Friday, November 7, 2008

AXVenore Adware

Removing AXVenore
Categories: Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits

How to detect AXVenore:

Registry Values:
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run

Removing AXVenore:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:

Posted by at No comments:

One.Half Trojan

Removing One.Half
Categories: Trojan,Backdoor,Downloader,DoS
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Backdoors combine the functionality of most other types of in one package.
Backdoors have one especially dangerous sub-class: variants that can propagate like worms.

The downloader either launches the new malware or registers it to enable autorun
according to the local operating system requirements.
These programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.

DoS trojans conduct such attacks from a single computer with the consent of the user.

Worms can carry a DoS procedure as part of their payload.
One.Half Also known as:

[Kaspersky]OneHalf,OneHalf.3544.a,OneHalf.3544.b,OneHalf.3544.k,OneHalf.3544.l,OneHalf.3577,OneHalf.3579,OneHalf.3434,OneHalf.3474,OneHalf.3486,OneHalf.3518,OneHalf.3570,OneHalf.3591,OneHalf.3696.a;
[Panda]One Half.3544,One.3544,One_Half.3577,One_Half.3579,Cri-Cri.4616,OneHalf.3486.boot,One Half.3570,One_Half.3666.Mbr;
[Computer Associates]One Half,SatanBug.Family,One_Half.3482

How to detect One.Half:

Registry Keys:
HKEY_CLASSES_ROOT\Interface\{0985C112-2562-46F2-8DA6-92648BA4630F}
HKEY_CLASSES_ROOT\interface\{aa4939c3-deca-4a48-a454-97cd587c0ef5}
HKEY_CLASSES_ROOT\interface\{eee4a2e5-9f56-432f-a6ed-f6f625b551e0}
HKEY_LOCAL_MACHINE\software\classes\interface\{aa4939c3-deca-4a48-a454-97cd587c0ef5}
HKEY_LOCAL_MACHINE\software\classes\interface\{eee4a2e5-9f56-432f-a6ed-f6f625b551e0}
HKEY_LOCAL_MACHINE\software\classes\typelib\{67907b3c-a6ef-4a01-99ad-3fcd5f526429}

Removing One.Half:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:

Posted by at No comments:

Delf.GEN Trojan

Removing Delf.GEN
Categories: Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Delf.GEN Also known as:

[Kaspersky]Trojan-Dropper.Win32.Delf.abc;
[Other]W32/Delf.WQL,Troj/Deldo-Gen
Visible Symptoms:
Files in system folders:
[%PROFILE_TEMP%]\avicodec.exe
[%PROFILE_TEMP%]\videosaccess1244.exe
[%PROGRAMS%]\VideoAccess\Uninstall.lnk
[%PROGRAM_FILES%]\SysObjectsEX\mstss32.ini
[%PROGRAM_FILES%]\SysObjectsEX\updchk2.exe
[%PROGRAM_FILES%]\SysObjectsEX\01.exe
[%PROGRAM_FILES%]\SysObjectsEX\mstss.exe
[%PROGRAM_FILES%]\SysObjectsEX\plugin.exe
[%PROGRAM_FILES%]\VideoAccess\Uninstall.exe
[%PROFILE_TEMP%]\avicodec.exe
[%PROFILE_TEMP%]\videosaccess1244.exe
[%PROGRAMS%]\VideoAccess\Uninstall.lnk
[%PROGRAM_FILES%]\SysObjectsEX\mstss32.ini
[%PROGRAM_FILES%]\SysObjectsEX\updchk2.exe
[%PROGRAM_FILES%]\SysObjectsEX\01.exe
[%PROGRAM_FILES%]\SysObjectsEX\mstss.exe
[%PROGRAM_FILES%]\SysObjectsEX\plugin.exe
[%PROGRAM_FILES%]\VideoAccess\Uninstall.exe

How to detect Delf.GEN:

Files:
[%PROFILE_TEMP%]\avicodec.exe
[%PROFILE_TEMP%]\videosaccess1244.exe
[%PROGRAMS%]\VideoAccess\Uninstall.lnk
[%PROGRAM_FILES%]\SysObjectsEX\mstss32.ini
[%PROGRAM_FILES%]\SysObjectsEX\updchk2.exe
[%PROGRAM_FILES%]\SysObjectsEX\01.exe
[%PROGRAM_FILES%]\SysObjectsEX\mstss.exe
[%PROGRAM_FILES%]\SysObjectsEX\plugin.exe
[%PROGRAM_FILES%]\VideoAccess\Uninstall.exe
[%PROFILE_TEMP%]\avicodec.exe
[%PROFILE_TEMP%]\videosaccess1244.exe
[%PROGRAMS%]\VideoAccess\Uninstall.lnk
[%PROGRAM_FILES%]\SysObjectsEX\mstss32.ini
[%PROGRAM_FILES%]\SysObjectsEX\updchk2.exe
[%PROGRAM_FILES%]\SysObjectsEX\01.exe
[%PROGRAM_FILES%]\SysObjectsEX\mstss.exe
[%PROGRAM_FILES%]\SysObjectsEX\plugin.exe
[%PROGRAM_FILES%]\VideoAccess\Uninstall.exe

Removing Delf.GEN:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:

Posted by at No comments:

Comodo.Trust BHO

Removing Comodo.Trust
Categories: BHO,Hijacker,Toolbar
BHO (Browser Helper Object) Trojan.
The BHO waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.
The method of network transport used by the attacker makes this Trojan unique.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.
Instead, this Trojan encodes the data with a simple XOR algorithm before placing it into
the data section of an ICMP ping packet." explained the company.
Hijackers take control of various parts of your web browser, including your home page,
search pages, and search bar. They may also redirect you to certain sites should you
mistype an address or prevent you from going to a website they would rather you not,
such as sites that combat malware. Some will even redirect you to their own search engine
when you attempt a search.
Toolbar presents itself as a helpful add-on for Internet Explorer but it is a real pest.
It replaces your start page, continuosly open a number of pop up windows and so on.
Visible Symptoms:
Files in system folders:
[%WINDOWS%]\system\ttbbho.dll
[%WINDOWS%]\system\ttbbho.dll

How to detect Comodo.Trust:

Files:
[%WINDOWS%]\system\ttbbho.dll
[%WINDOWS%]\system\ttbbho.dll

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{093caf40-3ba6-4071-a050-e830cbdc6480}
HKEY_CLASSES_ROOT\clsid\{d80e1356-ac78-4218-961c-a7689b4cb7fe}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{d80e1356-ac78-4218-961c-a7689b4cb7fe}
HKEY_LOCAL_MACHINE\software\classes\clsid\{d80e1356-ac78-4218-961c-a7689b4cb7fe}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{d80e1356-ac78-4218-961c-a7689b4cb7fe}

Removing Comodo.Trust:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:

Posted by at No comments:

Win32.LikeSurf DoS

Removing Win32.LikeSurf
Categories: DoS
These programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.

DoS trojans conduct such attacks from a single computer with the consent of the user.

Worms can carry a DoS procedure as part of their payload.
Win32.LikeSurf Also known as:

[Panda]Spyware/LikeSurf
Visible Symptoms:
Files in system folders:
[%SYSTEM%]\taskmgn.exe
[%SYSTEM%]\taskmgn.exe

How to detect Win32.LikeSurf:

Files:
[%SYSTEM%]\taskmgn.exe
[%SYSTEM%]\taskmgn.exe

Removing Win32.LikeSurf:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:

Posted by at No comments:

Offer.Companion Adware

Removing Offer.Companion
Categories: Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
Visible Symptoms:
Files in system folders:
[%PROGRAMS%]\offer companion\offer companion.lnk
[%PROGRAMS%]\offer companion\offer companion.lnk

How to detect Offer.Companion:

Files:
[%PROGRAMS%]\offer companion\offer companion.lnk
[%PROGRAMS%]\offer companion\offer companion.lnk

Folders:
[%PROFILE%]\start menu\programs\offer companion

Registry Values:
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\menuorder\start menu\programs

Removing Offer.Companion:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:

Posted by at No comments:

Poplite Adware

Removing Poplite
Categories: Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

Visible Symptoms:
Files in system folders:
[%WINDOWS%]\plite731.exe
[%WINDOWS%]\plite731.exe

How to detect Poplite:

Files:
[%WINDOWS%]\plite731.exe
[%WINDOWS%]\plite731.exe

Removing Poplite:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:

Posted by at No comments:

WatchPorn Trojan

Removing WatchPorn
Categories: Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

How to detect WatchPorn:

Folders:
[%PROGRAMS%]\WatchPorn
[%PROGRAM_FILES%]\WatchPorn

Registry Keys:
HKEY_CLASSES_ROOT\watchporn
HKEY_CURRENT_USER\software\watchporn
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\watchporn

Removing WatchPorn:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:

Posted by at No comments:

SillyDl.CFQ Downloader

Removing SillyDl.CFQ
Categories: Downloader
Trojans-downloaders downloads and installs new malware or adware on the computer.

SillyDl.CFQ Also known as:

[Kaspersky]Trojan-Downloader.Win32.Agent.bet;
[Other]WIn32/SillyDl.CFQ
Visible Symptoms:
Files in system folders:
[%WINDOWS%]\skchost.exe
[%WINDOWS%]\svchosk.exe
[%WINDOWS%]\skchost.exe
[%WINDOWS%]\svchosk.exe

How to detect SillyDl.CFQ:

Files:
[%WINDOWS%]\skchost.exe
[%WINDOWS%]\svchosk.exe
[%WINDOWS%]\skchost.exe
[%WINDOWS%]\svchosk.exe

Removing SillyDl.CFQ:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:

Posted by at No comments:

Vapidab Trojan

Removing Vapidab
Categories: Trojan,Downloader
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
The downloader either launches the new malware or registers it to enable autorun
according to the local operating system requirements.
Vapidab Also known as:

[Kaspersky]Hoax.Win32.Renos.kj,Trojan-Downloader.Win32.VB.bql;
[Other]Mal/Emogen-O
Visible Symptoms:
Files in system folders:
[%SYSTEM%]\ace16win.dll
[%SYSTEM%]\dpqaqlqx.bin
[%SYSTEM%]\sznf.ascii
[%SYSTEM%]\vxddsk.exe
[%SYSTEM%]\wml.exe
[%WINDOWS%]\764.exe
[%WINDOWS%]\7search.dll
[%WINDOWS%]\aconti.exe
[%WINDOWS%]\aconti.ini
[%WINDOWS%]\aconti.log
[%WINDOWS%]\aconti.sdb
[%WINDOWS%]\acontidialer.txt
[%WINDOWS%]\adbar.dll
[%WINDOWS%]\daxtime.dll
[%WINDOWS%]\dp0.dll
[%WINDOWS%]\eventlowg.dll
[%WINDOWS%]\flt.dll
[%WINDOWS%]\hotporn.exe
[%WINDOWS%]\jd2002.dll
[%WINDOWS%]\kkcomp$.exe
[%WINDOWS%]\ngd.dll
[%WINDOWS%]\pbar.dll
[%WINDOWS%]\spredirect.dll
[%WINDOWS%]\vxddsk.exe
[%WINDOWS%]\wbeInst$.exe
[%WINDOWS%]\wml.exe
[%WINDOWS%]\xadbrk_.exe
[%WINDOWS%]\xxxvideo.exe
[%SYSTEM%]\ace16win.dll
[%SYSTEM%]\dpqaqlqx.bin
[%SYSTEM%]\sznf.ascii
[%SYSTEM%]\vxddsk.exe
[%SYSTEM%]\wml.exe
[%WINDOWS%]\764.exe
[%WINDOWS%]\7search.dll
[%WINDOWS%]\aconti.exe
[%WINDOWS%]\aconti.ini
[%WINDOWS%]\aconti.log
[%WINDOWS%]\aconti.sdb
[%WINDOWS%]\acontidialer.txt
[%WINDOWS%]\adbar.dll
[%WINDOWS%]\daxtime.dll
[%WINDOWS%]\dp0.dll
[%WINDOWS%]\eventlowg.dll
[%WINDOWS%]\flt.dll
[%WINDOWS%]\hotporn.exe
[%WINDOWS%]\jd2002.dll
[%WINDOWS%]\kkcomp$.exe
[%WINDOWS%]\ngd.dll
[%WINDOWS%]\pbar.dll
[%WINDOWS%]\spredirect.dll
[%WINDOWS%]\vxddsk.exe
[%WINDOWS%]\wbeInst$.exe
[%WINDOWS%]\wml.exe
[%WINDOWS%]\xadbrk_.exe
[%WINDOWS%]\xxxvideo.exe

How to detect Vapidab:

