SillyDl.DAG Trojan

Removing SillyDl.DAG
Categories: Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

---

SillyDl.DAG Also known as:

[Kaspersky]Trojan-Downloader.Win32.Tiny.hv;
[McAfee]W32/NGVCK.dr.gen;
[Other]Downloader.Murlo.fk,Troj/TinyDl-L,Win32/SillyDl.DAG

---

Visible Symptoms:
Files in system folders:
[%PROFILE_TEMP%]\win.dll
[%PROFILE_TEMP%]\win.dll

How to detect SillyDl.DAG:

Files:
[%PROFILE_TEMP%]\win.dll
[%PROFILE_TEMP%]\win.dll

Removing SillyDl.DAG:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

---

Also Be Aware of the Following Threats:

Findit.Quick.BrowserAid Adware

Removing Findit.Quick.BrowserAid
Categories: Adware,Toolbar
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
Toolbar presents itself as a helpful add-on for Internet Explorer but it is a real pest.

---

Visible Symptoms:
Files in system folders:
[%WINDOWS%]\curdxufku.exe
[%PROGRAM_FILES%]\toolbarsetup.exe\toolbarsetup.exe
[%SYSTEM%]\browseraidtoolbar.dll
[%WINDOWS%]\system\browseraidtoolbar.dll
[%WINDOWS%]\curdxufku.exe
[%PROGRAM_FILES%]\toolbarsetup.exe\toolbarsetup.exe
[%SYSTEM%]\browseraidtoolbar.dll
[%WINDOWS%]\system\browseraidtoolbar.dll

How to detect Findit.Quick.BrowserAid:

Files:
[%WINDOWS%]\curdxufku.exe
[%PROGRAM_FILES%]\toolbarsetup.exe\toolbarsetup.exe
[%SYSTEM%]\browseraidtoolbar.dll
[%WINDOWS%]\system\browseraidtoolbar.dll
[%WINDOWS%]\curdxufku.exe
[%PROGRAM_FILES%]\toolbarsetup.exe\toolbarsetup.exe
[%SYSTEM%]\browseraidtoolbar.dll
[%WINDOWS%]\system\browseraidtoolbar.dll

Folders:
[%PROGRAM_FILES%]\m i x l i s t e r

Registry Keys:
HKEY_LOCAL_MACHINE\software\classes\clsid\{337d0c1d-4053-4fab-af2b-45c2f7b0faa6}
HKEY_LOCAL_MACHINE\software\mixlister

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar

Removing Findit.Quick.BrowserAid:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

---

Also Be Aware of the Following Threats:

Revob Trojan

Removing Revob
Categories: Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

---

Visible Symptoms:
Files in system folders:
[%SYSTEM%]\attb.exe
[%SYSTEM%]\prapim.exe
[%SYSTEM%]\attb.exe
[%SYSTEM%]\prapim.exe

How to detect Revob:

Files:
[%SYSTEM%]\attb.exe
[%SYSTEM%]\prapim.exe
[%SYSTEM%]\attb.exe
[%SYSTEM%]\prapim.exe

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing Revob:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

---

Also Be Aware of the Following Threats:

Goldun.ar Spyware

Removing Goldun.ar
Categories: Spyware
Spyware can even change computer settings, resulting in slow connection speeds,
different home pages, and loss of Internet or other programs.
In an attempt to increase the understanding of spyware, a more formal classification
of its included software types is captured under the term privacy-invasive software.

How to detect Goldun.ar:

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{68363724-9abc-def0-0fed-fad682644311}

Removing Goldun.ar:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

---

Also Be Aware of the Following Threats:

Momaker RAT

Removing Momaker
Categories: RAT
Many trojans and backdoors now have remote administration capabilities
allowing an individual to control the victim's computer.
Many times a file called the server must be opened on the victim's computer before
the trojan can have access to it.

These are generally sent through email, P2P file sharing software,
and in internet downloads. They are usually disguised as a legitimate program or file.
Many server files will display a fake error message when opened, to make it seem like it didn't open.
Some will also kill antivirus and firewall software.

---

Visible Symptoms:
Files in system folders:
[%WINDOWS%]\system\icd.exe
[%WINDOWS%]\system\kbdplug.dll
[%WINDOWS%]\system\nzrue32.exe
[%WINDOWS%]\system\icd.exe
[%WINDOWS%]\system\kbdplug.dll
[%WINDOWS%]\system\nzrue32.exe

How to detect Momaker:

Files:
[%WINDOWS%]\system\icd.exe
[%WINDOWS%]\system\kbdplug.dll
[%WINDOWS%]\system\nzrue32.exe
[%WINDOWS%]\system\icd.exe
[%WINDOWS%]\system\kbdplug.dll
[%WINDOWS%]\system\nzrue32.exe

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing Momaker:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

---

Also Be Aware of the Following Threats:

StartNow.HyperBar Adware

Removing StartNow.HyperBar
Categories: Adware,BHO,Toolbar
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
The BHO (Browser Helper Object) waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.
Toolbar presents itself as a helpful add-on for Internet Explorer but it is a real pest.

---

Visible Symptoms:
Files in system folders:
[%SYSTEM%]\hyperbar.dll
[%WINDOWS%]\system\hyperbar.dll
[%SYSTEM%]\hyperbar.dll
[%WINDOWS%]\system\hyperbar.dll

How to detect StartNow.HyperBar:

Files:
[%SYSTEM%]\hyperbar.dll
[%WINDOWS%]\system\hyperbar.dll
[%SYSTEM%]\hyperbar.dll
[%WINDOWS%]\system\hyperbar.dll

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{1bc1fc4b-b0d2-4d8d-9307-2e40e2a8c257}
HKEY_CLASSES_ROOT\clsid\{4b2f5308-2cb0-40e2-8030-59936ed5d22c}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{4b2f5308-2cb0-40e2-8030-59936ed5d22c}
HKEY_LOCAL_MACHINE\software\classes\clsid\{1bc1fc4b-b0d2-4d8d-9307-2e40e2a8c257}
HKEY_LOCAL_MACHINE\software\classes\clsid\{4b2f5308-2cb0-40e2-8030-59936ed5d22c}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{4b2f5308-2cb0-40e2-8030-59936ed5d22c}

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar

Removing StartNow.HyperBar:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

---

Also Be Aware of the Following Threats: