Monday, October 13, 2008

soft.stop Trojan

Removing soft.stop
Categories: Trojan
This loose category includes a variety of Trojans that damage victim machines or threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers create multi-functional Trojans rather than Trojan packs.
Visible Symptoms:
Files in system folders:
[%PROFILE%]\dfgaert.dll
[%PROFILE%]\krnl32.dll
[%PROFILE%]\mssvmdll.dll
[%PROFILE%]\mstsk32.dll
[%PROFILE%]\mxcrtp.dll
[%PROFILE%]\param32.ocx
[%PROFILE%]\regdll32.exe
[%PROFILE%]\sthbdm32.dll
[%PROFILE%]\stubext.dll
[%PROFILE%]\svhc32.dll
[%PROFILE%]\systerm.exe
[%PROFILE%]\uncwqs.dll
[%PROFILE%]\winhid64.dll
[%PROFILE%]\winsys32.exe
[%PROFILE%]\wintst.dll
[%PROFILE_TEMP%]\dfgaert.dll
[%PROFILE_TEMP%]\krnl32.dll
[%PROFILE_TEMP%]\mssvmdll.dll
[%PROFILE_TEMP%]\mstsk32.dll
[%PROFILE_TEMP%]\mxcrtp.dll
[%PROFILE_TEMP%]\param32.ocx
[%PROFILE_TEMP%]\posterm.dll
[%PROFILE_TEMP%]\regdll32.exe
[%PROFILE_TEMP%]\sthbdm32.dll
[%PROFILE_TEMP%]\stubext.dll
[%PROFILE_TEMP%]\svhc32.dll
[%PROFILE_TEMP%]\systerm.exe
[%PROFILE_TEMP%]\uncwqs.dll
[%PROFILE_TEMP%]\winhid64.dll
[%PROFILE_TEMP%]\wintst.dll
[%SYSTEM%]\dfgaert.dll
[%SYSTEM%]\krnl32.dll
[%SYSTEM%]\mssvmdll.dll
[%SYSTEM%]\mstsk32.dll
[%SYSTEM%]\mxcrtp.dll
[%SYSTEM%]\param32.ocx
[%SYSTEM%]\posterm.dll
[%SYSTEM%]\regdll32.exe
[%SYSTEM%]\sthbdm32.dll
[%SYSTEM%]\stubext.dll
[%SYSTEM%]\svhc32.dll
[%SYSTEM%]\systerm.exe
[%SYSTEM%]\uncwqs.dll
[%SYSTEM%]\winhid64.dll
[%SYSTEM%]\winsys32.exe
[%SYSTEM%]\wintst.dll
[%DESKTOP%]\Spyware Soft Stop.lnk
[%PROFILE%]\posterm.dll
[%PROFILE_TEMP%]\winsys32.exe
[%SYSTEM%]\drivers\FG.SYS
[%SYSTEM%]\logon032.dll
[%SYSTEM%]\pinch.exe
[%WINDOWS%]\mydriver64.sys
[%WINDOWS%]\sss_main.ini
[%PROFILE%]\dfgaert.dll
[%PROFILE%]\krnl32.dll
[%PROFILE%]\mssvmdll.dll
[%PROFILE%]\mstsk32.dll
[%PROFILE%]\mxcrtp.dll
[%PROFILE%]\param32.ocx
[%PROFILE%]\regdll32.exe
[%PROFILE%]\sthbdm32.dll
[%PROFILE%]\stubext.dll
[%PROFILE%]\svhc32.dll
[%PROFILE%]\systerm.exe
[%PROFILE%]\uncwqs.dll
[%PROFILE%]\winhid64.dll
[%PROFILE%]\winsys32.exe
[%PROFILE%]\wintst.dll
[%PROFILE_TEMP%]\dfgaert.dll
[%PROFILE_TEMP%]\krnl32.dll
[%PROFILE_TEMP%]\mssvmdll.dll
[%PROFILE_TEMP%]\mstsk32.dll
[%PROFILE_TEMP%]\mxcrtp.dll
[%PROFILE_TEMP%]\param32.ocx
[%PROFILE_TEMP%]\posterm.dll
[%PROFILE_TEMP%]\regdll32.exe
[%PROFILE_TEMP%]\sthbdm32.dll
[%PROFILE_TEMP%]\stubext.dll
[%PROFILE_TEMP%]\svhc32.dll
[%PROFILE_TEMP%]\systerm.exe
[%PROFILE_TEMP%]\uncwqs.dll
[%PROFILE_TEMP%]\winhid64.dll
[%PROFILE_TEMP%]\wintst.dll
[%SYSTEM%]\dfgaert.dll
[%SYSTEM%]\krnl32.dll
[%SYSTEM%]\mssvmdll.dll
[%SYSTEM%]\mstsk32.dll
[%SYSTEM%]\mxcrtp.dll
[%SYSTEM%]\param32.ocx
[%SYSTEM%]\posterm.dll
[%SYSTEM%]\regdll32.exe
[%SYSTEM%]\sthbdm32.dll
[%SYSTEM%]\stubext.dll
[%SYSTEM%]\svhc32.dll
[%SYSTEM%]\systerm.exe
[%SYSTEM%]\uncwqs.dll
[%SYSTEM%]\winhid64.dll
[%SYSTEM%]\winsys32.exe
[%SYSTEM%]\wintst.dll
[%DESKTOP%]\Spyware Soft Stop.lnk
[%PROFILE%]\posterm.dll
[%PROFILE_TEMP%]\winsys32.exe
[%SYSTEM%]\drivers\FG.SYS
[%SYSTEM%]\logon032.dll
[%SYSTEM%]\pinch.exe
[%WINDOWS%]\mydriver64.sys
[%WINDOWS%]\sss_main.ini