Files:
[%SYSTEM%]\ace16win.dll
[%SYSTEM%]\dpqaqlqx.bin
[%SYSTEM%]\sznf.ascii
[%SYSTEM%]\vxddsk.exe
[%SYSTEM%]\wml.exe
[%WINDOWS%]\764.exe
[%WINDOWS%]\7search.dll
[%WINDOWS%]\aconti.exe
[%WINDOWS%]\aconti.ini
[%WINDOWS%]\aconti.log
[%WINDOWS%]\aconti.sdb
[%WINDOWS%]\acontidialer.txt
[%WINDOWS%]\adbar.dll
[%WINDOWS%]\daxtime.dll
[%WINDOWS%]\dp0.dll
[%WINDOWS%]\eventlowg.dll
[%WINDOWS%]\flt.dll
[%WINDOWS%]\hotporn.exe
[%WINDOWS%]\jd2002.dll
[%WINDOWS%]\kkcomp$.exe
[%WINDOWS%]\ngd.dll
[%WINDOWS%]\pbar.dll
[%WINDOWS%]\spredirect.dll
[%WINDOWS%]\vxddsk.exe
[%WINDOWS%]\wbeInst$.exe
[%WINDOWS%]\wml.exe
[%WINDOWS%]\xadbrk_.exe
[%WINDOWS%]\xxxvideo.exe
[%SYSTEM%]\ace16win.dll
[%SYSTEM%]\dpqaqlqx.bin
[%SYSTEM%]\sznf.ascii
[%SYSTEM%]\vxddsk.exe
[%SYSTEM%]\wml.exe
[%WINDOWS%]\764.exe
[%WINDOWS%]\7search.dll
[%WINDOWS%]\aconti.exe
[%WINDOWS%]\aconti.ini
[%WINDOWS%]\aconti.log
[%WINDOWS%]\aconti.sdb
[%WINDOWS%]\acontidialer.txt
[%WINDOWS%]\adbar.dll
[%WINDOWS%]\daxtime.dll
[%WINDOWS%]\dp0.dll
[%WINDOWS%]\eventlowg.dll
[%WINDOWS%]\flt.dll
[%WINDOWS%]\hotporn.exe
[%WINDOWS%]\jd2002.dll
[%WINDOWS%]\kkcomp$.exe
[%WINDOWS%]\ngd.dll
[%WINDOWS%]\pbar.dll
[%WINDOWS%]\spredirect.dll
[%WINDOWS%]\vxddsk.exe
[%WINDOWS%]\wbeInst$.exe
[%WINDOWS%]\wml.exe
[%WINDOWS%]\xadbrk_.exe
[%WINDOWS%]\xxxvideo.exe

Folders:
[%PROGRAM_FILES%]\e-zshopper
[%SYSTEM%]\acespy

Registry Keys:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{00000012-890e-4aac-afd9-eff6954a34dd}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{029e02f0-a0e5-4b19-b958-7bf2db29fb13}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{12f02779-6d88-4958-8ad3-83c12d86adc7}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{1adbcce8-cf84-441e-9b38-afc7a19c06a4}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{53c330d6-a4ab-419b-b45d-fd4411c1fef4}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{54645654-2225-4455-44a1-9f4543d34546}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{669695bc-a811-4a9d-8cdf-ba8c795f261e}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{6abc861a-31e7-4d91-b43b-d3c98f22a5c0}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{a4a435cf-3583-11d4-91bd-0048546a1450}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{b8875bfe-b021-11d4-bfa8-00508b8e9bd3}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{c2680e10-1655-4a0e-87f8-4259325a84b7}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{c4ca6559-2cf1-48b6-96b2-8340a06fd129}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{c5af2622-8c75-4dfb-9693-23ab7686a456}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{ca1d1b05-9c66-11d5-a009-000103c1e50b}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{d8efadf1-9009-11d6-8c73-608c5dc19089}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{e9306072-417e-43e3-81d5-369490beef7c}

Removing Vapidab:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:

Posted by at No comments:

Doshye Trojan

Removing Doshye
Categories: Trojan,Adware
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
Doshye Also known as:

[Other]Win32/Doshye.B,Win32/Doshye.C,Win32/Doshye.F
Visible Symptoms:
Files in system folders:
[%SYSTEM%]\xydzyh.exe
[%WINDOWS%]\scvhost.exe
[%WINDOWS%]\system\svchest.exe
[%WINDOWS%]\system\svchest.reg
[%WINDOWS%]\SCVHOST.EXE
[%WINDOWS%]\system\svchesta.exe
[%SYSTEM%]\xydzyh.exe
[%WINDOWS%]\scvhost.exe
[%WINDOWS%]\system\svchest.exe
[%WINDOWS%]\system\svchest.reg
[%WINDOWS%]\SCVHOST.EXE
[%WINDOWS%]\system\svchesta.exe

How to detect Doshye:

Files:
[%SYSTEM%]\xydzyh.exe
[%WINDOWS%]\scvhost.exe
[%WINDOWS%]\system\svchest.exe
[%WINDOWS%]\system\svchest.reg
[%WINDOWS%]\SCVHOST.EXE
[%WINDOWS%]\system\svchesta.exe
[%SYSTEM%]\xydzyh.exe
[%WINDOWS%]\scvhost.exe
[%WINDOWS%]\system\svchest.exe
[%WINDOWS%]\system\svchest.reg
[%WINDOWS%]\SCVHOST.EXE
[%WINDOWS%]\system\svchesta.exe

