Categories: Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.
[Kaspersky]AdWare.Win32.BookedSpace,AdWare.Win32.BookedSpace.h;
[McAfee]Adware-BkdSpace.dr,Adware-BkdSpace;
[Other]Adware.PStripVisible Symptoms:
Files in system folders:
[%PROFILE_TEMP%]\temp.fr????
[%WINDOWS%]\cfg32.exe
[%WINDOWS%]\cfg32.ex_
[%WINDOWS%]\cfg32a.exe
[%WINDOWS%]\cfg32o.dll
[%WINDOWS%]\cfg32o.dll_tobedeleted
[%WINDOWS%]\cfg32r.dll
[%WINDOWS%]\cfg32s.dll
[%WINDOWS%]\cs_cache.ini
[%WINDOWS%]\stub_mma2.exe
[%WINDOWS%]\stub_track4.exe
[%WINDOWS%]\Uninstall.exe
[%WINDOWS%]\__delete_on_reboot__c_f_g_3_2_._e_x_e_
[%WINDOWS%]\stub_track3.exe
[%PROFILE_TEMP%]\temp.fr????
[%WINDOWS%]\cfg32.exe
[%WINDOWS%]\cfg32.ex_
[%WINDOWS%]\cfg32a.exe
[%WINDOWS%]\cfg32o.dll
[%WINDOWS%]\cfg32o.dll_tobedeleted
[%WINDOWS%]\cfg32r.dll
[%WINDOWS%]\cfg32s.dll
[%WINDOWS%]\cs_cache.ini
[%WINDOWS%]\stub_mma2.exe
[%WINDOWS%]\stub_track4.exe
[%WINDOWS%]\Uninstall.exe
[%WINDOWS%]\__delete_on_reboot__c_f_g_3_2_._e_x_e_
[%WINDOWS%]\stub_track3.exe How to detect Scaggy:
Files:
[%PROFILE_TEMP%]\temp.fr????
[%WINDOWS%]\cfg32.exe
[%WINDOWS%]\cfg32.ex_
[%WINDOWS%]\cfg32a.exe
[%WINDOWS%]\cfg32o.dll
[%WINDOWS%]\cfg32o.dll_tobedeleted
[%WINDOWS%]\cfg32r.dll
[%WINDOWS%]\cfg32s.dll
[%WINDOWS%]\cs_cache.ini
[%WINDOWS%]\stub_mma2.exe
[%WINDOWS%]\stub_track4.exe
[%WINDOWS%]\Uninstall.exe
[%WINDOWS%]\__delete_on_reboot__c_f_g_3_2_._e_x_e_
[%WINDOWS%]\stub_track3.exe
[%PROFILE_TEMP%]\temp.fr????
[%WINDOWS%]\cfg32.exe
[%WINDOWS%]\cfg32.ex_
[%WINDOWS%]\cfg32a.exe
[%WINDOWS%]\cfg32o.dll
[%WINDOWS%]\cfg32o.dll_tobedeleted
[%WINDOWS%]\cfg32r.dll
[%WINDOWS%]\cfg32s.dll
[%WINDOWS%]\cs_cache.ini
[%WINDOWS%]\stub_mma2.exe
[%WINDOWS%]\stub_track4.exe
[%WINDOWS%]\Uninstall.exe
[%WINDOWS%]\__delete_on_reboot__c_f_g_3_2_._e_x_e_
[%WINDOWS%]\stub_track3.exe
Registry Keys:
HKEY_CLASSES_ROOT\appid\scaggy.dll
HKEY_CLASSES_ROOT\appid\{90a52f08-64ac-4dc6-9d7d-451667029898}
HKEY_CLASSES_ROOT\clsid\{c68ae9c0-0909-4ddc-b661-c1afb9f59898}
HKEY_CLASSES_ROOT\interface\{38493f7f-2922-4c6c-9a9a-8da2c940d0ee}
HKEY_CLASSES_ROOT\interface\{6c51f7e9-8542-4f25-a30f-2060157752e1}
HKEY_CLASSES_ROOT\scaggy.insert
HKEY_CLASSES_ROOT\scaggy.insert.1
HKEY_CLASSES_ROOT\typelib\{90a52f08-64ac-4dc6-9d7d-451667029898}
HKEY_CURRENT_USER\software\cfg32
HKEY_CURRENT_USER\software\zabstract
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C68AE9C0-0909-4DDC-B661-C1AFB9F59898}
HKEY_LOCAL_MACHINE\software\zabstract
HKEY_CLASSES_ROOT\typelib\{3277cd27-4001-4ef8-9d96-c6ca745ac2f9}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{c68ae9c0-0909-4ddc-b661-c1afb9f59898}
Registry Values:
HKEY_CURRENT_USER\software\cfg32\contextserver
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
Removing Scaggy:
You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.
Or buy it to remove ALL viruses from your computer.Also Be Aware of the Following Threats:
AQP Trojan Information
MoneyTree.DyFuCA Trojan Removal instruction
No comments:
Post a Comment