Tuesday, February 3, 2009

Starware.Recipe Hijacker

Removing Starware.Recipe
Categories: Hijacker
Hijackers are software programs that modify users' default browser home page,
search settings, error page settings, or desktop wallpaper without adequate notice, disclosure,
or user consent.

When the default home page is hijacked, the browser opens to the web page set by the hijacker
instead of the user's designated home page. In some cases, the hijacker may block users from
restoring their desired home page.

A search hijacker redirects search results to other pages and may
transmit search and browsing data to unknown servers. An error page hijacker directs
the browser to another page, usually an advertising page, instead of the usual error
page when the requested URL is not found.

A desktop hijacker replaces the desktop wallpaper with advertising
for products and services on the desktop.

Hijackers take control of various parts of your web browser, including your home page,
search pages, and search bar. They may also redirect you to certain sites should you
mistype an address or prevent you from going to a website they would rather you not,
such as sites that combat malware. Some will even redirect you to their own search engine
when you attempt a search. NB: hijackers almost exclusively target Internet Explorer.
Visible Symptoms:
Files in system folders:
[%PROGRAM_FILES%]\Starware316\bin\Starware316.dll
[%PROGRAM_FILES%]\Starware316\bin\Starware316.dll

How to detect Starware.Recipe:

Files:
[%PROGRAM_FILES%]\Starware316\bin\Starware316.dll
[%PROGRAM_FILES%]\Starware316\bin\Starware316.dll

Folders:
[%APPDATA%]\Starware337
[%PROGRAM_FILES%]\Starware337

Registry Keys:
HKEY_CLASSES_ROOT\CLSID\{1962c5bc-e475-465b-823b-133e711bceb9}
HKEY_CLASSES_ROOT\CLSID\{5f90c0e3-4c0a-4d54-a8ac-5afe6163a99e}
HKEY_CLASSES_ROOT\clsid\{ab3dfa03-f743-4302-81dd-c370bffeca23}
HKEY_CLASSES_ROOT\clsid\{e550dc77-ef3b-474f-b59c-b3e2aa1fa6a5}
HKEY_CURRENT_USER\software\starware337
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5f90c0e3-4c0a-4d54-a8ac-5afe6163a99e}
HKEY_CLASSES_ROOT\clsid\{1962c5bc-e475-465b-823b-133e711bceb9}
HKEY_CLASSES_ROOT\clsid\{5f90c0e3-4c0a-4d54-a8ac-5afe6163a99e}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{5f90c0e3-4c0a-4d54-a8ac-5afe6163a99e}

Registry Values:
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar

Removing Starware.Recipe:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
VxsKey Trojan Removal instruction
Bancos.IEM Trojan Cleaner
Pigeon.AVJQ Trojan Removal instruction

Posted by at No comments:

Kraimer Trojan

Removing Kraimer
Categories: Trojan,Spyware,Backdoor,RAT
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Spyware is computer software that is installed surreptitiously on a personal computer
to intercept or take partial control over the user's interaction
with the computer, without the user's informed consent.

While the term spyware suggests software that secretly monitors the user's behavior,
the functions of spyware extend well beyond simple monitoring.

Spyware programs can collect various types of personal information,
such as Internet surfing habit, sites that have been visited,
but can also interfere with user control of the computer in other ways,
such as installing additional software, redirecting Web browser activity,
accessing websites blindly that will cause more harmful viruses,
or diverting advertising revenue to a third party.

Spyware can even change computer settings, resulting in slow connection speeds,
different home pages, and loss of Internet or other programs.
In an attempt to increase the understanding of spyware, a more formal classification
of its included software types is captured under the term privacy-invasive software.
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
Often the backdoor will not be visible in the log of active programs.
Many trojans and backdoors now have remote administration capabilities
allowing an individual to control the victim's computer.
Many times a file called the server must be opened on the victim's computer before
the trojan can have access to it.

These are generally sent through email, P2P file sharing software,
and in internet downloads. They are usually disguised as a legitimate program or file.
Many server files will display a fake error message when opened, to make it seem like it didn't open.
Some will also kill antivirus and firewall software.

Some RAT trojans are pranks that are most likely being controlled by a friend or enemy on
April Fool's day or a holiday. Prank RATS are generally not harmful, and won't log keystrokes or hack.
They usually do whimsical things like flip the screen upside-down, open the CD-ROM tray,
and swap mouse buttons. However, they can be quite hard to remove.
Kraimer Also known as:

[Kaspersky]Backdoor.Kraimer.11,Trojan.Spy.Kraimer.12,TrojanSpy.Win32.Kraimer.12,Sniffer.Win32.IPGrabber,Backdoor.Kraimer.13;
[Eset]Win32/Kraimer.13 trojan;
[McAfee]W32/Kraimer.worm,Kraimer;
[F-Prot]security risk or a "backdoor" program;
[Panda]Bck/Kraimer.11,Trojan Horse,Backdoor Program;
[Computer Associates]Backdoor/Kraimer.11,Win32.Kraimer.11,Backdoor/Kraimer.12,Win32.Kraimer.12,Win32.KraimGrab,Win32/Ipgrab2!Worm,Backdoor/KrAIMer.13,Win32.Kraimer.13
Visible Symptoms:
Files in system folders:
[%STARTUP%]\aolstart.exe
[%STARTUP%]\aolstart.exe

How to detect Kraimer:

Files:
[%STARTUP%]\aolstart.exe
[%STARTUP%]\aolstart.exe

Removing Kraimer:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Infantile Backdoor Symptoms

Posted by at No comments:

KnightSeven Backdoor

Removing KnightSeven
Categories: Backdoor,RAT
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
They function in the same way as legal remote administration programs used by system administrators.
This makes them difficult to detect.

Backdoors are installed and launched without the consent of the user of computer.
Often the backdoor will not be visible in the log of active programs.

Once a backdoor has been successfully launched, the computer is wide open.
Backdoor functions can include:


  • Launching/ deleting files

  • Sending/ receiving files

  • Deleting data

  • Displaying notification

  • Rebooting the machine

  • Executing files




Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.
Backdoors combine the functionality of most other types of in one package.

Backdoors have one especially dangerous sub-class: variants that can propagate like worms.
Many trojans and backdoors now have remote administration capabilities
allowing an individual to control the victim's computer.
Many times a file called the server must be opened on the victim's computer before
the trojan can have access to it.

These are generally sent through email, P2P file sharing software,
and in internet downloads. They are usually disguised as a legitimate program or file.
Many server files will display a fake error message when opened, to make it seem like it didn't open.
Some will also kill antivirus and firewall software.

Some RAT trojans are pranks that are most likely being controlled by a friend or enemy on
April Fool's day or a holiday. Prank RATS are generally not harmful, and won't log keystrokes or hack.
They usually do whimsical things like flip the screen upside-down, open the CD-ROM tray,
and swap mouse buttons. However, they can be quite hard to remove.
KnightSeven Also known as:

[Kaspersky]Backdoor.Knightseven.10;
[Panda]Backdoor Program;
[Computer Associates]Backdoor/Knightseven.1_0
Visible Symptoms:
Files in system folders:
[%WINDOWS%]\sndctl32.cfg
[%WINDOWS%]\sndctl32.exe
[%WINDOWS%]\sndctl32.cfg
[%WINDOWS%]\sndctl32.exe

How to detect KnightSeven:

Files:
[%WINDOWS%]\sndctl32.cfg
[%WINDOWS%]\sndctl32.exe
[%WINDOWS%]\sndctl32.cfg
[%WINDOWS%]\sndctl32.exe

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing KnightSeven:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
cpase.com Tracking Cookie Information
Destruction DoS Symptoms
WhitehouseCn DoS Information
00d Adware Information

Posted by at No comments:

ActualNames.SearchPike BHO

Removing ActualNames.SearchPike
Categories: BHO,Hijacker
As this information is entered by the user, it is captured by the BHO (Browser Helper Object) and
sent back to the attacker.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.Hijackers are software programs that modify users' default browser home page,
search settings, error page settings, or desktop wallpaper without adequate notice, disclosure,
or user consent.
Visible Symptoms:
Files in system folders:
[%SYSTEM%]\spredirect.dll
[%WINDOWS%]\system\spredirect.dll
[%SYSTEM%]\spredirect.dll
[%WINDOWS%]\system\spredirect.dll

How to detect ActualNames.SearchPike:

Files:
[%SYSTEM%]\spredirect.dll
[%WINDOWS%]\system\spredirect.dll
[%SYSTEM%]\spredirect.dll
[%WINDOWS%]\system\spredirect.dll

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{92c7d65c-52f3-4545-8a35-213d730db1ed}
HKEY_LOCAL_MACHINE\software\classes\clsid\{92c7d65c-52f3-4545-8a35-213d730db1ed}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{92c7d65c-52f3-4545-8a35-213d730db1ed}

Removing ActualNames.SearchPike:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Elotus Trojan Removal instruction
Removing Bancos.HNB Trojan
Remove TrojanDownloader.Win32.Skoob Downloader

Posted by at No comments:

Win32.TrojanDownloader.Dyfica Trojan

Removing Win32.TrojanDownloader.Dyfica
Categories: Trojan,Downloader
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
This family of Trojans downloads and installs new malware or adware on the computer.
The downloader then either launches the new malware or registers it to enable autorun
according to the local operating system requirements.

