Friday, November 21, 2008

Adultoweb Adware

Removing Adultoweb
Categories: Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

How to detect Adultoweb:

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{23273a1c-c870-43c4-a3e3-67dc98630ac6}

Removing Adultoweb:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Vxidl.APG Trojan Removal

Posted by at No comments:

MIRC.nHTMLn DoS

Removing MIRC.nHTMLn
Categories: DoS
These programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.

DoS trojans conduct such attacks from a single computer with the consent of the user.

Worms can carry a DoS procedure as part of their payload.
Visible Symptoms:
Files in system folders:
[%PROGRAM_FILES%]\Freakz_Script\webview\nHTMLn_2.92.dll
[%PROGRAM_FILES%]\Freakz_Script\webview\nHTMLn_2.92.dll

How to detect MIRC.nHTMLn:

Files:
[%PROGRAM_FILES%]\Freakz_Script\webview\nHTMLn_2.92.dll
[%PROGRAM_FILES%]\Freakz_Script\webview\nHTMLn_2.92.dll

Removing MIRC.nHTMLn:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Vxidl.ADL Trojan Removal instruction
Remove Pynix Adware

Posted by at No comments:

Net.Devil Trojan

Removing Net.Devil
Categories: Trojan,Spyware,Backdoor,RAT,Hacker Tool
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Spyware is computer software that is installed surreptitiously on a personal computer
to intercept or take partial control over the user's interaction
with the computer, without the user's informed consent.

While the term spyware suggests software that secretly monitors the user's behavior,
the functions of spyware extend well beyond simple monitoring.

Spyware programs can collect various types of personal information,
such as Internet surfing habit, sites that have been visited,
but can also interfere with user control of the computer in other ways,
such as installing additional software, redirecting Web browser activity,
accessing websites blindly that will cause more harmful viruses,
or diverting advertising revenue to a third party.

Spyware can even change computer settings, resulting in slow connection speeds,
different home pages, and loss of Internet or other programs.
In an attempt to increase the understanding of spyware, a more formal classification
of its included software types is captured under the term privacy-invasive software.
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
They function in the same way as legal remote administration programs used by system administrators.
This makes them difficult to detect.

Backdoors are installed and launched without the consent of the user of computer.
Often the backdoor will not be visible in the log of active programs.

Once a backdoor has been successfully launched, the computer is wide open.
Backdoor functions can include:


  • Launching/ deleting files

  • Sending/ receiving files

  • Deleting data

  • Displaying notification

  • Rebooting the machine

  • Executing files




Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.
Backdoors combine the functionality of most other types of in one package.

Backdoors have one especially dangerous sub-class: variants that can propagate like worms.
Many trojans and backdoors now have remote administration capabilities
allowing an individual to control the victim's computer.
Many times a file called the server must be opened on the victim's computer before
the trojan can have access to it.

These are generally sent through email, P2P file sharing software,
and in internet downloads. They are usually disguised as a legitimate program or file.
Many server files will display a fake error message when opened, to make it seem like it didn't open.
Some will also kill antivirus and firewall software.

Some RAT trojans are pranks that are most likely being controlled by a friend or enemy on
April Fool's day or a holiday. Prank RATS are generally not harmful, and won't log keystrokes or hack.
They usually do whimsical things like flip the screen upside-down, open the CD-ROM tray,
and swap mouse buttons. However, they can be quite hard to remove.
Exploits use vulnerabilities in operating systems and applications to achieve the same result.
Net.Devil Also known as:

[Kaspersky]Backdoor.NetDevil.10,Backdoor.NetDevil.10.a,Backdoor.NetDevil.10.b,Backdoor.NetDevil.11.b,Backdoor.NetDevil.12,Backdoor.NetDevil.13.a,Backdoor.NetDevil.15,Backdoor.NetDevil.13.c;
[Eset]Win32/NetDevil.12 trojan;
[McAfee]BackDoor-RP.cfg,BackDoor-RP.cli,BackDoor-RP.svr;
[F-Prot]security risk or a "backdoor" program;
[Panda]Backdoor Program,Bck/NetDevil.10,Bck/NetDevil.10.B,Bck/NetDevil.11.B,Bck/NetDevil.12,Bck/NetDevil.15,Bck/NetDevil.15.edt,Bck/Vildenet;
[Computer Associates]Backdoor/Netdevil_Server_family,Win32.NetDevil.10,Win32.NetDevil.11.B,Win32.NetDevil.12.A,Win32.NetDevil.13.B,Win32/NetDevil.13.B!Trojan,Win32.NetDevil.15.B,Win32.NetDevil.13.C,Win32/NetDevil.13.C!Trojan
Visible Symptoms:
Files in system folders:
[%WINDOWS%]\system\shellapi32.exe
[%WINDOWS%]\system\shellapi32.exe

How to detect Net.Devil:

Files:
[%WINDOWS%]\system\shellapi32.exe
[%WINDOWS%]\system\shellapi32.exe

Removing Net.Devil:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
KGB.Spy.Software Spyware Symptoms

Posted by at No comments:

Clear.Search Hijacker

Removing Clear.Search
Categories: Hijacker
A Search hijacker redirects search results to other pages and may
transmit search and browsing data to unknown servers. An error page hijacker directs
the browser to another page, usually an advertising page, instead of the usual error
page when the requested URL is not found.

How to detect Clear.Search:

Folders:
[%PROGRAM_FILES%]\csbb

Registry Keys:
HKEY_LOCAL_MACHINE\software\ppcleanbait

Removing Clear.Search:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
DefaultSearch.SeekSeek BHO Removal
Remove BootMerlin Trojan

Posted by at No comments:

Hostblock Trojan

Removing Hostblock
Categories: Trojan,Backdoor
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.

Hostblock Also known as:

[Other]Win32/Hostblock
Visible Symptoms:
Files in system folders:
[%SYSTEM%]\drivers\etc\1.hosts
[%SYSTEM%]\drivers\etc\hosts
[%SYSTEM%]\drivers\etc\1.hosts
[%SYSTEM%]\drivers\etc\hosts

How to detect Hostblock:

Files:
[%SYSTEM%]\drivers\etc\1.hosts
[%SYSTEM%]\drivers\etc\hosts
[%SYSTEM%]\drivers\etc\1.hosts
[%SYSTEM%]\drivers\etc\hosts

Removing Hostblock:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Piolet Worm Removal
Bancos.GME Trojan Removal instruction
Win32.Flooder.MailSpam.VB Trojan Cleaner
Refikey Downloader Information
Firmox Trojan Removal

Posted by at No comments:

Funcade Adware

Removing Funcade
Categories: Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

Funcade Also known as:

[Other]eXact.Funcade
Visible Symptoms:
Files in system folders:
[%PROGRAMS%]\Funcade\Funcade.lnk
[%PROGRAMS%]\Funcade\Uninstall.lnk
[%PROGRAMS%]\Funcade\Funcade.lnk
[%PROGRAMS%]\Funcade\Uninstall.lnk

How to detect Funcade:

Files:
[%PROGRAMS%]\Funcade\Funcade.lnk
[%PROGRAMS%]\Funcade\Uninstall.lnk
[%PROGRAMS%]\Funcade\Funcade.lnk
[%PROGRAMS%]\Funcade\Uninstall.lnk

Folders:
[%PROGRAM_FILES%]\Funcade

Registry Keys:
HKEY_LOCAL_MACHINE\software\exactadvertisingfuncade
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\exactadvertisingfuncade

Removing Funcade:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Remove Agent.dt Spyware
Adware.MokeAd Trojan Removal

Posted by at No comments:

SillyDl.AFX Trojan

Removing SillyDl.AFX
Categories: Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Visible Symptoms:
Files in system folders:
[%PROFILE_TEMP%]\ICD2.tmp\UWA6P_0001_N68M2301NetInstaller.exe
[%PROFILE_TEMP%]\ICD2.tmp\UWA6P_0001_N68M2301NetInstaller.exe

How to detect SillyDl.AFX:

Files:
[%PROFILE_TEMP%]\ICD2.tmp\UWA6P_0001_N68M2301NetInstaller.exe
[%PROFILE_TEMP%]\ICD2.tmp\UWA6P_0001_N68M2301NetInstaller.exe

Removing SillyDl.AFX:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
TribuneInteractive Tracking Cookie Cleaner
Zlob.Fam.Protection Tools Trojan Removal
Virtumonde Trojan Information

Posted by at No comments:

ClientMan.2in1 BHO

Removing ClientMan.2in1
Categories: BHO
The BHO (Browser Helper Object) waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.
Visible Symptoms:
Files in system folders:
[%SYSTEM%]\msncjk.dll
[%SYSTEM%]\msncjk.dll

How to detect ClientMan.2in1:

Files:
[%SYSTEM%]\msncjk.dll
[%SYSTEM%]\msncjk.dll

Removing ClientMan.2in1:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
DigiNum Adware Cleaner
Removing Bonzo.exe Trojan

Posted by at No comments:

CouponBar Toolbar

Removing CouponBar
Categories: Toolbar,Adware
Toolbar presents itself as a helpful add-on for Internet Explorer but it is a real pest.Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
Visible Symptoms:
Files in system folders:
[%WINDOWS%]\CouponBarIE.dll
[%WINDOWS%]\cpbrkpie.ocx
[%WINDOWS%]\couponbar.dll
[%WINDOWS%]\CouponBarIE.dll
[%WINDOWS%]\cpbrkpie.ocx
[%WINDOWS%]\couponbar.dll

How to detect CouponBar:

Files:
[%WINDOWS%]\CouponBarIE.dll
[%WINDOWS%]\cpbrkpie.ocx
[%WINDOWS%]\couponbar.dll
[%WINDOWS%]\CouponBarIE.dll
[%WINDOWS%]\cpbrkpie.ocx
[%WINDOWS%]\couponbar.dll

Registry Keys:
HKEY_CLASSES_ROOT\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
HKEY_CLASSES_ROOT\CLSID\{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC}
HKEY_CLASSES_ROOT\cpbrkpie.Coupon6Ctrl.1
HKEY_CLASSES_ROOT\Interface\{6E780F0B-BCD6-40CB-B2DB-7AF47AB4D4A4}
HKEY_CLASSES_ROOT\Interface\{A138BE8B-F051-4802-9A3F-A750A6D862D4}
HKEY_CLASSES_ROOT\typelib\{87255c51-cd7d-4506-b9ad-97606daf53f3}
HKEY_CLASSES_ROOT\CLSID\{5BED3930-2E9E-76D8-BACC-80DF2188D455}
HKEY_CLASSES_ROOT\CLSID\{62960D20-6D0D-1AB4-4BF1-95B0B5B8783A}
HKEY_CLASSES_ROOT\Interface\{0D700D4A-F8C1-8888-C5BA-CB09D464A4E8}
HKEY_CLASSES_ROOT\Interface\{6D69B86A-B94C-59EE-BCB8-5F5DF46B2BE8}
HKEY_CLASSES_ROOT\ToolBand.TTB000000
HKEY_CLASSES_ROOT\TTB000001.IEToolbar
HKEY_CURRENT_USER\Software\TTB000001
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{62960D20-6D0D-1AB4-4BF1-95B0B5B8783A}
HKEY_CLASSES_ROOT\clsid\{9522b3fb-7a2b-4646-8af6-36e7f593073c}
HKEY_CLASSES_ROOT\clsid\{a85a5e6a-de2c-4f4e-99dc-f469df5a0eec}
HKEY_CLASSES_ROOT\clsid\{fb986a68-eae4-11d4-9bd1-0080c6f60b6a}
HKEY_CLASSES_ROOT\cpbrkpie.coupon6ctrl.1
HKEY_CLASSES_ROOT\interface\{6e780f0b-bcd6-40cb-b2db-7af47ab4d4a4}
HKEY_CLASSES_ROOT\interface\{a138be8b-f051-4802-9a3f-a750a6d862d4}
HKEY_LOCAL_MACHINE\software\classes\clsid\{fb986a68-eae4-11d4-9bd1-0080c6f60b6a}

Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shell extensions\approved

Removing CouponBar:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
NetPal BHO Information
Ljjw Trojan Removal instruction

Posted by at No comments:

DialXS Adware

Removing DialXS
Categories: Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits

How to detect DialXS:

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{841a9192-5690-11d4-a258-0040954a01be}
HKEY_CLASSES_ROOT\clsid\{9b4aa442-9ebf-11d5-8c11-0050da4957f5}

Removing DialXS:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Jeefo Trojan Symptoms
Bazooka Ransomware Information
Remove Hate Trojan
Removing Koska Trojan
Removing Vice.Ivkill Trojan

Posted by at No comments:

CrisysTec.Sentry Ransomware

Removing CrisysTec.Sentry
Categories: Ransomware
A cryptovirus, cryptotrojan or cryptoworm is a type of
malware that encrypts the data belonging to an individual on a computer,
demanding a ransom for its restoration.

The term ransomware is commonly used to describe such software,
although the field known as cryptovirology predates the term "ransomware".

This type of ransom attack can be accomplished by (for example) attaching
a specially crafted file/program to an e-mail message and sending this to the victim.

If the victim opens/executes the attachment, the program encrypts
a number of files on the victim's computer. A ransom note is then left behind for the victim.

The victim will be unable to open the encrypted files without the correct decryption key.
Once the ransom demanded in the ransom note is paid, the cracker may (or may not)
send the decryption key, enabling decryption of the "kidnapped" files.
Visible Symptoms:
Files in system folders:
[%DESKTOP%]\CrisysTec Sentry 3.0.lnk
[%PROGRAMS%]\CrisysTec Sentry\CrisysTec Sentry Help file.lnk
[%PROGRAMS%]\CrisysTec Sentry\CrisysTec Sentry.lnk
[%PROGRAMS%]\CrisysTec Sentry\Uninstall CrisysTec Sentry.lnk
[%DESKTOP%]\CrisysTec Sentry 3.0.lnk
[%PROGRAMS%]\CrisysTec Sentry\CrisysTec Sentry Help file.lnk
[%PROGRAMS%]\CrisysTec Sentry\CrisysTec Sentry.lnk
[%PROGRAMS%]\CrisysTec Sentry\Uninstall CrisysTec Sentry.lnk

How to detect CrisysTec.Sentry:

Files:
[%DESKTOP%]\CrisysTec Sentry 3.0.lnk
[%PROGRAMS%]\CrisysTec Sentry\CrisysTec Sentry Help file.lnk
[%PROGRAMS%]\CrisysTec Sentry\CrisysTec Sentry.lnk
[%PROGRAMS%]\CrisysTec Sentry\Uninstall CrisysTec Sentry.lnk
[%DESKTOP%]\CrisysTec Sentry 3.0.lnk
[%PROGRAMS%]\CrisysTec Sentry\CrisysTec Sentry Help file.lnk
[%PROGRAMS%]\CrisysTec Sentry\CrisysTec Sentry.lnk
[%PROGRAMS%]\CrisysTec Sentry\Uninstall CrisysTec Sentry.lnk

Folders:
[%COMMON_STARTMENU%]\Programs\CrisysTec Sentry
[%PROGRAM_FILES%]\Critical Systems Technologies\CrisysTec Sentry

Registry Keys:
HKEY_CURRENT_USER\software\critical systems technologies
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{34bce26e-d9f8-46cb-8a59-b473a14471f0}

Registry Values:
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion

Removing CrisysTec.Sentry:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
ProBot.Activity.Monitor Spyware Cleaner
Joshi Trojan Cleaner
Windows.Search.Bar BHO Cleaner
Ad.Sponsor Adware Removal instruction
Lospad Trojan Symptoms

Posted by at No comments:

Downloader.BBL.gen Downloader

Removing Downloader.BBL.gen
Categories: Downloader
This family of Trojans downloads and installs new malware or adware on the computer.
The downloader then either launches the new malware or registers it to enable autorun
according to the local operating system requirements.

The names and locations of malware to be downloaded are either coded into the
Trojan or downloaded from a specified website.
Downloader.BBL.gen Also known as:

[McAfee]Downloader-BBL.gen;
[Other]Win32/Vxidl.EX
Visible Symptoms:
Files in system folders:
[%SYSTEM%]\kernels32.exe
[%SYSTEM%]\kernels32.exe

How to detect Downloader.BBL.gen:

Files:
[%SYSTEM%]\kernels32.exe
[%SYSTEM%]\kernels32.exe

Removing Downloader.BBL.gen:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Bancos.GRM Trojan Information
X10 Tracking Cookie Information
Ardamax.KeyLogger.Lite Spyware Removal instruction
EasyServ Trojan Removal instruction
Remove soft.stop Trojan

Posted by at No comments:

Pigeon.FCE Trojan

Removing Pigeon.FCE
Categories: Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Pigeon.FCE Also known as:

[Other]Trojan:Win32/Anomaly.gen!A

How to detect Pigeon.FCE:

Registry Keys:
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_network_connections_manage_
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\network connections manage

Removing Pigeon.FCE:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Proxy.Daemonize Trojan Symptoms
Stealth.Keylogger Spyware Symptoms

Posted by at No comments:

OptixKill Trojan

Removing OptixKill
Categories: Trojan,Backdoor,Hacker Tool
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.

These utilities are designed to penetrate remote computers
in order to use them as zombies (by using backdoors) or to download other malicious programs to computer.

Exploits use vulnerabilities in operating systems and applications to achieve the same result.
OptixKill Also known as:

[Panda]Trojan Horse;
[Computer Associates]Win32.OptixKill.30

How to detect OptixKill:

Registry Values:
HKEY_LOCAL_MACHINE\software\wise solutions\wise installation system\repair\c:/windows/system32/innervbinstall.log

Removing OptixKill:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Frethog.ACV Trojan Information
CWS.TheRealSearch Hijacker Symptoms

Posted by at No comments:

Netbus Trojan

Removing Netbus
Categories: Trojan,Spyware,Backdoor,RAT,Hacker Tool
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Spyware is computer software that is installed surreptitiously on a personal computer
to intercept or take partial control over the user's interaction
with the computer, without the user's informed consent.

While the term spyware suggests software that secretly monitors the user's behavior,
the functions of spyware extend well beyond simple monitoring.

Spyware programs can collect various types of personal information,
such as Internet surfing habit, sites that have been visited,
but can also interfere with user control of the computer in other ways,
such as installing additional software, redirecting Web browser activity,
accessing websites blindly that will cause more harmful viruses,
or diverting advertising revenue to a third party.

Spyware can even change computer settings, resulting in slow connection speeds,
different home pages, and loss of Internet or other programs.
In an attempt to increase the understanding of spyware, a more formal classification
of its included software types is captured under the term privacy-invasive software.
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
They function in the same way as legal remote administration programs used by system administrators.
This makes them difficult to detect.

Backdoors are installed and launched without the consent of the user of computer.
Often the backdoor will not be visible in the log of active programs.

Once a backdoor has been successfully launched, the computer is wide open.
Backdoor functions can include:


  • Launching/ deleting files

  • Sending/ receiving files

  • Deleting data

  • Displaying notification

  • Rebooting the machine

  • Executing files




Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.
Backdoors combine the functionality of most other types of in one package.

Backdoors have one especially dangerous sub-class: variants that can propagate like worms.
Many trojans and backdoors now have remote administration capabilities
allowing an individual to control the victim's computer.
Many times a file called the server must be opened on the victim's computer before
the trojan can have access to it.

