Monday, October 20, 2008

Vendsrow Downloader

Removing Vendsrow
Categories: Downloader
This family of Trojans downloads and installs new malware or adware on the computer.
The downloader then either launches the new malware or registers it to enable autorun
according to the local operating system requirements.

The names and locations of malware to be downloaded are either coded into the
Trojan or downloaded from a specified website.
Vendsrow Also known as:

[Kaspersky]Trojan-Downloader.Win32.Agent.axd
Visible Symptoms:
Files in system folders:
[%SYSTEM%]\winna.exe
[%WINDOWS%]\winpea.dll
[%SYSTEM%]\winna.exe
[%WINDOWS%]\winpea.dll

How to detect Vendsrow:

Files:
[%SYSTEM%]\winna.exe
[%WINDOWS%]\winpea.dll
[%SYSTEM%]\winna.exe
[%WINDOWS%]\winpea.dll

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{981a5ac8-0f97-4d00-a627-7fec65e2f73e}

Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices

Removing Vendsrow:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Removing VividKeyLogger Spyware
Remove Win32.TrojanDownloader.Keenval Trojan
Badmin Trojan Symptoms
Qoologic Trojan Removal instruction
Small.B Trojan Removal

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)