Saturday, November 29, 2008

DioCleaner Ransomware

Removing DioCleaner
Categories: Ransomware
The term ransomware is commonly used to describe such software,
although the field known as cryptovirology predates the term "ransomware".

This type of ransom attack can be accomplished by (for example) attaching
a specially crafted file/program to an e-mail message and sending this to the victim.
Visible Symptoms:
Files in system folders:
[%COMMON_DESKTOPDIRECTORY%]\DioCleaner.lnk
[%COMMON_DESKTOPDIRECTORY%]\DioCleaner.lnk

How to detect DioCleaner:

Files:
[%COMMON_DESKTOPDIRECTORY%]\DioCleaner.lnk
[%COMMON_DESKTOPDIRECTORY%]\DioCleaner.lnk

Folders:
[%COMMON_PROGRAMS%]\DioCleaner
[%PROGRAM_FILES%]\DioCleaner

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{d5b0c56c-e939-4993-9010-3be32d9163cd}
HKEY_CLASSES_ROOT\clsid\{ea201c93-f34a-47a5-b65d-aa7c95068e92}
HKEY_CLASSES_ROOT\dc_ie_monitor.ie_monitor
HKEY_CLASSES_ROOT\interface\{d18db3f1-dc9f-4e68-8463-bd325523ae33}
HKEY_CLASSES_ROOT\interface\{efbd98b0-0c01-4325-85f8-5e791ab33570}
HKEY_CLASSES_ROOT\mdreg.clsreg
HKEY_CLASSES_ROOT\typelib\{c8ebbffa-881d-4f15-9d29-7435462e4294}
HKEY_CLASSES_ROOT\typelib\{d8a90d98-5f46-4e7d-b1e3-58c57564d9dc}
HKEY_LOCAL_MACHINE\software\diocleaner
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{d5b0c56c-e939-4993-9010-3be32d9163cd}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\diocleaner

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing DioCleaner:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
TcpIpMon Adware Symptoms
Remove Pigeon.AVQD Trojan

Posted by at No comments:

CamKing RAT

Removing CamKing
Categories: RAT
Many trojans and backdoors now have remote administration capabilities
allowing an individual to control the victim's computer.
Many times a file called the server must be opened on the victim's computer before
the trojan can have access to it.

These are generally sent through email, P2P file sharing software,
and in internet downloads. They are usually disguised as a legitimate program or file.
Many server files will display a fake error message when opened, to make it seem like it didn't open.
Some will also kill antivirus and firewall software.
Visible Symptoms:
Files in system folders:
[%WINDOWS%]\osloader.exe
[%WINDOWS%]\osloader.exe

How to detect CamKing:

Files:
[%WINDOWS%]\osloader.exe
[%WINDOWS%]\osloader.exe

Removing CamKing:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
WinBo32 Trojan Symptoms
Svk Trojan Information
BrowserPal BHO Removal
Removing Zlob.ad Downloader

Posted by at No comments:

MiniBackLash Backdoor

Removing MiniBackLash
Categories: Backdoor,RAT,Hacker Tool
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
Often the backdoor will not be visible in the log of active programs.
Many trojans and backdoors now have remote administration capabilities
allowing an individual to control the victim's computer.
Many times a file called the server must be opened on the victim's computer before
the trojan can have access to it.

These are generally sent through email, P2P file sharing software,
and in internet downloads. They are usually disguised as a legitimate program or file.
Many server files will display a fake error message when opened, to make it seem like it didn't open.
Some will also kill antivirus and firewall software.

Some RAT trojans are pranks that are most likely being controlled by a friend or enemy on
April Fool's day or a holiday. Prank RATS are generally not harmful, and won't log keystrokes or hack.
They usually do whimsical things like flip the screen upside-down, open the CD-ROM tray,
and swap mouse buttons. However, they can be quite hard to remove.
Hacker Tools are designed to penetrate remote computers
in order to use them as zombies or to download other malicious programs to computer.
MiniBackLash Also known as:

[Kaspersky]Backdoor.Minilash.10.a,Backdoor.Minilash.10.b;
[McAfee]BackDoor-KY;
[F-Prot]security risk or a "backdoor" program;
[Panda]Bck/MiniBackLash.10A,Bck/MiniBackLash.10b;
[Computer Associates]Backdoor/Minilash.10,Backdoor/Minilash.10.A,Backdoor/Backlash!Server,Backdoor/Minil.10_B!Server
Visible Symptoms:
Files in system folders:
[%WINDOWS%]\d3dloader.exe
[%WINDOWS%]\system\pddt.dat
[%WINDOWS%]\d3dloader.exe
[%WINDOWS%]\system\pddt.dat

How to detect MiniBackLash:

Files:
[%WINDOWS%]\d3dloader.exe
[%WINDOWS%]\system\pddt.dat
[%WINDOWS%]\d3dloader.exe
[%WINDOWS%]\system\pddt.dat

Removing MiniBackLash:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Remove Antivirus.Gold Adware

Posted by at No comments:

DefaultSearch.SeekSeek BHO

Removing DefaultSearch.SeekSeek
Categories: BHO,Toolbar
As this information is entered by the user, it is captured by the BHO (Browser Helper Object) and
sent back to the attacker.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.Toolbar presents itself as a helpful add-on for Internet Explorer but it is a real pest.
DefaultSearch.SeekSeek Also known as:

[Panda]Adware/PortalScan
Visible Symptoms:
Files in system folders:
[%WINDOWS%]\ieasst.dll
[%WINDOWS%]\ieasst.dll

How to detect DefaultSearch.SeekSeek:

Files:
[%WINDOWS%]\ieasst.dll
[%WINDOWS%]\ieasst.dll

Removing DefaultSearch.SeekSeek:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Senna.Spy Backdoor Removal
Remove Bagle.cj Trojan
Vxidl.BDD Trojan Symptoms

Posted by at No comments:

Glupzy Trojan

Removing Glupzy
Categories: Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Glupzy Also known as:

[Kaspersky]Trojan.Win32.Disabler,Trojan.Win32.Disabler.i;
[McAfee]Backdoor-DIY;
[Other]Win32/Glupzy,Backdoor.Glupzy,Win32/Glupzy.A

How to detect Glupzy:

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing Glupzy:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Removing Talpalk Trojan
Remove GCDoor Trojan
Remove TTC Adware
AVirt.Mail.Server.3a.Remote.Oveflow Trojan Cleaner

Posted by at No comments:

SillyDl.DNT Trojan

Removing SillyDl.DNT
Categories: Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
SillyDl.DNT Also known as:

[Kaspersky]Trojan-Downloader.Win32.Agent.gfv

How to detect SillyDl.DNT:

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing SillyDl.DNT:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Pipown Trojan Information

Posted by at No comments:

DigitalSpawn Trojan

Removing DigitalSpawn
Categories: Trojan,RAT
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Some RAT trojans are pranks that are most likely being controlled by a friend or enemy on
April Fool's day or a holiday. Prank RATS are generally not harmful, and won't log keystrokes or hack.

Visible Symptoms:
Files in system folders:
[%WINDOWS%]\microlog.exe
[%WINDOWS%]\microlog.exe

How to detect DigitalSpawn:

Files:
[%WINDOWS%]\microlog.exe
[%WINDOWS%]\microlog.exe

Removing DigitalSpawn:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Remove Ad.Sponsor Adware
Zlob.Fam.strCodec Trojan Symptoms
Pigeon.AUZS Trojan Removal
AdClicker.AU.dll Trojan Information
Removing Win95.Payk Trojan

Posted by at No comments:

MultiDropper.cfg Trojan

Removing MultiDropper.cfg
Categories: Trojan,Backdoor,RAT,Hacker Tool,DoS
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
Often the backdoor will not be visible in the log of active programs.
Many trojans and backdoors now have remote administration capabilities
allowing an individual to control the victim's computer.
Many times a file called the server must be opened on the victim's computer before
the trojan can have access to it.

These are generally sent through email, P2P file sharing software,
and in internet downloads. They are usually disguised as a legitimate program or file.
Many server files will display a fake error message when opened, to make it seem like it didn't open.
Some will also kill antivirus and firewall software.
These utilities are designed to penetrate remote computers
in order to use them as zombies (by using backdoors) or to download other malicious programs to computer.

Exploits use vulnerabilities in operating systems and applications to achieve the same result.
DoS trojans conduct attacks from a single computer with the consent of the user.
MultiDropper.cfg Also known as:

[Kaspersky]TrojanDropper.Win32.Joiner.16,TrojanDropper.Win32.FC.a,TrojanDropper.Win32.Factory,TrojanDropper.Win32.Factory.a,TrojanDropper.Win32.Joiner.15,TrojanDropper.Win32.RatPacker,TrojanDropper.Win32.SilkRope.a,TrojanDropper.Win32.Zyon,TrojanDropper.Win32.Delf.f,Trojan.Win32.Msverh,TrojanDropper.Win32.Plteam,TrojanDropper.Win32.Joiner.ad,TrojanDropper.Win32.Juntador.c,TrojanDropper.Win32.ExeBind,VirTool.Win32.ST.20.a,VirTool.Win32.ST.20.b,TrojanDropper.Win32.Yabinder.102,TrojanDropper.Win32.Multibinder,TrojanDropper.Win32.Multibinder.141,TrojanDropper.Win32.G-Spot,TrojanDropper.Win32.GiftBinder,TrojanDropper.Win32.GreenStuff.12,TrojanDropper.Win32.GoBind.b,TrojanDropper.Win32.Inpect,TrojanDropper.Win32.Seapig,TrojanDropper.Win32.Xbinder.10,TrojanDropper.Win32.Xbinder.20,TrojanDropper.Win32.Glue,TrojanDropper.Win32.Snowplug;
[Eset]Win32/Runner.Joiner.16 trojan,Win32/Joiner.15 trojan,Win32/Msverh trojan,Win32/TrojanDropper.Plteam.A trojan;
[McAfee]MultiDropper.cfg,MutiDropper-BB,MultiDropper.cfg trojan,MultiDropper-BJ,MultiDropper-CF,MultiDropper-AJ;
[F-Prot]destructive program,virus construction tool,virus dropper;
[Panda]Trj/W32.Joiner.16,Trj/FC,Trj/Runner.Factory,Trj/W32.Factory,Trojan Horse.LC,Trj/Runner.Joiner.15,Trojan Horse,Trj/W32.SilkRope,Trj/W32.Juntador,Virus Constructor,Trj/MultiBinder,Univ.PS,Trj/W32.Xbinder,Trj/W32.Drp.gen,Trj/W32.Small.B,Trj/Patcher.A;
[Computer Associates]Win32/MultiDropper.AF-0!Dropper,Win32/TrojanRunnerr.Factory!Troj,Win32/Joiner.1_5!Joiner,Win32/RatPacker!Trojan,Win32/SilkRope!Trojan,Win32/Runner.Zyon!Trojan,Win32/Juntador.c!Dropper,Win32/ExeBind!Dropper,Win32/Multibinder.A!Trojan,Backdoor/G-Spot!Dropper,Win32.JoinSpot,Win32/JoinSpot!Trojan,Win32.TheJoiner.15x.A,Win32/Joiner.A!Joiner,Win32/GreenStuff!Dropper,Win32/Inpect!Dropper,Win32/XBinder!Joiner,Win32/Xbinder.20!Joiner,Win32.GlueJoiner,Win32/SmartGlue.A!Joiner,Win32/SmartGlue.B!Joiner,Win32.Snowplug.20,Win32/Snowplug!Joiner,Win32/Snowplug.20!Trojan,Win32/Patcher!Trojan
Visible Symptoms:
Files in system folders:
[%PROFILE_TEMP%]\wh.exe
[%WINDOWS%]\webhdll.dll
[%WINDOWS%]\wh.exe
[%WINDOWS%]\whagent.inf
[%WINDOWS%]\whCC-GIANT.exe
[%WINDOWS%]\whInstaller.exe
[%WINDOWS%]\whInstaller.ini
[%PROFILE_TEMP%]\wh.exe
[%WINDOWS%]\webhdll.dll
[%WINDOWS%]\wh.exe
[%WINDOWS%]\whagent.inf
[%WINDOWS%]\whCC-GIANT.exe
[%WINDOWS%]\whInstaller.exe
[%WINDOWS%]\whInstaller.ini

How to detect MultiDropper.cfg:

Files:
[%PROFILE_TEMP%]\wh.exe
[%WINDOWS%]\webhdll.dll
[%WINDOWS%]\wh.exe
[%WINDOWS%]\whagent.inf
[%WINDOWS%]\whCC-GIANT.exe
[%WINDOWS%]\whInstaller.exe
[%WINDOWS%]\whInstaller.ini
[%PROFILE_TEMP%]\wh.exe
[%WINDOWS%]\webhdll.dll
[%WINDOWS%]\wh.exe
[%WINDOWS%]\whagent.inf
[%WINDOWS%]\whCC-GIANT.exe
[%WINDOWS%]\whInstaller.exe
[%WINDOWS%]\whInstaller.ini

Folders:
[%PROGRAM_FILES%]\webhancer
[%PROGRAM_FILES%]\whinstall

Registry Keys:
HKEY_CLASSES_ROOT\interface\{c89435b0-cdfe-11d3-976a-00e02913a9e0}
HKEY_LOCAL_MACHINE\software\classes\interface\{c89435b0-cdfe-11d3-976a-00e02913a9e0}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app management\arpcache\whsurvey

Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Removing MultiDropper.cfg:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
BDHelper Adware Cleaner
Removing Matite Downloader
ICQ.Notify Trojan Removal

Posted by at No comments:

CWS.LoadAdv Hijacker

Removing CWS.LoadAdv
Categories: Hijacker
Hijackers are software programs that modify users' default browser home page,
search settings, error page settings, or desktop wallpaper without adequate notice, disclosure,
or user consent.
CWS.LoadAdv Also known as:

[Kaspersky]Trojan-Downloader.Win32.Tibs.h,Backdoor.Win32.Haxdoor.gen
Visible Symptoms:
Files in system folders:
[%SYSTEM%]\fltr.a3d
[%SYSTEM%]\p2.ini
[%SYSTEM%]\tmpf00.exe
[%SYSTEM%]\fltr.a3d
[%SYSTEM%]\p2.ini
[%SYSTEM%]\tmpf00.exe