How to detect soft.stop:

Files:
[%PROFILE%]\dfgaert.dll
[%PROFILE%]\krnl32.dll
[%PROFILE%]\mssvmdll.dll
[%PROFILE%]\mstsk32.dll
[%PROFILE%]\mxcrtp.dll
[%PROFILE%]\param32.ocx
[%PROFILE%]\regdll32.exe
[%PROFILE%]\sthbdm32.dll
[%PROFILE%]\stubext.dll
[%PROFILE%]\svhc32.dll
[%PROFILE%]\systerm.exe
[%PROFILE%]\uncwqs.dll
[%PROFILE%]\winhid64.dll
[%PROFILE%]\winsys32.exe
[%PROFILE%]\wintst.dll
[%PROFILE_TEMP%]\dfgaert.dll
[%PROFILE_TEMP%]\krnl32.dll
[%PROFILE_TEMP%]\mssvmdll.dll
[%PROFILE_TEMP%]\mstsk32.dll
[%PROFILE_TEMP%]\mxcrtp.dll
[%PROFILE_TEMP%]\param32.ocx
[%PROFILE_TEMP%]\posterm.dll
[%PROFILE_TEMP%]\regdll32.exe
[%PROFILE_TEMP%]\sthbdm32.dll
[%PROFILE_TEMP%]\stubext.dll
[%PROFILE_TEMP%]\svhc32.dll
[%PROFILE_TEMP%]\systerm.exe
[%PROFILE_TEMP%]\uncwqs.dll
[%PROFILE_TEMP%]\winhid64.dll
[%PROFILE_TEMP%]\wintst.dll
[%SYSTEM%]\dfgaert.dll
[%SYSTEM%]\krnl32.dll
[%SYSTEM%]\mssvmdll.dll
[%SYSTEM%]\mstsk32.dll
[%SYSTEM%]\mxcrtp.dll
[%SYSTEM%]\param32.ocx
[%SYSTEM%]\posterm.dll
[%SYSTEM%]\regdll32.exe
[%SYSTEM%]\sthbdm32.dll
[%SYSTEM%]\stubext.dll
[%SYSTEM%]\svhc32.dll
[%SYSTEM%]\systerm.exe
[%SYSTEM%]\uncwqs.dll
[%SYSTEM%]\winhid64.dll
[%SYSTEM%]\winsys32.exe
[%SYSTEM%]\wintst.dll
[%DESKTOP%]\Spyware Soft Stop.lnk
[%PROFILE%]\posterm.dll
[%PROFILE_TEMP%]\winsys32.exe
[%SYSTEM%]\drivers\FG.SYS
[%SYSTEM%]\logon032.dll
[%SYSTEM%]\pinch.exe
[%WINDOWS%]\mydriver64.sys
[%WINDOWS%]\sss_main.ini
[%PROFILE%]\dfgaert.dll
[%PROFILE%]\krnl32.dll
[%PROFILE%]\mssvmdll.dll
[%PROFILE%]\mstsk32.dll
[%PROFILE%]\mxcrtp.dll
[%PROFILE%]\param32.ocx
[%PROFILE%]\regdll32.exe
[%PROFILE%]\sthbdm32.dll
[%PROFILE%]\stubext.dll
[%PROFILE%]\svhc32.dll
[%PROFILE%]\systerm.exe
[%PROFILE%]\uncwqs.dll
[%PROFILE%]\winhid64.dll
[%PROFILE%]\winsys32.exe
[%PROFILE%]\wintst.dll
[%PROFILE_TEMP%]\dfgaert.dll
[%PROFILE_TEMP%]\krnl32.dll
[%PROFILE_TEMP%]\mssvmdll.dll
[%PROFILE_TEMP%]\mstsk32.dll
[%PROFILE_TEMP%]\mxcrtp.dll
[%PROFILE_TEMP%]\param32.ocx
[%PROFILE_TEMP%]\posterm.dll
[%PROFILE_TEMP%]\regdll32.exe
[%PROFILE_TEMP%]\sthbdm32.dll
[%PROFILE_TEMP%]\stubext.dll
[%PROFILE_TEMP%]\svhc32.dll
[%PROFILE_TEMP%]\systerm.exe
[%PROFILE_TEMP%]\uncwqs.dll
[%PROFILE_TEMP%]\winhid64.dll
[%PROFILE_TEMP%]\wintst.dll
[%SYSTEM%]\dfgaert.dll
[%SYSTEM%]\krnl32.dll
[%SYSTEM%]\mssvmdll.dll
[%SYSTEM%]\mstsk32.dll
[%SYSTEM%]\mxcrtp.dll
[%SYSTEM%]\param32.ocx
[%SYSTEM%]\posterm.dll
[%SYSTEM%]\regdll32.exe
[%SYSTEM%]\sthbdm32.dll
[%SYSTEM%]\stubext.dll
[%SYSTEM%]\svhc32.dll
[%SYSTEM%]\systerm.exe
[%SYSTEM%]\uncwqs.dll
[%SYSTEM%]\winhid64.dll
[%SYSTEM%]\winsys32.exe
[%SYSTEM%]\wintst.dll
[%DESKTOP%]\Spyware Soft Stop.lnk
[%PROFILE%]\posterm.dll
[%PROFILE_TEMP%]\winsys32.exe
[%SYSTEM%]\drivers\FG.SYS
[%SYSTEM%]\logon032.dll
[%SYSTEM%]\pinch.exe
[%WINDOWS%]\mydriver64.sys
[%WINDOWS%]\sss_main.ini

