Tuesday, December 9, 2008

Tagasaurus Adware

Removing Tagasaurus
Categories: Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

Tagasaurus Also known as:

[Kaspersky]Trojan-Downloader.Win32.VB.tf;
[McAfee]Generic Downloader.a;
[F-Prot]W32/Downloader.KEH;
[Other]W32/DLoader.OVC,Troj/Dloadr-BK,Trojan.Startup.NameShifter.A,enbrowser,Adware:Win32/TagAsaurus
Visible Symptoms:
Files in system folders:
[%DESKTOP%]\SearchUs.exe
[%DESKTOP%]\TagASaurus.exe
[%WINDOWS%]\Gwang.exe
[%WINDOWS%]\Setup90.exe
[%WINDOWS%]\uninst104.exe
[%WINDOWS%]\uni_ehhhh.exe
[%DESKTOP%]\SearchUs.exe
[%DESKTOP%]\TagASaurus.exe
[%WINDOWS%]\g4356cbvy63.exe
[%WINDOWS%]\ms03122656409.exe
[%WINDOWS%]\ms04226564091.exe
[%WINDOWS%]\ms042265640912006.exe
[%WINDOWS%]\ms05265640912.exe
[%WINDOWS%]\ms06656409122.exe
[%WINDOWS%]\sys010912265642006.exe
[%WINDOWS%]\sys02912265640.exe
[%WINDOWS%]\sys09409122656.exe
[%WINDOWS%]\sys094091226562006.exe
[%WINDOWS%]\Tagasuarus2.exe
[%WINDOWS%]\tapeG22.exe
[%WINDOWS%]\uninst1014.exe
[%WINDOWS%]\uni_eh44.exe
[%WINDOWS%]\win3206656409122.exe
[%WINDOWS%]\win3207564091226.exe
[%WINDOWS%]\win32075640912262006.exe
[%WINDOWS%]\win3208640912265.exe
[%DESKTOP%]\SearchUs.exe
[%DESKTOP%]\TagASaurus.exe
[%WINDOWS%]\Gwang.exe
[%WINDOWS%]\Setup90.exe
[%WINDOWS%]\uninst104.exe
[%WINDOWS%]\uni_ehhhh.exe
[%DESKTOP%]\SearchUs.exe
[%DESKTOP%]\TagASaurus.exe
[%WINDOWS%]\g4356cbvy63.exe
[%WINDOWS%]\ms03122656409.exe
[%WINDOWS%]\ms04226564091.exe
[%WINDOWS%]\ms042265640912006.exe
[%WINDOWS%]\ms05265640912.exe
[%WINDOWS%]\ms06656409122.exe
[%WINDOWS%]\sys010912265642006.exe
[%WINDOWS%]\sys02912265640.exe
[%WINDOWS%]\sys09409122656.exe
[%WINDOWS%]\sys094091226562006.exe
[%WINDOWS%]\Tagasuarus2.exe
[%WINDOWS%]\tapeG22.exe
[%WINDOWS%]\uninst1014.exe
[%WINDOWS%]\uni_eh44.exe
[%WINDOWS%]\win3206656409122.exe
[%WINDOWS%]\win3207564091226.exe
[%WINDOWS%]\win32075640912262006.exe
[%WINDOWS%]\win3208640912265.exe

How to detect Tagasaurus:

