData%\Strong Malware Defender\ScanDisk_.exe
%AppData%\Strong Malware Defender\Instructions.ini
%AppData%\Strong Malware Defender\cookies.sqlite
%AppData%\Strong Malware Defender\
Strong Malware Defender DLLer som må fjernes:
%UserProfile%\Recent\tjd.dll
%UserProfile%\Recent\ddv.dll
%CommonAppData%\79b35\sqlite3.dll
%CommonAppData%\79b35\mozcrt19.dll
%UserProfile%\Recent\ddv.dll
%CommonAppData%\79b35\sqlite3.dll
%CommonAppData%\79b35\mozcrt19.dll
Strong Malware Defender prosesser som må avsluttes:
%UserProfile%\Recent\PE.exe
%CommonAppData%\79b35\SMa76.exe
%AppData%\Strong Malware Defender\ScanDisk_.exe
%CommonAppData%\79b35\SMa76.exe
%AppData%\Strong Malware Defender\ScanDisk_.exe
Fjern Strong Malware Defender registeroppføringer:
HKEY_CLASSES_ROOT\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}
HKEY_CLASSES_ROOT\dumped_patched.DocHostUIHandler
HKEY_CURRENT_USER\Software\3
HKEY_CURRENT_USER\Software\Classes\Software\Microsoft\Internet Explorer\SearchScopes "URL" = "http://findgala.com/?&uid=7&q={searchTerms}"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer "IIL" = 0
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer "ltHI" = 0
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer "ltTST"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer "PRS" = "http://127.0.0.1:27777/?inj=%ORIGINAL%"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "CheckExeSignatures" = "no"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = 1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "UID" = 7
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform "lib/7.00007"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer "DisallowRun" = 1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "0" = "msseces.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "1" = "MSASCui.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "10" = "avgscanx.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "11" = "avgcfgex.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "12" = "avgemc.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "13" = "avgchsvx.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "14" = "avgcmgr.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "15" = "avgwdsvc.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "2" = "ekrn.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "3" = "egui.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "4" = "avgnt.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "5" = "avcenter.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "6" = "avscan.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "7" = "avgfrw.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "8" = "avgui.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "9" = "avgtray.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Strong Malware Defender"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgiproxy.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfgwiz.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fnrb32.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ldpromenu.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ndd32.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pgmonitr.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\signcheck.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VisthLic.exe
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes "URL" = "http://findgala.com/?&uid=7&q={searchTerms}"
HKEY_CLASSES_ROOT\dumped_patched.DocHostUIHandler
HKEY_CURRENT_USER\Software\3
HKEY_CURRENT_USER\Software\Classes\Software\Microsoft\Internet Explorer\SearchScopes "URL" = "http://findgala.com/?&uid=7&q={searchTerms}"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer "IIL" = 0
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer "ltHI" = 0
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer "ltTST"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer "PRS" = "http://127.0.0.1:27777/?inj=%ORIGINAL%"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "CheckExeSignatures" = "no"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = 1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "UID" = 7
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform "lib/7.00007"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer "DisallowRun" = 1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "0" = "msseces.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "1" = "MSASCui.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "10" = "avgscanx.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "11" = "avgcfgex.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "12" = "avgemc.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "13" = "avgchsvx.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "14" = "avgcmgr.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "15" = "avgwdsvc.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "2" = "ekrn.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "3" = "egui.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "4" = "avgnt.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "5" = "avcenter.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "6" = "avscan.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "7" = "avgfrw.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "8" = "avgui.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun "9" = "avgtray.exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Strong Malware Defender"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgiproxy.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfgwiz.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fnrb32.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ldpromenu.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ndd32.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pgmonitr.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\signcheck.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VisthLic.exe
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes "URL" = "http://findgala.com/?&uid=7&q={searchTerms}"
Post kommentar — VI TRENGER DIN OPINION!