Registry Keys:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Indexingbox
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\indexingbox

Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_CURRENT_USER\software\google\navclient\1.1\whitelist
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing Doshye:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:

Posted by at No comments:

Qhost.hf Trojan

Removing Qhost.hf
Categories: Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Visible Symptoms:
Files in system folders:
[%SYSTEM%]\howiper.exe
[%SYSTEM%]\{6CAF99EE-BC63-4E32-A249-B1CC8147653B}.exe
[%SYSTEM%]\howiper.exe
[%SYSTEM%]\{6CAF99EE-BC63-4E32-A249-B1CC8147653B}.exe

How to detect Qhost.hf:

Files:
[%SYSTEM%]\howiper.exe
[%SYSTEM%]\{6CAF99EE-BC63-4E32-A249-B1CC8147653B}.exe
[%SYSTEM%]\howiper.exe
[%SYSTEM%]\{6CAF99EE-BC63-4E32-A249-B1CC8147653B}.exe

Removing Qhost.hf:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:

Posted by at No comments:

Spy.Agent Trojan

Removing Spy.Agent
Categories: Trojan,Adware
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

Spy.Agent Also known as:

[Kaspersky]Trojan-Spy.Win32.Small.ak;
[McAfee]Spy-Agent;
[Other]Wab-Stealer,TSPY_SMALL.DVD
Visible Symptoms:
Files in system folders:
[%SYSTEM%]\sphlp32.exe
[%SYSTEM%]\{A2CECC73-4E74-4236-ADDC-B9C7B41741CA}.exe
[%SYSTEM%]\sphlp32.exe
[%SYSTEM%]\{A2CECC73-4E74-4236-ADDC-B9C7B41741CA}.exe

How to detect Spy.Agent:

Files:
[%SYSTEM%]\sphlp32.exe
[%SYSTEM%]\{A2CECC73-4E74-4236-ADDC-B9C7B41741CA}.exe
[%SYSTEM%]\sphlp32.exe
[%SYSTEM%]\{A2CECC73-4E74-4236-ADDC-B9C7B41741CA}.exe

Registry Keys:
HKEY_CURRENT_USER\software\nirsoft\activexhelper
HKEY_CURRENT_USER\software\nirsoft\adapterwatch
HKEY_CURRENT_USER\software\nirsoft\asterisklogger
HKEY_CURRENT_USER\software\nirsoft\currports
HKEY_CURRENT_USER\software\nirsoft\dialupass
HKEY_CURRENT_USER\software\nirsoft\iehistoryview
HKEY_CURRENT_USER\software\nirsoft\ipnetinfo
HKEY_CURRENT_USER\software\nirsoft\messenpass
HKEY_CURRENT_USER\software\nirsoft\netpass
HKEY_CURRENT_USER\software\nirsoft\produkey
HKEY_CURRENT_USER\software\nirsoft\pspv
HKEY_CURRENT_USER\software\nirsoft\regscanner
HKEY_CURRENT_USER\software\nirsoft\sysexporter

Removing Spy.Agent:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:

Posted by at No comments:

RegistryCleanerXP Adware

Removing RegistryCleanerXP
Categories: Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

Visible Symptoms:
Files in system folders:
[%COMMON_PROGRAMS%]\RegistryCleanerXP.lnk
[%COMMON_DESKTOPDIRECTORY%]\RegistryCleanerXP.lnk
[%COMMON_PROGRAMS%]\RegistryCleanerXP.lnk
[%COMMON_DESKTOPDIRECTORY%]\RegistryCleanerXP.lnk

How to detect RegistryCleanerXP:

Files:
[%COMMON_PROGRAMS%]\RegistryCleanerXP.lnk
[%COMMON_DESKTOPDIRECTORY%]\RegistryCleanerXP.lnk
[%COMMON_PROGRAMS%]\RegistryCleanerXP.lnk
[%COMMON_DESKTOPDIRECTORY%]\RegistryCleanerXP.lnk

Folders:
[%PROGRAM_FILES%]\RegistryCleanerXP

Registry Keys:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\registrycleanerxp
HKEY_LOCAL_MACHINE\software\registrycleanerxp

Removing RegistryCleanerXP:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:

Posted by at No comments:
Subscribe to: Posts (Atom)