Categories: Adware,Ransomware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
A cryptovirus, cryptotrojan or cryptoworm is a type of
malware that encrypts the data belonging to an individual on a computer,
demanding a ransom for its restoration.
The term ransomware is commonly used to describe software that encrypts the data
belonging to an individual on a computer, demanding a ransom for its restoration.
Although the field known as cryptovirology predates the term "ransomware".
[Kaspersky]FraudTool.Win32.SpyHeal.a;
[McAfee]SpyDawn;
[Other]VirusBurst,Program:win32/SpyDawnVisible Symptoms:
Files in system folders:
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\SpyDawn 3.1.lnk
[%COOKIES%]\administrator@spydawn[1].txt
[%PROGRAM_FILES%]\SpyDawn\SpyDawn.exe
[%DESKTOP%]\SpyDawn.lnk
[%STARTMENU%]\SpyDawn 3.1.lnk
[%DESKTOP%]\SpyDawn.lnk
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\SpyDawn 3.1.lnk
[%COOKIES%]\administrator@spydawn[1].txt
[%PROGRAM_FILES%]\SpyDawn\SpyDawn.exe
[%DESKTOP%]\SpyDawn.lnk
[%STARTMENU%]\SpyDawn 3.1.lnk
[%DESKTOP%]\SpyDawn.lnk How to detect SpyDawn:
Files:
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\SpyDawn 3.1.lnk
[%COOKIES%]\administrator@spydawn[1].txt
[%PROGRAM_FILES%]\SpyDawn\SpyDawn.exe
[%DESKTOP%]\SpyDawn.lnk
[%STARTMENU%]\SpyDawn 3.1.lnk
[%DESKTOP%]\SpyDawn.lnk
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\SpyDawn 3.1.lnk
[%COOKIES%]\administrator@spydawn[1].txt
[%PROGRAM_FILES%]\SpyDawn\SpyDawn.exe
[%DESKTOP%]\SpyDawn.lnk
[%STARTMENU%]\SpyDawn 3.1.lnk
[%DESKTOP%]\SpyDawn.lnk
Folders:
[%PROGRAMS%]\SpyDawn
[%PROGRAM_FILES%]\SpyDawn
Registry Keys:
HKEY_CLASSES_ROOT\clsid\{c1df2728-8510-0773-96d8-5d0c1f27821b}
HKEY_CLASSES_ROOT\interface\{080c3ec1-ab54-40f3-88be-e6face068cf0}
HKEY_CLASSES_ROOT\interface\{101981f9-8ba3-4064-949b-3c5beb867134}
HKEY_CLASSES_ROOT\interface\{16992424-7ac2-47f6-8799-bf4e8ebbecc1}
HKEY_CLASSES_ROOT\interface\{28dc003f-7396-4b9d-8d0c-e40d8f4e3f4a}
HKEY_CLASSES_ROOT\interface\{3a9ccaf6-08b8-4163-8dd8-3d9200314533}
HKEY_CLASSES_ROOT\interface\{3f109e21-d00a-4222-9a42-4a7611122cf1}
HKEY_CLASSES_ROOT\interface\{4db7b2c0-c3be-4a1d-915b-9b04981cf4b4}
HKEY_CLASSES_ROOT\interface\{5fc90027-65c3-4e0c-91c7-e3d3296e3763}
HKEY_CLASSES_ROOT\interface\{63948a86-9227-4dab-8aa6-ccd2111264a0}
HKEY_CLASSES_ROOT\interface\{7a7ca289-6e1e-4a00-aa81-c5d252945645}
HKEY_CLASSES_ROOT\interface\{7de844a5-dc96-4cd5-b4ee-1c7ae0b5e62a}
HKEY_CLASSES_ROOT\interface\{929fc56a-ee5c-436c-bc73-68d583233485}
HKEY_CLASSES_ROOT\interface\{94596fc9-cbf8-4f61-8a02-aacbb86b51ba}
HKEY_CLASSES_ROOT\interface\{a048440c-9495-4757-8fb3-0383ade9e89d}
HKEY_CLASSES_ROOT\interface\{cc09ac3e-aa61-4cbd-a351-df435c8fe5c2}
HKEY_CLASSES_ROOT\interface\{cc61280d-617c-4007-9d21-3f6f7bba81fe}
HKEY_CLASSES_ROOT\typelib\{c7281808-f7c3-4bed-940f-40b9fd5784b6}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\spydawn.exe
HKEY_CLASSES_ROOT\Interface\{189518DF-7EBA-4D31-A7E1-73B5BB60E8D5}
HKEY_CLASSES_ROOT\Interface\{23D627FE-3F02-44CF-9EE1-7B9E44BD9E13}
HKEY_CLASSES_ROOT\Interface\{43CFEFBE-8AE4-400E-BBE4-A2B61BB140FB}
