Sunday, November 2, 2008

DLFlood Trojan

Removing DLFlood
Categories: Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

How to detect DLFlood:

Registry Keys:
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_919mm
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\919mm

Removing DLFlood:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Removing XXXToolBar BHO
TrojanClicker.Win32.Delf Trojan Cleaner
Monker Adware Cleaner
Removing SillyDl.DIC Trojan
NaviSearch Adware Removal instruction

Puppetcorpse Trojan

Removing Puppetcorpse
Categories: Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Puppetcorpse Also known as:

[Kaspersky]Backdoor.Win32.Delf.ash;
[Other]PWS:Win32/QQRob,Backdoor.Trojan,Win32/Puppetcorpse!generic

Visible Symptoms:
Files in system folders:
[%SYSTEM%]\rpcs.dll
[%SYSTEM%]\rpcs.exe
[%SYSTEM%]\rpcs.dll
[%SYSTEM%]\rpcs.exe

How to detect Puppetcorpse:

Files:
[%SYSTEM%]\rpcs.dll
[%SYSTEM%]\rpcs.exe
[%SYSTEM%]\rpcs.dll
[%SYSTEM%]\rpcs.exe

Registry Keys:
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\rpcs

Removing Puppetcorpse:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Starimp Trojan Removal instruction
SurfAccuracyUpdater Downloader Removal instruction
PViever Trojan Removal instruction
Spy.Win32.Banker.mt Trojan Removal instruction
Dealbar Adware Removal

Downloader.ADT Downloader

Removing Downloader.ADT
Categories: Downloader
The downloader either launches the new malware or registers it to enable autorun
according to the local operating system requirements.

Downloader.ADT Also known as:

[McAfee]Downloader-ADT;
[F-Prot]W32/Malware!bf44;
[Other]Win32/SillyDl.UB,Trojan.Dropper,Agent.KAM,Troj/Dloader-RV,TrojanDownloader:Win32/AF,Trojan-Downloader.AF

Visible Symptoms:
Files in system folders:
[%SYSTEM%]\aclayer.dll
[%SYSTEM%]\aclayer.dll

How to detect Downloader.ADT:

Files:
[%SYSTEM%]\aclayer.dll
[%SYSTEM%]\aclayer.dll

Registry Keys:
HKEY_LOCAL_MACHINE\software\pclayer

Removing Downloader.ADT:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Claria.Screenscenes Adware Cleaner
AntiAdware Downloader Removal
GeoDropper Trojan Symptoms
Meridian Adware Information
Remove Huplu Trojan

AxFreeAccess Adware

Removing AxFreeAccess
Categories: Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits

How to detect AxFreeAccess:

Registry Keys:
HKEY_CLASSES_ROOT\axfreeaccess.main
HKEY_CLASSES_ROOT\axfreeaccess.main.1
HKEY_CLASSES_ROOT\clsid\{76214031-5f02-4ccf-9f41-c1aa29f93440}
HKEY_CLASSES_ROOT\interface\{3d72e613-2975-4cd4-874c-1b80aaa40d0c}
HKEY_CLASSES_ROOT\typelib\{5ffe883d-1753-4323-b17e-f19cee2ab88f}

Removing AxFreeAccess:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Remove Shareaza Worm
Agent.cv Trojan Symptoms
DomainHelper Adware Removal
Removing Choprox Backdoor
Removing Zlob.Fam.Protection Tools Trojan

Vxgame Trojan

Removing Vxgame
Categories: Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Vxgame Also known as:

[Other]Trojan.Vxgame

Visible Symptoms:
Files in system folders:
[%PROFILE_TEMP%]\qvxt1.game
[%PROFILE_TEMP%]\qvxt2.game
[%PROFILE_TEMP%]\qvxt3.game
[%PROFILE_TEMP%]\qvxt4.game
[%PROFILE_TEMP%]\spoolsvv.exe
[%PROFILE_TEMP%]\vxt1.game
[%PROFILE_TEMP%]\vxt2.game
[%PROFILE_TEMP%]\vxt3.game
[%PROFILE_TEMP%]\vxt4.game
[%SYSTEM%]\qvxgamet2.exe
[%SYSTEM%]\qvxgamet3.exe
[%SYSTEM%]\spoolsvv.exe
[%SYSTEM%]\vxgamet1.exe
[%SYSTEM%]\vxgamet2.exe
[%SYSTEM%]\vxgamet3.exe
[%SYSTEM%]\vxgamet4.exe
[%SYSTEM%]\rpcc.exe
[%SYSTEM%]\qvxgamet4.exe
[%PROFILE_TEMP%]\qvxt1.game
[%PROFILE_TEMP%]\qvxt2.game
[%PROFILE_TEMP%]\qvxt3.game
[%PROFILE_TEMP%]\qvxt4.game
[%PROFILE_TEMP%]\spoolsvv.exe
[%PROFILE_TEMP%]\vxt1.game
[%PROFILE_TEMP%]\vxt2.game
[%PROFILE_TEMP%]\vxt3.game
[%PROFILE_TEMP%]\vxt4.game
[%SYSTEM%]\qvxgamet2.exe
[%SYSTEM%]\qvxgamet3.exe
[%SYSTEM%]\spoolsvv.exe
[%SYSTEM%]\vxgamet1.exe
[%SYSTEM%]\vxgamet2.exe
[%SYSTEM%]\vxgamet3.exe
[%SYSTEM%]\vxgamet4.exe
[%SYSTEM%]\rpcc.exe
[%SYSTEM%]\qvxgamet4.exe

How to detect Vxgame:

Files:
[%PROFILE_TEMP%]\qvxt1.game
[%PROFILE_TEMP%]\qvxt2.game
[%PROFILE_TEMP%]\qvxt3.game
[%PROFILE_TEMP%]\qvxt4.game
[%PROFILE_TEMP%]\spoolsvv.exe
[%PROFILE_TEMP%]\vxt1.game
[%PROFILE_TEMP%]\vxt2.game
[%PROFILE_TEMP%]\vxt3.game
[%PROFILE_TEMP%]\vxt4.game
[%SYSTEM%]\qvxgamet2.exe
[%SYSTEM%]\qvxgamet3.exe
[%SYSTEM%]\spoolsvv.exe
[%SYSTEM%]\vxgamet1.exe
[%SYSTEM%]\vxgamet2.exe
[%SYSTEM%]\vxgamet3.exe
[%SYSTEM%]\vxgamet4.exe
[%SYSTEM%]\rpcc.exe
[%SYSTEM%]\qvxgamet4.exe
[%PROFILE_TEMP%]\qvxt1.game
[%PROFILE_TEMP%]\qvxt2.game
[%PROFILE_TEMP%]\qvxt3.game
[%PROFILE_TEMP%]\qvxt4.game
[%PROFILE_TEMP%]\spoolsvv.exe
[%PROFILE_TEMP%]\vxt1.game
[%PROFILE_TEMP%]\vxt2.game
[%PROFILE_TEMP%]\vxt3.game
[%PROFILE_TEMP%]\vxt4.game
[%SYSTEM%]\qvxgamet2.exe
[%SYSTEM%]\qvxgamet3.exe
[%SYSTEM%]\spoolsvv.exe
[%SYSTEM%]\vxgamet1.exe
[%SYSTEM%]\vxgamet2.exe
[%SYSTEM%]\vxgamet3.exe
[%SYSTEM%]\vxgamet4.exe
[%SYSTEM%]\rpcc.exe
[%SYSTEM%]\qvxgamet4.exe

Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Removing Vxgame:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Remove Basic.Hell Trojan
Galorion Trojan Removal
Zlob.Fam.ToolBar888 Trojan Cleaner
Zlob.Fam.MPVideoCodec Trojan Information
Removing Vanti Trojan

ChatBlocker Spyware

Removing ChatBlocker
Categories: Spyware
Spyware is computer software that is installed surreptitiously on a personal computer
to intercept or take partial control over the user's interaction
with the computer, without the user's informed consent.

While the term spyware suggests software that secretly monitors the user's behavior,
the functions of spyware extend well beyond simple monitoring.

Spyware programs can collect various types of personal information,
such as Internet surfing habit, sites that have been visited,
but can also interfere with user control of the computer in other ways,
such as installing additional software, redirecting Web browser activity,
accessing websites blindly that will cause more harmful viruses,
or diverting advertising revenue to a third party.

Spyware can even change computer settings, resulting in slow connection speeds,
different home pages, and loss of Internet or other programs.
In an attempt to increase the understanding of spyware, a more formal classification
of its included software types is captured under the term privacy-invasive software.

Visible Symptoms:
Files in system folders:
[%WINDOWS%]\cbconfig.dat
[%WINDOWS%]\cblog.dat
[%WINDOWS%]\cbmsg.dat
[%WINDOWS%]\cbphook.dll
[%WINDOWS%]\cbsys32.dll
[%WINDOWS%]\cbtril32.dll
[%WINDOWS%]\cbconfig.dat
[%WINDOWS%]\cblog.dat
[%WINDOWS%]\cbmsg.dat
[%WINDOWS%]\cbphook.dll
[%WINDOWS%]\cbsys32.dll
[%WINDOWS%]\cbtril32.dll

How to detect ChatBlocker:

