Wednesday, November 26, 2008

AdClicker.AU.dll Trojan

Removing AdClicker.AU.dll
Categories: Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
AdClicker.AU.dll Also known as:

[Kaspersky]Trojan-Dropper.Win32.Delf.de;
[McAfee]AdClicker-AU.dll;
[F-Prot]W32/Dropper.BI;
[Other]Win32/QHosts.AG,Adware.MainSearch,Troj/AdClick-AU
Visible Symptoms:
Files in system folders:
[%WINDOWS%]\twain_32.exe
[%COMMON_STARTUP%]\dwin32.exe
[%COMMON_STARTUP%]\screensaver.scr
[%SYSTEM%]\bhrw.dll
[%WINDOWS%]\mshotfix.exe
[%WINDOWS%]\twain_32.exe
[%COMMON_STARTUP%]\dwin32.exe
[%COMMON_STARTUP%]\screensaver.scr
[%SYSTEM%]\bhrw.dll
[%WINDOWS%]\mshotfix.exe

How to detect AdClicker.AU.dll:

Files:
[%WINDOWS%]\twain_32.exe
[%COMMON_STARTUP%]\dwin32.exe
[%COMMON_STARTUP%]\screensaver.scr
[%SYSTEM%]\bhrw.dll
[%WINDOWS%]\mshotfix.exe
[%WINDOWS%]\twain_32.exe
[%COMMON_STARTUP%]\dwin32.exe
[%COMMON_STARTUP%]\screensaver.scr
[%SYSTEM%]\bhrw.dll
[%WINDOWS%]\mshotfix.exe

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{40d20724-5d3a-43c8-9ff5-2b6f209dbd27}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{40d20724-5d3a-43c8-9ff5-2b6f209dbd27}

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{99b782af-0b9a-4fb5-bdd1-d83f4b6218ba}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{99b782af-0b9a-4fb5-bdd1-d83f4b6218ba}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{99b782af-0b9a-4fb5-bdd1-d83f4b6218ba}, version=2,00,045
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{ad88bec6-2be4-4e8a-a47f-dd87fa67a2a7}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{ad88bec6-2be4-4e8a-a47f-dd87fa67a2a7}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{ad88bec6-2be4-4e8a-a47f-dd87fa67a2a7}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{ad88bec6-2be4-4e8a-a47f-dd87fa67a2a7}, version=1,00,000
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing AdClicker.AU.dll:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Bancos.IMK Trojan Removal
Tiny.Family Trojan Symptoms
Removing Near.Mohists RAT

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)