winlogon.scr - Dangerous

winlogon.scr

Jeff's Story:

My PC had gotten a bad rootkit that my ISP antivirus software (powered by McAfee) could not detect, nor could fix.

I sought a solution on the Internet and discovered your product and tried out the trial.

You quickly found the rootkit and SAVED my PC!

I haven't had any problems since, and I'm extremely grateful.

Fix it immediately:

Free Download

Manual removal instructions:

winlogon.scr

W32.Netsky.AA@mm is a variant of W32.Netsky.Z@mm that scans for email addresses on all non-CD-ROM drives on the infected computer.
It uses its own SMTP engine to send itself to to xdfggra@yahoo.com the email addresses that it finds.
Its Subject, Message, and Attachment vary. The attachment has a .pif extension.

Also Known As: WORM_NETSKY.AA, W32/Netsky.aa@MM, Win32.Netsky.AA, W32/Netsky-AA
Variants: W32.Netsky.X@mm, W32.Netsky.Y@mm, W32.Netsky.Z@mm

Copies itself as %Windir%\Winlogon.scr.
Adds the value: "SkynetRevenge"="%Windir%\winlogon.scr"
to the registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

If the file name does not contain the string "scr", it will display the following message:
Title: Error
Message: Out of system memory

Scans drives (excluding CD-ROM drives) and retrieves email addresses from any files that have predefined extensions.

Use RegRun Startup Optimizer to automatically remove this virus.

Remove winlogon.scr now!

winlogon.scr - Dangerous

winlogon.scr

Jeff's Story:

Fix it immediately:

Manual removal instructions:

Download for free

Links

Select