These are generally sent through email, P2P file sharing software,
and in internet downloads. They are usually disguised as a legitimate program or file.
Many server files will display a fake error message when opened, to make it seem like it didn't open.
Some will also kill antivirus and firewall software.
Hacker Tools are designed to penetrate remote computers
in order to use them as zombies or to download other malicious programs to computer.
Netbus Also known as:

[Kaspersky]Backdoor.Netbus.170,Backdoor.Netbus.12,Backdoor.Netbus.153,Backdoor.Netbus.160.a,Backdoor.Netbus.160.b,Backdoor.Netbus.21.a;
[Eset]Win32/NetBus.1_20 trojan,Netbus.170 trojan;
[McAfee]Netbus;
[F-Prot]security risk or a "backdoor" program,W32/NetBus.backdoor.494592.B,W32/NetBus.backdoor.473088,W32/NetBus.backdoor.494592.A,W32/NetBus.backdoor.472576,W32/NetBus.backdoor.567296,destructive program;
[Panda]Trj/Netbus.170,Bck/Netbus.12,Trj/Netbus.153,Trj/Netbus.153.II,Backdoor Program,Trj/NetBus.1.6.B,Trj/Netbus.160,Bck/Nbspy;
[Computer Associates]Backdoor/Netbus.170,Backdoor/Netbus_Server_family,Win32.NetBus.170,Backdoor/Netbus_1.2,Win32.NetBus.152,Backdoor/Netbus!Server,Backdoor/Netbus.1.6.0.B!Server,Win32.NetBus.160,Backdoor/Netbus 1.2,Backdoor/Netbus Server family,Backdoor/Netbus.2.0.A,Win32.NetBus,Backdoor/Netbus.160.A
Visible Symptoms:
Files in system folders:
[%WINDOWS%]\wizjatv.exe
[%WINDOWS%]\wizjatv.exe

How to detect Netbus:

Files:
[%WINDOWS%]\wizjatv.exe
[%WINDOWS%]\wizjatv.exe

Removing Netbus:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Desktop.Detective.Home.Edition Spyware Symptoms
TrojanDownloader.Win32.Agent.af Trojan Information
SillyDl.CFQ Downloader Removal
Draprof Trojan Information
Ricercadoppia Toolbar Removal

Posted by at No comments:

ffinder.com Hijacker

Removing ffinder.com
Categories: Hijacker
A Search hijacker redirects search results to other pages and may
transmit search and browsing data to unknown servers. An error page hijacker directs
the browser to another page, usually an advertising page, instead of the usual error
page when the requested URL is not found.
Visible Symptoms:
Files in system folders:
[%SYSTEM%]\ieffse32.dll
[%SYSTEM%]\ieffse32.dll

How to detect ffinder.com:

Files:
[%SYSTEM%]\ieffse32.dll
[%SYSTEM%]\ieffse32.dll

Registry Keys:
HKEY_CLASSES_ROOT\CLSID\{C1C6426B-FB16-4123-ACBE-74D94FB0E663}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1C6426B-FB16-4123-ACBE-74D94FB0E663}

Removing ffinder.com:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Removing pocitadlo.cz Tracking Cookie

Posted by at No comments:

Desktop.Marketer Adware

Removing Desktop.Marketer
Categories: Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
Visible Symptoms:
Files in system folders:
[%SYSTEM%]\Scenic News.exe
[%WINDOWS%]\scenic news.exe
[%SYSTEM%]\Scenic News.exe
[%WINDOWS%]\scenic news.exe

How to detect Desktop.Marketer:

Files:
[%SYSTEM%]\Scenic News.exe
[%WINDOWS%]\scenic news.exe
[%SYSTEM%]\Scenic News.exe
[%WINDOWS%]\scenic news.exe

Removing Desktop.Marketer:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
CrazyCrunch Trojan Removal
Notiex Trojan Symptoms
Remove Softomate Adware
Boxed Trojan Symptoms
Contextual Adware Information

Posted by at No comments:

DepthCharge Backdoor

Removing DepthCharge
Categories: Backdoor,Hacker Tool,DoS
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
They function in the same way as legal remote administration programs used by system administrators.
This makes them difficult to detect.

Backdoors are installed and launched without the consent of the user of computer.
Often the backdoor will not be visible in the log of active programs.

Once a backdoor has been successfully launched, the computer is wide open.
Backdoor functions can include:


  • Launching/ deleting files

  • Sending/ receiving files

  • Deleting data

  • Displaying notification

  • Rebooting the machine

  • Executing files




Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.
Backdoors combine the functionality of most other types of in one package.

Backdoors have one especially dangerous sub-class: variants that can propagate like worms.
Hacker Tools are designed to penetrate remote computers
in order to use them as zombies or to download other malicious programs to computer.
DoS trojans conduct attacks from a single computer with the consent of the user.
DepthCharge Also known as:

[Kaspersky]DDoS.Win32.DepthCharge.b;
[Panda]Bck/VB,DoS Program;
[Computer Associates]Backdoor/DepthCharge.11!Server,Win32.DepthCharge.11
Visible Symptoms:
Files in system folders:
[%WINDOWS%]\chubby.exe
[%WINDOWS%]\chubby.exe

How to detect DepthCharge:

Files:
[%WINDOWS%]\chubby.exe
[%WINDOWS%]\chubby.exe

Removing DepthCharge:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Remove Badcodor Trojan
Remove Bancos.IMY Trojan

Posted by at No comments:

CWS.MSOffice Hijacker

Removing CWS.MSOffice
Categories: Hijacker
When the default home page is hijacked, the browser opens to the web page set by the hijacker
instead of the user's designated home page. In some cases, the hijacker may block users from
restoring their desired home page.
Visible Symptoms:
Files in system folders:
[%WINDOWS%]\fonts\msoffice.hta
[%WINDOWS%]\fonts\msoffice.hta

How to detect CWS.MSOffice:

Files:
[%WINDOWS%]\fonts\msoffice.hta
[%WINDOWS%]\fonts\msoffice.hta

Removing CWS.MSOffice:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
PS.MPC Trojan Removal
Hack.Office Worm Removal
Stactisu Trojan Cleaner
Remove Clagger Trojan
RVP Adware Information

Posted by at No comments:

Bazooka Ransomware

Removing Bazooka
Categories: Ransomware
A cryptovirus, cryptotrojan or cryptoworm is a type of
malware that encrypts the data belonging to an individual on a computer,
demanding a ransom for its restoration.

The term ransomware is commonly used to describe such software,
although the field known as cryptovirology predates the term "ransomware".

This type of ransom attack can be accomplished by (for example) attaching
a specially crafted file/program to an e-mail message and sending this to the victim.

If the victim opens/executes the attachment, the program encrypts
a number of files on the victim's computer. A ransom note is then left behind for the victim.

