Tuesday, December 9, 2008

SingaRaja Hacker Tool

Removing SingaRaja
Categories: Hacker Tool,DoS
Hacker Tools are designed to penetrate remote computers
in order to use them as zombies or to download other malicious programs to computer.
DoS programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.



SingaRaja Also known as:

[Kaspersky]Flooder.MailSpam.Singa;
[F-Prot]->sgr.exe

Visible Symptoms:
Files in system folders:
[%PROFILE_TEMP%]\pft1e.tmp\redist\wintdist.exe
[%PROGRAMS%]\123 wasp\help.lnk
[%PROGRAMS%]\123 wasp\license.lnk
[%PROGRAM_FILES%]\123wasp\123wasp.exe
[%PROGRAM_FILES%]\123wasp\help.htm
[%PROGRAM_FILES%]\ares lite edition\ares.exe
[%PROGRAM_FILES%]\ares\ares.exe
[%PROFILE_TEMP%]\pft1e.tmp\redist\wintdist.exe
[%PROGRAMS%]\123 wasp\help.lnk
[%PROGRAMS%]\123 wasp\license.lnk
[%PROGRAM_FILES%]\123wasp\123wasp.exe
[%PROGRAM_FILES%]\123wasp\help.htm
[%PROGRAM_FILES%]\ares lite edition\ares.exe
[%PROGRAM_FILES%]\ares\ares.exe

How to detect SingaRaja:

Files:
[%PROFILE_TEMP%]\pft1e.tmp\redist\wintdist.exe
[%PROGRAMS%]\123 wasp\help.lnk
[%PROGRAMS%]\123 wasp\license.lnk
[%PROGRAM_FILES%]\123wasp\123wasp.exe
[%PROGRAM_FILES%]\123wasp\help.htm
[%PROGRAM_FILES%]\ares lite edition\ares.exe
[%PROGRAM_FILES%]\ares\ares.exe
[%PROFILE_TEMP%]\pft1e.tmp\redist\wintdist.exe
[%PROGRAMS%]\123 wasp\help.lnk
[%PROGRAMS%]\123 wasp\license.lnk
[%PROGRAM_FILES%]\123wasp\123wasp.exe
[%PROGRAM_FILES%]\123wasp\help.htm
[%PROGRAM_FILES%]\ares lite edition\ares.exe
[%PROGRAM_FILES%]\ares\ares.exe

Folders:
[%PROFILE%]\start menu\programs\123 wasp
[%PROGRAM_FILES%]\Ares Galaxy FasterDownload\Ares Galaxy FasterDownload.exe
[%PROGRAM_FILES%]\Ares Galaxy FasterDownload\NNGLZA638.EXE
[%PROGRAM_FILES%]\Ares Galaxy FasterDownload\packet.dll
[%PROGRAM_FILES%]\Ares Galaxy FasterDownload\Skin.bmp
[%PROGRAM_FILES%]\Ares Galaxy FasterDownload\SkinAbout.bmp
[%PROGRAM_FILES%]\Ares Galaxy FasterDownload\unins000.dat
[%PROGRAM_FILES%]\Ares Galaxy FasterDownload\unins000.exe
[%PROGRAM_FILES%]\Ares Lite Edition\data
[%PROGRAM_FILES%]\Ares Lite Edition\lang
[%PROGRAM_FILES%]\Ares\data
[%PROGRAM_FILES%]\Ares\lang
[%SYSTEM%]\sporder.dll
[%WINDOWS%]\NDNuninstall6_38.exe

Registry Keys:
HKEY_CLASSES_ROOT\ares.collectionlist
HKEY_CURRENT_USER\software\ares
HKEY_CURRENT_USER\software\areslite
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\123 write all stored passwords
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\ares
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\areslite

Registry Values:
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run

Removing SingaRaja:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
NetTaxi RAT Information
Removing IEBAR Hijacker
Removing Bancos.IMY Trojan
Ystl Trojan Removal instruction
Removing Americlicks Hijacker

No comments: