Basically, InSysSecure is a Trojan virus that displays fake GUI and reports false scan results. In order to remove supposedly found infections you have to buy this fake software. The rogue program also displays fake security alerts stating that your computer is infected and should be cleaned immediately. Some of the fake infections read:
"Spzprogramm Warnzeichen! Ihr Computer ist mit Spionprogramm infektioniert. Das kann Ihren Dateien und die im Internet zugänglich machen. Klicken bitte hier, um Ihre Kopie von InSysSecure zu registrieren und Ihr PC von Spyprogramm frei zu machen."
InSysSecure is a scam, don't buy it. The removal of this virus shouldn't be very complicated. However, note that it may come together with other Trojans, so the manual removal guide stated below may not work for all users. In such cases, download an anti-spyware application, update it and run a full system scan.
Anti-Malware applications:
- SUPERAntispyware
- Malwarebytes Anti-Malware
- Spyware Doctor
- Microsoft Security Essentials
- Spybot - Search & Destroy
Remove these directories:
- C:\Program Files\InSysSecure Software
- C:\Documents and Settings\All Users\Start Menu\Programs\InSysSecure
InSysSecure files:
- InSysSecure.exe
- main_config.xml
- uninstall.exe
- [RANDOM].exe in C:\WINDOWS\system32\ folder
- 29495zy1d5.exe
- 1 InSysSecure.lnk
- 2 Homepage.lnk
- 3 Uninstall.lnk
- 103215zoj198.dll
- 10543v5zus929.bin
Registry values:
- HKEY_LOCAL_MACHINE\SOFTWARE\InSysSecure
- HKEY_CURRENT_USER\Software\InSysSecure
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InSysSecure
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[RANDOM].exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "InSysSecure"
No comments:
Post a Comment