Friends while i am surfing i got a new alert that my PC is infected. Suddenly one window opens with security shield title and it starts scanning it self, even i am not using any antivirus, or any antimalware.
Than i checked process in task manager and found the process of security shield, the process was xnlroiob.exe, then i try to find on internet but google says no result found.
I doubt that it's not any antivirus, surely it's a fake warning and virus or trojan or malware.
I think and again checked task manager, i found that one java.exe process is also running even i am not using any java application. Then i end the process and i amazed that, that security shield application was stopped working and i am not getting any warning any more.
After Search i found that this is a Trojan and giving fake warning to victims and running on java.
So, Beware friends it's the alert because i have faced the problem and i know how it's danger. Don't worry it's solution will be published when i win against that fu*ky.
Here below is a some reports and specifications of it. Read it carefully.
Details:
Group : Cloaked Malware
Country of Origin : South Africa
First Seen on : Dec 11, 2011
File Names : SPQJSADSLA.EXE, 43627076.EXE, 86145167.DAT, 65257416.EXE, TEST.EXE, xnlroiob.exe
File Type : EXE Executable
Affected Operating Systems : Windows
Friends this is the information i found on internet. Here below is a PREVX and VIRUSTOTAL report click and check it out.
http://www.freezepage.com/1323723846KMUNTLFQDD ( Virus Total Report Freezed Page )
http://www.virustotal.com/file-scan/report.html?id=50225cbc7cd9ac78a5be04c189ae737dcf31a5754c5921cb140440d71502c75b-1323722120 (Virustotal Original URL)
Below is a Screenshots i've captured. If you have seen like this on your computer then you're infected beware when sufing.
1. This Screen in image says that such listed files are suspecious but i have checked but that was never shown as suspecious.
2.This windows says that your Internet Explorer is infected with Trojan Spy, and asking you to activate.
3. Whenever you click on any warning or anywhere it opens full screen window like below image.
4. It opens a window looking as control panel-->Action Center (in Windows7).
5. The main window which first opens on my PC any starts scanning it self.
6. A window which says 9 viruses, 2 adware and 3 spyware detected and asking to remove all threats like any original antivirus.
7. and last a notification warning tells you that Spyware.IEmonster is detected and sending all your passwords.
And at last, have you noticed that, in 4th image close button is disabled when microsoft will never do that (ofcourse not in control panel) and it looks like control panel of windows7 , and in other images windows like Windows XP (I am using Windows7).
Enjoy !!!
