Monday, December 8, 2008

Lolyda Trojan

Removing Lolyda
Categories: Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Lolyda Also known as:

[Kaspersky]Trojan.PSW.Win32.OnLineGames.nn,Trojan-PSW.Win32.OnLineGames.dpc,Trojan-PSW.Win32.OnLineGames.dwv,Trojan-PSW.Win32.OnLineGames.hpj,Trojan-PSW.Win32.OnLineGames.ibg;
[McAfee]New.Malware.aj,Generic PWS.j;
[F-Prot]W32/Pws.VAI,W32/Pws.VSH;
[Other]Win32/Lolyda.AO,TSPY_INFOSTEA.EH,Win32/Lolyda.AU,TrojanSpy:Win32/Agent.HZ,Infostealer.Gampass,Win32/Lolyda.AV,TSPY_ONLINEG.HTU,Win32/Lolyda.BC,W32/OnLineGames.UWU,TSPY_ONLINEG.LPE,Mal/PWS-N,W32/OnLineGames.VFJ,Win32/Lolyda.BF
Visible Symptoms:
Files in system folders:
[%PROFILE_TEMP%]\LYLOADER.EXE
[%PROFILE_TEMP%]\LYMANGR.DLL
[%PROFILE_TEMP%]\MSDEG32.DLL
[%SYSTEM%]\LYLOADER.EXE
[%SYSTEM%]\LYMANGR.DLL
[%SYSTEM%]\MSDEG32.DLL
[%PROFILE_TEMP%]\LYLOADER.EXE
[%PROFILE_TEMP%]\LYMANGR.DLL
[%PROFILE_TEMP%]\MSDEG32.DLL
[%SYSTEM%]\LYLOADER.EXE
[%SYSTEM%]\LYMANGR.DLL
[%SYSTEM%]\MSDEG32.DLL

How to detect Lolyda:

Files:
[%PROFILE_TEMP%]\LYLOADER.EXE
[%PROFILE_TEMP%]\LYMANGR.DLL
[%PROFILE_TEMP%]\MSDEG32.DLL
[%SYSTEM%]\LYLOADER.EXE
[%SYSTEM%]\LYMANGR.DLL
[%SYSTEM%]\MSDEG32.DLL
[%PROFILE_TEMP%]\LYLOADER.EXE
[%PROFILE_TEMP%]\LYMANGR.DLL
[%PROFILE_TEMP%]\MSDEG32.DLL
[%SYSTEM%]\LYLOADER.EXE
[%SYSTEM%]\LYMANGR.DLL
[%SYSTEM%]\MSDEG32.DLL

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run

Removing Lolyda:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Backdoor.UhilBot.Server Trojan Removal

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)