The names and locations of malware to be downloaded are either coded into the
Trojan or downloaded from a specified website.
Win32.TrojanDownloader.Dyfica Also known as:

[Kaspersky]TrojanDownloader.Win32.Dyfuca.da;
[Panda]Spyware/Dyfuca
Visible Symptoms:
Files in system folders:
[%PROFILE_TEMP%]\optimize.exe
[%PROFILE_TEMP%]\optimize.exe

How to detect Win32.TrojanDownloader.Dyfica:

Files:
[%PROFILE_TEMP%]\optimize.exe
[%PROFILE_TEMP%]\optimize.exe

Removing Win32.TrojanDownloader.Dyfica:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
JT Adware Removal
Removing Pigeon.AVP Trojan
Vxidl.AKG Trojan Symptoms
Bancos.GOM Trojan Cleaner

Posted by at No comments:

Sectemp Adware

Removing Sectemp
Categories: Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits

How to detect Sectemp:

Registry Values:
HKEY_LOCAL_MACHINE\software\sectemp
HKEY_LOCAL_MACHINE\software\sectemp
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\sectemp
HKEY_LOCAL_MACHINE\software\sectemp
HKEY_LOCAL_MACHINE\software\sectemp
HKEY_LOCAL_MACHINE\software\sectemp
HKEY_LOCAL_MACHINE\software\sectemp
HKEY_LOCAL_MACHINE\software\sectemp

Removing Sectemp:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Small.jf Trojan Cleaner
Remove CWS.XXXVideo Hijacker
Bancos.GNC Trojan Removal instruction
Bancos.HJM Trojan Symptoms
Removing Backdoor.AQI Trojan

Posted by at No comments:

Checkin Adware

Removing Checkin
Categories: Adware,Downloader
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
This family of Trojans downloads and installs new malware or adware on the computer.
The downloader then either launches the new malware or registers it to enable autorun
according to the local operating system requirements.

The names and locations of malware to be downloaded are either coded into the
Trojan or downloaded from a specified website.
Visible Symptoms:
Files in system folders:
[%SYSTEM%]\owmngr.exe
[%SYSTEM%]\ttps.exe
[%WINDOWS%]\system\owmngr.exe
[%WINDOWS%]\system\ttps.exe
[%SYSTEM%]\owmngr.exe
[%SYSTEM%]\ttps.exe
[%WINDOWS%]\system\owmngr.exe
[%WINDOWS%]\system\ttps.exe

How to detect Checkin:

Files:
[%SYSTEM%]\owmngr.exe
[%SYSTEM%]\ttps.exe
[%WINDOWS%]\system\owmngr.exe
[%WINDOWS%]\system\ttps.exe
[%SYSTEM%]\owmngr.exe
[%SYSTEM%]\ttps.exe
[%WINDOWS%]\system\owmngr.exe
[%WINDOWS%]\system\ttps.exe

Registry Values:
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce

Removing Checkin:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
TrojanDownloader.Win32.Swizzor.an BHO Symptoms
Fake.Telnet Trojan Removal instruction
Removing Swfwob Trojan
Removing CrazyWin Adware
Removing Kewrih Trojan

Posted by at No comments:

Delf.az Trojan

Removing Delf.az
Categories: Trojan,Downloader
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
This family of Trojans downloads and installs new malware or adware on the computer.
The downloader then either launches the new malware or registers it to enable autorun
according to the local operating system requirements.

The names and locations of malware to be downloaded are either coded into the
Trojan or downloaded from a specified website.
Visible Symptoms:
Files in system folders:
[%SYSTEM%]\comnt32.dll
[%SYSTEM%]\inetconnect.dll
[%SYSTEM%]\comnt32.dll
[%SYSTEM%]\inetconnect.dll

How to detect Delf.az:

Files:
[%SYSTEM%]\comnt32.dll
[%SYSTEM%]\inetconnect.dll
[%SYSTEM%]\comnt32.dll
[%SYSTEM%]\inetconnect.dll

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{1bb87441-6b7f-4b60-885c-b7af9f9afde3}
HKEY_CLASSES_ROOT\clsid\{fd3a6ab4-5527-4b52-90af-f90cd3270861}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{0cdaaec2-e245-44cc-8357-cab70172d017}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{77566c2a-2987-44bc-ac81-a02d19ee271b}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8e668361-c801-41b7-bf89-2fc2c8de9167}
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{c0dadd7e-d3f1-430d-b735-39dc6033592c}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{1bb87441-6b7f-4b60-885c-b7af9f9afde3}

Removing Delf.az:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
INService.ja Downloader Information

Posted by at No comments:

Zlob.Fam.Security Messenger Trojan

Removing Zlob.Fam.Security Messenger
Categories: Trojan,Popups
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Adware is the class of programs that place advertisements on your screen.
These may be in the form of pop-ups, pop-unders, advertisements embedded in programs,
advertisements placed on top of ads in web sites, or any other way the authors can
think of showing you an ad.

The pop-ups generally will not be stopped by pop-up stoppers, and often are
not dependent on your having Internet Explorer open.
They may show up when you are playing a game, writing a document, listening to music,
or anything else. Should you be surfing, the advertisements will often be related to
the web page you are viewing.

How to detect Zlob.Fam.Security Messenger:

Registry Keys:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Security Messenger

Removing Zlob.Fam.Security Messenger:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Remove Priosted Trojan
Doubleheart Trojan Cleaner

Posted by at No comments:

MSBot Backdoor

Removing MSBot
Categories: Backdoor
Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.

MSBot Also known as:

[Kaspersky]Backdoor.MSBot.b;
[McAfee]BackDoor-DT;
[F-Prot]security risk or a "backdoor" program;
[Panda]Bck/MSbot.B
Visible Symptoms:
Files in system folders:
[%WINDOWS%]\system\msstat32.exe
[%WINDOWS%]\system\msstat32.exe

How to detect MSBot:

Files:
[%WINDOWS%]\system\msstat32.exe
[%WINDOWS%]\system\msstat32.exe

Registry Values:
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run

Removing MSBot:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Win32.PWS.AlLight Backdoor Information
Pigeon.EGC Trojan Cleaner
Removing SearchingBooth Tracking Cookie
SillyDl.CRA Downloader Information
iprom.net Tracking Cookie Removal

Posted by at No comments:

Win32.TrojanClicker.Delf Trojan

Removing Win32.TrojanClicker.Delf
Categories: Trojan,Adware
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
Win32.TrojanClicker.Delf Also known as:

[Eset]Win32/TrojanClicker.Delf.R trojan;
[Panda]Adware/WinTools
Visible Symptoms:
Files in system folders:
[%PROFILE_TEMP%]\temp.fr????
[%WINDOWS%]\2_0_1browserhelper2.dll
[%WINDOWS%]\2_0_1browserhelper2.dll_tobedeleted
[%PROFILE_TEMP%]\temp.fr????
[%WINDOWS%]\2_0_1browserhelper2.dll
[%WINDOWS%]\2_0_1browserhelper2.dll_tobedeleted

How to detect Win32.TrojanClicker.Delf:

Files:
[%PROFILE_TEMP%]\temp.fr????
[%WINDOWS%]\2_0_1browserhelper2.dll
[%WINDOWS%]\2_0_1browserhelper2.dll_tobedeleted
[%PROFILE_TEMP%]\temp.fr????
[%WINDOWS%]\2_0_1browserhelper2.dll
[%WINDOWS%]\2_0_1browserhelper2.dll_tobedeleted

Removing Win32.TrojanClicker.Delf:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Bancos.GUU Trojan Information
BridgeW Backdoor Cleaner
Remove Bat.Attrib Trojan
Removing Pigeon.AVQP Trojan
MskSoftStudy Corp. Trojan Removal

Posted by at No comments:

abxtoolbar BHO

Removing abxtoolbar
Categories: BHO
As this information is entered by the user, it is captured by the BHO (Browser Helper Object) and
sent back to the attacker.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.

How to detect abxtoolbar:

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{00ceaf8f-bf59-429b-a1d9-91c88ccfe94b}
HKEY_CLASSES_ROOT\clsid\{544f12d3-0b83-4ddb-b73a-53e1b4bba4af}
HKEY_CLASSES_ROOT\interface\{17bbff9a-5d7b-4a5b-8265-15b4b86be90f}
HKEY_CLASSES_ROOT\interface\{1e5c9fae-43b0-47c3-ba51-ba5a08e44322}
HKEY_CLASSES_ROOT\toolband.xbtb01186
HKEY_CLASSES_ROOT\toolband.xbtb01186.1
HKEY_CLASSES_ROOT\typelib\{483d2273-2c22-4053-94ca-6a99b2778bf2}
HKEY_CLASSES_ROOT\xbtb01186.ietoolbar
HKEY_CLASSES_ROOT\xbtb01186.ietoolbar.1
HKEY_CLASSES_ROOT\xbtb01186.xbtb01186
HKEY_CLASSES_ROOT\xbtb01186.xbtb01186.1
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser\{544f12d3-0b83-4ddb-b73a-53e1b4bba4af}
HKEY_CURRENT_USER\software\xbtb01186
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\extensions\{544f12d3-0b83-4ddb-b73a-53e1b4bba4af}
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar\{544f12d3-0b83-4ddb-b73a-53e1b4bba4af}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{00ceaf8f-bf59-429b-a1d9-91c88ccfe94b}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\xbtb01186.xbtb01186toolbar

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\search

Removing abxtoolbar:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Remove Pigeon.AUZY Trojan
Removing Loofeer Trojan
Removing TPE.Bosnia Trojan

Posted by at No comments:

abxtoolbar BHO

Removing abxtoolbar
Categories: BHO
BHO (Browser Helper Object) Trojan.
The BHO waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.
The method of network transport used by the attacker makes this Trojan unique.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.
Instead, this Trojan encodes the data with a simple XOR algorithm before placing it into
the data section of an ICMP ping packet." explained the company.

How to detect abxtoolbar:

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{00ceaf8f-bf59-429b-a1d9-91c88ccfe94b}
HKEY_CLASSES_ROOT\clsid\{544f12d3-0b83-4ddb-b73a-53e1b4bba4af}
HKEY_CLASSES_ROOT\interface\{17bbff9a-5d7b-4a5b-8265-15b4b86be90f}
HKEY_CLASSES_ROOT\interface\{1e5c9fae-43b0-47c3-ba51-ba5a08e44322}
HKEY_CLASSES_ROOT\toolband.xbtb01186
HKEY_CLASSES_ROOT\toolband.xbtb01186.1
HKEY_CLASSES_ROOT\typelib\{483d2273-2c22-4053-94ca-6a99b2778bf2}
HKEY_CLASSES_ROOT\xbtb01186.ietoolbar
HKEY_CLASSES_ROOT\xbtb01186.ietoolbar.1
HKEY_CLASSES_ROOT\xbtb01186.xbtb01186
HKEY_CLASSES_ROOT\xbtb01186.xbtb01186.1
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser\{544f12d3-0b83-4ddb-b73a-53e1b4bba4af}
HKEY_CURRENT_USER\software\xbtb01186
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\extensions\{544f12d3-0b83-4ddb-b73a-53e1b4bba4af}
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar\{544f12d3-0b83-4ddb-b73a-53e1b4bba4af}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{00ceaf8f-bf59-429b-a1d9-91c88ccfe94b}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\xbtb01186.xbtb01186toolbar

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\search

Removing abxtoolbar:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Vxidl.AIT Trojan Cleaner
Remove Tribe.Flood.Network DoS
Drzip Trojan Information
Remove Bancos.FYW Trojan
Pigeon.EJM Trojan Cleaner

Posted by at No comments:

DetectSatan Ransomware

Removing DetectSatan
Categories: Ransomware
A cryptovirus, cryptotrojan or cryptoworm is a type of
malware that encrypts the data belonging to an individual on a computer,
demanding a ransom for its restoration.

The term ransomware is commonly used to describe software that encrypts the data
belonging to an individual on a computer, demanding a ransom for its restoration.
Although the field known as cryptovirology predates the term "ransomware".
Visible Symptoms:
Files in system folders:
[%DESKTOP%]\DetectSatan 2.0.lnk
[%DESKTOP%]\UnusualSoftware.com.lnk
[%DESKTOP%]\DetectSatan 2.0.lnk
[%DESKTOP%]\UnusualSoftware.com.lnk

How to detect DetectSatan:

Files:
[%DESKTOP%]\DetectSatan 2.0.lnk
[%DESKTOP%]\UnusualSoftware.com.lnk
[%DESKTOP%]\DetectSatan 2.0.lnk
[%DESKTOP%]\UnusualSoftware.com.lnk

Folders:
[%PROGRAMS%]\DetectSatan 2.0
[%PROGRAM_FILES%]\Unusual Software

Removing DetectSatan:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
VCL.cmp Trojan Removal instruction
Removing Win32.TelHack DoS

Posted by at No comments:

CommonName.Zenet Hijacker

Removing CommonName.Zenet
Categories: Hijacker
Hijackers are software programs that modify users' default browser home page,
search settings, error page settings, or desktop wallpaper without adequate notice, disclosure,
or user consent.

When the default home page is hijacked, the browser opens to the web page set by the hijacker
instead of the user's designated home page. In some cases, the hijacker may block users from
restoring their desired home page.

A search hijacker redirects search results to other pages and may
transmit search and browsing data to unknown servers. An error page hijacker directs
the browser to another page, usually an advertising page, instead of the usual error
page when the requested URL is not found.

A desktop hijacker replaces the desktop wallpaper with advertising
for products and services on the desktop.

Hijackers take control of various parts of your web browser, including your home page,
search pages, and search bar. They may also redirect you to certain sites should you
mistype an address or prevent you from going to a website they would rather you not,
such as sites that combat malware. Some will even redirect you to their own search engine
when you attempt a search. NB: hijackers almost exclusively target Internet Explorer.

How to detect CommonName.Zenet:

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing CommonName.Zenet:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Remove FDoS.Udp.Storm DoS
SystemProcess Adware Symptoms
Bancos.IJO Trojan Cleaner

Posted by at No comments:

Remote.Control Backdoor

Removing Remote.Control
Categories: Backdoor,RAT
Backdoors combine the functionality of most other types of in one package.
Backdoors have one especially dangerous sub-class: variants that can propagate like worms.

Many trojans and backdoors now have remote administration capabilities
allowing an individual to control the victim's computer.
Many times a file called the server must be opened on the victim's computer before
the trojan can have access to it.

These are generally sent through email, P2P file sharing software,
and in internet downloads. They are usually disguised as a legitimate program or file.
Many server files will display a fake error message when opened, to make it seem like it didn't open.
Some will also kill antivirus and firewall software.

Some RAT trojans are pranks that are most likely being controlled by a friend or enemy on
April Fool's day or a holiday. Prank RATS are generally not harmful, and won't log keystrokes or hack.
They usually do whimsical things like flip the screen upside-down, open the CD-ROM tray,
and swap mouse buttons. However, they can be quite hard to remove.
Remote.Control Also known as:

[Kaspersky]Backdoor.RC,Backdoor.Remotrol.11,Backdoor.Remotcon.10,Backdoor.VB.ey;
[McAfee]BackDoor-FU,BackDoor-APD,BackDoor-AQY.gen;
[F-Prot]security risk or a "backdoor" program;
[Panda]Bck/Rc,Bck/RC.1.0,Bck/Remotrol.B,Backdoor Program,Backdoor Program.LC;
[Computer Associates]Backdoor/RC!Server,Backdoor/Remotrol.1_1,Backdoor/VB.ey,Backdoor/VB.HU
Visible Symptoms:
Files in system folders:
[%PROGRAM_FILES%]\Shareaza\Plugins\MediaPlayer.dll
[%PROGRAM_FILES%]\Shareaza\Plugins\RazaWebHook.dll
[%PROGRAM_FILES%]\Shareaza\Plugins\MediaPlayer.dll
[%PROGRAM_FILES%]\Shareaza\Plugins\RazaWebHook.dll

How to detect Remote.Control:

Files:
[%PROGRAM_FILES%]\Shareaza\Plugins\MediaPlayer.dll
[%PROGRAM_FILES%]\Shareaza\Plugins\RazaWebHook.dll
[%PROGRAM_FILES%]\Shareaza\Plugins\MediaPlayer.dll
[%PROGRAM_FILES%]\Shareaza\Plugins\RazaWebHook.dll

Removing Remote.Control:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Remove IstBar.ep Downloader

Posted by at No comments:

Cytron BHO

Removing Cytron
Categories: BHO
The BHO (Browser Helper Object) waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.
Visible Symptoms:
Files in system folders:
[%WINDOWS%]\downloaded program files\potd.dll
[%WINDOWS%]\downloaded program files\sec.dll
[%WINDOWS%]\downloaded program files\potd.dll
[%WINDOWS%]\downloaded program files\sec.dll

How to detect Cytron:

Files:
[%WINDOWS%]\downloaded program files\potd.dll
[%WINDOWS%]\downloaded program files\sec.dll
[%WINDOWS%]\downloaded program files\potd.dll
[%WINDOWS%]\downloaded program files\sec.dll

Registry Keys:
HKEY_CURRENT_USER\software\potd

Removing Cytron:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Seed Trojan Symptoms
OC.spl Trojan Symptoms
Remove MBKWBar Toolbar
Global.Netcom.Inc Trojan Removal instruction
Pigeon.AWHR Trojan Cleaner

Posted by at No comments:

Dluca.gen Downloader

Removing Dluca.gen
Categories: Downloader
Trojans-downloaders downloads and installs new malware or adware on the computer.

Visible Symptoms:
Files in system folders:
[%SYSTEM%]\gwmpivue.exe
[%SYSTEM%]\kmrptame.exe
[%SYSTEM%]\msgb1.exe
[%SYSTEM%]\gwmpivue.exe
[%SYSTEM%]\kmrptame.exe
[%SYSTEM%]\msgb1.exe

How to detect Dluca.gen:

Files:
[%SYSTEM%]\gwmpivue.exe
[%SYSTEM%]\kmrptame.exe
[%SYSTEM%]\msgb1.exe
[%SYSTEM%]\gwmpivue.exe
[%SYSTEM%]\kmrptame.exe
[%SYSTEM%]\msgb1.exe

Removing Dluca.gen:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
3xterm Trojan Cleaner
Netrax Backdoor Information
Pigeon.EBQ Trojan Removal instruction
Vxidl.AFK Trojan Removal

Posted by at No comments:

Ohbeeb Trojan

Removing Ohbeeb
Categories: Trojan,DoS
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
DoS programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.


Ohbeeb Also known as:

[Kaspersky]Trojan-Downlaoder.Win32.Tiny.cl,Trojan.Win32.Agent.zw,Trojan-Downlaoder.Win32.Small.dsx,Trojan.Win32.Zapxhast.cd,Trojan-Downlaoder.Win32.Small.dqt,Trojan-Downloader.Win32.tiny.bm,Trojan.Win32.Agent.zq,Trojan-Downlaoder.win32.Tiny.ad,Trojan-Downlaoder.Win32.Small.cug;
[McAfee]Generic Downloader.ab,Downloader-AUw,Downloader-AUW,Downloader-BAB;
[F-Prot]W32/Trojan.SCN;
[Other]Win32/Ohbeeb,Win32.Ohbeeb,Win32/Ohbeeb.R,Win32/Ohbeeb.S,Downloader,Win32/Ohbeeb.T,Win32/Ohbeeb.N,win32/Ohbeeb.O,Win32/Ohbeeb.P,Win32.Ohbeeb.Q,Win32/Ohbeeb.V,Win32/Ohbeeb!generic,Win32/Ohbeeb.AF,Win32/Ohbeeb.AI,Win32/Ohbeeb.AH

How to detect Ohbeeb:

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing Ohbeeb:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Remove Pigeon.AVEH Trojan
Mecapaw Trojan Cleaner
Black.Monday Trojan Information
Removing Hoaveldoor Trojan
Elotus Trojan Removal instruction

Posted by at No comments:

IEPageHelper Adware

Removing IEPageHelper
Categories: Adware,BHO
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
The BHO (Browser Helper Object) waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.
Visible Symptoms:
Files in system folders:
[%SYSTEM%]\inetdctr.dll
[%WINDOWS%]\system\inetdctr.dll
[%SYSTEM%]\inetdctr.dll
[%WINDOWS%]\system\inetdctr.dll

How to detect IEPageHelper:

Files:
[%SYSTEM%]\inetdctr.dll
[%WINDOWS%]\system\inetdctr.dll
[%SYSTEM%]\inetdctr.dll
[%WINDOWS%]\system\inetdctr.dll

Registry Keys:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1C4DA27D-4D52-4465-A089-98E01BB725CA}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6F42CAD-2559-48DF-AF30-89E480AF5DFA}
HKEY_CLASSES_ROOT\clsid\{1c4da27d-4d52-4465-a089-98e01bb725ca}
HKEY_CLASSES_ROOT\clsid\{a6f42cad-2559-48df-af30-89e480af5dfa}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{1c4da27d-4d52-4465-a089-98e01bb725ca}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{a6f42cad-2559-48df-af30-89e480af5dfa}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{1c4da27d-4d52-4465-a089-98e01bb725ca}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{a6f42cad-2559-48df-af30-89e480af5dfa}

Removing IEPageHelper:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Gates.of.Hell Backdoor Symptoms
INetSpeak.Iexplorr Adware Information
Remove Webprefix Adware
Removing Hoolaxy Trojan
Bancos.GTB Trojan Symptoms

Posted by at No comments:

ShopForGood Adware

Removing ShopForGood
Categories: Adware,BHO,Hijacker,Toolbar
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
The BHO (Browser Helper Object) waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.
A Search hijacker redirects search results to other pages and may
transmit search and browsing data to unknown servers. An error page hijacker directs
the browser to another page, usually an advertising page, instead of the usual error
page when the requested URL is not found.
Toolbar presents itself as a helpful add-on for Internet Explorer but it is a real pest.
Visible Symptoms:
Files in system folders:
[%SYSTEM%]\winy.dll
[%WINDOWS%]\system\winy.dll
[%SYSTEM%]\winy.dll
[%WINDOWS%]\system\winy.dll

How to detect ShopForGood:

Files:
[%SYSTEM%]\winy.dll
[%WINDOWS%]\system\winy.dll
[%SYSTEM%]\winy.dll
[%WINDOWS%]\system\winy.dll

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{05bbb56a-2a69-4a5c-bfda-43295dd67434}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{05bbb56a-2a69-4a5c-bfda-43295dd67434}
HKEY_LOCAL_MACHINE\software\classes\clsid\{05bbb56a-2a69-4a5c-bfda-43295dd67434}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{05bbb56a-2a69-4a5c-bfda-43295dd67434}

Removing ShopForGood:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Trojan.Downloader.Win32.Small.csn Trojan Cleaner
Dos Trojan Information
Veloz.com Tracking Cookie Removal

Posted by at No comments:

Zlob.QK Trojan

Removing Zlob.QK
Categories: Trojan,Downloader,Popups
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
This family of Trojans downloads and installs new malware or adware on the computer.
The downloader then either launches the new malware or registers it to enable autorun
according to the local operating system requirements.

The names and locations of malware to be downloaded are either coded into the
Trojan or downloaded from a specified website.
Adware is the class of programs that place advertisements on your screen.
These may be in the form of pop-ups, pop-unders, advertisements embedded in programs,
advertisements placed on top of ads in web sites, or any other way the authors can
think of showing you an ad.

The pop-ups generally will not be stopped by pop-up stoppers, and often are
not dependent on your having Internet Explorer open.
They may show up when you are playing a game, writing a document, listening to music,
or anything else. Should you be surfing, the advertisements will often be related to
the web page you are viewing.

How to detect Zlob.QK:

Registry Keys:
HKEY_CLASSES_ROOT\AVZipEnchancer.Chl
HKEY_CLASSES_ROOT\codecssoftwarepackage.chl

Removing Zlob.QK:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
David!Dropper Trojan Symptoms

Posted by at No comments:

Samsa Trojan

Removing Samsa
Categories: Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Samsa Also known as:

[Kaspersky]Trojan.Win32/Samsa.b,Trojan.Win32.Samsa,Trojan.Win32.Samsa.v;
[McAfee]Enfal;
[F-Prot]W32/Trojan2.LSU (exact);
[Other]Win32/Samsa.A,Win32/Samsa
Visible Symptoms:
Files in system folders:
[%SYSTEM%]\inbackup.exe
[%SYSTEM%]\inbackup.exe

How to detect Samsa:

Files:
[%SYSTEM%]\inbackup.exe
[%SYSTEM%]\inbackup.exe

Removing Samsa:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
BrowserToolbar Adware Cleaner
Mitglieder.dz Trojan Removal instruction

Posted by at No comments:

AdBreak.FHFMM BHO

Removing AdBreak.FHFMM
Categories: BHO
The BHO (Browser Helper Object) waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.
Visible Symptoms:
Files in system folders:
[%WINDOWS%]\fhfmm.exe
[%WINDOWS%]\fhfmm-Uninstaller.exe
[%WINDOWS%]\fhfmm.dll
[%WINDOWS%]\fhfmm.txt
[%WINDOWS%]\fhfmm1.tmp
[%WINDOWS%]\fhfmm2.tmp
[%WINDOWS%]\fhfmm3.tmp
[%WINDOWS%]\liqui-Uninstaller.exe
[%WINDOWS%]\fhfmm.exe
[%WINDOWS%]\fhfmm-Uninstaller.exe
[%WINDOWS%]\fhfmm.dll
[%WINDOWS%]\fhfmm.txt
[%WINDOWS%]\fhfmm1.tmp
[%WINDOWS%]\fhfmm2.tmp
[%WINDOWS%]\fhfmm3.tmp
[%WINDOWS%]\liqui-Uninstaller.exe

How to detect AdBreak.FHFMM:

Files:
[%WINDOWS%]\fhfmm.exe
[%WINDOWS%]\fhfmm-Uninstaller.exe
[%WINDOWS%]\fhfmm.dll
[%WINDOWS%]\fhfmm.txt
[%WINDOWS%]\fhfmm1.tmp
[%WINDOWS%]\fhfmm2.tmp
[%WINDOWS%]\fhfmm3.tmp
[%WINDOWS%]\liqui-Uninstaller.exe
[%WINDOWS%]\fhfmm.exe
[%WINDOWS%]\fhfmm-Uninstaller.exe
[%WINDOWS%]\fhfmm.dll
[%WINDOWS%]\fhfmm.txt
[%WINDOWS%]\fhfmm1.tmp
[%WINDOWS%]\fhfmm2.tmp
[%WINDOWS%]\fhfmm3.tmp
[%WINDOWS%]\liqui-Uninstaller.exe

Removing AdBreak.FHFMM:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Bancos.AKS Trojan Removal instruction
Remove Vxidl.ACM Trojan
Remove Format.Kill Trojan
Removing Mute Trojan
Nethief.XP.SP1 RAT Cleaner

Posted by at No comments:

PassAlert Trojan

Removing PassAlert
Categories: Trojan,Downloader
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
This family of Trojans downloads and installs new malware or adware on the computer.
The downloader then either launches the new malware or registers it to enable autorun
according to the local operating system requirements.

The names and locations of malware to be downloaded are either coded into the
Trojan or downloaded from a specified website.

How to detect PassAlert:

Registry Values:
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run

Removing PassAlert:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Pluto Trojan Symptoms

Posted by at No comments:

Need2Find Adware

Removing Need2Find
Categories: Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

Visible Symptoms:
Files in system folders:
[%PROGRAM_FILES%]\Need2Find\bar\1.bin\ND2FNBAR.DLL
[%PROGRAM_FILES%]\Need2Find\bar\1.bin\ND2FNBAR.DLL

How to detect Need2Find:

Files:
[%PROGRAM_FILES%]\Need2Find\bar\1.bin\ND2FNBAR.DLL
[%PROGRAM_FILES%]\Need2Find\bar\1.bin\ND2FNBAR.DLL

Registry Keys:
HKEY_CLASSES_ROOT\CLSID\{4D1C4E81-A32A-416b-BCDB-33B3EF3617D3}
HKEY_CLASSES_ROOT\clsid\{630d6140-04c5-4db0-b27a-020d766ff09b}
HKEY_CLASSES_ROOT\need2findbar.settingsplugin
HKEY_CLASSES_ROOT\need2findbar.settingsplugin.1
HKEY_CLASSES_ROOT\need2findbar.toolbarplugin
HKEY_CLASSES_ROOT\need2findbar.toolbarplugin.1
HKEY_CLASSES_ROOT\clsid\{4d1c4e81-a32a-416b-bcdb-33b3ef3617d3}

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\need2findbar uninstall
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\need2findbar uninstall
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\need2findbar uninstall
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\need2findbar uninstall
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\need2findbar uninstall
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\need2findbar uninstall

Removing Need2Find:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Backdoor.Bladerunner Trojan Removal
Remove TCS.Installation.&.Configuration Trojan
Mosaic Trojan Cleaner
Remove DefIE Trojan

Posted by at No comments:

BrowserAid.FindIt.Quick BHO

Removing BrowserAid.FindIt.Quick
Categories: BHO,Toolbar
BHO (Browser Helper Object) Trojan.
The BHO waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.
The method of network transport used by the attacker makes this Trojan unique.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.
Instead, this Trojan encodes the data with a simple XOR algorithm before placing it into
the data section of an ICMP ping packet." explained the company.
Toolbar presents itself as a helpful add-on for Internet Explorer but it is a real pest.

How to detect BrowserAid.FindIt.Quick:

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{72ceae02-df9c-49f3-9689-10d1b82dc343}
HKEY_LOCAL_MACHINE\software\classes\clsid\{72ceae02-df9c-49f3-9689-10d1b82dc343}

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar

Removing BrowserAid.FindIt.Quick:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Remove Pigeon.AVNN Trojan
pathfinder.com Tracking Cookie Removal instruction
Remove Avocado.ServerDLL Trojan
Dowque.ABW Trojan Cleaner

Posted by at No comments:

Hellraider RAT

Removing Hellraider
Categories: RAT
Many trojans and backdoors now have remote administration capabilities
allowing an individual to control the victim's computer.
Many times a file called the server must be opened on the victim's computer before
the trojan can have access to it.

These are generally sent through email, P2P file sharing software,
and in internet downloads. They are usually disguised as a legitimate program or file.
Many server files will display a fake error message when opened, to make it seem like it didn't open.
Some will also kill antivirus and firewall software.

Some RAT trojans are pranks that are most likely being controlled by a friend or enemy on
April Fool's day or a holiday. Prank RATS are generally not harmful, and won't log keystrokes or hack.
They usually do whimsical things like flip the screen upside-down, open the CD-ROM tray,
and swap mouse buttons. However, they can be quite hard to remove.
Visible Symptoms:
Files in system folders:
[%WINDOWS%]\hellraider.exe
[%WINDOWS%]\hellraider.exe

How to detect Hellraider:

Files:
[%WINDOWS%]\hellraider.exe
[%WINDOWS%]\hellraider.exe

Registry Values:
HKEY_CURRENT_USER\software\mirabilis\icq\agent\apps\cxyfp
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices

Removing Hellraider:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Arara.dr RAT Symptoms
Priosted Trojan Removal
Bancos.HXJ Trojan Removal
Agent.FZ Trojan Cleaner
Removing Pigeon.EMG Trojan

Posted by at No comments:

CWS Homepage Hijacker Hijacker

Removing CWS Homepage Hijacker
Categories: Hijacker
Hijackers take control of various parts of your web browser, including your home page,
search pages, and search bar. They may also redirect you to certain sites should you
mistype an address or prevent you from going to a website they would rather you not,
such as sites that combat malware. Some will even redirect you to their own search engine
when you attempt a search.
Visible Symptoms:
Files in system folders:
[%PROGRAM_FILES%]\COMMONNAME\TOOLBAR\cnbabe.dll
[%PROGRAM_FILES%]\Dianlei\Plugins\DLManager.dll
[%PROGRAM_FILES%]\FlashGet\Jccatch.dll
[%PROGRAM_FILES%]\ICOO Loader\addons\icoou.dll
[%PROGRAM_FILES%]\ICOO Loader\addons\icooue.dll
[%SYSTEM%]\afontext.dll
[%SYSTEM%]\atlwt32.dll
[%SYSTEM%]\msacmx.dll
[%WINDOWS%]\apilx32.dll
[%WINDOWS%]\apizu32.dll
[%WINDOWS%]\g230320000.dll
[%WINDOWS%]\ipec32.dll
[%WINDOWS%]\mfchi32.dll
[%WINDOWS%]\wingj.dll
[%PROGRAM_FILES%]\COMMONNAME\TOOLBAR\cnbabe.dll
[%PROGRAM_FILES%]\Dianlei\Plugins\DLManager.dll
[%PROGRAM_FILES%]\FlashGet\Jccatch.dll
[%PROGRAM_FILES%]\ICOO Loader\addons\icoou.dll
[%PROGRAM_FILES%]\ICOO Loader\addons\icooue.dll
[%SYSTEM%]\afontext.dll
[%SYSTEM%]\atlwt32.dll
[%SYSTEM%]\msacmx.dll
[%WINDOWS%]\apilx32.dll
[%WINDOWS%]\apizu32.dll
[%WINDOWS%]\g230320000.dll
[%WINDOWS%]\ipec32.dll
[%WINDOWS%]\mfchi32.dll
[%WINDOWS%]\wingj.dll

How to detect CWS Homepage Hijacker:

Files:
[%PROGRAM_FILES%]\COMMONNAME\TOOLBAR\cnbabe.dll
[%PROGRAM_FILES%]\Dianlei\Plugins\DLManager.dll
[%PROGRAM_FILES%]\FlashGet\Jccatch.dll
[%PROGRAM_FILES%]\ICOO Loader\addons\icoou.dll
[%PROGRAM_FILES%]\ICOO Loader\addons\icooue.dll
[%SYSTEM%]\afontext.dll
[%SYSTEM%]\atlwt32.dll
[%SYSTEM%]\msacmx.dll
[%WINDOWS%]\apilx32.dll
[%WINDOWS%]\apizu32.dll
[%WINDOWS%]\g230320000.dll
[%WINDOWS%]\ipec32.dll
[%WINDOWS%]\mfchi32.dll
[%WINDOWS%]\wingj.dll
[%PROGRAM_FILES%]\COMMONNAME\TOOLBAR\cnbabe.dll
[%PROGRAM_FILES%]\Dianlei\Plugins\DLManager.dll
[%PROGRAM_FILES%]\FlashGet\Jccatch.dll
[%PROGRAM_FILES%]\ICOO Loader\addons\icoou.dll
[%PROGRAM_FILES%]\ICOO Loader\addons\icooue.dll
[%SYSTEM%]\afontext.dll
[%SYSTEM%]\atlwt32.dll
[%SYSTEM%]\msacmx.dll
[%WINDOWS%]\apilx32.dll
[%WINDOWS%]\apizu32.dll
[%WINDOWS%]\g230320000.dll
[%WINDOWS%]\ipec32.dll
[%WINDOWS%]\mfchi32.dll
[%WINDOWS%]\wingj.dll

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{00000000-0000-0000-0000-000000000000}
HKEY_CLASSES_ROOT\CLSID\{008764D5-773A-A0CE-0E07-D1A50B2AEB9C}
HKEY_CLASSES_ROOT\CLSID\{027602E2-163B-E675-169C-61D11C7D6D27}
HKEY_CLASSES_ROOT\CLSID\{0519A9C9-064A-4cbc-BC47-D0EACD581477}
HKEY_CLASSES_ROOT\CLSID\{093646C5-CDDB-2035-BD50-008A30E3EA96}
HKEY_CLASSES_ROOT\CLSID\{0E0649E4-4EF1-5350-5D27-33BAD0093516}
HKEY_CLASSES_ROOT\CLSID\{0FEE7E33-7D50-E2F1-5115-7D9B474CAEA8}
HKEY_CLASSES_ROOT\CLSID\{18A2EFFD-B6E8-69B5-4ABB-1F1C8F860433}
HKEY_CLASSES_ROOT\CLSID\{199D9E0B-2F5F-DA98-2B62-FA9AA3710DD5}
HKEY_CLASSES_ROOT\CLSID\{1C72FEB7-4D6C-FAF3-195A-D51516EDCC77}
HKEY_CLASSES_ROOT\CLSID\{242B315F-5E97-AB86-1F6E-F73703F03993}
HKEY_CLASSES_ROOT\CLSID\{255FEB8E-6196-9318-D570-21DED5FF9E37}
HKEY_CLASSES_ROOT\CLSID\{30C15F1B-B902-8769-7E97-07B632351674}
HKEY_CLASSES_ROOT\CLSID\{32646C8A-BB54-7D47-C6A8-722B0FA51A6C}
HKEY_CLASSES_ROOT\CLSID\{32FD5A16-7B87-D254-57E3-C8A486AA74D6}
HKEY_CLASSES_ROOT\CLSID\{35211BE1-8EDF-F9D6-D61F-027B7DB286D4}
HKEY_CLASSES_ROOT\CLSID\{38B38285-1192-F79E-1DFC-91016F827D80}
HKEY_CLASSES_ROOT\CLSID\{39497903-FC95-F850-8965-3C13F3D7274A}
HKEY_CLASSES_ROOT\CLSID\{3C6CC514-0686-8D4A-3795-115CE35C21E9}
HKEY_CLASSES_ROOT\CLSID\{3F300A97-6990-3673-92B7-FCDF52055C5F}
HKEY_CLASSES_ROOT\CLSID\{4129401E-E0CC-8390-738E-DCC2CDEFBA2B}
HKEY_CLASSES_ROOT\CLSID\{41A0091F-BE0B-897D-16F8-5BD81668DD3F}
HKEY_CLASSES_ROOT\CLSID\{46016C67-D3FF-4014-621E-C121E994E090}
HKEY_CLASSES_ROOT\CLSID\{465A59EC-20E5-4fca-A38A-E5EC3C480218}
HKEY_CLASSES_ROOT\CLSID\{467FAEB2-5F5B-4C81-BAE0-2A4752CA7F4E}
HKEY_CLASSES_ROOT\CLSID\{47E71DA2-60FF-677A-1484-28704F9ABE46}
HKEY_CLASSES_ROOT\CLSID\{4D3F045A-9870-CF55-CF30-851993A3AF6F}
HKEY_CLASSES_ROOT\CLSID\{4D7C2D84-2B00-146D-CAF2-38E8743204A2}
HKEY_CLASSES_ROOT\CLSID\{513E86B0-D516-B255-E656-DEF35121232E}
HKEY_CLASSES_ROOT\CLSID\{521B84C2-EFEB-DC8C-B02A-9089847972E1}
HKEY_CLASSES_ROOT\CLSID\{5742F79A-1D91-42C4-990C-B46CF55A6478}
HKEY_CLASSES_ROOT\CLSID\{59708803-B475-5C15-39AD-7A1D62317282}
HKEY_CLASSES_ROOT\CLSID\{5BCE8A80-9FA3-A229-B315-13932E0AA5D8}
HKEY_CLASSES_ROOT\CLSID\{605B61F1-324E-B844-52EA-08A764AA37D9}
HKEY_CLASSES_ROOT\CLSID\{60B33657-9E08-DEB2-4980-97C2352D4AEF}
HKEY_CLASSES_ROOT\CLSID\{624D0ED6-FBD6-D488-B435-B1E924C175C0}
HKEY_CLASSES_ROOT\CLSID\{6259AAB6-979D-83C5-B2DB-ABC95EA1C8B2}
HKEY_CLASSES_ROOT\CLSID\{68258D5A-F48D-99E0-FFBF-35C3BFB74C94}
HKEY_CLASSES_ROOT\CLSID\{6A9852CC-FCBB-61A5-41A1-2EDA8230AEC5}
HKEY_CLASSES_ROOT\CLSID\{6D5064E5-DB4F-986D-4AD0-EC06E8821EA9}
HKEY_CLASSES_ROOT\CLSID\{7363BA68-FA5B-4BC9-8DEF-84263F54F53D}
HKEY_CLASSES_ROOT\CLSID\{741EF1A1-D9CC-94D4-0B32-52C18D0ED509}
HKEY_CLASSES_ROOT\CLSID\{77E35B59-5DBF-CA0F-2037-00B52E21E874}
HKEY_CLASSES_ROOT\CLSID\{8227E624-0D80-2ABA-0149-6F487ADE838B}
HKEY_CLASSES_ROOT\CLSID\{869819CE-8035-1170-64C2-6EE1E98B3458}
HKEY_CLASSES_ROOT\CLSID\{87680A9A-4595-032D-4F84-B593061B9FC5}
HKEY_CLASSES_ROOT\CLSID\{8F6B33B6-05DF-FAF4-C592-388E843E5ADB}
HKEY_CLASSES_ROOT\CLSID\{904D6A45-F3FF-1A6D-7B1D-0DB4E2E1F3E7}
HKEY_CLASSES_ROOT\CLSID\{90B46B07-282D-8DDE-D296-452CDBB0603B}
HKEY_CLASSES_ROOT\CLSID\{90C2CAE8-913A-DBA5-AC8E-D0896D0378CA}
HKEY_CLASSES_ROOT\CLSID\{92CDA6FC-1C7D-E1DC-676E-761A6ECC0847}
HKEY_CLASSES_ROOT\CLSID\{98A9B656-1029-E870-F0CD-CA151569B86D}
HKEY_CLASSES_ROOT\CLSID\{9E2E0AAF-55CD-8D02-957C-C88F3AC0AE90}
HKEY_CLASSES_ROOT\CLSID\{A0B5AE4D-89E5-F22A-060E-06256A646F77}
HKEY_CLASSES_ROOT\CLSID\{A2BEDD84-A226-805F-8E96-0121145966E2}
HKEY_CLASSES_ROOT\CLSID\{A4F94C0C-54A7-4DB1-9AF3-B22E63D00322}
HKEY_CLASSES_ROOT\CLSID\{A4F94C0C-54A7-4DB1-9AF3-B22E63D00401}
HKEY_CLASSES_ROOT\clsid\{a5366673-e8ca-11d3-9cd9-0090271d075b}
HKEY_CLASSES_ROOT\CLSID\{A6AB0709-374D-2F77-3E70-0DE0910A9568}
HKEY_CLASSES_ROOT\CLSID\{A7FA3C2B-428C-A94F-686F-2252E4F3A02C}
HKEY_CLASSES_ROOT\CLSID\{AA0A9B7C-1E92-535C-0904-539590028603}
HKEY_CLASSES_ROOT\CLSID\{AB9D62B8-7E56-2DB3-A516-E377F1010DCD}
HKEY_CLASSES_ROOT\CLSID\{B063B761-34B8-42D9-CBCD-08B0A1D3E8D4}
HKEY_CLASSES_ROOT\CLSID\{B9D90B27-AD4A-413A-88CB-3E6DDC10DC2D}
HKEY_CLASSES_ROOT\CLSID\{BEF00307-0846-75C4-B6F5-84A949B91F47}
HKEY_CLASSES_ROOT\CLSID\{CDF3AE9D-4F8C-67BC-66A6-A9252CCD81A1}
HKEY_CLASSES_ROOT\CLSID\{D572A88C-5F1B-7EFE-45C7-5E070937FBFC}
HKEY_CLASSES_ROOT\CLSID\{DEFC684A-30AD-8E93-CC49-E8F76A63D101}
HKEY_CLASSES_ROOT\CLSID\{DFD57175-D4E1-532D-8EE9-D8E60D7C3992}
HKEY_CLASSES_ROOT\CLSID\{E2E6C0E2-FA3A-8992-181C-3BA9E7ED6D56}
HKEY_CLASSES_ROOT\CLSID\{E32E2C23-F6D7-0593-005D-8AE4C8C742A8}
HKEY_CLASSES_ROOT\CLSID\{E38ED9F3-91EA-355E-5715-27B3113CA15D}
HKEY_CLASSES_ROOT\CLSID\{E66BEB61-721E-FA12-3F4B-CC71F7910CF0}
HKEY_CLASSES_ROOT\CLSID\{E6F23682-174F-AF3C-0738-3DEF6F7B9091}
HKEY_CLASSES_ROOT\CLSID\{E902A02C-DD59-5DE4-624F-8012F9AFA9B9}
HKEY_CLASSES_ROOT\CLSID\{E97E5AE0-29D6-7DFA-7E92-29CC5D770DA3}
HKEY_CLASSES_ROOT\CLSID\{F9567894-1E9F-4452-79FF-F795A197EFBA}
HKEY_CLASSES_ROOT\CLSID\{FC2593E3-3E5A-410F-AF3D-82613CCE58E5}
HKEY_CLASSES_ROOT\CLSID\{FD7786C4-36BE-9F97-70B6-B4EF1D3FBA8B}
HKEY_CLASSES_ROOT\CLSID\{FF52FC75-302C-5DED-C090-F77905337D75}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00000000-0000-0000-0000-000000000000}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00110011-4b0b-44d5-9718-90c88817369b}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{008764D5-773A-A0CE-0E07-D1A50B2AEB9C}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01295AD0-0541-D9B9-7631-E16A07785229}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{027602E2-163B-E675-169C-61D11C7D6D27}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0519A9C9-064A-4cbc-BC47-D0EACD581477}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0566E16E-2A99-5084-E121-5895960CC230}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07F009CC-0ADE-5083-F469-92CE6474B119}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{086ae192-23a6-48d6-96ec-715f53797e85}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{093646C5-CDDB-2035-BD50-008A30E3EA96}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ABCE593-A2F9-DA6D-2B6D-D92E2B05E875}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E0649E4-4EF1-5350-5D27-33BAD0093516}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FEE7E33-7D50-E2F1-5115-7D9B474CAEA8}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11BA77F1-683B-FBF7-B61E-4821BC229D98}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{12869A5D-0FF9-B9AA-8BD8-9337FB04C5C6}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1289C13B-DC64-888A-AC41-234F521546F5}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{150fa160-130d-451f-b863-b655061432ba}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{17da0c9e-4a27-4ac5-bb75-5d24b8cdb972}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{182318D0-C69A-F785-8040-72D18DFA96ED}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18A2EFFD-B6E8-69B5-4ABB-1F1C8F860433}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18ECE89C-2542-91DE-E39B-39C5120593D7}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{199D9E0B-2F5F-DA98-2B62-FA9AA3710DD5}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1A0D767B-0C24-CB78-0876-5F7AEE9294F4}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1b68470c-2def-493b-8a4a-8e2d81be4ea5}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1C72FEB7-4D6C-FAF3-195A-D51516EDCC77}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb1}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb2}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{20FA44E2-4117-97B3-21C4-ABFD27838805}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{213FF3C4-933A-5728-4344-750F1EBB3DD5}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{242B315F-5E97-AB86-1F6E-F73703F03993}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{255FEB8E-6196-9318-D570-21DED5FF9E37}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2761A38B-D828-B1C6-1039-1395C426EDDA}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{29C196DF-2556-96EE-B27D-089B4B07F011}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2d38a51a-23c9-48a1-a33c-48675aa2b494}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2FCA15DA-4534-DA39-35D0-ED78D3F19541}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30C15F1B-B902-8769-7E97-07B632351674}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{32646C8A-BB54-7D47-C6A8-722B0FA51A6C}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{32A6B01D-983B-8AF2-A16D-062280B34476}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{32FD5A16-7B87-D254-57E3-C8A486AA74D6}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33C7D509-2F1B-1150-D9B4-4CAEA87399FC}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35211BE1-8EDF-F9D6-D61F-027B7DB286D4}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{38729DB3-1DF3-C16A-63B7-BE2CC5DC8D27}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3881EB3F-A5F4-4CF3-F9B2-25986B2B2656}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{38B38285-1192-F79E-1DFC-91016F827D80}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3901E8B9-569B-50AA-35AC-D0FC976E91F1}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39497903-FC95-F850-8965-3C13F3D7274A}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395654E0-C152-DEFC-F1D5-D4ED74FC94EC}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3959283E-C72B-D2BA-8167-B27A8FA8F55B}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3C6CC514-0686-8D4A-3795-115CE35C21E9}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3DF3AE97-927A-A988-F257-18F61D1C5ABA}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3E634ABC-AA83-3403-5DD5-43546E8735F1}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3F300A97-6990-3673-92B7-FCDF52055C5F}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{40967C3E-0316-B8F3-7AC2-AC680D6E22D9}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4129401E-E0CC-8390-738E-DCC2CDEFBA2B}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41A0091F-BE0B-897D-16F8-5BD81668DD3F}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{44A73433-E13D-79D4-D26D-9CDD83E71551}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{46016C67-D3FF-4014-621E-C121E994E090}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{465A59EC-20E5-4fca-A38A-E5EC3C480218}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{467FAEB2-5F5B-4C81-BAE0-2A4752CA7F4E}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{47E71DA2-60FF-677A-1484-28704F9ABE46}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A50DB5A-1456-7EE4-9AD0-BD52FA677D5F}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4AA3BB56-37CA-AC96-1BCE-57B02E6C007B}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D3F045A-9870-CF55-CF30-851993A3AF6F}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D7C2D84-2B00-146D-CAF2-38E8743204A2}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9FC428-C242-144C-B27B-F27F0CC116BE}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E367784-F4CD-00AD-8490-A4619B7AAF21}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{513E86B0-D516-B255-E656-DEF35121232E}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51704C8A-007A-8362-32D7-C2EE36CE9214}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{521B84C2-EFEB-DC8C-B02A-9089847972E1}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{56602600-9335-D10F-A0C5-C6602AA24FD3}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5742F79A-1D91-42C4-990C-B46CF55A6478}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{58A18AE6-6FAA-D8C2-14DB-4B8800933F55}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59708803-B475-5C15-39AD-7A1D62317282}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5BCE8A80-9FA3-A229-B315-13932E0AA5D8}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{605B61F1-324E-B844-52EA-08A764AA37D9}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{605BB929-10FB-81EB-196F-7822E1EA2567}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{60B33657-9E08-DEB2-4980-97C2352D4AEF}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{624D0ED6-FBD6-D488-B435-B1E924C175C0}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6259AAB6-979D-83C5-B2DB-ABC95EA1C8B2}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66E7A648-A2D0-B506-715E-8D564D8364C2}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68258D5A-F48D-99E0-FFBF-35C3BFB74C94}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A9852CC-FCBB-61A5-41A1-2EDA8230AEC5}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6BFC7DB0-C871-9935-DEC2-92E086CE9435}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D5064E5-DB4F-986D-4AD0-EC06E8821EA9}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7070A8F9-08A4-CA47-0AB0-1EB9E4EE1F3B}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7363BA68-FA5B-4BC9-8DEF-84263F54F53D}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{741EF1A1-D9CC-94D4-0B32-52C18D0ED509}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{77E35B59-5DBF-CA0F-2037-00B52E21E874}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{791E9324-130C-DB07-16B3-102D31B10114}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7B30F33D-4323-2428-D014-8BE0A8C8C8ED}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C461C96-0310-49FA-767A-6D27FEB941E6}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7D6BFD31-52A5-44A7-6A16-E14766D2A648}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8227E624-0D80-2ABA-0149-6F487ADE838B}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{826B2228-BC09-49F2-B5F8-42CE26B1B712}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8327E127-2658-4B06-86B0-8D575DE1575B}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84AA3CA6-585D-1802-BCC6-20C398800817}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{869819CE-8035-1170-64C2-6EE1E98B3458}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{87680A9A-4595-032D-4F84-B593061B9FC5}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8795D063-4F75-198C-F00B-C7FF75B8735D}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{882631A5-5AE7-4F3B-DA2D-18C71F0FDF23}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{89DA6847-5449-92CF-67AA-38AE4BD6F831}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8F6B33B6-05DF-FAF4-C592-388E843E5ADB}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{904C63F5-2041-CB09-DEEA-722D9B6F8DEF}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{904D6A45-F3FF-1A6D-7B1D-0DB4E2E1F3E7}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90965649-8DEF-CF3B-37E1-4CB76DC73681}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90B46B07-282D-8DDE-D296-452CDBB0603B}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90C2CAE8-913A-DBA5-AC8E-D0896D0378CA}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92CDA6FC-1C7D-E1DC-676E-761A6ECC0847}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{98A9B656-1029-E870-F0CD-CA151569B86D}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9A8F5394-C42E-426F-B539-E4F44D9C9347}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E1A8018-A9B5-1BCD-91E7-FC63C21F3EAF}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E2E0AAF-55CD-8D02-957C-C88F3AC0AE90}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6480CF-41D5-ADA6-566E-13AE9287A0CD}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A0B5AE4D-89E5-F22A-060E-06256A646F77}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A2BEDD84-A226-805F-8E96-0121145966E2}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A4F94C0C-54A7-4DB1-9AF3-B22E63D00311}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A4F94C0C-54A7-4DB1-9AF3-B22E63D00322}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A4F94C0C-54A7-4DB1-9AF3-B22E63D00401}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5366673-E8CA-11D3-9CD9-0090271D075B}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6AB0709-374D-2F77-3E70-0DE0910A9568}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7FA3C2B-428C-A94F-686F-2252E4F3A02C}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A9A674BF-771F-42E5-A440-D20DDA85A862}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA0A9B7C-1E92-535C-0904-539590028603}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA21D960-C084-D85E-9E3A-1D4E146F5773}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB9D62B8-7E56-2DB3-A516-E377F1010DCD}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B063B761-34B8-42D9-CBCD-08B0A1D3E8D4}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B1EA2010-07E4-3D19-B07F-C5DA991481C8}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4A7D9ED-89B3-E958-4A80-16026C986728}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B6007EAD-B9FB-819A-9125-AF6A6A50A711}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B9D90B27-AD4A-413A-88CB-3E6DDC10DC2D}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BEF00307-0846-75C4-B6F5-84A949B91F47}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C3D292B4-683A-18D1-852B-943823CD81BF}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C448539A-1A24-DCB9-3152-D2DCA94E1831}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C500B6E9-8A37-3168-2346-44B58FB04FA8}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C643F570-05B9-FEDB-D764-AC5B786D4B39}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C97FF6D5-D8E9-6EAE-0F99-AC588DF99F9C}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CB9BF6D5-EA1D-0B43-F3D0-8964A6728480}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CDF3AE9D-4F8C-67BC-66A6-A9252CCD81A1}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0CEC06E-821E-9959-CABB-8F52B1005BA8}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D572A88C-5F1B-7EFE-45C7-5E070937FBFC}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DB29A986-131A-F212-4C89-18F9E42C205A}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DD6F50C0-9F8F-A41C-291E-7B3FB818EF18}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DEFC684A-30AD-8E93-CC49-E8F76A63D101}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DFD57175-D4E1-532D-8EE9-D8E60D7C3992}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e2ddf680-9905-4dee-8c64-0a5de7fe133c}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E2E6C0E2-FA3A-8992-181C-3BA9E7ED6D56}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E32E2C23-F6D7-0593-005D-8AE4C8C742A8}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E38ED9F3-91EA-355E-5715-27B3113CA15D}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E3BB58FA-9E29-5453-8515-DD85FF9C16C7}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E6510F00-8D63-A5DF-5C50-00AE920791E7}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E66BEB61-721E-FA12-3F4B-CC71F7910CF0}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E6F23682-174F-AF3C-0738-3DEF6F7B9091}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E72EF259-0958-844E-2249-322BFBF6B069}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E902A02C-DD59-5DE4-624F-8012F9AFA9B9}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E97E5AE0-29D6-7DFA-7E92-29CC5D770DA3}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EAF521EB-5513-475B-B2B3-4D4B1195A1B0}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB230940-8256-ABD5-52BD-BE5EBE5DA35B}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE7178C-BBC3-4153-9DDE-CD0E9AB1B5B6}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F21BD77E-0CCE-C6CD-4F85-AA3B7895988E}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9567894-1E9F-4452-79FF-F795A197EFBA}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC2593E3-3E5A-410F-AF3D-82613CCE58E5}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC90281A-715F-5453-5E27-FF1B02AE0DA5}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD7786C4-36BE-9F97-70B6-B4EF1D3FBA8B}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fd9bc004-8331-4457-b830-4759ff704c22}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FEB58C92-D119-8F66-A8FA-72D46A544DA9}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ff1bf4c7-4e08-4a28-a43f-9d60a9f7a880}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF52FC75-302C-5DED-C090-F77905337D75}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF731508-CD28-E0B0-3E85-0CF55FDE9FBA}

Removing CWS Homepage Hijacker:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Remove FDoS.Retrace DoS
Cufrab Downloader Information
AOL.Selide Trojan Information
Vxidl.BBM Trojan Symptoms
Helwix Trojan Cleaner

Posted by at No comments:
Subscribe to: Posts (Atom)