How to detect CWS.LoadAdv:

Files:
[%SYSTEM%]\fltr.a3d
[%SYSTEM%]\p2.ini
[%SYSTEM%]\tmpf00.exe
[%SYSTEM%]\fltr.a3d
[%SYSTEM%]\p2.ini
[%SYSTEM%]\tmpf00.exe

Registry Keys:
HKEY_CLASSES_ROOT\interface\{5e2121ed-0300-11d4-8d3b-444553540000}
HKEY_CLASSES_ROOT\typelib\{5e2121e1-0300-11d4-8d3b-444553540000}
HKEY_CURRENT_USER\software\mzs
HKEY_CLASSES_ROOT\appid\{78364d99-a640-4ddf-b91a-67eff8373045}
HKEY_CLASSES_ROOT\clsid\{1ffc1674-165f-ee91-3167-507e895020ae}
HKEY_CLASSES_ROOT\clsid\{78364d99-a640-4ddf-b91a-67eff8373045}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{78364d99-a640-4ddf-b91a-67eff8373045}
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\msudp4
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\winlow

Registry Values:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\software\microsoft\internet explorer\main
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices

Removing CWS.LoadAdv:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Remove Exe2Win Trojan
Remove Adware.Pribi Adware
WinxDefender Ransomware Cleaner
Mersting Trojan Removal
Remove VB.el Backdoor

Posted by at No comments:

Winfixer.Installer Adware

Removing Winfixer.Installer
Categories: Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

How to detect Winfixer.Installer:

Folders:
[%PROFILE_TEMP%]\NI.UGA6P_0001_N111M1707

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing Winfixer.Installer:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Stactisu Trojan Information
Remove Zlob.Fam.HQ Codec Trojan
internet.ge Tracking Cookie Cleaner
Bancos.GQA Trojan Symptoms
Removing mindshare.de Tracking Cookie

Posted by at No comments:

TotalVelocity.zSearch BHO

Removing TotalVelocity.zSearch
Categories: BHO,Toolbar
BHO (Browser Helper Object) Trojan.
The BHO waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.
The method of network transport used by the attacker makes this Trojan unique.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.
Instead, this Trojan encodes the data with a simple XOR algorithm before placing it into
the data section of an ICMP ping packet." explained the company.
Toolbar presents itself as a helpful add-on for Internet Explorer but it is a real pest.
It replaces your start page, continuosly open a number of pop up windows and so on.
Visible Symptoms:
Files in system folders:
[%SYSTEM%]\zsearch.dll
[%WINDOWS%]\system\zsearch.dll
[%SYSTEM%]\zsearch.dll
[%WINDOWS%]\system\zsearch.dll

How to detect TotalVelocity.zSearch:

Files:
[%SYSTEM%]\zsearch.dll
[%WINDOWS%]\system\zsearch.dll
[%SYSTEM%]\zsearch.dll
[%WINDOWS%]\system\zsearch.dll

Folders:
[%PROGRAM_FILES%]\zsearch

Registry Keys:
HKEY_CLASSES_ROOT\CLSID\{5886A6DC-AAF4-45E9-979A-8E5E6DEE30E7}
HKEY_LOCAL_MACHINE\software\classes\clsid\{5886a6dc-aaf4-45e9-979a-8e5e6dee30e7}
HKEY_CLASSES_ROOT\clsid\{5886a6dc-aaf4-45e9-979a-8e5e6dee30e7}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{5886a6dc-aaf4-45e9-979a-8e5e6dee30e7}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{5886a6dc-aaf4-45e9-979a-8e5e6dee30e7}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{5886a6dc-aaf4-45e9-979a-8e5e6dee30e7}

Registry Values:
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing TotalVelocity.zSearch:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Remove Pigeon.EHL Trojan
Xitami.win95 DoS Symptoms
Master.AOL Trojan Symptoms
Depees Trojan Information
Win32.SocksProxy Trojan Information

Posted by at No comments:

Interkey Adware

Removing Interkey
Categories: Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits

How to detect Interkey:

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing Interkey:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Xombe Trojan Removal instruction
Remove SillyDl.AQZ Trojan
Prowler Trojan Removal instruction
Pigeon.EBB Trojan Removal

Posted by at No comments:

Activity.Keylogger Spyware

Removing Activity.Keylogger
Categories: Spyware
Spyware programs can collect various types of personal information,
such as Internet surfing habit, sites that have been visited,
but can also interfere with user control of the computer in other ways,
such as installing additional software, redirecting Web browser activity,
accessing websites blindly that will cause more harmful viruses,
or diverting advertising revenue to a third party.
Visible Symptoms:
Files in system folders:
[%DESKTOP%]\activity keylogger.lnk
[%WINDOWS%]\aksettings.ini
[%WINDOWS%]\chatlogs.dll
[%DESKTOP%]\activity keylogger.lnk
[%WINDOWS%]\aksettings.ini
[%WINDOWS%]\chatlogs.dll

How to detect Activity.Keylogger:

Files:
[%DESKTOP%]\activity keylogger.lnk
[%WINDOWS%]\aksettings.ini
[%WINDOWS%]\chatlogs.dll
[%DESKTOP%]\activity keylogger.lnk
[%WINDOWS%]\aksettings.ini
[%WINDOWS%]\chatlogs.dll

Folders:
[%PROGRAMS%]\activity keylogger
[%PROGRAM_FILES%]\activity keylogger

Registry Keys:
HKEY_LOCAL_MACHINE\software\activity keylogger

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing Activity.Keylogger:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Remove VNC.CommonComponents RAT
AntivirusGold Trojan Cleaner

Posted by at No comments:

Falling.Star Backdoor

Removing Falling.Star
Categories: Backdoor,RAT
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
They function in the same way as legal remote administration programs used by system administrators.
This makes them difficult to detect.

Backdoors are installed and launched without the consent of the user of computer.
Often the backdoor will not be visible in the log of active programs.

Once a backdoor has been successfully launched, the computer is wide open.
Backdoor functions can include:


  • Launching/ deleting files

  • Sending/ receiving files

  • Deleting data

  • Displaying notification

  • Rebooting the machine

  • Executing files




Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.
Backdoors combine the functionality of most other types of in one package.

Backdoors have one especially dangerous sub-class: variants that can propagate like worms.
Many trojans and backdoors now have remote administration capabilities
allowing an individual to control the victim's computer.
Many times a file called the server must be opened on the victim's computer before
the trojan can have access to it.

These are generally sent through email, P2P file sharing software,
and in internet downloads. They are usually disguised as a legitimate program or file.
Many server files will display a fake error message when opened, to make it seem like it didn't open.
Some will also kill antivirus and firewall software.
Falling.Star Also known as:

[Kaspersky]Backdoor.FallingDoor.138;
[Panda]Backdoor Program;
[Computer Associates]Backdoor/FallingDoor.138!Server
Visible Symptoms:
Files in system folders:
[%WINDOWS%]\system\exp1orer.exe
[%WINDOWS%]\system\w1dap32.dll
[%WINDOWS%]\system\exp1orer.exe
[%WINDOWS%]\system\w1dap32.dll

How to detect Falling.Star:

Files:
[%WINDOWS%]\system\exp1orer.exe
[%WINDOWS%]\system\w1dap32.dll
[%WINDOWS%]\system\exp1orer.exe
[%WINDOWS%]\system\w1dap32.dll

Removing Falling.Star:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Removing Gpix Trojan
NetworkEssentials.SCBar Adware Removal
Vxidl.AWZ Trojan Symptoms
VirusBursters Ransomware Removal

Posted by at No comments:

Scratch.and.Win Adware

Removing Scratch.and.Win
Categories: Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

Visible Symptoms:
Files in system folders:
[%WINDOWS%]\downloaded program files\conflict.1\fswinst.ocx
[%WINDOWS%]\downloaded program files\conflict.1\fswinst.ocx

How to detect Scratch.and.Win:

Files:
[%WINDOWS%]\downloaded program files\conflict.1\fswinst.ocx
[%WINDOWS%]\downloaded program files\conflict.1\fswinst.ocx

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{d04e6445-dff4-457b-8f24-444cf3061e5d}

Removing Scratch.and.Win:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Removing MySocket Backdoor
Virri Trojan Cleaner
Claria.Date.Manager Adware Removal
Infinaeon Backdoor Information
Removing internet.ge Tracking Cookie

Posted by at No comments:

Adware.MokeAd Trojan

Removing Adware.MokeAd
Categories: Trojan,Adware,Downloader
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
This family of Trojans downloads and installs new malware or adware on the computer.
The downloader then either launches the new malware or registers it to enable autorun
according to the local operating system requirements.

The names and locations of malware to be downloaded are either coded into the
Trojan or downloaded from a specified website.
Adware.MokeAd Also known as:

[McAfee]Adware-MokeAd;
[F-Prot]W32/Admoke.D.gen!Eldorado;
[Other]Mal/DelpDldr-B,Trojan:Win32/Agent.AFA

How to detect Adware.MokeAd:

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing Adware.MokeAd:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Gambling Popups Adware Cleaner
Flying Trojan Removal
Mxkeybd Spyware Removal instruction
Remove Auto.Hack Adware
Agent.BW!Trojan Trojan Removal

Posted by at No comments:

DigitalNames Trojan

Removing DigitalNames
Categories: Trojan,Adware
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

Visible Symptoms:
Files in system folders:
[%SYSTEM%]\imekp32.dll
[%SYSTEM%]\novacc.dll
[%SYSTEM%]\novagsun.exe
[%SYSTEM%]\Novagsx.exe
[%SYSTEM%]\novaini.ini
[%SYSTEM%]\novapd99.exe
[%DESKTOP%]\nts_shex66.dll
[%PROGRAM_FILES%]\uBiz\Mykey\Bms.dll
[%SYSTEM%]\drivers\novagsys.sys
[%SYSTEM%]\novags01.dll
[%SYSTEM%]\imekp32.dll
[%SYSTEM%]\novacc.dll
[%SYSTEM%]\novagsun.exe
[%SYSTEM%]\Novagsx.exe
[%SYSTEM%]\novaini.ini
[%SYSTEM%]\novapd99.exe
[%DESKTOP%]\nts_shex66.dll
[%PROGRAM_FILES%]\uBiz\Mykey\Bms.dll
[%SYSTEM%]\drivers\novagsys.sys
[%SYSTEM%]\novags01.dll

How to detect DigitalNames:

Files:
[%SYSTEM%]\imekp32.dll
[%SYSTEM%]\novacc.dll
[%SYSTEM%]\novagsun.exe
[%SYSTEM%]\Novagsx.exe
[%SYSTEM%]\novaini.ini
[%SYSTEM%]\novapd99.exe
[%DESKTOP%]\nts_shex66.dll
[%PROGRAM_FILES%]\uBiz\Mykey\Bms.dll
[%SYSTEM%]\drivers\novagsys.sys
[%SYSTEM%]\novags01.dll
[%SYSTEM%]\imekp32.dll
[%SYSTEM%]\novacc.dll
[%SYSTEM%]\novagsun.exe
[%SYSTEM%]\Novagsx.exe
[%SYSTEM%]\novaini.ini
[%SYSTEM%]\novapd99.exe
[%DESKTOP%]\nts_shex66.dll
[%PROGRAM_FILES%]\uBiz\Mykey\Bms.dll
[%SYSTEM%]\drivers\novagsys.sys
[%SYSTEM%]\novags01.dll

Folders:
[%PROGRAM_FILES%]\UBizNames

Registry Keys:
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\novags
HKEY_CLASSES_ROOT\clsid\{c18517da-ca70-46ce-86f4-882f6b62e975}
HKEY_CLASSES_ROOT\clsid\{eefe4ba1-1d9e-4364-8c15-18561ab19fbc}
HKEY_CLASSES_ROOT\interface\{09b4c362-3e63-431d-ad99-7a8b81218021}
HKEY_CLASSES_ROOT\novacc.ccc
HKEY_CLASSES_ROOT\novacc.ccc.1
HKEY_CLASSES_ROOT\typelib\{c76a64b8-dd96-4175-9c27-0f70f0b7da35}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{c18517da-ca70-46ce-86f4-882f6b62e975}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\novags
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_novagsys
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\novagsys
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\xprtect

Registry Values:
HKEY_CURRENT_USER\software\microsoft\internet explorer\new windows\allow
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing DigitalNames:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Active.Delivery Downloader Symptoms

Posted by at No comments:

Small.he Trojan

Removing Small.he
Categories: Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Visible Symptoms:
Files in system folders:
[%STARTUP%]\loader.exe
[%STARTUP%]\loader.exe

How to detect Small.he:

Files:
[%STARTUP%]\loader.exe
[%STARTUP%]\loader.exe

Removing Small.he:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Remove SearchCentrix.Mygeek.com BHO
Claria.Weatherscope Adware Removal

Posted by at No comments:

Adult.Content Adware

Removing Adult.Content
Categories: Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

How to detect Adult.Content:

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{6986a6cf-9d58-11d6-91c2-00e02964e8e3}
HKEY_CLASSES_ROOT\clsid\{2c1651ef-8827-11d6-91a2-00e02964e8e3}
HKEY_CLASSES_ROOT\clsid\{2c38a62e-d257-40e8-8bb7-5624e38feb0a}
HKEY_CLASSES_ROOT\clsid\{8522f9b3-38c5-4aa4-ae40-7401f1bbc898}
HKEY_CLASSES_ROOT\clsid\{ffff0017-0001-101a-a3c9-08002b2f49fb}

Removing Adult.Content:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Back.Construction Trojan Cleaner
Generic.Downlaoder Downloader Symptoms

Posted by at No comments:

JD.A Spyware

Removing JD.A
Categories: Spyware
Spyware can even change computer settings, resulting in slow connection speeds,
different home pages, and loss of Internet or other programs.
In an attempt to increase the understanding of spyware, a more formal classification
of its included software types is captured under the term privacy-invasive software.
Visible Symptoms:
Files in system folders:
[%PROFILE_TEMP%]\upxdnd.exe
[%WINDOWS%]\cmdbcs.exe
[%PROFILE_TEMP%]\upxdnd.exe
[%WINDOWS%]\cmdbcs.exe

How to detect JD.A:

Files:
[%PROFILE_TEMP%]\upxdnd.exe
[%WINDOWS%]\cmdbcs.exe
[%PROFILE_TEMP%]\upxdnd.exe
[%WINDOWS%]\cmdbcs.exe

Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Removing JD.A:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
PSW.Barok Trojan Information

Posted by at No comments:

DoDoor Adware

Removing DoDoor
Categories: Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

DoDoor Also known as:

[Kaspersky]AdWare.Win32.AdMedia.g;
[Panda]Adware/Dodoor;
[Other]Adware.IEhlpr
Visible Symptoms:
Files in system folders:
[%COMMON_APPDATA%]\Microsoft\Crypto\bfnmgf.exe
[%PROGRAM_FILES%]\NetMeeting\conf.dll
[%PROGRAM_FILES%]\NetMeeting\netinit.dll
[%COMMON_APPDATA%]\Microsoft\Crypto\bfnmgf.exe
[%PROGRAM_FILES%]\NetMeeting\conf.dll
[%PROGRAM_FILES%]\NetMeeting\netinit.dll

How to detect DoDoor:

Files:
[%COMMON_APPDATA%]\Microsoft\Crypto\bfnmgf.exe
[%PROGRAM_FILES%]\NetMeeting\conf.dll
[%PROGRAM_FILES%]\NetMeeting\netinit.dll
[%COMMON_APPDATA%]\Microsoft\Crypto\bfnmgf.exe
[%PROGRAM_FILES%]\NetMeeting\conf.dll
[%PROGRAM_FILES%]\NetMeeting\netinit.dll

Folders:
[%PROGRAM_FILES%]\DoDoorRSSFinder

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{8de0b272-74fa-1fd1-b7da-0ca0c9b348d6}
HKEY_CLASSES_ROOT\CLSID\{999ADFA2-8AD1-47FF-97FC-69FB847458F4}
HKEY_CLASSES_ROOT\clsid\{cc0d9597-a6c0-48e5-84fa-f59d2d23cf6d}
HKEY_CLASSES_ROOT\CLSID\{D424FE4E-CAF9-4FDD-BC5F-E6E6B91D53BF}
HKEY_CLASSES_ROOT\clsid\{e7009873-0d40-45b1-8d59-5b9ae98c7d38}
HKEY_CLASSES_ROOT\htmlparser.htmlanalyzer
HKEY_CLASSES_ROOT\htmlparser.htmlanalyzer.1
HKEY_CLASSES_ROOT\iefilter.fltsetup
HKEY_CLASSES_ROOT\iefilter.fltsetup.1
HKEY_CLASSES_ROOT\iefilter.htmlfilter
HKEY_CLASSES_ROOT\iefilter.htmlfilter.1
HKEY_CLASSES_ROOT\interface\{999adfa2-8ad1-47ff-97fc-69fb847458f4}
HKEY_CLASSES_ROOT\typelib\{71c66461-9b21-47e0-8b45-c3c649cd67f8}
HKEY_CLASSES_ROOT\typelib\{998cae99-eb35-4c8e-a30a-bc061ad826f5}
HKEY_CLASSES_ROOT\typelib\{d8783a61-0431-4f03-a143-0dd5d8db1703}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1D49D58D-5C84-4B50-8359-D9809BEB2B32}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{999ADFA2-8AD1-47FF-97FC-69FB847458F4}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D424FE4E-CAF9-4FDD-BC5F-E6E6B91D53BF}
HKEY_CLASSES_ROOT\activebandobject.activebho
HKEY_CLASSES_ROOT\activebandobject.activebho.1
HKEY_CLASSES_ROOT\clsid\{63c55a7f-6e29-8d4f-5c76-4f850f28d13a}
HKEY_CLASSES_ROOT\clsid\{999adfa2-8ad1-47ff-97fc-69fb847458f4}
HKEY_CLASSES_ROOT\clsid\{d424fe4e-caf9-4fdd-bc5f-e6e6b91d53bf}
HKEY_CLASSES_ROOT\clsid\{f5b3eced-9bf3-4f7e-882b-a6e75343c499}
HKEY_CLASSES_ROOT\interface\{ab6ec1fc-83b0-4ef2-a128-785bafc2a2b5}
HKEY_CLASSES_ROOT\interface\{d922591d-7893-412b-b801-c3b2f31be4c9}
HKEY_CLASSES_ROOT\typelib\{2f80a49b-9fa3-4fa0-a964-4689b0c1b30b}
HKEY_CLASSES_ROOT\typelib\{964ddeff-b16c-4113-8ff7-8e83b53c8ed8}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{1d49d58d-5c84-4b50-8359-d9809beb2b32}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{63c55a7f-6e29-8d4f-5c76-4f850f28d13a}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{721e6521-4cad-4a8d-a7f1-4e230b31ef19}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{999adfa2-8ad1-47ff-97fc-69fb847458f4}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{d424fe4e-caf9-4fdd-bc5f-e6e6b91d53bf}

Registry Values:
HKEY_CLASSES_ROOT\clsid\{1d49d58d-5c84-4b50-8359-d9809beb2b32}\inprocserver32
HKEY_CLASSES_ROOT\clsid\{1d49d58d-5c84-4b50-8359-d9809beb2b32}\inprocserver32
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shell extensions\approved

Removing DoDoor:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Gnuro Trojan Removal
hotels.gites.com Tracking Cookie Removal
Removing Easy.Keyboard.Logger Spyware
EverAd Adware Removal
VB.dj Downloader Cleaner

Posted by at No comments:

TrojanClicker.Win32.VB.ib Trojan

Removing TrojanClicker.Win32.VB.ib
Categories: Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
TrojanClicker.Win32.VB.ib Also known as:

[Kaspersky]Trojan-Clicker.Win32.VB.ib
Visible Symptoms:
Files in system folders:
[%DESKTOP%]\123 hidden sender.lnk
[%PROGRAMS%]\123 hidden sender
[%DESKTOP%]\123 hidden sender.lnk
[%PROGRAMS%]\123 hidden sender

How to detect TrojanClicker.Win32.VB.ib:

Files:
[%DESKTOP%]\123 hidden sender.lnk
[%PROGRAMS%]\123 hidden sender
[%DESKTOP%]\123 hidden sender.lnk
[%PROGRAMS%]\123 hidden sender

Folders:
[%PROGRAM_FILES%]\123 hidden sender

Registry Keys:
HKEY_CURRENT_USER\software\bytesky\hiddensender
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\123 hidden sender_is1

Removing TrojanClicker.Win32.VB.ib:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Tops DoS Information
Adultlinks.Quickbar Hijacker Removal
ReqLook Trojan Cleaner

Posted by at No comments:

Mirtang Trojan

Removing Mirtang
Categories: Trojan,Hacker Tool
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Exploits use vulnerabilities in operating systems and applications to achieve the same result.
Mirtang Also known as:

[Kaspersky]Trojan-PWS.Win32.WOW.fx,Trojan-PSW.Win32.WOW,Trojan-PSW.Win32.WOW.ec,Trojan.win32.Pakes,trojan-PSW.Win32.Agent.he,Trojan-PSW.Win32.WOW.eo,Trojan-Dropper.Win32.Agent.aud,Trojan-PSW.Win32.OnLineGames.fv,Trojan-PSW.Win32.OnLineGames.aya;
[McAfee]PWS-Lineage,PWS-WoW;
[Other]Win32/Mirtang.S,TSPY_WOW.PP,Win32/Mirtang,Hacktool.PWS.QQPass,Win32/Mirtang.G,Win32/Mirtang.H,Trojan.Voxom,Win32/Mirtang.I,Win32/Mirtang.K,Trojan-PSW.Win32.WOW.eo,Win32/Mirtang.L,Win32/Mirtang.M,Wi32/Mirtang.AC,Win32/Mirtang.W,Infostealer.JiangHu,Win32/Mirtang.B,Win32/Mirtang.D,Win32/Mirtang.O,Win32/Mirtang.AE,Infostealer,WIn32/Mirtang.AR,Win32/Mirtang.AS,Win32/Mirtang.BF,W32/Wow.AUB,Win32/Mirtang.BQ,W32/Blackhole.ADC,Win32/Mirtang.CD
Visible Symptoms:
Files in system folders:
[%PROFILE_TEMP%]\dozdzgb.dll
[%PROFILE_TEMP%]\kwatlog.exe
[%PROFILE_TEMP%]\mccrar.exe
[%PROFILE_TEMP%]\tf5o.dll
[%SYSTEM%]\jbhook.dll
[%SYSTEM%]\jbloader.dll
[%PROFILE_TEMP%]\dozdzgb.dll
[%PROFILE_TEMP%]\kwatlog.exe
[%PROFILE_TEMP%]\mccrar.exe
[%PROFILE_TEMP%]\tf5o.dll
[%SYSTEM%]\jbhook.dll
[%SYSTEM%]\jbloader.dll

How to detect Mirtang:

Files:
[%PROFILE_TEMP%]\dozdzgb.dll
[%PROFILE_TEMP%]\kwatlog.exe
[%PROFILE_TEMP%]\mccrar.exe
[%PROFILE_TEMP%]\tf5o.dll
[%SYSTEM%]\jbhook.dll
[%SYSTEM%]\jbloader.dll
[%PROFILE_TEMP%]\dozdzgb.dll
[%PROFILE_TEMP%]\kwatlog.exe
[%PROFILE_TEMP%]\mccrar.exe
[%PROFILE_TEMP%]\tf5o.dll
[%SYSTEM%]\jbhook.dll
[%SYSTEM%]\jbloader.dll

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{55667788-abcd-1234-5678-00c04fd8dbd8}

Removing Mirtang:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
ActiveSearch Adware Symptoms
Doly Trojan Removal instruction

Posted by at No comments:

EasyWWW Trojan

Removing EasyWWW
Categories: Trojan,Adware,Hijacker
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
Hijackers are software programs that modify users' default browser home page,
search settings, error page settings, or desktop wallpaper without adequate notice, disclosure,
or user consent.
EasyWWW Also known as:

[Kaspersky]Trojan.Win32.StartPage.aw;
[Panda]Spyware/DCToolbar,Trj/StartPage.L;
[Computer Associates]Win32.Startpage.Z,Win32/Startpage.Z!Trojan
Visible Symptoms:
Files in system folders:
[%WINDOWS%]\easywww.exe
[%WINDOWS%]\easywww2.exe
[%WINDOWS%]\redirect5.exe
[%WINDOWS%]\easywww.exe
[%WINDOWS%]\easywww2.exe
[%WINDOWS%]\redirect5.exe

How to detect EasyWWW:

Files:
[%WINDOWS%]\easywww.exe
[%WINDOWS%]\easywww2.exe
[%WINDOWS%]\redirect5.exe
[%WINDOWS%]\easywww.exe
[%WINDOWS%]\easywww2.exe
[%WINDOWS%]\redirect5.exe

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing EasyWWW:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Remove Omnox Downloader
adtools Adware Removal
SwimSuitNetwork Adware Removal instruction
Total.Velocity Adware Information

Posted by at No comments:

Borlander Downloader

Removing Borlander
Categories: Downloader
Trojans-downloaders downloads and installs new malware or adware on the computer.

Visible Symptoms:
Files in system folders:
[%SYSTEM%]\cenr.uni
[%SYSTEM%]\cenr.uni

How to detect Borlander:

Files:
[%SYSTEM%]\cenr.uni
[%SYSTEM%]\cenr.uni

Folders:
[%PROGRAM_FILES%]\aclp
[%PROGRAM_FILES%]\vxgk
[%WINDOWS%]\Temp\adguga
[%WINDOWS%]\Temp\inspstb1478

Registry Values:
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\dcos, imagepath=[%SYSTEM%]\rundll32.exe [%PROGRAM_FILES%]\vxgk\ihtx.dll

Removing Borlander:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Removing NSIS Adware
SubSeven.Pass Backdoor Symptoms
Vxidl.AIB Trojan Removal
Removing ClientMan.2in1 BHO

Posted by at No comments:

Adware.TVelocity Adware

Removing Adware.TVelocity
Categories: Adware,BHO,Hijacker
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
The BHO (Browser Helper Object) waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.
A desktop hijacker replaces the desktop wallpaper with advertising
for products and services on the desktop.
Adware.TVelocity Also known as:

[McAfee]Adware-TVelocity;
[Panda]Spyware/TVMedia
Visible Symptoms:
Files in system folders:
[%APPDATA%]\tvmknwrd.dll
[%PROFILE_TEMP%]\temp.fr????\Tvm.exe
[%PROFILE_TEMP%]\Tvm.upd
[%PROFILE_TEMP%]\tvmupdater.exe
[%WINDOWS%]\addyc.dll
[%WINDOWS%]\addyu.dll
[%WINDOWS%]\cmuninstall.bat
[%WINDOWS%]\msknwrd.dll
[%PROFILE%]\recent\tv_media_display.20.zip.lnk
[%PROFILE%]\recent\tv_media_display.9.zip.lnk
[%PROFILE%]\recent\tv_media_display.zip.lnk
[%PROFILE%]\recent\tv_media_display_1.1.1.zip.lnk
[%PROFILE%]\recent\tv_media_display_1.1.zip.lnk
[%PROFILE%]\recent\tv_media_display_1.2.zip.lnk
[%PROFILE%]\recent\tv_media_display_1.3.zip.lnk
[%PROFILE%]\recent\tv_media_display_1.4.zip.lnk
[%PROFILE%]\recent\tv_media_display_1.zip.lnk
[%PROFILE%]\recent\tv_media_display_2.zip.lnk
[%PROFILE_TEMP%]\tvm_b5.exe
[%PROFILE_TEMP%]\~acetemp\tv media display.1\tv media display.exe
[%PROFILE_TEMP%]\~acetemp\tv_media_display.12\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.12\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.13\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.13\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.14\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.14\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.15\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.15\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.17\tvm.exe
[%PROFILE_TEMP%]\~acetemp\tv_media_display.17\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.17\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.2\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.2\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.5\tvm.exe
[%PROFILE_TEMP%]\~acetemp\tv_media_display.5\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.5\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.8\tvm.exe
[%PROFILE_TEMP%]\~acetemp\tv_media_display.8\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.8\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display\tvm.exe
[%PROFILE_TEMP%]\~acetemp\tv_media_display\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1.3\tvm.exe
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1.3\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1.3\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1.4\tvm.exe
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1.4\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1.4\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1\tvm.exe
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1\tvmknwrd.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1\tvmlg.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display_2\tvm.exe
[%PROFILE_TEMP%]\~acetemp\tv_media_display_2\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display_2\tvmcore.dll
[%WINDOWS%]\downloaded program files\memorymeter.dll
[%WINDOWS%]\downloaded program files\memorymeter.inf
[%WINDOWS%]\tvmd.exe
[%WINDOWS%]\tvtmd.exe
[%APPDATA%]\tvmknwrd.dll
[%PROFILE_TEMP%]\temp.fr????\Tvm.exe
[%PROFILE_TEMP%]\Tvm.upd
[%PROFILE_TEMP%]\tvmupdater.exe
[%WINDOWS%]\addyc.dll
[%WINDOWS%]\addyu.dll
[%WINDOWS%]\cmuninstall.bat
[%WINDOWS%]\msknwrd.dll
[%PROFILE%]\recent\tv_media_display.20.zip.lnk
[%PROFILE%]\recent\tv_media_display.9.zip.lnk
[%PROFILE%]\recent\tv_media_display.zip.lnk
[%PROFILE%]\recent\tv_media_display_1.1.1.zip.lnk
[%PROFILE%]\recent\tv_media_display_1.1.zip.lnk
[%PROFILE%]\recent\tv_media_display_1.2.zip.lnk
[%PROFILE%]\recent\tv_media_display_1.3.zip.lnk
[%PROFILE%]\recent\tv_media_display_1.4.zip.lnk
[%PROFILE%]\recent\tv_media_display_1.zip.lnk
[%PROFILE%]\recent\tv_media_display_2.zip.lnk
[%PROFILE_TEMP%]\tvm_b5.exe
[%PROFILE_TEMP%]\~acetemp\tv media display.1\tv media display.exe
[%PROFILE_TEMP%]\~acetemp\tv_media_display.12\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.12\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.13\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.13\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.14\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.14\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.15\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.15\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.17\tvm.exe
[%PROFILE_TEMP%]\~acetemp\tv_media_display.17\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.17\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.2\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.2\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.5\tvm.exe
[%PROFILE_TEMP%]\~acetemp\tv_media_display.5\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.5\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.8\tvm.exe
[%PROFILE_TEMP%]\~acetemp\tv_media_display.8\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.8\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display\tvm.exe
[%PROFILE_TEMP%]\~acetemp\tv_media_display\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1.3\tvm.exe
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1.3\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1.3\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1.4\tvm.exe
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1.4\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1.4\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1\tvm.exe
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1\tvmknwrd.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1\tvmlg.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display_2\tvm.exe
[%PROFILE_TEMP%]\~acetemp\tv_media_display_2\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display_2\tvmcore.dll
[%WINDOWS%]\downloaded program files\memorymeter.dll
[%WINDOWS%]\downloaded program files\memorymeter.inf
[%WINDOWS%]\tvmd.exe
[%WINDOWS%]\tvtmd.exe

How to detect Adware.TVelocity:

Files:
[%APPDATA%]\tvmknwrd.dll
[%PROFILE_TEMP%]\temp.fr????\Tvm.exe
[%PROFILE_TEMP%]\Tvm.upd
[%PROFILE_TEMP%]\tvmupdater.exe
[%WINDOWS%]\addyc.dll
[%WINDOWS%]\addyu.dll
[%WINDOWS%]\cmuninstall.bat
[%WINDOWS%]\msknwrd.dll
[%PROFILE%]\recent\tv_media_display.20.zip.lnk
[%PROFILE%]\recent\tv_media_display.9.zip.lnk
[%PROFILE%]\recent\tv_media_display.zip.lnk
[%PROFILE%]\recent\tv_media_display_1.1.1.zip.lnk
[%PROFILE%]\recent\tv_media_display_1.1.zip.lnk
[%PROFILE%]\recent\tv_media_display_1.2.zip.lnk
[%PROFILE%]\recent\tv_media_display_1.3.zip.lnk
[%PROFILE%]\recent\tv_media_display_1.4.zip.lnk
[%PROFILE%]\recent\tv_media_display_1.zip.lnk
[%PROFILE%]\recent\tv_media_display_2.zip.lnk
[%PROFILE_TEMP%]\tvm_b5.exe
[%PROFILE_TEMP%]\~acetemp\tv media display.1\tv media display.exe
[%PROFILE_TEMP%]\~acetemp\tv_media_display.12\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.12\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.13\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.13\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.14\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.14\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.15\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.15\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.17\tvm.exe
[%PROFILE_TEMP%]\~acetemp\tv_media_display.17\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.17\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.2\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.2\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.5\tvm.exe
[%PROFILE_TEMP%]\~acetemp\tv_media_display.5\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.5\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.8\tvm.exe
[%PROFILE_TEMP%]\~acetemp\tv_media_display.8\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.8\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display\tvm.exe
[%PROFILE_TEMP%]\~acetemp\tv_media_display\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1.3\tvm.exe
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1.3\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1.3\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1.4\tvm.exe
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1.4\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1.4\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1\tvm.exe
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1\tvmknwrd.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1\tvmlg.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display_2\tvm.exe
[%PROFILE_TEMP%]\~acetemp\tv_media_display_2\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display_2\tvmcore.dll
[%WINDOWS%]\downloaded program files\memorymeter.dll
[%WINDOWS%]\downloaded program files\memorymeter.inf
[%WINDOWS%]\tvmd.exe
[%WINDOWS%]\tvtmd.exe
[%APPDATA%]\tvmknwrd.dll
[%PROFILE_TEMP%]\temp.fr????\Tvm.exe
[%PROFILE_TEMP%]\Tvm.upd
[%PROFILE_TEMP%]\tvmupdater.exe
[%WINDOWS%]\addyc.dll
[%WINDOWS%]\addyu.dll
[%WINDOWS%]\cmuninstall.bat
[%WINDOWS%]\msknwrd.dll
[%PROFILE%]\recent\tv_media_display.20.zip.lnk
[%PROFILE%]\recent\tv_media_display.9.zip.lnk
[%PROFILE%]\recent\tv_media_display.zip.lnk
[%PROFILE%]\recent\tv_media_display_1.1.1.zip.lnk
[%PROFILE%]\recent\tv_media_display_1.1.zip.lnk
[%PROFILE%]\recent\tv_media_display_1.2.zip.lnk
[%PROFILE%]\recent\tv_media_display_1.3.zip.lnk
[%PROFILE%]\recent\tv_media_display_1.4.zip.lnk
[%PROFILE%]\recent\tv_media_display_1.zip.lnk
[%PROFILE%]\recent\tv_media_display_2.zip.lnk
[%PROFILE_TEMP%]\tvm_b5.exe
[%PROFILE_TEMP%]\~acetemp\tv media display.1\tv media display.exe
[%PROFILE_TEMP%]\~acetemp\tv_media_display.12\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.12\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.13\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.13\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.14\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.14\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.15\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.15\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.17\tvm.exe
[%PROFILE_TEMP%]\~acetemp\tv_media_display.17\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.17\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.2\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.2\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.5\tvm.exe
[%PROFILE_TEMP%]\~acetemp\tv_media_display.5\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.5\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.8\tvm.exe
[%PROFILE_TEMP%]\~acetemp\tv_media_display.8\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display.8\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display\tvm.exe
[%PROFILE_TEMP%]\~acetemp\tv_media_display\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1.3\tvm.exe
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1.3\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1.3\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1.4\tvm.exe
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1.4\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1.4\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1\tvm.exe
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1\tvmcore.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1\tvmknwrd.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display_1\tvmlg.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display_2\tvm.exe
[%PROFILE_TEMP%]\~acetemp\tv_media_display_2\tvmbho.dll
[%PROFILE_TEMP%]\~acetemp\tv_media_display_2\tvmcore.dll
[%WINDOWS%]\downloaded program files\memorymeter.dll
[%WINDOWS%]\downloaded program files\memorymeter.inf
[%WINDOWS%]\tvmd.exe
[%WINDOWS%]\tvtmd.exe

Folders:
[%PROGRAM_FILES%]\memorymeter
[%PROGRAM_FILES%]\tv media

Registry Keys:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\tv media
HKEY_CLASSES_ROOT\clsid\{20ec3d2d-33c1-4c9d-bc37-c2d500688da2}
HKEY_CLASSES_ROOT\clsid\{707e6f76-9ffb-4920-a976-ea101271bc25}
HKEY_CLASSES_ROOT\clsid\{afdbb6d0-6b96-419c-8bc6-ff0b99368c0b}
HKEY_CLASSES_ROOT\htmlfile\clsid\config
HKEY_CLASSES_ROOT\htmlfile\clsid\guid
HKEY_CLASSES_ROOT\typelib\{afdbb6d0-6b96-419c-8bc6-ff0b99368c0b}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\memorymeter
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\msmgt
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\tvmd
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\tvtmd

Registry Values:
HKEY_CURRENT_USER\software\microsoft\internet explorer\urlsearchhooks
HKEY_CURRENT_USER\software\microsoft\internet explorer\urlsearchhooks
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_CLASSES_ROOT\htmlfile\clsid
HKEY_CLASSES_ROOT\htmlfile\clsid
HKEY_CURRENT_USER\software\microsoft\internet explorer\media
HKEY_CURRENT_USER\software\microsoft\internet explorer\media
HKEY_CURRENT_USER\software\microsoft\internet explorer\urlsearchhooks
HKEY_CURRENT_USER\software\microsoft\msnmessenger\perpassportsettings\1262293243\groupstate
HKEY_CURRENT_USER\software\microsoft\msnmessenger\perpassportsettings\1262293243\groupstate
HKEY_CURRENT_USER\software\microsoft\msnmessenger\perpassportsettings\1262293243\groupstate
HKEY_CURRENT_USER\software\microsoft\msnmessenger\perpassportsettings\1262293243\groupstate
HKEY_CURRENT_USER\software\microsoft\msnmessenger\perpassportsettings\1262293243\groupstate
HKEY_CURRENT_USER\software\microsoft\msnmessenger\perpassportsettings\1262293243\groupstate
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\streams\158
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall

Removing Adware.TVelocity:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Kaitex Trojan Removal instruction
Su.ribbed Trojan Information
TFactory Downloader Removal instruction

Posted by at No comments:

XCP.Sony.Rootkit.Patch Trojan

Removing XCP.Sony.Rootkit.Patch
Categories: Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Visible Symptoms:
Files in system folders:
[%PROGRAM_FILES%]\dogpiletoolbar\cursorsearchword.dll
[%PROGRAM_FILES%]\dogpiletoolbar\insptbar.dll
[%PROGRAM_FILES%]\dogpiletoolbar\unwise.exe
[%PROGRAM_FILES%]\dogpiletoolbar\cursorsearchword.dll
[%PROGRAM_FILES%]\dogpiletoolbar\insptbar.dll
[%PROGRAM_FILES%]\dogpiletoolbar\unwise.exe

How to detect XCP.Sony.Rootkit.Patch:

Files:
[%PROGRAM_FILES%]\dogpiletoolbar\cursorsearchword.dll
[%PROGRAM_FILES%]\dogpiletoolbar\insptbar.dll
[%PROGRAM_FILES%]\dogpiletoolbar\unwise.exe
[%PROGRAM_FILES%]\dogpiletoolbar\cursorsearchword.dll
[%PROGRAM_FILES%]\dogpiletoolbar\insptbar.dll
[%PROGRAM_FILES%]\dogpiletoolbar\unwise.exe

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{5e92f538-b50b-46c5-9c5f-c6eeced3f6c6}
HKEY_LOCAL_MACHINE\software\classes\clsid\{5e92f538-b50b-46c5-9c5f-c6eeced3f6c6}

Registry Values:
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar

Removing XCP.Sony.Rootkit.Patch:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
IBar.cn Toolbar Symptoms
Removing Pigeon.AZM Trojan

Posted by at No comments:

WurldMedia.Moaa Hijacker

Removing WurldMedia.Moaa
Categories: Hijacker
When the default home page is hijacked, the browser opens to the web page set by the hijacker
instead of the user's designated home page. In some cases, the hijacker may block users from
restoring their desired home page.
Visible Symptoms:
Files in system folders:
[%SYSTEM%]\moaa030425s.dll
[%WINDOWS%]\system\moaa030425s.dll
[%SYSTEM%]\moaa030425s.dll
[%WINDOWS%]\system\moaa030425s.dll

How to detect WurldMedia.Moaa:

Files:
[%SYSTEM%]\moaa030425s.dll
[%WINDOWS%]\system\moaa030425s.dll
[%SYSTEM%]\moaa030425s.dll
[%WINDOWS%]\system\moaa030425s.dll

Removing WurldMedia.Moaa:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
TrojanDownloader.Win32.IstBar.ap Downloader Removal instruction
Removing Bancos.GME Trojan
Vxidl.AGU Trojan Removal instruction

Posted by at No comments:

DivoCodec Adware

Removing DivoCodec
Categories: Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

How to detect DivoCodec:

Folders:
[%PROGRAM_FILES%]\DivoCodec

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{083863f1-70de-11d0-bd40-00a0c911ce86}\instance\{773b1aad-a8dd-4010-a903-cdb32938f595}
HKEY_CLASSES_ROOT\clsid\{773b1aad-a8dd-4010-a903-cdb32938f595}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\divocodec_is1

Registry Values:
HKEY_CLASSES_ROOT\media type\extensions\.avi

Removing DivoCodec:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Worf Trojan Information
Surfcomp Adware Information
VB.ez Downloader Cleaner
Little Trojan Symptoms
FileKA Trojan Removal instruction

Posted by at No comments:
Subscribe to: Posts (Atom)