Folders:
[%PROGRAM_FILES%]\SpywareSoftStop
[%COMMON_PROGRAMS%]\Spyware Soft Stop
[%COMMON_PROGRAMS%]\SpywareSoftStop
[%PROGRAM_FILES%]\Spyware Soft Stop

Registry Keys:
HKEY_CLASSES_ROOT\CLSID\{5AA06644-BC46-4220-A460-47A6EB47C96D}
HKEY_CLASSES_ROOT\CLSID\{6C6B8C69-9285-4D94-8492-9E920C8C2B65}
HKEY_CLASSES_ROOT\CLSID\{74F25A2C-22B3-4023-8F1A-CA616C30A8B5}
HKEY_CURRENT_USER\software\spywaresoftstop
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C6B8C69-9285-4D94-8492-9E920C8C2B65}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74F25A2C-22B3-4023-8F1A-CA616C30A8B5}
HKEY_CLASSES_ROOT\clsid\{5aa06644-bc46-4220-a460-47a6eb47c96d}
HKEY_CLASSES_ROOT\clsid\{6c6b8c69-9285-4d94-8492-9e920c8c2b65}
HKEY_CLASSES_ROOT\clsid\{74f25a2c-22b3-4023-8f1a-ca616c30a8b5}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{12ee7a5e-0674-42f9-a76b-000000004d00}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{5aa06644-bc46-4220-a460-47a6eb47c96d}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{669695bc-a811-4a9d-8cdf-ba8c795f261c}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{6c6b8c69-9285-4d94-8492-9e920c8c2b65}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{74f25a2c-22b3-4023-8f1a-ca616c30a8b5}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\spyware soft stop_is1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\spywaresoftstop_is1
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_fg
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\fg

Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing soft.stop:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Remove InCommand Trojan
Excel.Yohimbe Trojan Removal
ClickTheButton Adware Symptoms
Badmin Trojan Removal
SillyDl.DIB Downloader Information

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)