Sprincape Trojan

Removing Sprincape
Categories: Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

---

Sprincape Also known as:

[Kaspersky]Trojan.Win32.Qhost.oc;
[McAfee]Spy-Agent.cj;
[Other]Win32/Sprincape.B,Trojan Horse,Win32/Sprincape.H,Backdoor:Win32/Stealbot.gen

---

Visible Symptoms:
Files in system folders:
[%SYSTEM%]\fsdutil.exe
[%SYSTEM%]\lkavs32.exe
[%SYSTEM%]\netstdll2.exe
[%SYSTEM%]\ntvdc.exe
[%SYSTEM%]\nvsvcsb.exe
[%SYSTEM%]\rdatasys2.exe
[%SYSTEM%]\wdtcp.exe
[%SYSTEM%]\wingtsv.exe
[%SYSTEM%]\fsdutil.exe
[%SYSTEM%]\lkavs32.exe
[%SYSTEM%]\netstdll2.exe
[%SYSTEM%]\ntvdc.exe
[%SYSTEM%]\nvsvcsb.exe
[%SYSTEM%]\rdatasys2.exe
[%SYSTEM%]\wdtcp.exe
[%SYSTEM%]\wingtsv.exe

How to detect Sprincape:

Files:
[%SYSTEM%]\fsdutil.exe
[%SYSTEM%]\lkavs32.exe
[%SYSTEM%]\netstdll2.exe
[%SYSTEM%]\ntvdc.exe
[%SYSTEM%]\nvsvcsb.exe
[%SYSTEM%]\rdatasys2.exe
[%SYSTEM%]\wdtcp.exe
[%SYSTEM%]\wingtsv.exe
[%SYSTEM%]\fsdutil.exe
[%SYSTEM%]\lkavs32.exe
[%SYSTEM%]\netstdll2.exe
[%SYSTEM%]\ntvdc.exe
[%SYSTEM%]\nvsvcsb.exe
[%SYSTEM%]\rdatasys2.exe
[%SYSTEM%]\wdtcp.exe
[%SYSTEM%]\wingtsv.exe

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce

Removing Sprincape:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

---

Also Be Aware of the Following Threats: