Friday, October 17, 2008

RegFreeze.net::RegFreeze Adware

Removing RegFreeze.net::RegFreeze
Categories: Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits

Visible Symptoms:
Files in system folders:
[%WINDOWS%]\Downloaded Program Files\rfscanax.inf
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\RegFreeze.lnk
[%DESKTOP%]\RegFreeze.lnk
[%DESKTOP%]\RegFreezeSetup.exe
[%STARTUP%]\RegFreeze.lnk
[%WINDOWS%]\Downloaded Program Files\rfscanax.inf
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\RegFreeze.lnk
[%DESKTOP%]\RegFreeze.lnk
[%DESKTOP%]\RegFreezeSetup.exe
[%STARTUP%]\RegFreeze.lnk

How to detect RegFreeze.net::RegFreeze:

Files:
[%WINDOWS%]\Downloaded Program Files\rfscanax.inf
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\RegFreeze.lnk
[%DESKTOP%]\RegFreeze.lnk
[%DESKTOP%]\RegFreezeSetup.exe
[%STARTUP%]\RegFreeze.lnk
[%WINDOWS%]\Downloaded Program Files\rfscanax.inf
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\RegFreeze.lnk
[%DESKTOP%]\RegFreeze.lnk
[%DESKTOP%]\RegFreezeSetup.exe
[%STARTUP%]\RegFreeze.lnk

Folders:
[%COMMON_PROGRAMS%]\RegFreeze
[%LOCAL_APPDATA%]\RegFreeze
[%PROGRAM_FILES%]\RegFreeze

Registry Keys:
HKEY_CURRENT_USER\software\actualresearch\registryfreeze
HKEY_CLASSES_ROOT\appid\rfsearchhandler.dll
HKEY_CLASSES_ROOT\appid\{76044441-36ea-4e99-a71a-c12070dd13cd}
HKEY_CLASSES_ROOT\clsid\{cdb280e8-be43-4128-8a5a-3fcd094e2d88}
HKEY_CLASSES_ROOT\clsid\{f745f808-e783-4301-8b95-253dc70beefe}
HKEY_CLASSES_ROOT\rfsearchhandler
HKEY_CLASSES_ROOT\typelib\{635cb2d1-772c-4fcc-af87-ef6c316c9a5a}
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\extensions\{cdb280e8-be43-4128-8a5a-3fcd094e2d88}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\findextensions\static\regfreeze
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\regfreeze_is1

Removing RegFreeze.net::RegFreeze:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Balloon.Pop.Word.Game Trojan Symptoms
Bitch.Controller Trojan Symptoms
Galorion Trojan Removal
Qidion Adware Information
SillyDl.DIB Downloader Cleaner

BTV Trojan

Removing BTV
Categories: Trojan,Adware,Downloader
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

Trojans-downloaders downloads and installs new malware or adware on the computer.


BTV Also known as:

[Kaspersky]Trojan.Win32.Small.an;
[Panda]Adware/RVP,Dialer.LJ

How to detect BTV:

Folders:
[%PROGRAM_FILES%]\diallerprogram
[%PROGRAM_FILES%]\btv

Removing BTV:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Qidion Adware Removal instruction
BT Trojan Information
ForBot Trojan Symptoms
Caiijing Trojan Removal
Antivirus.Protection Ransomware Symptoms

NOVO Trojan

Removing NOVO
Categories: Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

How to detect NOVO:

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{00cc889b-cdce-a8c0-5400-cef3883fd900}
HKEY_CLASSES_ROOT\clsid\{07dd8a9e-e4cf-afcc-530f-ccfa803cde0a}
HKEY_CLASSES_ROOT\clsid\{0944d650-e4b1-cc60-de55-f25370ee6eb4}
HKEY_CLASSES_ROOT\clsid\{539964fa-8dda-3f28-a655-5077c882ccc2}
HKEY_CLASSES_ROOT\clsid\{53cc5e00-8dba-e090-2444-9409386adef0}
HKEY_CLASSES_ROOT\clsid\{54dd5c05-a4bb-e79c-234b-96003069d9fa}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{00cc889b-cdce-a8c0-5400-cef3883fd900}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{54dd5c05-a4bb-e79c-234b-96003069d9fa}

Removing NOVO:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Zlob.Fam.VideoCompressionCodec Trojan Removal instruction
Remove Small.ct Backdoor
Remove Fenster Trojan
ZSearch BHO Removal instruction
Remove Sex.Niche.Guide Toolbar

XSRemover Trojan

Removing XSRemover
Categories: Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Visible Symptoms:
Files in system folders:
[%DESKTOP%]\xsremover.com.lnk
[%DESKTOP%]\xsremover.com.pkg
[%DESKTOP%]\xsremover.com.lnk
[%DESKTOP%]\xsremover.com.pkg

How to detect XSRemover:

Files:
[%DESKTOP%]\xsremover.com.lnk
[%DESKTOP%]\xsremover.com.pkg
[%DESKTOP%]\xsremover.com.lnk
[%DESKTOP%]\xsremover.com.pkg

Folders:
[%PROGRAM_FILES%]\xsremover.com
[%PROGRAMS%]\xsremover.com

Registry Keys:
HKEY_CURRENT_USER\software\xxi\xsremover.com
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\xsremover.com

Removing XSRemover:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Balloon.Pop.Word.Game Trojan Removal instruction
Shorty.Gopher Adware Cleaner
Remove Neol Backdoor
Immunizr Ransomware Removal instruction
DittoSideBar Adware Information

Wnad Spyware

Removing Wnad
Categories: Spyware
Spyware can even change computer settings, resulting in slow connection speeds,
different home pages, and loss of Internet or other programs.
In an attempt to increase the understanding of spyware, a more formal classification
of its included software types is captured under the term privacy-invasive software.

Wnad Also known as:

[McAfee]Wnad.e;
[Panda]Adware/Wnad;
[Computer Associates]Win32/AdWama.A!Trojan;
[Other]WinAD

Visible Symptoms:
Files in system folders:
[%WINDOWS%]\wnad.dat
[%WINDOWS%]\wnad.dn
[%WINDOWS%]\wnad.exe
[%WINDOWS%]\wnad.dat
[%WINDOWS%]\wnad.dn
[%WINDOWS%]\wnad.exe

How to detect Wnad:

Files:
[%WINDOWS%]\wnad.dat
[%WINDOWS%]\wnad.dn
[%WINDOWS%]\wnad.exe
[%WINDOWS%]\wnad.dat
[%WINDOWS%]\wnad.dn
[%WINDOWS%]\wnad.exe

Folders:
[%PROGRAM_FILES%]\osama

Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing Wnad:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Removing Webdir.b Adware
RelatedLinks Adware Removal
Shareaza Worm Information
Small.ct Backdoor Removal
TrojanClicker.Win32.Delf.ab Trojan Cleaner

CashBar Adware

Removing CashBar
Categories: Adware,Hijacker
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
A desktop hijacker replaces the desktop wallpaper with advertising
for products and services on the desktop.

How to detect CashBar:

Registry Values:
HKEY_CURRENT_USER\software\microsoft\internet explorer\main

Removing CashBar:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Security Toolbar Removal
Caiijing Trojan Cleaner
Bancos.IOC Trojan Information
Removal.Wizard Adware Removal
Remove Emusaffil Trojan

Agent.kf Trojan

Removing Agent.kf
Categories: Trojan,Downloader
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
The downloader either launches the new malware or registers it to enable autorun
according to the local operating system requirements.

How to detect Agent.kf:

Registry Keys:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\{41D3DBE5-21B8-4286-ACC9-DD7FCC0C2855}
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\{4FA9768D-1F89-42F9-AF30-03A9F30BBB8F}
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\{676968C8-EEC2-4025-9DF4-5A64D9236A76}
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\{C10310C0-8BA8-4693-9217-9D934C99B52B}
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\{D740CC68-1D26-4645-9126-267C705396E7}
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\{DBAB53CD-8DA6-4924-ACA2-AAAF3AA6B769}
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{682294A5-AEC2-4DC1-AB51-A97B6BAA2017}
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{6E2B3C99-61AE-4229-9118-012F683B0DB1}
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{70EF126A-AC69-412A-9CB8-604BA73B0327}
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{79CC158C-F830-4987-9177-BB4C4BD37A4F}
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{8DA6E125-9D73-4BEA-803A-EF0CEDAE05B7}
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{8EF99716-3487-481D-B477-E1431E768796}
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{90B059C7-DCDF-465A-AFA1-A5A7A9349B4B}
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{A0310F3D-AAE3-4BEE-B1B4-8B9CAF748EC7}
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{B13E57E1-45C4-4899-B07F-528B2749CAF6}
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{B16C98D4-AAE4-49D2-9B80-6AA254F7ADD3}
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{B576791D-D62F-48F6-9C51-D1BCD231DB80}
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{B585442A-5A5E-4BA1-97F9-FB790B55C32C}
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{C0E07037-EB79-4A47-B8C5-62D5ADCEC470}
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{C3702658-C621-48BE-8945-D9033C665C92}
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{CFE5E3D5-408A-4FE8-B25A-8ECE94A61F3B}
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{D375B428-62C0-4144-9794-56D2549C56DB}
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{D71224B4-09E1-4B5B-A32C-E996379C05EA}
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{DC46F8DC-9A85-40CC-939A-BDD2A2500CC7}
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{E2A18919-F303-4B58-935A-521FE0E6389C}
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{E50B8038-719E-4706-9591-0A0D3DBB0FE1}
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{EC18A809-1972-4FD4-815D-6FE32C57572E}
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{FFFFD7B7-0843-4513-99BF-461EEE3E6628}

Removing Agent.kf:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Removing MyTool Adware
BBot Trojan Removal
GoSocks Trojan Removal instruction
Removal.Wizard Adware Cleaner
Neol Backdoor Information