VirusLocker Ransomware
VirusLocker description:
VirusLocker Category:Ransomware
A cryptovirus, cryptotrojan or cryptoworm is a type of
malware that encrypts the data belonging to an individual on a computer,
demanding a ransom for its restoration.
The term ransomware is commonly used to describe software that encrypts the data
belonging to an individual on a computer, demanding a ransom for its restoration.
Although the field known as cryptovirology predates the term "ransomware".
Detection VirusLocker :
VirusLocker Files:
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\VirusLocker 3.1.lnk
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\VirusLocker 3.3.lnk
[%DESKTOP%]\VirusLocker.lnk
[%PROGRAM_FILES%]\VirusLocker\VirusLocker.exe
[%STARTMENU%]\VirusLocker 3.1.lnk
[%STARTMENU%]\VirusLocker 3.3.lnk
[%STARTMENU%]\VirusLocker 3.4.lnk
[%DESKTOP%]\VirusLocker.lnk
[%PROGRAMS%]\VirusLocker\Uninstall VirusLocker 3.3.lnk
[%PROGRAMS%]\VirusLocker\VirusLocker 3.3 Website.lnk
[%PROGRAMS%]\VirusLocker\VirusLocker 3.3.lnk
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\VirusLocker 3.1.lnk
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\VirusLocker 3.3.lnk
[%DESKTOP%]\VirusLocker.lnk
[%PROGRAM_FILES%]\VirusLocker\VirusLocker.exe
[%STARTMENU%]\VirusLocker 3.1.lnk
[%STARTMENU%]\VirusLocker 3.3.lnk
[%STARTMENU%]\VirusLocker 3.4.lnk
[%DESKTOP%]\VirusLocker.lnk
[%PROGRAMS%]\VirusLocker\Uninstall VirusLocker 3.3.lnk
[%PROGRAMS%]\VirusLocker\VirusLocker 3.3 Website.lnk
[%PROGRAMS%]\VirusLocker\VirusLocker 3.3.lnk
VirusLocker Folders:
[%COMMON_PROGRAMS%]\VirusLocker
[%PROGRAMS%]\VirusLocker
[%PROGRAM_FILES%]\VirusLocker
VirusLocker Registry Keys:
HKEY_CLASSES_ROOT\CLSID\{979D896F-B47E-5D13-0D66-3DC25B122BF9}
HKEY_CLASSES_ROOT\Interface\{09D39780-1BBE-4D24-BDC7-9BE0B3B74F38}
HKEY_CLASSES_ROOT\Interface\{0E7BD9EA-1498-4961-A006-C86490194626}
HKEY_CLASSES_ROOT\Interface\{174805D2-C7EC-45B5-BD41-4B9F1B553144}
HKEY_CLASSES_ROOT\Interface\{2A009EBE-5493-415E-BEB9-81A1CFD6BD40}
HKEY_CLASSES_ROOT\Interface\{2D54F59C-5CC3-423A-9745-7F0B09049533}
HKEY_CLASSES_ROOT\Interface\{39D78623-1934-4B69-8F38-F3C11F12D85E}
HKEY_CLASSES_ROOT\Interface\{52C377BC-E3C9-43A6-9C6B-3D430C49EBF8}
HKEY_CLASSES_ROOT\Interface\{570C919E-92DA-4CAD-9153-F7BED05F675B}
HKEY_CLASSES_ROOT\Interface\{690E5D1E-CB12-47BC-9DA8-A0BD450B52F8}
HKEY_CLASSES_ROOT\Interface\{AEE402D2-A5DC-4AE2-B88A-413A505B67C2}
HKEY_CLASSES_ROOT\Interface\{B98F725D-1CD5-4EF2-B253-CD4553951EAA}
HKEY_CLASSES_ROOT\Interface\{D1642ABC-1B14-4B55-98BC-F735006390AD}
HKEY_CLASSES_ROOT\Interface\{D59FD0FC-89BC-4FEF-A2F1-8BC154466FC9}
HKEY_CLASSES_ROOT\Interface\{DC08C6E2-1A55-4DEA-935C-AE655CD6E63C}
HKEY_CLASSES_ROOT\Interface\{EB32A1F3-112C-410E-82CA-6B2748091624}
HKEY_CLASSES_ROOT\Interface\{F8AF6995-BB2B-423E-8F46-6A06732B476D}
HKEY_CLASSES_ROOT\TypeLib\{AF559AB0-E52B-44A8-9AC9-624902865B81}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\VirusLocker.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VirusLocker
HKEY_LOCAL_MACHINE\SOFTWARE\VirusLocker
HKEY_CLASSES_ROOT\clsid\{979d896f-b47e-5d13-0d66-3dc25b122bf9}
HKEY_CLASSES_ROOT\interface\{0929176f-cb7d-4f1a-9e3e-9380f94b210b}
HKEY_CLASSES_ROOT\interface\{30599ca3-d7e4-4a38-9826-84d5a02813a8}
HKEY_CLASSES_ROOT\interface\{42ab5a3c-db89-452b-8e8e-cbdebd94524d}
HKEY_CLASSES_ROOT\interface\{4db7978d-79de-416b-8618-f5b269068747}
HKEY_CLASSES_ROOT\interface\{64cf952e-a574-4145-a9bf-b7e09fba934f}
HKEY_CLASSES_ROOT\interface\{64eebbfe-6817-4ba3-be1d-50b7695c5718}
HKEY_CLASSES_ROOT\interface\{6c3fa257-57f7-4d8d-8c9a-f751f534db01}
HKEY_CLASSES_ROOT\interface\{731334e1-4ffb-474b-b977-caa8bb6a2242}
HKEY_CLASSES_ROOT\interface\{80278229-a901-49ad-9416-e39645697cd8}
HKEY_CLASSES_ROOT\interface\{8ccfb7b6-0291-48dc-b24c-5c6d26316aab}
HKEY_CLASSES_ROOT\interface\{aaffe764-dcaf-4631-9c5a-2c9e7298a112}
HKEY_CLASSES_ROOT\interface\{c3ee9066-62e7-4606-9330-5d35391c2fa4}
HKEY_CLASSES_ROOT\interface\{ca97b783-d930-435c-8080-6bf800743e61}
HKEY_CLASSES_ROOT\interface\{de960a2a-a5e3-4356-884c-1a8c08768371}
HKEY_CLASSES_ROOT\interface\{e2b8a83d-7924-424a-82c9-44eda18ff672}
HKEY_CLASSES_ROOT\interface\{ed42f708-e3dc-48f1-b29c-88bf93b97afd}
HKEY_CLASSES_ROOT\typelib\{1cae9045-f188-4840-8a70-b5e135fe044e}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\viruslocker.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\viruslocker
HKEY_LOCAL_MACHINE\software\viruslocker
VirusLocker Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\software\microsoft\windows\shellnoroam\muicache
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
Removing VirusLocker:
you can run trial version of ExterminateIt, or remove VirusLocker manually.To completely manually remove VirusLocker malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with VirusLocker.
Also Be Aware of the Following Threats:
Fluxay.9!Setup Backdoor Removal
Remove Rbot.gen Backdoor
posted by belviacalawayrageby at
9:47 PM
0 Comments:
Post a Comment
Subscribe to Post Comments [Atom]
<< Home