Categories: Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.
[Kaspersky]AdWare.Win32.AdMedia.g;
[Panda]Adware/Dodoor;
[Other]Adware.IEhlprVisible Symptoms:
Files in system folders:
[%COMMON_APPDATA%]\Microsoft\Crypto\bfnmgf.exe
[%PROGRAM_FILES%]\NetMeeting\conf.dll
[%PROGRAM_FILES%]\NetMeeting\netinit.dll
[%COMMON_APPDATA%]\Microsoft\Crypto\bfnmgf.exe
[%PROGRAM_FILES%]\NetMeeting\conf.dll
[%PROGRAM_FILES%]\NetMeeting\netinit.dll How to detect DoDoor:
Files:
[%COMMON_APPDATA%]\Microsoft\Crypto\bfnmgf.exe
[%PROGRAM_FILES%]\NetMeeting\conf.dll
[%PROGRAM_FILES%]\NetMeeting\netinit.dll
[%COMMON_APPDATA%]\Microsoft\Crypto\bfnmgf.exe
[%PROGRAM_FILES%]\NetMeeting\conf.dll
[%PROGRAM_FILES%]\NetMeeting\netinit.dll
Folders:
[%PROGRAM_FILES%]\DoDoorRSSFinder
Registry Keys:
HKEY_CLASSES_ROOT\clsid\{8de0b272-74fa-1fd1-b7da-0ca0c9b348d6}
HKEY_CLASSES_ROOT\CLSID\{999ADFA2-8AD1-47FF-97FC-69FB847458F4}
HKEY_CLASSES_ROOT\clsid\{cc0d9597-a6c0-48e5-84fa-f59d2d23cf6d}
HKEY_CLASSES_ROOT\CLSID\{D424FE4E-CAF9-4FDD-BC5F-E6E6B91D53BF}
HKEY_CLASSES_ROOT\clsid\{e7009873-0d40-45b1-8d59-5b9ae98c7d38}
HKEY_CLASSES_ROOT\htmlparser.htmlanalyzer
HKEY_CLASSES_ROOT\htmlparser.htmlanalyzer.1
HKEY_CLASSES_ROOT\iefilter.fltsetup
HKEY_CLASSES_ROOT\iefilter.fltsetup.1
HKEY_CLASSES_ROOT\iefilter.htmlfilter
HKEY_CLASSES_ROOT\iefilter.htmlfilter.1
HKEY_CLASSES_ROOT\interface\{999adfa2-8ad1-47ff-97fc-69fb847458f4}
HKEY_CLASSES_ROOT\typelib\{71c66461-9b21-47e0-8b45-c3c649cd67f8}
HKEY_CLASSES_ROOT\typelib\{998cae99-eb35-4c8e-a30a-bc061ad826f5}
HKEY_CLASSES_ROOT\typelib\{d8783a61-0431-4f03-a143-0dd5d8db1703}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1D49D58D-5C84-4B50-8359-D9809BEB2B32}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{999ADFA2-8AD1-47FF-97FC-69FB847458F4}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D424FE4E-CAF9-4FDD-BC5F-E6E6B91D53BF}
HKEY_CLASSES_ROOT\activebandobject.activebho
HKEY_CLASSES_ROOT\activebandobject.activebho.1
HKEY_CLASSES_ROOT\clsid\{63c55a7f-6e29-8d4f-5c76-4f850f28d13a}
HKEY_CLASSES_ROOT\clsid\{999adfa2-8ad1-47ff-97fc-69fb847458f4}
HKEY_CLASSES_ROOT\clsid\{d424fe4e-caf9-4fdd-bc5f-e6e6b91d53bf}
HKEY_CLASSES_ROOT\clsid\{f5b3eced-9bf3-4f7e-882b-a6e75343c499}
HKEY_CLASSES_ROOT\interface\{ab6ec1fc-83b0-4ef2-a128-785bafc2a2b5}
HKEY_CLASSES_ROOT\interface\{d922591d-7893-412b-b801-c3b2f31be4c9}
HKEY_CLASSES_ROOT\typelib\{2f80a49b-9fa3-4fa0-a964-4689b0c1b30b}
HKEY_CLASSES_ROOT\typelib\{964ddeff-b16c-4113-8ff7-8e83b53c8ed8}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{1d49d58d-5c84-4b50-8359-d9809beb2b32}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{63c55a7f-6e29-8d4f-5c76-4f850f28d13a}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{721e6521-4cad-4a8d-a7f1-4e230b31ef19}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{999adfa2-8ad1-47ff-97fc-69fb847458f4}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{d424fe4e-caf9-4fdd-bc5f-e6e6b91d53bf}
Registry Values:
HKEY_CLASSES_ROOT\clsid\{1d49d58d-5c84-4b50-8359-d9809beb2b32}\inprocserver32
HKEY_CLASSES_ROOT\clsid\{1d49d58d-5c84-4b50-8359-d9809beb2b32}\inprocserver32
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shell extensions\approved
Removing DoDoor:
You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.
Or buy it to remove ALL viruses from your computer.Also Be Aware of the Following Threats:
Gnuro Trojan Removal
hotels.gites.com Tracking Cookie Removal
Removing Easy.Keyboard.Logger Spyware
EverAd Adware Removal
VB.dj Downloader Cleaner
No comments:
Post a Comment