Thursday, November 27, 2008

MoneyTree.DyFuCA Trojan

Removing MoneyTree.DyFuCA
Categories: Trojan,Adware,BHO,Downloader
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

As this information is entered by the user, it is captured by the BHO (Browser Helper Object) and
sent back to the attacker.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.Trojans-downloaders downloads and installs new malware or adware on the computer.

MoneyTree.DyFuCA Also known as:

[Kaspersky]TrojanDownloader.Win32.Dyfuca.ac;
[Eset]Win32/TrojanDownloader.Dyfica.AC trojan;
[Panda]Spyware/Dyfuca

How to detect MoneyTree.DyFuCA:

Registry Keys:
HKEY_CLASSES_ROOT\typelib\{0be10b0d-b4db-4693-9b1f-9aead54d17dc}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8F4E5661-F99E-4B3E-8D85-0EA71C0748E4}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{8f4e5661-f99e-4b3e-8d85-0ea71c0748e4}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{8f4e5661-f99e-4b3e-8d85-0ea71c0748e4}

Removing MoneyTree.DyFuCA:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
VB.eh Trojan Cleaner
BAT.SMF Trojan Removal instruction
CBrowser.DLL Trojan Removal

Posted by at No comments:

Bancos.IBH Trojan

Removing Bancos.IBH
Categories: Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Bancos.IBH Also known as:

[Kaspersky]Trojan-Downloader.Win32.Delf.bpc;
[McAfee]PWS-Banker.gen.i;
[Other]Win32/Bancos.IBH
Visible Symptoms:
Files in system folders:
[%WINDOWS%]\Media\7u560.exe
[%WINDOWS%]\Media\7u560.exe

How to detect Bancos.IBH:

Files:
[%WINDOWS%]\Media\7u560.exe
[%WINDOWS%]\Media\7u560.exe

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing Bancos.IBH:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Bancos.GIM Trojan Cleaner
Pigeon.AVHO Trojan Removal
Remove Dluca.gen Downloader
Remove Gyro Trojan

Posted by at No comments:

Win32.VB.ayt Trojan

Removing Win32.VB.ayt
Categories: Trojan,Backdoor
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.

Visible Symptoms:
Files in system folders:
[%SYSTEM%]\nusrmgr.exe
[%SYSTEM%]\nusrmgr.exe

How to detect Win32.VB.ayt:

Files:
[%SYSTEM%]\nusrmgr.exe
[%SYSTEM%]\nusrmgr.exe

Registry Keys:
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{f146c9b1-vmvq-a9rc-nufl-d0ba00b4e999}

Removing Win32.VB.ayt:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Vxidl.AED Trojan Symptoms
NetTrojan RAT Symptoms

Posted by at No comments:

Likedi Trojan

Removing Likedi
Categories: Trojan,Adware,Hijacker
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
Hijackers take control of various parts of your web browser, including your home page,
search pages, and search bar. They may also redirect you to certain sites should you
mistype an address or prevent you from going to a website they would rather you not,
such as sites that combat malware. Some will even redirect you to their own search engine
when you attempt a search.
Likedi Also known as:

[Kaspersky]AdWare.Win32.LinkMedia.a;
[Other]Win32/Likedi.D,Trojan.Linkmediac
Visible Symptoms:
Files in system folders:
[%PROFILE_TEMP%]\lmdm_setup_3.0_303.exe
[%PROGRAM_FILES%]\OpenSource\helpsvc.dll
[%PROGRAM_FILES%]\OpenSource\sdmAgent30.dll
[%PROGRAM_FILES%]\OpenSource\WmdmPmSp.dll
[%SYSTEM%]\helpsvc.dll
[%SYSTEM%]\SafeHelper12.dll
[%SYSTEM%]\sdmAgent23.dll
[%SYSTEM%]\sdmAgent30.dll
[%SYSTEM%]\WmdmPmSp.dll
[%WINDOWS%]\Temp\agentretu.ini
[%WINDOWS%]\Temp\liveupdate20.ini
[%WINDOWS%]\Temp\paramslocal.ini
[%PROFILE_TEMP%]\lmdm_setup_3.0_303.exe
[%PROGRAM_FILES%]\OpenSource\helpsvc.dll
[%PROGRAM_FILES%]\OpenSource\sdmAgent30.dll
[%PROGRAM_FILES%]\OpenSource\WmdmPmSp.dll
[%SYSTEM%]\helpsvc.dll
[%SYSTEM%]\SafeHelper12.dll
[%SYSTEM%]\sdmAgent23.dll
[%SYSTEM%]\sdmAgent30.dll
[%SYSTEM%]\WmdmPmSp.dll
[%WINDOWS%]\Temp\agentretu.ini
[%WINDOWS%]\Temp\liveupdate20.ini
[%WINDOWS%]\Temp\paramslocal.ini

How to detect Likedi:

Files:
[%PROFILE_TEMP%]\lmdm_setup_3.0_303.exe
[%PROGRAM_FILES%]\OpenSource\helpsvc.dll
[%PROGRAM_FILES%]\OpenSource\sdmAgent30.dll
[%PROGRAM_FILES%]\OpenSource\WmdmPmSp.dll
[%SYSTEM%]\helpsvc.dll
[%SYSTEM%]\SafeHelper12.dll
[%SYSTEM%]\sdmAgent23.dll
[%SYSTEM%]\sdmAgent30.dll
[%SYSTEM%]\WmdmPmSp.dll
[%WINDOWS%]\Temp\agentretu.ini
[%WINDOWS%]\Temp\liveupdate20.ini
[%WINDOWS%]\Temp\paramslocal.ini
[%PROFILE_TEMP%]\lmdm_setup_3.0_303.exe
[%PROGRAM_FILES%]\OpenSource\helpsvc.dll
[%PROGRAM_FILES%]\OpenSource\sdmAgent30.dll
[%PROGRAM_FILES%]\OpenSource\WmdmPmSp.dll
[%SYSTEM%]\helpsvc.dll
[%SYSTEM%]\SafeHelper12.dll
[%SYSTEM%]\sdmAgent23.dll
[%SYSTEM%]\sdmAgent30.dll
[%SYSTEM%]\WmdmPmSp.dll
[%WINDOWS%]\Temp\agentretu.ini
[%WINDOWS%]\Temp\liveupdate20.ini
[%WINDOWS%]\Temp\paramslocal.ini

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{3ae06cee-58a6-4f5f-af89-6c5350842f16}
HKEY_CLASSES_ROOT\interface\{7e67bf8e-a866-42a3-88f7-47947f2d7f72}
HKEY_CLASSES_ROOT\safehelper11.cbhosafehlpobject
HKEY_CLASSES_ROOT\safehelper11.cbhosafehlpobject.1
HKEY_CLASSES_ROOT\typelib\{71638d42-66a2-48ed-a4d4-ad8abbdf3d13}
HKEY_LOCAL_MACHINE\software\linkmedia
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{3ae06cee-58a6-4f5f-af89-6c5350842f16}

Removing Likedi:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
HalfLemon Adware Removal instruction
Remove EScorcher Spyware
Grobodoor Trojan Removal
Icemenell Trojan Removal instruction

Posted by at No comments:

Adware.ClickSpring Adware

Removing Adware.ClickSpring
Categories: Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
Adware.ClickSpring Also known as:

[Kaspersky]AdWare.Win32.PurityScan.fn;
[McAfee]Adware-ClickSpring;
[Other]Win32/ClickSpring.EY,Adware.Purityscan,purityscan,Adware:Win32/ClickSpring.PuritySCAN
Visible Symptoms:
Files in system folders:
[%PROFILE_TEMP%]\uninstaller.exe
[%WINDOWS%]\Temp\OA.exe
[%WINDOWS%]\Temp\win10AC.tmp.exe
[%PROFILE_TEMP%]\YazzleBundle-1324.exe
[%PROGRAM_FILES_COMMON%]\Y1324OA.exe
[%PROGRAM_FILES_COMMON%]\Y1324OU.exe
[%SYSTEM%]\wnscpit.exe
[%PROFILE_TEMP%]\uninstaller.exe
[%WINDOWS%]\Temp\OA.exe
[%WINDOWS%]\Temp\win10AC.tmp.exe
[%PROFILE_TEMP%]\YazzleBundle-1324.exe
[%PROGRAM_FILES_COMMON%]\Y1324OA.exe
[%PROGRAM_FILES_COMMON%]\Y1324OU.exe
[%SYSTEM%]\wnscpit.exe

How to detect Adware.ClickSpring:

Files:
[%PROFILE_TEMP%]\uninstaller.exe
[%WINDOWS%]\Temp\OA.exe
[%WINDOWS%]\Temp\win10AC.tmp.exe
[%PROFILE_TEMP%]\YazzleBundle-1324.exe
[%PROGRAM_FILES_COMMON%]\Y1324OA.exe
[%PROGRAM_FILES_COMMON%]\Y1324OU.exe
[%SYSTEM%]\wnscpit.exe
[%PROFILE_TEMP%]\uninstaller.exe
[%WINDOWS%]\Temp\OA.exe
[%WINDOWS%]\Temp\win10AC.tmp.exe
[%PROFILE_TEMP%]\YazzleBundle-1324.exe
[%PROGRAM_FILES_COMMON%]\Y1324OA.exe
[%PROGRAM_FILES_COMMON%]\Y1324OU.exe
[%SYSTEM%]\wnscpit.exe

Registry Keys:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\y1324oin

Removing Adware.ClickSpring:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Remove PSW.QQpass Trojan

Posted by at No comments:

Xmonf Downloader

Removing Xmonf
Categories: Downloader
The downloader either launches the new malware or registers it to enable autorun
according to the local operating system requirements.
Visible Symptoms:
Files in system folders:
[%PROGRAM_FILES_COMMON%]\vcclient\clientupdater.bat
[%PROGRAM_FILES_COMMON%]\vcclient\vcclient.exe
[%PROGRAM_FILES_COMMON%]\vcclient\vcclient.exe.config
[%PROGRAM_FILES_COMMON%]\vcclient\vcmain.exe
[%PROGRAM_FILES_COMMON%]\vcclient\vcupdate.exe
[%PROGRAM_FILES_COMMON%]\vcclient\vcupdate.exe.config
[%PROGRAM_FILES_COMMON%]\svchostsys\svchostsys.exe.config
[%PROGRAM_FILES_COMMON%]\svchostsys\svchostupdate.exe.config
[%PROGRAM_FILES_COMMON%]\VCClient\ClientUpdater.bat
[%PROGRAM_FILES_COMMON%]\VCClient\VCClient.exe
[%PROGRAM_FILES_COMMON%]\VCClient\VCClient.exe.config
[%PROGRAM_FILES_COMMON%]\VCClient\VCMain.exe
[%PROGRAM_FILES_COMMON%]\VCClient\VCUpdate.exe
[%PROGRAM_FILES_COMMON%]\VCClient\VCUpdate.exe.config
[%PROGRAM_FILES%]\common files\vcclient\clientupdater.bat
[%PROGRAM_FILES%]\common files\vcclient\vcclient.exe
[%PROGRAM_FILES%]\common files\vcclient\vcclient.exe.config
[%PROGRAM_FILES%]\common files\vcclient\vcmain.exe
[%PROGRAM_FILES%]\common files\vcclient\vcupdate.exe
[%PROGRAM_FILES%]\common files\vcclient\vcupdate.exe.config
[%PROGRAM_FILES_COMMON%]\vcclient\clientupdater.bat
[%PROGRAM_FILES_COMMON%]\vcclient\vcclient.exe
[%PROGRAM_FILES_COMMON%]\vcclient\vcclient.exe.config
[%PROGRAM_FILES_COMMON%]\vcclient\vcmain.exe
[%PROGRAM_FILES_COMMON%]\vcclient\vcupdate.exe
[%PROGRAM_FILES_COMMON%]\vcclient\vcupdate.exe.config
[%PROGRAM_FILES_COMMON%]\svchostsys\svchostsys.exe.config
[%PROGRAM_FILES_COMMON%]\svchostsys\svchostupdate.exe.config
[%PROGRAM_FILES_COMMON%]\VCClient\ClientUpdater.bat
[%PROGRAM_FILES_COMMON%]\VCClient\VCClient.exe
[%PROGRAM_FILES_COMMON%]\VCClient\VCClient.exe.config
[%PROGRAM_FILES_COMMON%]\VCClient\VCMain.exe
[%PROGRAM_FILES_COMMON%]\VCClient\VCUpdate.exe
[%PROGRAM_FILES_COMMON%]\VCClient\VCUpdate.exe.config
[%PROGRAM_FILES%]\common files\vcclient\clientupdater.bat
[%PROGRAM_FILES%]\common files\vcclient\vcclient.exe
[%PROGRAM_FILES%]\common files\vcclient\vcclient.exe.config
[%PROGRAM_FILES%]\common files\vcclient\vcmain.exe
[%PROGRAM_FILES%]\common files\vcclient\vcupdate.exe
[%PROGRAM_FILES%]\common files\vcclient\vcupdate.exe.config

How to detect Xmonf:

Files:
[%PROGRAM_FILES_COMMON%]\vcclient\clientupdater.bat
[%PROGRAM_FILES_COMMON%]\vcclient\vcclient.exe
[%PROGRAM_FILES_COMMON%]\vcclient\vcclient.exe.config
[%PROGRAM_FILES_COMMON%]\vcclient\vcmain.exe
[%PROGRAM_FILES_COMMON%]\vcclient\vcupdate.exe
[%PROGRAM_FILES_COMMON%]\vcclient\vcupdate.exe.config
[%PROGRAM_FILES_COMMON%]\svchostsys\svchostsys.exe.config
[%PROGRAM_FILES_COMMON%]\svchostsys\svchostupdate.exe.config
[%PROGRAM_FILES_COMMON%]\VCClient\ClientUpdater.bat
[%PROGRAM_FILES_COMMON%]\VCClient\VCClient.exe
[%PROGRAM_FILES_COMMON%]\VCClient\VCClient.exe.config
[%PROGRAM_FILES_COMMON%]\VCClient\VCMain.exe
[%PROGRAM_FILES_COMMON%]\VCClient\VCUpdate.exe
[%PROGRAM_FILES_COMMON%]\VCClient\VCUpdate.exe.config
[%PROGRAM_FILES%]\common files\vcclient\clientupdater.bat
[%PROGRAM_FILES%]\common files\vcclient\vcclient.exe
[%PROGRAM_FILES%]\common files\vcclient\vcclient.exe.config
[%PROGRAM_FILES%]\common files\vcclient\vcmain.exe
[%PROGRAM_FILES%]\common files\vcclient\vcupdate.exe
[%PROGRAM_FILES%]\common files\vcclient\vcupdate.exe.config
[%PROGRAM_FILES_COMMON%]\vcclient\clientupdater.bat
[%PROGRAM_FILES_COMMON%]\vcclient\vcclient.exe
[%PROGRAM_FILES_COMMON%]\vcclient\vcclient.exe.config
[%PROGRAM_FILES_COMMON%]\vcclient\vcmain.exe
[%PROGRAM_FILES_COMMON%]\vcclient\vcupdate.exe
[%PROGRAM_FILES_COMMON%]\vcclient\vcupdate.exe.config
[%PROGRAM_FILES_COMMON%]\svchostsys\svchostsys.exe.config
[%PROGRAM_FILES_COMMON%]\svchostsys\svchostupdate.exe.config
[%PROGRAM_FILES_COMMON%]\VCClient\ClientUpdater.bat
[%PROGRAM_FILES_COMMON%]\VCClient\VCClient.exe
[%PROGRAM_FILES_COMMON%]\VCClient\VCClient.exe.config
[%PROGRAM_FILES_COMMON%]\VCClient\VCMain.exe
[%PROGRAM_FILES_COMMON%]\VCClient\VCUpdate.exe
[%PROGRAM_FILES_COMMON%]\VCClient\VCUpdate.exe.config
[%PROGRAM_FILES%]\common files\vcclient\clientupdater.bat
[%PROGRAM_FILES%]\common files\vcclient\vcclient.exe
[%PROGRAM_FILES%]\common files\vcclient\vcclient.exe.config
[%PROGRAM_FILES%]\common files\vcclient\vcmain.exe
[%PROGRAM_FILES%]\common files\vcclient\vcupdate.exe
[%PROGRAM_FILES%]\common files\vcclient\vcupdate.exe.config

Folders:
[%PROGRAM_FILES_COMMON%]\svchostsys
[%PROGRAM_FILES%]\Common Files\svchostsys

Registry Keys:
HKEY_CURRENT_USER\software\sys_up1

Registry Values:
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run

Removing Xmonf:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
ExeBundle Trojan Removal instruction
IWantSearch Adware Information
Dark.Omen Spyware Information

Posted by at No comments:

Securitvy.dll Trojan

Removing Securitvy.dll
Categories: Trojan,BHO
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
As this information is entered by the user, it is captured by the BHO (Browser Helper Object) and
sent back to the attacker.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.
Visible Symptoms:
Files in system folders:
[%SYSTEM%]\securitvy.dll
[%SYSTEM%]\securitvy.dll

How to detect Securitvy.dll:

Files:
[%SYSTEM%]\securitvy.dll
[%SYSTEM%]\securitvy.dll

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{3f388100-865f-43e3-9a30-b56bb098d927}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{3f388100-865f-43e3-9a30-b56bb098d927}

Removing Securitvy.dll:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Pigeon.EBY Trojan Information
Removing LV Trojan
Removing Frethog.AFL Trojan

Posted by at No comments:

Altnet Trojan

Removing Altnet
Categories: Trojan,Adware
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

Altnet Also known as:

[Panda]Spyware/Altnet
Visible Symptoms:
Files in system folders:
[%PROGRAM_FILES%]\Altnet\Download Manager\adm25.dll
[%SYSTEM%]\adm.exe
[%SYSTEM%]\adm4.dll
[%SYSTEM%]\admdata.dll
[%SYSTEM%]\admdloader.dll
[%SYSTEM%]\admfdi.dll
[%SYSTEM%]\admprog.dll
[%PROGRAM_FILES%]\Altnet\Download Manager\adm25.dll
[%SYSTEM%]\adm.exe
[%SYSTEM%]\adm4.dll
[%SYSTEM%]\admdata.dll
[%SYSTEM%]\admdloader.dll
[%SYSTEM%]\admfdi.dll
[%SYSTEM%]\admprog.dll

How to detect Altnet:

Files:
[%PROGRAM_FILES%]\Altnet\Download Manager\adm25.dll
[%SYSTEM%]\adm.exe
[%SYSTEM%]\adm4.dll
[%SYSTEM%]\admdata.dll
[%SYSTEM%]\admdloader.dll
[%SYSTEM%]\admfdi.dll
[%SYSTEM%]\admprog.dll
[%PROGRAM_FILES%]\Altnet\Download Manager\adm25.dll
[%SYSTEM%]\adm.exe
[%SYSTEM%]\adm4.dll
[%SYSTEM%]\admdata.dll
[%SYSTEM%]\admdloader.dll
[%SYSTEM%]\admfdi.dll
[%SYSTEM%]\admprog.dll

Registry Keys:
HKEY_CLASSES_ROOT\adm.adm
HKEY_CLASSES_ROOT\adm.adm.1
HKEY_CLASSES_ROOT\adm4.adm4
HKEY_CLASSES_ROOT\adm4.adm4.1
HKEY_CLASSES_ROOT\appid\{99a8e2b2-3405-4c0d-9110-131c14caaf62}
HKEY_CURRENT_USER\software\altnet
HKEY_LOCAL_MACHINE\software\altnet
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{4fa2b39b-a7da-983c-68e6-5b095a4118fd}

Removing Altnet:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Crusher Trojan Cleaner
Bancos.GUR Trojan Removal
PD Adware Removal
Quake Trojan Cleaner
Welkom Backdoor Cleaner

Posted by at No comments:

DeepThroat Trojan

Removing DeepThroat
Categories: Trojan,Spyware,Backdoor,RAT,Hacker Tool
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Spyware programs can collect various types of personal information,
such as Internet surfing habit, sites that have been visited,
but can also interfere with user control of the computer in other ways,
such as installing additional software, redirecting Web browser activity,
accessing websites blindly that will cause more harmful viruses,
or diverting advertising revenue to a third party.
Backdoors combine the functionality of most other types of in one package.
Backdoors have one especially dangerous sub-class: variants that can propagate like worms.

Many trojans and backdoors now have remote administration capabilities
allowing an individual to control the victim's computer.
Many times a file called the server must be opened on the victim's computer before
the trojan can have access to it.

These are generally sent through email, P2P file sharing software,
and in internet downloads. They are usually disguised as a legitimate program or file.
Many server files will display a fake error message when opened, to make it seem like it didn't open.
Some will also kill antivirus and firewall software.

Some RAT trojans are pranks that are most likely being controlled by a friend or enemy on
April Fool's day or a holiday. Prank RATS are generally not harmful, and won't log keystrokes or hack.
They usually do whimsical things like flip the screen upside-down, open the CD-ROM tray,
and swap mouse buttons. However, they can be quite hard to remove.
Hacker Tools are designed to penetrate remote computers
in order to use them as zombies or to download other malicious programs to computer.
DeepThroat Also known as:

[Kaspersky]Backdoor.DeepThroat,Backdoor.DeepThroat.b,Backdoor.DeepThroat.e,TrojanDropper.Win32.Joiner.j,Backdoor.DeepThroat.c;
[McAfee]Throat,BackDoor-J,PWS-Y;
[F-Prot]destructive program,Deepthroat.E,Deepthroat.C;
[Panda]Trj/DeepThroat,Trj/DeepThroat.B,Bck/DeepThroat.E,Trj/W32.Joiner.J,Trj/DeepThroat.C.Cl;
[Computer Associates]Backdoor/DeepThroat!Server,Backdoor/DeepThroat.B,Win32.Deepthroat.2x,Backdoor/DeepThroat.E!Server,Win32.DeepThroat.31,Win32/Xcvbnm!Trojan,Backdoor/DeepThroat3_Client,Backdoor/DeepThroat3_Server,Win32.Deepthroat.30

How to detect DeepThroat:

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing DeepThroat:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
CommonName.Browser BHO Removal
Remove Barbie Trojan

Posted by at 1 comment:

SniperSpy Spyware

Removing SniperSpy
Categories: Spyware
Spyware is computer software that is installed surreptitiously on a personal computer
to intercept or take partial control over the user's interaction
with the computer, without the user's informed consent.

While the term spyware suggests software that secretly monitors the user's behavior,
the functions of spyware extend well beyond simple monitoring.

Spyware programs can collect various types of personal information,
such as Internet surfing habit, sites that have been visited,
but can also interfere with user control of the computer in other ways,
such as installing additional software, redirecting Web browser activity,
accessing websites blindly that will cause more harmful viruses,
or diverting advertising revenue to a third party.

Spyware can even change computer settings, resulting in slow connection speeds,
different home pages, and loss of Internet or other programs.
In an attempt to increase the understanding of spyware, a more formal classification
of its included software types is captured under the term privacy-invasive software.
SniperSpy Also known as:

[Kaspersky]Trojan-Spy.Win32.Spenir.h;
[McAfee]Spyware-SniperSpy

How to detect SniperSpy:

Folders:
[%COMMON_PROGRAMS%]\SniperSpy
[%PROGRAM_FILES%]\Retina-X Studios\sniperspy
[%PROGRAM_FILES%]\Retina-X Studios\SniperSpy35

Registry Keys:
HKEY_LOCAL_MACHINE\software\kbrhook
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\sniperspy
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\sniperspy (trial)_is1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\sniperspy trial_is1

Removing SniperSpy:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Remove Badchop Trojan
Monker Adware Removal instruction

Posted by at No comments:

AdvertMen Adware

Removing AdvertMen
Categories: Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

AdvertMen Also known as:

[Kaspersky]AdWare.Win32.AdverMen.a,AdWare.Win32.AdvertMen.a;
[McAfee]Adware-ISTbar;
[Other]Win32/ISTbar.CF,Adware.Advermen,Win32.Istbar.CH,Adware.Advertmen
Visible Symptoms:
Files in system folders:
[%PROFILE_TEMP%]\isinst.exe
[%SYSTEM%]\pushow15.dll
[%SYSTEM%]\pushow19.dll
[%SYSTEM%]\pushow21.dll
[%SYSTEM%]\pushow24.dll
[%SYSTEM%]\pushow39.dll
[%SYSTEM%]\pushow42.dll
[%SYSTEM%]\pushow5.dll
[%SYSTEM%]\pushow53.dll
[%SYSTEM%]\pushow56.dll
[%SYSTEM%]\pushow57.dll
[%SYSTEM%]\pushow8.dll
[%SYSTEM%]\pushow84.dll
[%SYSTEM%]\pushow85.dll
[%SYSTEM%]\pushow86.dll
[%SYSTEM%]\pushow88.dll
[%SYSTEM%]\pushow92.dll
[%SYSTEM%]\pushow97.dll
[%PROFILE_TEMP%]\isinst.exe
[%SYSTEM%]\pushow15.dll
[%SYSTEM%]\pushow19.dll
[%SYSTEM%]\pushow21.dll
[%SYSTEM%]\pushow24.dll
[%SYSTEM%]\pushow39.dll
[%SYSTEM%]\pushow42.dll
[%SYSTEM%]\pushow5.dll
[%SYSTEM%]\pushow53.dll
[%SYSTEM%]\pushow56.dll
[%SYSTEM%]\pushow57.dll
[%SYSTEM%]\pushow8.dll
[%SYSTEM%]\pushow84.dll
[%SYSTEM%]\pushow85.dll
[%SYSTEM%]\pushow86.dll
[%SYSTEM%]\pushow88.dll
[%SYSTEM%]\pushow92.dll
[%SYSTEM%]\pushow97.dll

How to detect AdvertMen:

Files:
[%PROFILE_TEMP%]\isinst.exe
[%SYSTEM%]\pushow15.dll
[%SYSTEM%]\pushow19.dll
[%SYSTEM%]\pushow21.dll
[%SYSTEM%]\pushow24.dll
[%SYSTEM%]\pushow39.dll
[%SYSTEM%]\pushow42.dll
[%SYSTEM%]\pushow5.dll
[%SYSTEM%]\pushow53.dll
[%SYSTEM%]\pushow56.dll
[%SYSTEM%]\pushow57.dll
[%SYSTEM%]\pushow8.dll
[%SYSTEM%]\pushow84.dll
[%SYSTEM%]\pushow85.dll
[%SYSTEM%]\pushow86.dll
[%SYSTEM%]\pushow88.dll
[%SYSTEM%]\pushow92.dll
[%SYSTEM%]\pushow97.dll
[%PROFILE_TEMP%]\isinst.exe
[%SYSTEM%]\pushow15.dll
[%SYSTEM%]\pushow19.dll
[%SYSTEM%]\pushow21.dll
[%SYSTEM%]\pushow24.dll
[%SYSTEM%]\pushow39.dll
[%SYSTEM%]\pushow42.dll
[%SYSTEM%]\pushow5.dll
[%SYSTEM%]\pushow53.dll
[%SYSTEM%]\pushow56.dll
[%SYSTEM%]\pushow57.dll
[%SYSTEM%]\pushow8.dll
[%SYSTEM%]\pushow84.dll
[%SYSTEM%]\pushow85.dll
[%SYSTEM%]\pushow86.dll
[%SYSTEM%]\pushow88.dll
[%SYSTEM%]\pushow92.dll
[%SYSTEM%]\pushow97.dll

Registry Keys:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\advertismen

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall

Removing AdvertMen:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Removing CashToolbar Adware
HungryHands Adware Cleaner
CWS.Time Trojan Removal instruction

Posted by at No comments:

BAT.Paisak Trojan

Removing BAT.Paisak
Categories: Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
BAT.Paisak Also known as:

[Other]BAT/Paisak.A

How to detect BAT.Paisak:

Registry Keys:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\cain & abel v4.2

Registry Values:
HKEY_CURRENT_USER\software\microsoft\windows\shellnoroam\muicache

Removing BAT.Paisak:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Removing Bancos.IFR Trojan
Removing VB.jq Trojan
Pigeon.AVQY Trojan Cleaner
Remove Dosh RAT
IEMonit BHO Removal instruction

Posted by at No comments:

EverAd Adware

Removing EverAd
Categories: Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

How to detect EverAd:

Folders:
[%PROGRAM_FILES_COMMON%]\everad shared
[%PROGRAM_FILES%]\common files\everad shared

Registry Keys:
HKEY_CURRENT_USER\software\everad

Removing EverAd:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
W16.WinVik Trojan Symptoms
Raza.FTP RAT Symptoms

Posted by at No comments:

MediaAccess Trojan

Removing MediaAccess
Categories: Trojan,Adware
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

How to detect MediaAccess:

Folders:
[%PROGRAM_FILES%]\media access

Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-

Removing MediaAccess:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Alvgus Trojan Removal
Agent.ECM Trojan Removal
Rbot.ZZ Worm Symptoms
Remove FPing Trojan

Posted by at No comments:

Robobot Backdoor

Removing Robobot
Categories: Backdoor
Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.

How to detect Robobot:

Registry Keys:
HKEY_CURRENT_USER\swinm

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing Robobot:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
system-processes.com Hijacker Removal instruction
BombSquad Hacker Tool Cleaner
Remove Pigeon.EOW Trojan
Removing System33r.Socks5 Trojan
Removing Powerscan Adware

Posted by at No comments:

ClientMan.DNSRep BHO

Removing ClientMan.DNSRep
Categories: BHO
As this information is entered by the user, it is captured by the BHO (Browser Helper Object) and
sent back to the attacker.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.
Visible Symptoms:
Files in system folders:
[%SYSTEM%]\msdlgk.dll
[%SYSTEM%]\msdlgk.dll

How to detect ClientMan.DNSRep:

Files:
[%SYSTEM%]\msdlgk.dll
[%SYSTEM%]\msdlgk.dll

Removing ClientMan.DNSRep:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
BDirect Trojan Removal instruction

Posted by at No comments:

thecoolpics.net Hijacker

Removing thecoolpics.net
Categories: Hijacker
When the default home page is hijacked, the browser opens to the web page set by the hijacker
instead of the user's designated home page. In some cases, the hijacker may block users from
restoring their desired home page.

How to detect thecoolpics.net:

Registry Values:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main

Removing thecoolpics.net:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Pigeon.AGN Trojan Information
Phishbank.AUG Trojan Removal
HK Trojan Removal
Remove Short Trojan
Adware.ZangoSA Adware Cleaner

Posted by at No comments:

SentryPC Spyware

Removing SentryPC
Categories: Spyware
Spyware is computer software that is installed surreptitiously on a personal computer
to with the computer, without the user's informed consent.
Visible Symptoms:
Files in system folders:
[%WINDOWS%]\sbrowse.exe
[%APPDATA%]\tester-acu.dat
[%SYSTEM%]\acopts.dat
[%SYSTEM%]\ntinvisible.dll
[%SYSTEM%]\tester-acopts.dat
[%WINDOWS%]\acsplash.dat
[%WINDOWS%]\acsystem.dll
[%WINDOWS%]\yahoodll.dll
[%WINDOWS%]\sbrowse.exe
[%APPDATA%]\tester-acu.dat
[%SYSTEM%]\acopts.dat
[%SYSTEM%]\ntinvisible.dll
[%SYSTEM%]\tester-acopts.dat
[%WINDOWS%]\acsplash.dat
[%WINDOWS%]\acsystem.dll
[%WINDOWS%]\yahoodll.dll

How to detect SentryPC:

Files:
[%WINDOWS%]\sbrowse.exe
[%APPDATA%]\tester-acu.dat
[%SYSTEM%]\acopts.dat
[%SYSTEM%]\ntinvisible.dll
[%SYSTEM%]\tester-acopts.dat
[%WINDOWS%]\acsplash.dat
[%WINDOWS%]\acsystem.dll
[%WINDOWS%]\yahoodll.dll
[%WINDOWS%]\sbrowse.exe
[%APPDATA%]\tester-acu.dat
[%SYSTEM%]\acopts.dat
[%SYSTEM%]\ntinvisible.dll
[%SYSTEM%]\tester-acopts.dat
[%WINDOWS%]\acsplash.dat
[%WINDOWS%]\acsystem.dll
[%WINDOWS%]\yahoodll.dll

Folders:
[%APPDATA%]\sacache
[%PROGRAMS%]\sentrypc
[%PROGRAM_FILES%]\sentrypc

Registry Keys:
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\menuorder\start menu\programs\sentrypc

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\sentrypc

Removing SentryPC:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Zlob.LAF Trojan Symptoms
Delf.hd Backdoor Removal instruction
Seventh.son Trojan Cleaner
VB.dj Downloader Cleaner
QQ.Cat RAT Information

Posted by at No comments:

Win32.TrojanDownloader.Agent Trojan

Removing Win32.TrojanDownloader.Agent
Categories: Trojan,Adware,Downloader
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
The downloader either launches the new malware or registers it to enable autorun
according to the local operating system requirements.
Win32.TrojanDownloader.Agent Also known as:

[Kaspersky]TrojanDownloader.Win32.Agent.ab,TrojanDownloader.Win32.Agent.ad;
[Eset]Win32/TrojanDownloader.Agent.H trojan,Win32/TrojanDownloader.Agent.BF trojan;
[Panda]Adware/SpywareNuker,Adware/BlazeFind,Adware/WUpd,Dialer.LS
Visible Symptoms:
Files in system folders:
[%SYSTEM%]\winupdt.001
[%WINDOWS%]\temp\phg16189.exe
[%SYSTEM%]\winupdt.001
[%WINDOWS%]\temp\phg16189.exe

How to detect Win32.TrojanDownloader.Agent:

Files:
[%SYSTEM%]\winupdt.001
[%WINDOWS%]\temp\phg16189.exe
[%SYSTEM%]\winupdt.001
[%WINDOWS%]\temp\phg16189.exe

Folders:
[%PROGRAM_FILES%]\windupdates

Removing Win32.TrojanDownloader.Agent:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
ClientMan.2in1 BHO Information
Remove Kidda Adware
CDNHelper Adware Removal
Vxidl.AIB Trojan Removal
Stoaqastell.dll BHO Removal instruction

Posted by at No comments:

AntiSpyPro Ransomware

Removing AntiSpyPro
Categories: Ransomware
The term ransomware is commonly used to describe such software,
although the field known as cryptovirology predates the term "ransomware".

This type of ransom attack can be accomplished by (for example) attaching
a specially crafted file/program to an e-mail message and sending this to the victim.
Visible Symptoms:
Files in system folders:
[%PROFILE%]\Desktop\AntiSpy Pro 2.4.lnk
[%PROFILE%]\Start Menu\Programs\AntiSpy Pro 2.4.lnk
[%PROFILE%]\Desktop\AntiSpy Pro 2.4.lnk
[%PROFILE%]\Start Menu\Programs\AntiSpy Pro 2.4.lnk

How to detect AntiSpyPro:

Files:
[%PROFILE%]\Desktop\AntiSpy Pro 2.4.lnk
[%PROFILE%]\Start Menu\Programs\AntiSpy Pro 2.4.lnk
[%PROFILE%]\Desktop\AntiSpy Pro 2.4.lnk
[%PROFILE%]\Start Menu\Programs\AntiSpy Pro 2.4.lnk

Folders:
[%PROGRAM_FILES%]\AntiSpyPro

Registry Keys:
HKEY_CURRENT_USER\software\antispy-pro
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\antispy pro

Removing AntiSpyPro:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Allsum.5bk Trojan Information
Pigeon.ELW Trojan Cleaner
Inud Trojan Removal instruction

Posted by at No comments:

MiniKeyLog Trojan

Removing MiniKeyLog
Categories: Trojan,Spyware
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Spyware can even change computer settings, resulting in slow connection speeds,
different home pages, and loss of Internet or other programs.
In an attempt to increase the understanding of spyware, a more formal classification
of its included software types is captured under the term privacy-invasive software.
MiniKeyLog Also known as:

[Kaspersky]TrojanSpy.Win32.MiniKeyLog.21;
[Panda]Trojan Horse;
[Computer Associates]Win32/MiniKeyLog.21!Spy!Trojan
Visible Symptoms:
Files in system folders:
[%SYSTEM%]\mklmon10.dll
[%SYSTEM%]\mklmon20.dll
[%SYSTEM%]\mklmon32.dat
[%SYSTEM%]\mklmon32.dll
[%SYSTEM%]\mklmon32.exe
[%WINDOWS%]\mklsav.ini
[%SYSTEM%]\mklmon10.dll
[%SYSTEM%]\mklmon20.dll
[%SYSTEM%]\mklmon32.dat
[%SYSTEM%]\mklmon32.dll
[%SYSTEM%]\mklmon32.exe
[%WINDOWS%]\mklsav.ini

How to detect MiniKeyLog:

Files:
[%SYSTEM%]\mklmon10.dll
[%SYSTEM%]\mklmon20.dll
[%SYSTEM%]\mklmon32.dat
[%SYSTEM%]\mklmon32.dll
[%SYSTEM%]\mklmon32.exe
[%WINDOWS%]\mklsav.ini
[%SYSTEM%]\mklmon10.dll
[%SYSTEM%]\mklmon20.dll
[%SYSTEM%]\mklmon32.dat
[%SYSTEM%]\mklmon32.dll
[%SYSTEM%]\mklmon32.exe
[%WINDOWS%]\mklsav.ini

Folders:
[%SYSTEM%]\mkldat

Registry Keys:
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_mklmonservice
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\mklmonservice

Removing MiniKeyLog:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
ScreenNameHackerV1 Trojan Information
Removing FirstCash.Websearch Adware
Removing Video ActiveX Object Trojan

Posted by at No comments:

Adware.ZangoSA Adware

Removing Adware.ZangoSA
Categories: Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
Adware.ZangoSA Also known as:

[McAfee]Adware-ZangoSA;
[Other]Adware.ZangoSearch
Visible Symptoms:
Files in system folders:
[%PROFILE_TEMP%]\~nsu.tmp\Au_.exe
[%PROGRAM_FILES%]\ZangoToolbar\Bin\ZbUninst.exe
[%PROGRAM_FILES%]\zango\zango.exe
[%PROFILE_TEMP%]\~nsu.tmp\Au_.exe
[%PROGRAM_FILES%]\ZangoToolbar\Bin\ZbUninst.exe
[%PROGRAM_FILES%]\zango\zango.exe

How to detect Adware.ZangoSA:

Files:
[%PROFILE_TEMP%]\~nsu.tmp\Au_.exe
[%PROGRAM_FILES%]\ZangoToolbar\Bin\ZbUninst.exe
[%PROGRAM_FILES%]\zango\zango.exe
[%PROFILE_TEMP%]\~nsu.tmp\Au_.exe
[%PROGRAM_FILES%]\ZangoToolbar\Bin\ZbUninst.exe
[%PROGRAM_FILES%]\zango\zango.exe

Removing Adware.ZangoSA:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Myss Trojan Removal

Posted by at No comments:

Be Trojan

Removing Be
Categories: Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Be Also known as:

[Kaspersky]Trojan.Win32.BHO.be;
[Eset]Combat.1644 virus;
[Computer Associates]Be-1644;
[Other]W32/BHO.TP,TROJ_BHO.GZ,Trojan.BHO.be,Trojan Horse
Visible Symptoms:
Files in system folders:
[%WINDOWS%]\Media\910F41.dll
[%WINDOWS%]\Media\910F41.dll

How to detect Be:

Files:
[%WINDOWS%]\Media\910F41.dll
[%WINDOWS%]\Media\910F41.dll

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{c666cf63-767f-4831-94ac-e683d962c63c}

Removing Be:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Removing SurferBar Trojan
Bancos.GLT Trojan Information
Pigeon.ACH Trojan Symptoms

Posted by at No comments:

Odysseusmarketing Adware

Removing Odysseusmarketing
Categories: Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits

How to detect Odysseusmarketing:

Registry Values:
HKEY_CLASSES_ROOT\appid\actsetup.dll

Removing Odysseusmarketing:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Email.Spy.Pro Spyware Cleaner
Bancos.IGB Trojan Cleaner
Removing Pigeon.EXB Trojan

Posted by at No comments:

Monkey Trojan

Removing Monkey
Categories: Trojan,Backdoor,Downloader,DoS
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
They function in the same way as legal remote administration programs used by system administrators.
This makes them difficult to detect.

Backdoors are installed and launched without the consent of the user of computer.
Often the backdoor will not be visible in the log of active programs.

Once a backdoor has been successfully launched, the computer is wide open.
Backdoor functions can include:


  • Launching/ deleting files

  • Sending/ receiving files

  • Deleting data

  • Displaying notification

  • Rebooting the machine

  • Executing files




Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.
Backdoors combine the functionality of most other types of in one package.

Backdoors have one especially dangerous sub-class: variants that can propagate like worms.
Trojans-downloaders downloads and installs new malware or adware on the computer.

These programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.

DoS trojans conduct such attacks from a single computer with the consent of the user.

Worms can carry a DoS procedure as part of their payload.
Monkey Also known as:

[Kaspersky]Monkey.b2;
[Panda]Monkey B
Visible Symptoms:
Files in system folders:
[%COMMON_FAVORITES%]\Download Free Spyware Remover.url
[%COMMON_FAVORITES%]\NEW VIAGRA at Half Price!.url
[%COMMON_FAVORITES%]\Online Chat With Nude Girls.url
[%COMMON_FAVORITES%]\Online Pharmacy\CHEAPEST VIAGRA ONLINE.url
[%COMMON_FAVORITES%]\Online Pharmacy\Cialis at HALF PRICE!.url
[%COMMON_FAVORITES%]\Online Pharmacy\Fast Way To Loose Your Weight!.url
[%COMMON_FAVORITES%]\Online Pharmacy\Guaranteed low price at Pills..url
[%COMMON_FAVORITES%]\Online Pharmacy\SOMA at Special LOW PRICE.url
[%COMMON_FAVORITES%]\Online Pharmacy\Tramadol Special Offer!.url
[%COMMON_FAVORITES%]\Online Pharmacy\Try New VIAGRA! Works Faster and Longer!.url
[%COMMON_FAVORITES%]\Order CIALIS online without leaving home..url
[%COMMON_FAVORITES%]\PC protection in under 2 minutes!.url
[%COMMON_FAVORITES%]\Sex and Dating\Meet Girls Who Want To Get Laid!.url
[%COMMON_FAVORITES%]\Sex and Dating\Meet Horny Girls In Your Area!.url
[%COMMON_FAVORITES%]\Sex and Dating\Read profiles and Chat With Nude Girls!.url
[%COMMON_FAVORITES%]\Sex and Dating\SEX Dating - people looking for SEX.url
[%COMMON_FAVORITES%]\Sex and Dating\View XXX photos of Real Sexy Girls..url
[%COMMON_FAVORITES%]\SEX Dating - Real Girls For Real SEX.url
[%COMMON_FAVORITES%]\Spyware Uninstall\Easy Detect and Uninstall Spyware..url
[%COMMON_FAVORITES%]\Spyware Uninstall\Free Spyware Scanner..url
[%COMMON_FAVORITES%]\Spyware Uninstall\Search & Destroy Annoying Adware..url
[%COMMON_FAVORITES%]\Spyware Uninstall\Stop PopUps on your PC..url
[%COMMON_FAVORITES%]\Stop PopUps On Your Computer.url
[%COMMON_FAVORITES%]\VIAGRA at incredible low price. Bonus Pills!.url
[%COMMON_FAVORITES%]\View ADULT photos of REAL GIRLS!.url
[%SYSTEM%]\cidft.dll
[%SYSTEM%]\cidpoq32.dll
[%SYSTEM%]\gupd.dll
[%SYSTEM%]\icqrt.dll
[%SYSTEM%]\icvbr.dll
[%SYSTEM%]\sdfup.dll
[%SYSTEM%]\toolband.dll
[%SYSTEM%]\wecxg32.dll
[%SYSTEM%]\xcwer32.dll
[%SYSTEM%]\zxmsn.dll
[%WINDOWS%]\olehelp.exe
[%COMMON_FAVORITES%]\Download Free Spyware Remover.url
[%COMMON_FAVORITES%]\NEW VIAGRA at Half Price!.url
[%COMMON_FAVORITES%]\Online Chat With Nude Girls.url
[%COMMON_FAVORITES%]\Online Pharmacy\CHEAPEST VIAGRA ONLINE.url
[%COMMON_FAVORITES%]\Online Pharmacy\Cialis at HALF PRICE!.url
[%COMMON_FAVORITES%]\Online Pharmacy\Fast Way To Loose Your Weight!.url
[%COMMON_FAVORITES%]\Online Pharmacy\Guaranteed low price at Pills..url
[%COMMON_FAVORITES%]\Online Pharmacy\SOMA at Special LOW PRICE.url
[%COMMON_FAVORITES%]\Online Pharmacy\Tramadol Special Offer!.url
[%COMMON_FAVORITES%]\Online Pharmacy\Try New VIAGRA! Works Faster and Longer!.url
[%COMMON_FAVORITES%]\Order CIALIS online without leaving home..url
[%COMMON_FAVORITES%]\PC protection in under 2 minutes!.url
[%COMMON_FAVORITES%]\Sex and Dating\Meet Girls Who Want To Get Laid!.url
[%COMMON_FAVORITES%]\Sex and Dating\Meet Horny Girls In Your Area!.url
[%COMMON_FAVORITES%]\Sex and Dating\Read profiles and Chat With Nude Girls!.url
[%COMMON_FAVORITES%]\Sex and Dating\SEX Dating - people looking for SEX.url
[%COMMON_FAVORITES%]\Sex and Dating\View XXX photos of Real Sexy Girls..url
[%COMMON_FAVORITES%]\SEX Dating - Real Girls For Real SEX.url
[%COMMON_FAVORITES%]\Spyware Uninstall\Easy Detect and Uninstall Spyware..url
[%COMMON_FAVORITES%]\Spyware Uninstall\Free Spyware Scanner..url
[%COMMON_FAVORITES%]\Spyware Uninstall\Search & Destroy Annoying Adware..url
[%COMMON_FAVORITES%]\Spyware Uninstall\Stop PopUps on your PC..url
[%COMMON_FAVORITES%]\Stop PopUps On Your Computer.url
[%COMMON_FAVORITES%]\VIAGRA at incredible low price. Bonus Pills!.url
[%COMMON_FAVORITES%]\View ADULT photos of REAL GIRLS!.url
[%SYSTEM%]\cidft.dll
[%SYSTEM%]\cidpoq32.dll
[%SYSTEM%]\gupd.dll
[%SYSTEM%]\icqrt.dll
[%SYSTEM%]\icvbr.dll
[%SYSTEM%]\sdfup.dll
[%SYSTEM%]\toolband.dll
[%SYSTEM%]\wecxg32.dll
[%SYSTEM%]\xcwer32.dll
[%SYSTEM%]\zxmsn.dll
[%WINDOWS%]\olehelp.exe

How to detect Monkey:

Files:
[%COMMON_FAVORITES%]\Download Free Spyware Remover.url
[%COMMON_FAVORITES%]\NEW VIAGRA at Half Price!.url
[%COMMON_FAVORITES%]\Online Chat With Nude Girls.url
[%COMMON_FAVORITES%]\Online Pharmacy\CHEAPEST VIAGRA ONLINE.url
[%COMMON_FAVORITES%]\Online Pharmacy\Cialis at HALF PRICE!.url
[%COMMON_FAVORITES%]\Online Pharmacy\Fast Way To Loose Your Weight!.url
[%COMMON_FAVORITES%]\Online Pharmacy\Guaranteed low price at Pills..url
[%COMMON_FAVORITES%]\Online Pharmacy\SOMA at Special LOW PRICE.url
[%COMMON_FAVORITES%]\Online Pharmacy\Tramadol Special Offer!.url
[%COMMON_FAVORITES%]\Online Pharmacy\Try New VIAGRA! Works Faster and Longer!.url
[%COMMON_FAVORITES%]\Order CIALIS online without leaving home..url
[%COMMON_FAVORITES%]\PC protection in under 2 minutes!.url
[%COMMON_FAVORITES%]\Sex and Dating\Meet Girls Who Want To Get Laid!.url
[%COMMON_FAVORITES%]\Sex and Dating\Meet Horny Girls In Your Area!.url
[%COMMON_FAVORITES%]\Sex and Dating\Read profiles and Chat With Nude Girls!.url
[%COMMON_FAVORITES%]\Sex and Dating\SEX Dating - people looking for SEX.url
[%COMMON_FAVORITES%]\Sex and Dating\View XXX photos of Real Sexy Girls..url
[%COMMON_FAVORITES%]\SEX Dating - Real Girls For Real SEX.url
[%COMMON_FAVORITES%]\Spyware Uninstall\Easy Detect and Uninstall Spyware..url
[%COMMON_FAVORITES%]\Spyware Uninstall\Free Spyware Scanner..url
[%COMMON_FAVORITES%]\Spyware Uninstall\Search & Destroy Annoying Adware..url
[%COMMON_FAVORITES%]\Spyware Uninstall\Stop PopUps on your PC..url
[%COMMON_FAVORITES%]\Stop PopUps On Your Computer.url
[%COMMON_FAVORITES%]\VIAGRA at incredible low price. Bonus Pills!.url
[%COMMON_FAVORITES%]\View ADULT photos of REAL GIRLS!.url
[%SYSTEM%]\cidft.dll
[%SYSTEM%]\cidpoq32.dll
[%SYSTEM%]\gupd.dll
[%SYSTEM%]\icqrt.dll
[%SYSTEM%]\icvbr.dll
[%SYSTEM%]\sdfup.dll
[%SYSTEM%]\toolband.dll
[%SYSTEM%]\wecxg32.dll
[%SYSTEM%]\xcwer32.dll
[%SYSTEM%]\zxmsn.dll
[%WINDOWS%]\olehelp.exe
[%COMMON_FAVORITES%]\Download Free Spyware Remover.url
[%COMMON_FAVORITES%]\NEW VIAGRA at Half Price!.url
[%COMMON_FAVORITES%]\Online Chat With Nude Girls.url
[%COMMON_FAVORITES%]\Online Pharmacy\CHEAPEST VIAGRA ONLINE.url
[%COMMON_FAVORITES%]\Online Pharmacy\Cialis at HALF PRICE!.url
[%COMMON_FAVORITES%]\Online Pharmacy\Fast Way To Loose Your Weight!.url
[%COMMON_FAVORITES%]\Online Pharmacy\Guaranteed low price at Pills..url
[%COMMON_FAVORITES%]\Online Pharmacy\SOMA at Special LOW PRICE.url
[%COMMON_FAVORITES%]\Online Pharmacy\Tramadol Special Offer!.url
[%COMMON_FAVORITES%]\Online Pharmacy\Try New VIAGRA! Works Faster and Longer!.url
[%COMMON_FAVORITES%]\Order CIALIS online without leaving home..url
[%COMMON_FAVORITES%]\PC protection in under 2 minutes!.url
[%COMMON_FAVORITES%]\Sex and Dating\Meet Girls Who Want To Get Laid!.url
[%COMMON_FAVORITES%]\Sex and Dating\Meet Horny Girls In Your Area!.url
[%COMMON_FAVORITES%]\Sex and Dating\Read profiles and Chat With Nude Girls!.url
[%COMMON_FAVORITES%]\Sex and Dating\SEX Dating - people looking for SEX.url
[%COMMON_FAVORITES%]\Sex and Dating\View XXX photos of Real Sexy Girls..url
[%COMMON_FAVORITES%]\SEX Dating - Real Girls For Real SEX.url
[%COMMON_FAVORITES%]\Spyware Uninstall\Easy Detect and Uninstall Spyware..url
[%COMMON_FAVORITES%]\Spyware Uninstall\Free Spyware Scanner..url
[%COMMON_FAVORITES%]\Spyware Uninstall\Search & Destroy Annoying Adware..url
[%COMMON_FAVORITES%]\Spyware Uninstall\Stop PopUps on your PC..url
[%COMMON_FAVORITES%]\Stop PopUps On Your Computer.url
[%COMMON_FAVORITES%]\VIAGRA at incredible low price. Bonus Pills!.url
[%COMMON_FAVORITES%]\View ADULT photos of REAL GIRLS!.url
[%SYSTEM%]\cidft.dll
[%SYSTEM%]\cidpoq32.dll
[%SYSTEM%]\gupd.dll
[%SYSTEM%]\icqrt.dll
[%SYSTEM%]\icvbr.dll
[%SYSTEM%]\sdfup.dll
[%SYSTEM%]\toolband.dll
[%SYSTEM%]\wecxg32.dll
[%SYSTEM%]\xcwer32.dll
[%SYSTEM%]\zxmsn.dll
[%WINDOWS%]\olehelp.exe

Folders:
[%COMMON_FAVORITES%]\Online Pharmacy
[%COMMON_FAVORITES%]\Sex and Dating
[%COMMON_FAVORITES%]\Spyware Uninstall

Registry Keys:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00110011-4b0b-44d5-9718-90c88817369b}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{086ae192-23a6-48d6-96ec-715f53797e85}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{150fa160-130d-451f-b863-b655061432ba}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb1}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb2}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2d38a51a-23c9-48a1-a33c-48675aa2b494}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E9CAFF6-30C7-4208-8807-E79D4EC6F806}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CF021F40-3E14-23A5-CBA2-717765721306}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7AFFF2A-1B57-49C7-BF6B-E5123394C970}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ff1bf4c7-4e08-4a28-a43f-9d60a9f7a880}

Removing Monkey:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Ehg.Oreilly.hitbox Tracking Cookie Removal instruction

Posted by at No comments:

TrojanClicker.Win32.Ipons Trojan

Removing TrojanClicker.Win32.Ipons
Categories: Trojan,Adware
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

TrojanClicker.Win32.Ipons Also known as:

[Panda]Trj/Ratwu.B
Visible Symptoms:
Files in system folders:
[%PROGRAM_FILES%]\syslaunch.exe
[%PROGRAM_FILES%]\syslaunch.exe

How to detect TrojanClicker.Win32.Ipons:

Files:
[%PROGRAM_FILES%]\syslaunch.exe
[%PROGRAM_FILES%]\syslaunch.exe

Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Removing TrojanClicker.Win32.Ipons:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
MMPutt Trojan Removal
TrojanDownloader.Win32.Small.oj Trojan Symptoms
SpyAssault Hijacker Symptoms

Posted by at No comments:

H04x3r.Telnet.Server Trojan

Removing H04x3r.Telnet.Server
Categories: Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

How to detect H04x3r.Telnet.Server:

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing H04x3r.Telnet.Server:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
FileKA Trojan Information
MSN.Corruption Backdoor Cleaner
Remove iconinstaller Trojan
Removing Clear.Search Hijacker

Posted by at No comments:

Agent.cl Trojan

Removing Agent.cl
Categories: Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

How to detect Agent.cl:

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{5a5b6916-ed71-4531-8018-e792dd44156e}
HKEY_CLASSES_ROOT\dll.dllbho
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{5a5b6916-ed71-4531-8018-e792dd44156e}

Removing Agent.cl:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Voonda Toolbar Cleaner

Posted by at No comments:

Double.Helix Backdoor

Removing Double.Helix
Categories: Backdoor
Backdoors combine the functionality of most other types of in one package.
Backdoors have one especially dangerous sub-class: variants that can propagate like worms.

Visible Symptoms:
Files in system folders:
[%WINDOWS%]\system\double helix.exe
[%WINDOWS%]\system\double helix.exe

How to detect Double.Helix:

Files:
[%WINDOWS%]\system\double helix.exe
[%WINDOWS%]\system\double helix.exe

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices

Removing Double.Helix:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
SillyDl.DCV Trojan Symptoms
Remove Moke Adware
Domcom Backdoor Symptoms
Qoologic Trojan Removal instruction
Natas Trojan Removal

Posted by at No comments:

Search.Assistant Adware

Removing Search.Assistant
Categories: Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
Search.Assistant Also known as:

[Panda]Adware/BlazeFind
Visible Symptoms:
Files in system folders:
[%PROGRAM_FILES%]\WindowsSA\LIBCURL.dll
[%PROGRAM_FILES%]\WindowsSA\omniscient.exe
[%PROGRAM_FILES%]\WindowsSA\OmniscientHook.dll
[%SYSTEM%]\wsaupdater.exe
[%WINDOWS%]\cerbmod.dll
[%PROGRAM_FILES%]\WindowsSA\LIBCURL.dll
[%PROGRAM_FILES%]\WindowsSA\omniscient.exe
[%PROGRAM_FILES%]\WindowsSA\OmniscientHook.dll
[%SYSTEM%]\wsaupdater.exe
[%WINDOWS%]\cerbmod.dll

How to detect Search.Assistant:

Files:
[%PROGRAM_FILES%]\WindowsSA\LIBCURL.dll
[%PROGRAM_FILES%]\WindowsSA\omniscient.exe
[%PROGRAM_FILES%]\WindowsSA\OmniscientHook.dll
[%SYSTEM%]\wsaupdater.exe
[%WINDOWS%]\cerbmod.dll
[%PROGRAM_FILES%]\WindowsSA\LIBCURL.dll
[%PROGRAM_FILES%]\WindowsSA\omniscient.exe
[%PROGRAM_FILES%]\WindowsSA\OmniscientHook.dll
[%SYSTEM%]\wsaupdater.exe
[%WINDOWS%]\cerbmod.dll

Folders:
[%PROGRAM_FILES%]\windowssa

Registry Keys:
HKEY_CLASSES_ROOT\appid\searchhelp.dll
HKEY_CLASSES_ROOT\clsid\{0f9561d0-03b2-44a3-89a6-e95e417cba25}
HKEY_CLASSES_ROOT\interface\{491be5b7-a7f8-40ec-aad4-cba11fdfd814}
HKEY_CLASSES_ROOT\searchhelp
HKEY_CLASSES_ROOT\typelib\{29358aa6-679d-44ea-8a51-59a3c6e6f811}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{0f9561d0-03b2-44a3-89a6-e95e417cba25}

Registry Values:
HKEY_CURRENT_USER\software\microsoft\search assistant
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\software\microsoft\search assistant
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing Search.Assistant:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Pigeon.AVQW Trojan Removal instruction
SingaRaja Hacker Tool Symptoms

Posted by at No comments:

Win32.Agent.an Trojan

Removing Win32.Agent.an
Categories: Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Win32.Agent.an Also known as:

[Other]Troj/Agent-BO,Adware.Nafaoz,W32/Agent.HNY
Visible Symptoms:
Files in system folders:
[%SYSTEM%]\drivers\audiox
[%SYSTEM%]\WINLOG0N.EXE
[%SYSTEM%]\drivers\audiox
[%SYSTEM%]\WINLOG0N.EXE

How to detect Win32.Agent.an:

Files:
[%SYSTEM%]\drivers\audiox
[%SYSTEM%]\WINLOG0N.EXE
[%SYSTEM%]\drivers\audiox
[%SYSTEM%]\WINLOG0N.EXE

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing Win32.Agent.an:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Pigeon.AVRY Trojan Removal
AtomWire Adware Cleaner

Posted by at No comments:

BadBoh BHO

Removing BadBoh
Categories: BHO
As this information is entered by the user, it is captured by the BHO (Browser Helper Object) and
sent back to the attacker.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.
BadBoh Also known as:

[Other]Win32/BadBoh,Win32/BadBoh.A

How to detect BadBoh:

Registry Values:
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer

Removing BadBoh:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Remove AlwaysUpdateNews Adware
Remove Supreme Adware
Generic.Keylog Spyware Cleaner
Zlob.Fam.Video Access ActiveX Object Trojan Removal

Posted by at No comments:

SillyDl.ARJ Downloader

Removing SillyDl.ARJ
Categories: Downloader
The downloader either launches the new malware or registers it to enable autorun
according to the local operating system requirements.
SillyDl.ARJ Also known as:

[Other]Win32/SillyDl.ARJ,Troj/SmDldr-Gen

How to detect SillyDl.ARJ:

Registry Keys:
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wdntg4
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_njudpe4
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\njudpe4

Removing SillyDl.ARJ:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Goldun.ar Spyware Removal instruction

Posted by at No comments:

Back.Find Trojan

Removing Back.Find
Categories: Trojan,Downloader
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Trojans-downloaders downloads and installs new malware or adware on the computer.

Back.Find Also known as:

[Kaspersky]Trojan.Loader.SAD.6288,Trojan.Off.b,Trojan.Off.a,Trojan.Jackel,Trojan.Jackel.b,Trojan.Loader.E-evil;
[Eset]_MX trojan,Off.B trojan,Off.A trojan;
[McAfee]Back Find,Earthquake;
[F-Prot]destructive program;
[Panda]Trj/Eras,Trj/SWAT,Trj/Jackel.b;
[Computer Associates]Jackel,Jackel.b,PressEnter!Trojan,F-Off.Trojan,Search_and_Destroj!Trojan,Buffett!Trojan,HllP.Jackel,Electronic_Evil
Visible Symptoms:
Files in system folders:
[%SYSTEM%]\grwinsthlp.exe
[%SYSTEM%]\grwinsthlp.exe

How to detect Back.Find:

Files:
[%SYSTEM%]\grwinsthlp.exe
[%SYSTEM%]\grwinsthlp.exe

Removing Back.Find:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Catch.Cheat Spyware Information
Vxidl.AUU Trojan Removal

Posted by at No comments:
Subscribe to: Posts (Atom)