Files:
[%DESKTOP%]\SearchUs.exe
[%DESKTOP%]\TagASaurus.exe
[%WINDOWS%]\Gwang.exe
[%WINDOWS%]\Setup90.exe
[%WINDOWS%]\uninst104.exe
[%WINDOWS%]\uni_ehhhh.exe
[%DESKTOP%]\SearchUs.exe
[%DESKTOP%]\TagASaurus.exe
[%WINDOWS%]\g4356cbvy63.exe
[%WINDOWS%]\ms03122656409.exe
[%WINDOWS%]\ms04226564091.exe
[%WINDOWS%]\ms042265640912006.exe
[%WINDOWS%]\ms05265640912.exe
[%WINDOWS%]\ms06656409122.exe
[%WINDOWS%]\sys010912265642006.exe
[%WINDOWS%]\sys02912265640.exe
[%WINDOWS%]\sys09409122656.exe
[%WINDOWS%]\sys094091226562006.exe
[%WINDOWS%]\Tagasuarus2.exe
[%WINDOWS%]\tapeG22.exe
[%WINDOWS%]\uninst1014.exe
[%WINDOWS%]\uni_eh44.exe
[%WINDOWS%]\win3206656409122.exe
[%WINDOWS%]\win3207564091226.exe
[%WINDOWS%]\win32075640912262006.exe
[%WINDOWS%]\win3208640912265.exe
[%DESKTOP%]\SearchUs.exe
[%DESKTOP%]\TagASaurus.exe
[%WINDOWS%]\Gwang.exe
[%WINDOWS%]\Setup90.exe
[%WINDOWS%]\uninst104.exe
[%WINDOWS%]\uni_ehhhh.exe
[%DESKTOP%]\SearchUs.exe
[%DESKTOP%]\TagASaurus.exe
[%WINDOWS%]\g4356cbvy63.exe
[%WINDOWS%]\ms03122656409.exe
[%WINDOWS%]\ms04226564091.exe
[%WINDOWS%]\ms042265640912006.exe
[%WINDOWS%]\ms05265640912.exe
[%WINDOWS%]\ms06656409122.exe
[%WINDOWS%]\sys010912265642006.exe
[%WINDOWS%]\sys02912265640.exe
[%WINDOWS%]\sys09409122656.exe
[%WINDOWS%]\sys094091226562006.exe
[%WINDOWS%]\Tagasuarus2.exe
[%WINDOWS%]\tapeG22.exe
[%WINDOWS%]\uninst1014.exe
[%WINDOWS%]\uni_eh44.exe
[%WINDOWS%]\win3206656409122.exe
[%WINDOWS%]\win3207564091226.exe
[%WINDOWS%]\win32075640912262006.exe
[%WINDOWS%]\win3208640912265.exe

Registry Keys:
HKEY_LOCAL_MACHINE\software\system
HKEY_LOCAL_MACHINE\software\system\sysold

Registry Values:
HKEY_CURRENT_USER\software\microsoft\internet explorer\main
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\main
HKEY_LOCAL_MACHINE\software\system
HKEY_LOCAL_MACHINE\software\system
HKEY_LOCAL_MACHINE\software\system
HKEY_LOCAL_MACHINE\software\system
HKEY_LOCAL_MACHINE\software\system
HKEY_LOCAL_MACHINE\software\system
HKEY_LOCAL_MACHINE\software\system
HKEY_LOCAL_MACHINE\software\system
HKEY_LOCAL_MACHINE\software\system
HKEY_LOCAL_MACHINE\software\system
HKEY_LOCAL_MACHINE\software\system
HKEY_LOCAL_MACHINE\software\system
HKEY_LOCAL_MACHINE\software\system
HKEY_LOCAL_MACHINE\software\system
HKEY_LOCAL_MACHINE\software\system
HKEY_LOCAL_MACHINE\software\system
HKEY_LOCAL_MACHINE\software\system
HKEY_LOCAL_MACHINE\software\system
HKEY_LOCAL_MACHINE\software\system
HKEY_LOCAL_MACHINE\software\system
HKEY_LOCAL_MACHINE\software\system
HKEY_LOCAL_MACHINE\software\system
HKEY_LOCAL_MACHINE\software\system
HKEY_LOCAL_MACHINE\software\system
HKEY_LOCAL_MACHINE\software\system
HKEY_LOCAL_MACHINE\software\system
HKEY_LOCAL_MACHINE\software\system
HKEY_LOCAL_MACHINE\software\system
HKEY_LOCAL_MACHINE\software\system
HKEY_LOCAL_MACHINE\software\system
HKEY_LOCAL_MACHINE\software\system
HKEY_LOCAL_MACHINE\software\system
HKEY_LOCAL_MACHINE\software\system
HKEY_LOCAL_MACHINE\software\system
HKEY_LOCAL_MACHINE\software\system
HKEY_LOCAL_MACHINE\software\system
HKEY_CURRENT_USER\software\microsoft\internet explorer\main
HKEY_CURRENT_USER\software\microsoft\internet explorer\main
HKEY_CURRENT_USER\software\microsoft\internet explorer\main
HKEY_CURRENT_USER\software\microsoft\internet explorer\main
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\main
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\system
HKEY_LOCAL_MACHINE\software\system
HKEY_LOCAL_MACHINE\software\system

Removing Tagasaurus:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
BackDoor.BAC.gen Backdoor Information
SpywareSheriff.com::SpywareSheriff Adware Symptoms
Ecoly Trojan Cleaner
Remove Skowor.O Worm
Immunizr Ransomware Removal instruction

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)