MessengerBlocker - How to remove October 11, 2007 By 2-viruses authors The third rogue of October 10,2007, is called MessengerBlocker and is definately the most interesting one. It’s tactics are aggresive as hell and it’s very straight forward. Other than that, though, this rogue pop-up blocker is just the same as any of them, except for the somewhat strange fact that it may be installed as a component of SystemDoctor, a program not any different from the one in question. The tactics of this one are more aggressive, because unlike other such programs, MessengerBlocker creates the specific problem it is supposed to solve, rather than identify non-existing problems. The trial version works for 7 days and afterwards it starts generating pop-ups itself, leading users to believe that they were protected while Messenger Blocker worked and once it stopped working, all hell broke loose. The next logical step then is to buy the full version, since the effectiveness of the program is obvious. A very good way of fooling people if I ever saw one. The homepage is fairly typical with only the exception of being somewhat "cuter" than most. It has the ever-present self-praise – "Messenger Blocker blocks 100% of pop-ups," (which it’s caused). It also has somewhere around 3 links for every section of the site, for example, "Product FAQ" is linked 5 times in the front page, once as an obvious mistake. All of this unnecessary linking is most probably to make it seem that there is more content. The reasons they list for buying are strange: "Installs in just 60 seconds!" who cares? "Works on any Windows PC!," I mean, what exactly is the catch here? "I’m not sure if I’m going to buy this…But wait, it works on ANY WINDOWS PC!," I simply don’t get it. They don’t give you any contact information, not even an email, just a form. The information in the site is astonishingly repetetive and useless. Don’t download this tool and don’t buy it. If you have – delete it. Block Messenger-Blocker.com’s URL in your host files. Automatic Malware removal tools Download Spyhunter for Malware detection(Win) Note: Spyhunter trial provides detection of parasites and assists in their removal for free. limited trial available, Terms of use, Privacy Policy, Uninstall Instructions, Download Combo Cleaner for Malware detection(Mac) Note: Combo Cleaner trial provides detection of parasites and assists in their removal for free. limited trial available, Terms of use, Privacy Policy, Uninstall Instructions, Refund Policy , Manual removal Processes: MBlocker.exe Files: Messenger Blocker.url ~[RANDOM CHARACTERS].tmp Messenger Blocker.lnk Messenger Blocker.lnk Purchase Messenger Blocker.lnk csrss.exe lsass.exe ntsvc.ocx servicelog.txt services.exe smss.exe MBlocker.exe MessengerBlocker.url TranImg6.ocx ~[RANDOM CHARACTERS].tmp ~[RANDOM CHARACTERS].tmp servicelog.txt Registers: HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\\"WindowsExplorer\" = \"C:\\Program Files\\Common Files\\System\\csrss.exe\" HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\\"WindowsFirewall\" = \"C:\\Program Files\\Common Files\\System\\lsass.exe\" HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\SystemData: \"C:\\Program Files\\MBlocker\\MBlocker.exe -c\" HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{6C09102B-BB86-11D1-A87F-FCA10FDB3241} HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{6C091031-BB86-11D1-A87F-FCA10FDB3241} HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{D2554782-90CF-4369-BAD8-4AC09E7D9E71} HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{E7BC34A3-BA86-11CF-84B1-CBC2DA68BF6C} HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Interface\\{04B5CFA2-8FA7-11D2-8C74-F76767315531} HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Interface\\{04B5CFA3-8FA7-11D2-8C74-F76767315531} HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Interface\\{0BBE8DBA-A4E1-11D2-8C74-880DF061F87B} HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Interface\\{0BBE8DBB-A4E1-11D2-8C74-880DF061F87B} HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Interface\\{3F4D6CFE-D7A1-11D1-A87F-E750C1983B5E} HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Interface\\{3F4D6CFF-D7A1-11D1-A87F-E750C1983B5E} HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Interface\\{6A39DCBD-0943-11D2-A87F-C9202FD29174} HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Interface\\{6A39DCBE-0943-11D2-A87F-C9202FD29174} HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Interface\\{6C09102A-BB86-11D1-A87F-FCA10FDB3241} HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Interface\\{6C09102D-BB86-11D1-A87F-FCA10FDB3241} HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Interface\\{6C091030-BB86-11D1-A87F-FCA10FDB3241} HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Interface\\{9D99ECC5-3F68-4070-B72B-36849E81E7BE} HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Interface\\{ADFF7529-D31C-11D1-A87F-B73FA4FB5E69} HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Interface\\{ADFF752A-D31C-11D1-A87F-B73FA4FB5E69} HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Interface\\{E7BC34A1-BA86-11CF-84B1-CBC2DA68BF6C} HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Interface\\{E7BC34A2-BA86-11CF-84B1-CBC2DA68BF6C} HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Interface\\{EDB36137-BBCD-11D1-A87F-8F9B67DFAA49} HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Interface\\{EDB36138-BBCD-11D1-A87F-8F9B67DFAA49} HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Interface\\{F6D2C2B6-D310-11D1-A87F-B73FA4FB5E69} HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\Interface\\{F6D2C2B7-D310-11D1-A87F-B73FA4FB5E69} HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\TypeLib\\{50CBA22D-9024-11D1-AD8F-8E94A5273767} HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\TypeLib\\{8B7D0977-232F-49ED-9739-65968DED3E43} HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\TypeLib\\{E7BC34A0-BA86-11CF-84B1-CBC2DA68BF6C} HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\DevPowerTransImg.TransImg HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\NTService.Control.1 HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\SMSender.MT HKEY_LOCAL_MACHINE\\SOFTWARE\\ApiWin32 HKEY_LOCAL_MACHINE\\SOFTWARE\\MSolutions HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Enum\\Root\\LEGACY_SMS32 HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Eventlog\\Application\\SMS32 HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\SMS32 HKEY_USERS\\.DEFAULT\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\P3P HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\MenuOrder\\Start Menu\\Programs\\Messenger Blocker HKEY_USERS\\S-1-5-18\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\P3P HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\\"DisableTaskMgr\" = \"1\" HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Eventlog\\Application\\\"Sources\" = \"[LIST OF SERVICES] SMS32\" MessengerBlocker facts Type: Rogue Anti-Spyware Download Spyhunter for Malware detection(Win) Note: Spyhunter trial provides detection of parasites and assists in their removal for free. limited trial available, Terms of use, Privacy Policy, Uninstall Instructions, Download Combo Cleaner for Malware detection(Mac) Note: Combo Cleaner trial provides detection of parasites and assists in their removal for free. limited trial available, Terms of use, Privacy Policy, Uninstall Instructions, Refund Policy , TOC Leave a ReplyYour email address will not be published. Required fields are marked *Comment * Name * Email * Website