Thursday, November 6, 2008

Proxy.Daemonize Trojan

Removing Proxy.Daemonize
Categories: Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Proxy.Daemonize Also known as:

[McAfee]Proxy-Daemonize;
[F-Prot]W32/Daemonize.I,W32/Daemonize.E
[;
[Other]Win32/TrojanProzy.Daemonize.Y,Troj/Daemonize-G,Backdoor.Daemonize,Win32/TrojanProxy.Daemonize.T,W32/Daemonize.T

Visible Symptoms:
Files in system folders:
[%PROFILE_TEMP%]\VVSNInst.exe
[%PROGRAM_FILES%]\Save\ACM.dll
[%PROGRAM_FILES%]\themexp\Themexp.org File\VVSNInst.exe
[%PROGRAM_FILES%]\WhenUSearch\Content~\splash.html
[%PROFILE_TEMP%]\VVSNInst.exe
[%PROGRAM_FILES%]\Save\ACM.dll
[%PROGRAM_FILES%]\themexp\Themexp.org File\VVSNInst.exe
[%PROGRAM_FILES%]\WhenUSearch\Content~\splash.html

How to detect Proxy.Daemonize:

Files:
[%PROFILE_TEMP%]\VVSNInst.exe
[%PROGRAM_FILES%]\Save\ACM.dll
[%PROGRAM_FILES%]\themexp\Themexp.org File\VVSNInst.exe
[%PROGRAM_FILES%]\WhenUSearch\Content~\splash.html
[%PROFILE_TEMP%]\VVSNInst.exe
[%PROGRAM_FILES%]\Save\ACM.dll
[%PROGRAM_FILES%]\themexp\Themexp.org File\VVSNInst.exe
[%PROGRAM_FILES%]\WhenUSearch\Content~\splash.html

Folders:
[%PROGRAMS%]\whenusearch
[%PROGRAM_FILES%]\whenusearch

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{763bd795-24ae-44d7-82d8-f9a1ee799729}
HKEY_CLASSES_ROOT\CLSID\{BA2325ED-F9EB-4830-8FCE-0BC35B16969B}
HKEY_CLASSES_ROOT\interface\{beae14db-a12a-442d-bf77-4644e3661211}
HKEY_CLASSES_ROOT\typelib\{5b061650-38ae-49b4-9f5d-35396b2ceff5}
HKEY_CLASSES_ROOT\typelib\{df901432-1b9f-4f5b-9e56-301c553f9095}
HKEY_CLASSES_ROOT\wuse.1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA2325ED-F9EB-4830-8FCE-0BC35B16969B}
HKEY_LOCAL_MACHINE\software\whenusearch

Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Removing Proxy.Daemonize:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:

No comments: