Messenger Blocker
Messenger Blocker may arrive on the computer by means of spam email messages or links from Instant Messaging applications. When executed, Messenger Blocker will display excessive pop-up alerts and advertisements. The program will install a 7-day trial period. After that it will continously spam user by showing excessive pop-ups. To stop the annoyances, this rogue program will offer its registered version to block and stop pop-ups that it said are coming from Messenger service.
Screen Shot Image:
Damage Level: Medium
Systems Affected: Windows 9x, 2000, XP, Windows Vista
Technical Details and Additional Information:
What can Messenger Blocker do to infected computer?
- It periodically asked user to obtain the licensed version of the program
- Modify registry to start itself during Windows boot-up.
- May come bundled with other security threats.
Malicious Files Added by Messenger Blocker
%CommonProgramFiles%\System\csrss.exe
%CommonProgramFiles%\System\lsass.exe
%CommonProgramFiles%\System\ntsvc.ocx
%CommonProgramFiles%\System\services.exe
%CommonProgramFiles%\System\smss.exe
%ProgramFiles%\MBlocker\MBlocker.exe
%ProgramFiles%\MBlocker\MessengerBlocker.url
%ProgramFiles%\MBlocker\TranImg6.ocx
%Temp%\~[RANDOM CHARACTERS].tmp
%Temp%\~[RANDOM CHARACTERS].tmp
Associated Windows Registry Entries:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\Run\SystemData: “C:\Program Files\MBlocker\MBlocker.exe -c”
Messenger Blocker – Removal
Removing Messenger Blocker Manually:
1. If using Windows ME or XP, System Restore must be disabled to prevent the threat from restoring itself. [Windows XP System Restore]
2. Update the virus definitions.
3. Reboot Windows in SafeMode [how to]
4. Run a full system scan and clean/delete all infected file(s)
5. Delete/Modify any values added to the registry. [how to edit registry]
6. Exit registry editor and restart Windows.
Antivirus Tools
In order to completely remove the threat from a system, click here to download and run Malwarebytes Anti-Malware. Sometimes, Trojans will block the downloading and installation of MBAM. If this happens, download it from a clean PC and rename the executable file before executing on the infected machine.
Using Portable SuperAntiSpyware:
To thoroughly remove the virus, it is best to do a separate scan of another security program so that other infected files not detected by anti-virus application can be remove as well. Click here to download and run SAS Portable Scanner.
Comments and Suggestions
On this area you can find Visitor's personal suggestions. We cannot control and evaluate each recommended procedure from visitors so please use it at your own risks. If your inquiry pertains to Messenger Blocker payment refund or lost serial key, kindly check the FAQ for rogue program first.
Disclaimer:
Read our article disclaimer about Messenger Blocker.