Files:
[%WINDOWS%]\cbconfig.dat
[%WINDOWS%]\cblog.dat
[%WINDOWS%]\cbmsg.dat
[%WINDOWS%]\cbphook.dll
[%WINDOWS%]\cbsys32.dll
[%WINDOWS%]\cbtril32.dll
[%WINDOWS%]\cbconfig.dat
[%WINDOWS%]\cblog.dat
[%WINDOWS%]\cbmsg.dat
[%WINDOWS%]\cbphook.dll
[%WINDOWS%]\cbsys32.dll
[%WINDOWS%]\cbtril32.dll

Folders:
[%PROGRAMS%]\ChatBlocker

Registry Keys:
HKEY_LOCAL_MACHINE\software\exploreanywhere software\cb
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\chatblocker

Removing ChatBlocker:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
Vanti Trojan Information
Remove GeoDropper Trojan
Removing Bopninja Trojan
SpySnipe Ransomware Removal instruction
Ciadoor Trojan Symptoms

Agobot Trojan

Removing Agobot
Categories: Trojan,Worm,Backdoor,Hacker Tool
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Worms can be classified according to the propagation method they use,
i.e. how they deliver copies of themselves to new victim machines.
Worms can also be classified by installation method, launch method and finally according
to characteristics standard to all malware: polymorphism, stealth etc.

Many of the worms which managed to cause significant outbreaks use more then
one propagation method as well as more than one infection technique.
The methods are listed separately below.
Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.

Hacker Tools are designed to penetrate remote computers
in order to use them as zombies or to download other malicious programs to computer.

Agobot Also known as:

[Kaspersky]Backdoor.Agobot.gen,Backdoor.Agobot.b,Backdoor.Agobot,Backdoor.Agobot.cr,Backdoor.Agobot.ik;
[Eset]Win32/Agobot.05.C trojan,probably modified trojan Win32/Agobot.Wonk.gen (WIN32),Win32/Agobot.JQ trojan,Win32/Agobot.NBN trojan,Win32/Agobot.01.B trojan,Win32/Agobot.3.AK trojan,Win32/Agobot.TC trojan,Win32/Agobot.3.SE trojan,Win32/Agobot.3.XK trojan,Win32/Agobot.3.K trojan,Win32/Agobot.3.GG trojan,Win32/Agobot.3.LO trojan,Win32/Agobot.IK trojan,Win32/Agobot.3.AKD trojan,Win32/Agobot.DL trojan;
[McAfee]W32/Gaobot.worm.gen;
[Panda]W32/Dsbot.A.worm,W32/Gaobot.NP.worm,W32/Gaobot.ET.worm,W32/Gaobot.FG.worm,W32/Gaobot.KY.worm;
[Computer Associates]Backdoor/Agobot.05.c.Server,MS03-026 Exploit.Trojan,Win32.Agobot,Win32/Agobot.DL.Worm,Win32.Agobot.OF,Win32/Agobot.Worm,Win32/polybot!Trojan,Win32.Agobot.RS,Win32/Agobot.RS!Worm,Win32.Agobot.BM,Win32.Agobot.gen,Win32/Agobot.BB.Worm,Win32.Agobot.Q,Win32/Agobot.Q.Worm,Win32.Agobot.TU,Win32/Agobot.1482560.Worm,Win32.Agobot.JO,Win32/Agobot.JO.67072.Worm,Win32.Agobot.MQ,Win32/Agobot.MQ.Worm,Win32.Agobot.W,Win32/Agobot.W.Worm,Win32.Agobot.FO,Win32.Agobot.NO,Win32/Agobot.NO!Worm,Win32/Agobot.Variant!Worm,Win32.Agobot.YN,Win32/Agobot.1539535.Worm,Win32.Agobot.JM,Win32/Agobot.JG.229505.Trojan;
[Other]W32.HLLW.Gaobot.gen

How to detect Agobot:

Registry Values:
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices

Removing Agobot:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
All.in.One Spyware Information
Remove Klemfor Trojan
Small.B Trojan Symptoms
Zlob.Fam.MPVideoCodec Trojan Symptoms
SmartFixer Ransomware Information

TrojanClicker.Win32.Delf Trojan

Removing TrojanClicker.Win32.Delf
Categories: Trojan,Adware
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.


TrojanClicker.Win32.Delf Also known as:

[Panda]Trj/Apivu.A,Trojan Horse

Visible Symptoms:
Files in system folders:
[%SYSTEM%]\services\wow.exe
[%SYSTEM%]\services\wow.exe

How to detect TrojanClicker.Win32.Delf:

Files:
[%SYSTEM%]\services\wow.exe
[%SYSTEM%]\services\wow.exe

Removing TrojanClicker.Win32.Delf:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:
SurfAccuracyUpdater Downloader Symptoms
Removing Small.ct Backdoor
Bitch.Controller Trojan Symptoms
Rbot Trojan Removal
Ieasis Ransomware Symptoms