The victim will be unable to open the encrypted files without the correct decryption key.
Once the ransom demanded in the ransom note is paid, the cracker may (or may not)
send the decryption key, enabling decryption of the "kidnapped" files.
Visible Symptoms:
Files in system folders:
[%DESKTOP%]\ADWareBazooka.lnk
[%DESKTOP%]\ADWareBazooka.lnk

How to detect Bazooka:

Files:
[%DESKTOP%]\ADWareBazooka.lnk
[%DESKTOP%]\ADWareBazooka.lnk

Folders:
[%PROGRAMS%]\ADWareBazooka
[%PROGRAM_FILES%]\ADWareBazooka

Registry Keys:
HKEY_CURRENT_USER\software\adwarebazooka
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\adwarebazooka

Registry Values:
HKEY_CURRENT_USER\software\borland\locales
HKEY_CURRENT_USER\software\borland\locales
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run

Removing Bazooka:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
AIM.Spammer Trojan Removal instruction
Contextual Adware Removal instruction

Posted by at No comments:

Key.Captor Spyware

Removing Key.Captor
Categories: Spyware
Spyware is computer software that is installed surreptitiously on a personal computer
to intercept or take partial control over the user's interaction
with the computer, without the user's informed consent.

While the term spyware suggests software that secretly monitors the user's behavior,
the functions of spyware extend well beyond simple monitoring.

Spyware programs can collect various types of personal information,
such as Internet surfing habit, sites that have been visited,
but can also interfere with user control of the computer in other ways,
such as installing additional software, redirecting Web browser activity,
accessing websites blindly that will cause more harmful viruses,
or diverting advertising revenue to a third party.

Spyware can even change computer settings, resulting in slow connection speeds,
different home pages, and loss of Internet or other programs.
In an attempt to increase the understanding of spyware, a more formal classification
of its included software types is captured under the term privacy-invasive software.
Visible Symptoms:
Files in system folders:
[%WINDOWS%]\spysplash.dat
[%WINDOWS%]\spysplash.dat

How to detect Key.Captor:

Files:
[%WINDOWS%]\spysplash.dat
[%WINDOWS%]\spysplash.dat

Folders:
[%PROGRAMS%]\Keycaptor
[%PROGRAM_FILES%]\KeyCaptor

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall

Removing Key.Captor:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Removing LolaWeb.Winhost Trojan
KillSpy Ransomware Symptoms
Remove YazzleBundle Trojan

Posted by at No comments:

Small Trojan

Removing Small
Categories: Trojan,Adware,Spyware,Worm,Backdoor,Downloader,Hacker Tool,DoS
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
Spyware is computer software that is installed surreptitiously on a personal computer
to with the computer, without the user's informed consent.
Worms can be classified by installation method, launch method and finally according
to characteristics standard to all malware: polymorphism, stealth etc.

Many of the worms which managed to cause significant outbreaks use more then
one propagation method as well as more than one infection technique.

Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.

The downloader either launches the new malware or registers it to enable autorun
according to the local operating system requirements.
These utilities are designed to penetrate remote computers
in order to use them as zombies (by using backdoors) or to download other malicious programs to computer.

Exploits use vulnerabilities in operating systems and applications to achieve the same result.
DoS trojans conduct attacks from a single computer with the consent of the user.
Small Also known as:

[Kaspersky]Backdoor.Dumador.c,Small.122.c,Small.126,Small.128.b,Backdoor.Small.bb,Backdoor.Win32.Small.nz,Trojan-Proxy.Win32.Small.du,Trojan-Dropper.Win32.Small.axn,Trojan.Win32.Small.ir,Trojan-Dropper.Win32.Small.axq,Trojan-Dropper.Win32.Small.avw,Trojan-Clicker.Win32.Small.cn,Trojan-Downloader.Win32.Small.ds;
[Eset]Win32/Dumaru.A2 worm,Win32/Small.P trojan,Win32/Small.BB trojan;
[McAfee]Generic Dropper;
[F-Prot]W32/Backdoor.ALRW;
[Panda]Trj/PSW.Narod,Trojan Horse,Trojan Horse.LC,Trj/Small.N,Bck/Small.J,Small.127,M_Jmp.128;
[Computer Associates]Win32.Bambo,Win32/ABCD911!Trojan,Win32/Small.BX!Downloader,Win32/Small.A!Trojan,Win32/Small.D!Trojan,Win32/Small.AV!Dropper,Win32/Small.N!Joiner,Win32.Small.K,Win32/Small.K!Dropper,Backdoor/Small.P,Win32/Small.a!Trojan,Win32/Small.M!Joiner,Backdoor/Small.BB!Server,Win32.Fasbeaf.A,Small 122,Small 126,Small 128;
[Other]Troj/PWS-ALX,W32/Smalltroj.AAGB,Troj/Agent-EDB,Suspicious_F.gen.dropper,Mal/Packer,TrojanDropper:Win32/Small!49F8,Troj/Mdrop-BPE,W32/DLoader.BDR,TROJ_SMALL.DS,Downloader
Visible Symptoms:
Files in system folders:
[%DESKTOP%]\WinZIP\Password Recovery V3.54\license.txt
[%PROFILE_TEMP%]\winlogon.exe
[%PROGRAM_FILES%]\WinRAR\Advanced Archive Password Recovery 2.20\license.txt
[%SYSTEM%]\insqcb.ins
[%WINDOWS%]\downloaded program files\qabar.inf
[%SYSTEM%]\ldcore.dll
[%SYSTEM%]\ljo.dll
[%SYSTEM%]\mjice.dll
[%SYSTEM%]\msntorms.exe
[%SYSTEM%]\plenb.dll
[%SYSTEM%]\zAskop.dll
[%WINDOWS%]\system\objna.dll
[%DESKTOP%]\WinZIP\Password Recovery V3.54\license.txt
[%PROFILE_TEMP%]\winlogon.exe
[%PROGRAM_FILES%]\WinRAR\Advanced Archive Password Recovery 2.20\license.txt
[%SYSTEM%]\insqcb.ins
[%WINDOWS%]\downloaded program files\qabar.inf
[%SYSTEM%]\ldcore.dll
[%SYSTEM%]\ljo.dll
[%SYSTEM%]\mjice.dll
[%SYSTEM%]\msntorms.exe
[%SYSTEM%]\plenb.dll
[%SYSTEM%]\zAskop.dll
[%WINDOWS%]\system\objna.dll

How to detect Small:

Files:
[%DESKTOP%]\WinZIP\Password Recovery V3.54\license.txt
[%PROFILE_TEMP%]\winlogon.exe
[%PROGRAM_FILES%]\WinRAR\Advanced Archive Password Recovery 2.20\license.txt
[%SYSTEM%]\insqcb.ins
[%WINDOWS%]\downloaded program files\qabar.inf
[%SYSTEM%]\ldcore.dll
[%SYSTEM%]\ljo.dll
[%SYSTEM%]\mjice.dll
[%SYSTEM%]\msntorms.exe
[%SYSTEM%]\plenb.dll
[%SYSTEM%]\zAskop.dll
[%WINDOWS%]\system\objna.dll
[%DESKTOP%]\WinZIP\Password Recovery V3.54\license.txt
[%PROFILE_TEMP%]\winlogon.exe
[%PROGRAM_FILES%]\WinRAR\Advanced Archive Password Recovery 2.20\license.txt
[%SYSTEM%]\insqcb.ins
[%WINDOWS%]\downloaded program files\qabar.inf
[%SYSTEM%]\ldcore.dll
[%SYSTEM%]\ljo.dll
[%SYSTEM%]\mjice.dll
[%SYSTEM%]\msntorms.exe
[%SYSTEM%]\plenb.dll
[%SYSTEM%]\zAskop.dll
[%WINDOWS%]\system\objna.dll

Registry Keys:
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_a-load
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\a-load

Registry Values:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop
HKEY_CURRENT_USER\software\microsoft\internet explorer\security
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing Small:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Remove Adware.SaveNow Adware
estara.com Tracking Cookie Symptoms
Removing Bancos.IKT Trojan

Posted by at No comments:

Afseg Trojan

Removing Afseg
Categories: Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Afseg Also known as:

[F-Prot]W32/SecRisk-ProcessPatcher-base!Maxiumus;
[Other]Mal/Behav-010

How to detect Afseg:

Registry Keys:
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\syst32
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_afsegtgf_windows_service
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\afsegtgf windows service

Removing Afseg:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Remove EZCyberSearch Adware

Posted by at No comments:

MDSA.Sentinel Spyware

Removing MDSA.Sentinel
Categories: Spyware
Spyware can even change computer settings, resulting in slow connection speeds,
different home pages, and loss of Internet or other programs.
In an attempt to increase the understanding of spyware, a more formal classification
of its included software types is captured under the term privacy-invasive software.
Visible Symptoms:
Files in system folders:
[%DESKTOP%]\mdsa sentinel 2006
[%DESKTOP%]\MDSA Sentinel X.lnk
[%PROGRAMS%]\mdsa software
[%PROGRAM_FILES%]\MDSA Software\csrss.exe
[%PROGRAM_FILES%]\MDSA Software\help.htm
[%PROGRAM_FILES%]\MDSA Software\license.txt
[%PROGRAM_FILES%]\MDSA Software\smss.exe
[%PROGRAM_FILES%]\mdsa software\uninst\unins000.dat
[%PROGRAM_FILES%]\mdsa software\uninst\unins000.fak
[%DESKTOP%]\mdsa sentinel 2006
[%DESKTOP%]\MDSA Sentinel X.lnk
[%PROGRAMS%]\mdsa software
[%PROGRAM_FILES%]\MDSA Software\csrss.exe
[%PROGRAM_FILES%]\MDSA Software\help.htm
[%PROGRAM_FILES%]\MDSA Software\license.txt
[%PROGRAM_FILES%]\MDSA Software\smss.exe
[%PROGRAM_FILES%]\mdsa software\uninst\unins000.dat
[%PROGRAM_FILES%]\mdsa software\uninst\unins000.fak

How to detect MDSA.Sentinel:

Files:
[%DESKTOP%]\mdsa sentinel 2006
[%DESKTOP%]\MDSA Sentinel X.lnk
[%PROGRAMS%]\mdsa software
[%PROGRAM_FILES%]\MDSA Software\csrss.exe
[%PROGRAM_FILES%]\MDSA Software\help.htm
[%PROGRAM_FILES%]\MDSA Software\license.txt
[%PROGRAM_FILES%]\MDSA Software\smss.exe
[%PROGRAM_FILES%]\mdsa software\uninst\unins000.dat
[%PROGRAM_FILES%]\mdsa software\uninst\unins000.fak
[%DESKTOP%]\mdsa sentinel 2006
[%DESKTOP%]\MDSA Sentinel X.lnk
[%PROGRAMS%]\mdsa software
[%PROGRAM_FILES%]\MDSA Software\csrss.exe
[%PROGRAM_FILES%]\MDSA Software\help.htm
[%PROGRAM_FILES%]\MDSA Software\license.txt
[%PROGRAM_FILES%]\MDSA Software\smss.exe
[%PROGRAM_FILES%]\mdsa software\uninst\unins000.dat
[%PROGRAM_FILES%]\mdsa software\uninst\unins000.fak

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing MDSA.Sentinel:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Downloader.ADT Downloader Information
SillyDl.CYL Trojan Information
The.ICQ.Protocol Trojan Symptoms

Posted by at No comments:

Black.Angel Trojan

Removing Black.Angel
Categories: Trojan,Backdoor,RAT
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
Often the backdoor will not be visible in the log of active programs.
Many trojans and backdoors now have remote administration capabilities
allowing an individual to control the victim's computer.
Many times a file called the server must be opened on the victim's computer before
the trojan can have access to it.

These are generally sent through email, P2P file sharing software,
and in internet downloads. They are usually disguised as a legitimate program or file.
Many server files will display a fake error message when opened, to make it seem like it didn't open.
Some will also kill antivirus and firewall software.
Black.Angel Also known as:

[Kaspersky]Backdoor.BlackAngel.13;
[Eset]Win32/BlackAngel.13 trojan,Win32/BlackAngel.13.Client trojan;
[McAfee]BackDoor-SA.cli,Backdoor-SA.svr;
[F-Prot]security risk or a "backdoor" program;
[Computer Associates]Backdoor/BlackAngel.13.Server
Visible Symptoms:
Files in system folders:
[%WINDOWS%]\iex32dll.exe
[%WINDOWS%]\iex32dll.exe

How to detect Black.Angel:

Files:
[%WINDOWS%]\iex32dll.exe
[%WINDOWS%]\iex32dll.exe

Removing Black.Angel:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
SpediaBar Adware Symptoms
Winpage.Blocker BHO Removal

Posted by at No comments:

TargetAd Adware

Removing TargetAd
Categories: Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
TargetAd Also known as:

[Kaspersky]Adware.Win32.WinAD.bu;
[McAfee]Adware-TargetAD

How to detect TargetAd:

Folders:
[%PROGRAM_FILES%]\NetMeting\Target

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{002af282-e42d-4b51-9f70-f1570c02faad}
HKEY_CLASSES_ROOT\clsid\{0a5ef610-efb6-4ac4-a22a-3ca6b8148d08}
HKEY_CLASSES_ROOT\interface\{1b54093e-6f8d-4b96-b9fe-1f0026aa872a}
HKEY_CLASSES_ROOT\interface\{e16dca92-8478-4bb0-b557-08012e8eae00}
HKEY_CLASSES_ROOT\targetad.target
HKEY_CLASSES_ROOT\targetad.target.1
HKEY_CLASSES_ROOT\targetad.targetreg
HKEY_CLASSES_ROOT\targetad.targetreg.1
HKEY_CLASSES_ROOT\typelib\{daa57276-ebf7-422e-aa7a-5cc7788a2a20}
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\ext\stats\{002af282-e42d-4b51-9f70-f1570c02faad}
HKEY_CURRENT_USER\software\targetad
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{002af282-e42d-4b51-9f70-f1570c02faad}

Removing TargetAd:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Remove Ertfor Trojan

Posted by at No comments:

Hornet Backdoor

Removing Hornet
Categories: Backdoor,RAT
Backdoors combine the functionality of most other types of in one package.
Backdoors have one especially dangerous sub-class: variants that can propagate like worms.

Many trojans and backdoors now have remote administration capabilities
allowing an individual to control the victim's computer.
Many times a file called the server must be opened on the victim's computer before
the trojan can have access to it.

These are generally sent through email, P2P file sharing software,
and in internet downloads. They are usually disguised as a legitimate program or file.
Many server files will display a fake error message when opened, to make it seem like it didn't open.
Some will also kill antivirus and firewall software.
Hornet Also known as:

[Kaspersky]Backdoor.Hornet.10;
[Panda]Backdoor Program,Bck/Hornet.10;
[Computer Associates]Backdoor/Hornet.10,Backdoor/Hornet.10!Client,Backdoor/Hornet.10!Downloader,Backdoor/Hornet.10!EditServer,Win32.Hornet.10,Win32/Hornet.10.IRC!Trojan
Visible Symptoms:
Files in system folders:
[%WINDOWS%]\active.exe
[%WINDOWS%]\active.exe

How to detect Hornet:

Files:
[%WINDOWS%]\active.exe
[%WINDOWS%]\active.exe

Removing Hornet:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Remove VX2.Pynix BHO
Iyus Trojan Removal instruction
Incelid Trojan Removal instruction
Remove Bunga Trojan
thesafetyfiles.com Hijacker Symptoms

Posted by at No comments:

SearchNet Trojan

Removing SearchNet
Categories: Trojan,Adware,Downloader
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
The downloader either launches the new malware or registers it to enable autorun
according to the local operating system requirements.
SearchNet Also known as:

[Kaspersky]Trojan-Spy.Win32.Agent.iw,AdWare.Win32.BHO.ls;
[McAfee]SearchNet;
[Other]Win32/SearchNet.D,Adware.PigSearch,Adware.Rugo
Visible Symptoms:
Files in system folders:
[%SYSTEM%]\drivers\FAD.sys
[%SYSTEM%]\ntsvrs.exe
[%PROFILE_TEMP%]\lokv.exe
[%PROFILE_TEMP%]\u4hq.exe
[%SYSTEM%]\drivers\Anfad.sys
[%SYSTEM%]\drivers\svq0hve.sys
[%SYSTEM%]\drivers\xcvmp7.sys
[%SYSTEM%]\ServeHost.dat
[%SYSTEM%]\ServeHost.exe
[%SYSTEM%]\drivers\FAD.sys
[%SYSTEM%]\ntsvrs.exe
[%PROFILE_TEMP%]\lokv.exe
[%PROFILE_TEMP%]\u4hq.exe
[%SYSTEM%]\drivers\Anfad.sys
[%SYSTEM%]\drivers\svq0hve.sys
[%SYSTEM%]\drivers\xcvmp7.sys
[%SYSTEM%]\ServeHost.dat
[%SYSTEM%]\ServeHost.exe

How to detect SearchNet:

Files:
[%SYSTEM%]\drivers\FAD.sys
[%SYSTEM%]\ntsvrs.exe
[%PROFILE_TEMP%]\lokv.exe
[%PROFILE_TEMP%]\u4hq.exe
[%SYSTEM%]\drivers\Anfad.sys
[%SYSTEM%]\drivers\svq0hve.sys
[%SYSTEM%]\drivers\xcvmp7.sys
[%SYSTEM%]\ServeHost.dat
[%SYSTEM%]\ServeHost.exe
[%SYSTEM%]\drivers\FAD.sys
[%SYSTEM%]\ntsvrs.exe
[%PROFILE_TEMP%]\lokv.exe
[%PROFILE_TEMP%]\u4hq.exe
[%SYSTEM%]\drivers\Anfad.sys
[%SYSTEM%]\drivers\svq0hve.sys
[%SYSTEM%]\drivers\xcvmp7.sys
[%SYSTEM%]\ServeHost.dat
[%SYSTEM%]\ServeHost.exe

Folders:
[%PROGRAM_FILES%]\SearchNet
[%PROGRAM_FILES%]\ZSXZ

Registry Keys:
HKEY_CLASSES_ROOT\typelib\{690e010b-042a-4973-87a8-485deb8bdf68}
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\ext\stats\{2a0176fe-008b-4706-90f5-bba532a49731}
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\ext\stats\{3ce496d1-1746-41cd-9489-3c0b93df10e2}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\zsxz
HKEY_LOCAL_MACHINE\software\policies\microsoft\windows\safer\codeidentifiers\0\hashes\{04152c5b-7ca9-4bb1-8077-5ea42f787eb8}
HKEY_LOCAL_MACHINE\software\policies\microsoft\windows\safer\codeidentifiers\0\hashes\{515bafd0-86a0-4b2a-9dfe-4440bf60c355}
HKEY_LOCAL_MACHINE\software\policies\microsoft\windows\safer\codeidentifiers\0\hashes\{5c20c0e0-9a22-424f-92c8-6f408563ce98}
HKEY_LOCAL_MACHINE\software\policies\microsoft\windows\safer\codeidentifiers\0\hashes\{93506e82-31e9-47b4-901e-2d04d6aa3b86}
HKEY_LOCAL_MACHINE\software\policies\microsoft\windows\safer\codeidentifiers\0\hashes\{b9b553a9-77ff-44de-8c24-fe88ccdc4e93}
HKEY_LOCAL_MACHINE\software\policies\microsoft\windows\safer\codeidentifiers\0\hashes\{c8a82950-abe8-4b7d-a5de-19c249a9cfac}
HKEY_LOCAL_MACHINE\software\policies\microsoft\windows\safer\codeidentifiers\0\hashes\{cf3780c4-33ba-44bd-981f-e37940887d8b}
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_fad
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_remote_log
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\eventlog\application\remote log
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\fad
HKEY_CLASSES_ROOT\clsid\{3ce496d1-1746-41cd-9489-3c0b93df10e2}
HKEY_CLASSES_ROOT\iehpr.intercept
HKEY_CLASSES_ROOT\iehpr.intercept.1
HKEY_CLASSES_ROOT\interface\{52bea5f9-7e3f-490a-b7e8-9bd5dddee5df}
HKEY_CLASSES_ROOT\typelib\{158919d3-4cab-4109-9755-9ae794d5b2de}
HKEY_CLASSES_ROOT\typelib\{4a8976fe-144e-4742-8e49-d6cd3b140fd1}
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\cdnup.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{3ce496d1-1746-41cd-9489-3c0b93df10e2}
HKEY_LOCAL_MACHINE\software\searchnet
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_anfad
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\anfad
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\remote log