HKEY_CLASSES_ROOT\Interface\{5790B963-23C5-43C1-BCF5-01C9B5A3E44E}
HKEY_CLASSES_ROOT\Interface\{5D42DDF4-81EB-4668-9951-819A1D5BEFC8}
HKEY_CLASSES_ROOT\Interface\{76D06077-D5D3-40CA-B32D-6A67A7FF3F06}
HKEY_CLASSES_ROOT\Interface\{86C7E6C3-EC47-44E5-AA08-EE0D0A25895F}
HKEY_CLASSES_ROOT\Interface\{9283DAC1-43F5-4580-BF86-841F22AF2335}
HKEY_CLASSES_ROOT\Interface\{AE90CAFC-09D4-47F0-9E11-CE621C424F08}
HKEY_CLASSES_ROOT\Interface\{BA397E39-F67F-423F-BC6E-65939450093A}
HKEY_CLASSES_ROOT\Interface\{BEC8A83D-01D4-4F15-B8A9-4B4AB24253A7}
HKEY_CLASSES_ROOT\Interface\{C4EEDC19-992D-409A-B323-ED57D511AFA5}
HKEY_CLASSES_ROOT\Interface\{DD90F677-D205-4F70-9014-659614AABCB2}
HKEY_CLASSES_ROOT\Interface\{E3DF91F3-F24F-441E-9001-D61F36024322}
HKEY_CLASSES_ROOT\Interface\{F459EADB-5903-48D5-864C-2B7B46AB1424}
HKEY_CLASSES_ROOT\Interface\{FC4EDF66-0547-4F1A-AE96-7CFCAD711C90}
HKEY_CLASSES_ROOT\TypeLib\{661173EE-FA31-4769-97D4-B556B5D09BDA}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3820350F-5092-2ADD-8A4C-8DE2C609FAE5}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{189518DF-7EBA-4D31-A7E1-73B5BB60E8D5}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{23D627FE-3F02-44CF-9EE1-7B9E44BD9E13}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{43CFEFBE-8AE4-400E-BBE4-A2B61BB140FB}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5790B963-23C5-43C1-BCF5-01C9B5A3E44E}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5D42DDF4-81EB-4668-9951-819A1D5BEFC8}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{76D06077-D5D3-40CA-B32D-6A67A7FF3F06}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{86C7E6C3-EC47-44E5-AA08-EE0D0A25895F}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9283DAC1-43F5-4580-BF86-841F22AF2335}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AE90CAFC-09D4-47F0-9E11-CE621C424F08}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BA397E39-F67F-423F-BC6E-65939450093A}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BEC8A83D-01D4-4F15-B8A9-4B4AB24253A7}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C4EEDC19-992D-409A-B323-ED57D511AFA5}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DD90F677-D205-4F70-9014-659614AABCB2}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3DF91F3-F24F-441E-9001-D61F36024322}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F459EADB-5903-48D5-864C-2B7B46AB1424}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FC4EDF66-0547-4F1A-AE96-7CFCAD711C90}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{661173EE-FA31-4769-97D4-B556B5D09BDA}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\spydawn
HKEY_LOCAL_MACHINE\software\spydawn
Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
Removing SpyDawn:
You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.
Or buy it to remove ALL viruses from your computer.Also Be Aware of the Following Threats:
Remove WatchDog Spyware
Net.Metropolitan Spyware Removal instruction
Removing Bancos.HLX Trojan
Wenpi Trojan Cleaner
GorillaNation Tracking Cookie Cleaner
No comments:
Post a Comment