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing SearchNet:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Hsow Trojan Removal instruction

Posted by at No comments:

Frethog.AEQ Trojan

Removing Frethog.AEQ
Categories: Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Frethog.AEQ Also known as:

[Kaspersky]Trojan-PSW.Win32.OnLineGames.hxh;
[McAfee]New Malware.aj

How to detect Frethog.AEQ:

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{35e50183-9f46-46dd-b6c7-e7b55ba2715b}

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks

Removing Frethog.AEQ:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
SpecialOffers Adware Removal
Remove Pigeon.AWJF Trojan
Kilo Backdoor Removal instruction
SillyDI.CPH Trojan Removal

Posted by at No comments:

Ginwui Trojan

Removing Ginwui
Categories: Trojan,Hacker Tool
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
These utilities are designed to penetrate remote computers
in order to use them as zombies (by using backdoors) or to download other malicious programs to computer.

Exploits use vulnerabilities in operating systems and applications to achieve the same result.
Visible Symptoms:
Files in system folders:
[%SYSTEM%]\capture.bmp
[%SYSTEM%]\drivers\bridges.sys
[%SYSTEM%]\drivers\DetPort.sys
[%SYSTEM%]\drivers\lsPubDRV.sys
[%SYSTEM%]\drivers\RVdPort.sys
[%SYSTEM%]\kbdusb.dll
[%SYSTEM%]\kbdyl.dll
[%SYSTEM%]\localsp.dll
[%SYSTEM%]\sanlib.dll
[%SYSTEM%]\winguis.dll
[%SYSTEM%]\zsydll.dll
[%SYSTEM%]\zsyhide.dll
[%SYSTEM%]\capture.bmp
[%SYSTEM%]\drivers\bridges.sys
[%SYSTEM%]\drivers\DetPort.sys
[%SYSTEM%]\drivers\lsPubDRV.sys
[%SYSTEM%]\drivers\RVdPort.sys
[%SYSTEM%]\kbdusb.dll
[%SYSTEM%]\kbdyl.dll
[%SYSTEM%]\localsp.dll
[%SYSTEM%]\sanlib.dll
[%SYSTEM%]\winguis.dll
[%SYSTEM%]\zsydll.dll
[%SYSTEM%]\zsyhide.dll

How to detect Ginwui:

Files:
[%SYSTEM%]\capture.bmp
[%SYSTEM%]\drivers\bridges.sys
[%SYSTEM%]\drivers\DetPort.sys
[%SYSTEM%]\drivers\lsPubDRV.sys
[%SYSTEM%]\drivers\RVdPort.sys
[%SYSTEM%]\kbdusb.dll
[%SYSTEM%]\kbdyl.dll
[%SYSTEM%]\localsp.dll
[%SYSTEM%]\sanlib.dll
[%SYSTEM%]\winguis.dll
[%SYSTEM%]\zsydll.dll
[%SYSTEM%]\zsyhide.dll
[%SYSTEM%]\capture.bmp
[%SYSTEM%]\drivers\bridges.sys
[%SYSTEM%]\drivers\DetPort.sys
[%SYSTEM%]\drivers\lsPubDRV.sys
[%SYSTEM%]\drivers\RVdPort.sys
[%SYSTEM%]\kbdusb.dll
[%SYSTEM%]\kbdyl.dll
[%SYSTEM%]\localsp.dll
[%SYSTEM%]\sanlib.dll
[%SYSTEM%]\winguis.dll
[%SYSTEM%]\zsydll.dll
[%SYSTEM%]\zsyhide.dll

Registry Keys:
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\zsydll

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows

Removing Ginwui:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Netguarder.Web.Cleaner Adware Removal

Posted by at No comments:

HuntBar.WebSearch Hijacker

Removing HuntBar.WebSearch
Categories: Hijacker,Toolbar
Hijackers are software programs that modify users' default browser home page,
search settings, error page settings, or desktop wallpaper without adequate notice, disclosure,
or user consent.
Toolbar presents itself as a helpful add-on for Internet Explorer but it is a real pest.
Visible Symptoms:
Files in system folders:
[%SYSTEM%]\stoolbar.dll
[%WINDOWS%]\system\stoolbar.dll
[%SYSTEM%]\stoolbar.dll
[%WINDOWS%]\system\stoolbar.dll

How to detect HuntBar.WebSearch:

Files:
[%SYSTEM%]\stoolbar.dll
[%WINDOWS%]\system\stoolbar.dll
[%SYSTEM%]\stoolbar.dll
[%WINDOWS%]\system\stoolbar.dll

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{6a85d97d-665d-4825-8341-9501ad9f56a3}
HKEY_LOCAL_MACHINE\software\classes\clsid\{6a85d97d-665d-4825-8341-9501ad9f56a3}

Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar

Removing HuntBar.WebSearch:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Remove IEYHelper Adware
KooWo BHO Removal instruction
Remove Aureate Adware

Posted by at No comments:

Bancos.IBC Trojan

Removing Bancos.IBC
Categories: Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Bancos.IBC Also known as:

[Other]Win32/Bancos.IBC
Visible Symptoms:
Files in system folders:
[%SYSTEM%]\ntmcsvc.dll
[%SYSTEM%]\photowin.dll
[%SYSTEM%]\xvid.ini
[%SYSTEM%]\ntmcsvc.dll
[%SYSTEM%]\photowin.dll
[%SYSTEM%]\xvid.ini

How to detect Bancos.IBC:

Files:
[%SYSTEM%]\ntmcsvc.dll
[%SYSTEM%]\photowin.dll
[%SYSTEM%]\xvid.ini
[%SYSTEM%]\ntmcsvc.dll
[%SYSTEM%]\photowin.dll
[%SYSTEM%]\xvid.ini

Removing Bancos.IBC:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Force Trojan Cleaner
Remove System.Sleuth Spyware
Remove Backdoor.SchoolBus.d!Server Backdoor

Posted by at No comments:

Agent.ABM Trojan

Removing Agent.ABM
Categories: Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Agent.ABM Also known as:

[Kaspersky]Backdoor.Win32.Agent.abm;
[Other]Trojan Horse,W32/Agent.AQDL

How to detect Agent.ABM:

Registry Keys:
HKEY_CURRENT_USER\software\intelguardians

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing Agent.ABM:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Floppymad Trojan Removal
HBJ Backdoor Information
AV&Firewall.Killer Trojan Symptoms

Posted by at No comments:
Subscribe to: Posts (Atom)