Saturday, January 31, 2009

IconDanse Trojan

Click here to remove IconDanse malware
IconDanse description:
IconDanse Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing IconDanse:

you can run trial version of ExterminateIt, or remove IconDanse manually.

To completely manually remove IconDanse malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with IconDanse.

Read also:
Removing SillyDl.DBV Trojan

Posted by anycidahaeqyj9318 at 9:50 PM 0 comments

Slops Trojan

Click here to remove Slops malware
Slops description:
Slops Category:Trojan,Downloader
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
This family of Trojans downloads and installs new malware or adware on the computer.
The downloader then either launches the new malware or registers it to enable autorun
according to the local operating system requirements.

The names and locations of malware to be downloaded are either coded into the
Trojan or downloaded from a specified website.

Removing Slops:

you can run trial version of ExterminateIt, or remove Slops manually.

To completely manually remove Slops malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Slops.

Read also:
Ceres Trojan Symptoms

Posted by anycidahaeqyj9318 at 9:32 PM 0 comments

Pigeon.EKE Trojan

Click here to remove Pigeon.EKE malware
Pigeon.EKE description:
Pigeon.EKE Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Pigeon.EKE:

you can run trial version of ExterminateIt, or remove Pigeon.EKE manually.

To completely manually remove Pigeon.EKE malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Pigeon.EKE.

Read also:
Renalwink Trojan Symptoms
Snex Trojan Cleaner
Cloutnook Trojan Information

Posted by anycidahaeqyj9318 at 5:15 PM 0 comments

EZSearching BHO

Click here to remove EZSearching malware
EZSearching description:
EZSearching Category:BHO,Toolbar
As this information is entered by the user, it is captured by the BHO (Browser Helper Object) and
sent back to the attacker.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.Toolbar presents itself as a helpful add-on for Internet Explorer but it is a real pest.

Detection EZSearching :

EZSearching Files:
[%SYSTEM%]\ctap7.dll
[%SYSTEM%]\ctavp3.dll
[%SYSTEM%]\ctavp5.dll
[%SYSTEM%]\psic1.dll
[%SYSTEM%]\ctav3.dll
[%SYSTEM%]\ctsr2.dll
[%SYSTEM%]\testadit.dll
[%SYSTEM%]\testadit3.dll
[%WINDOWS%]\system\ctap7.dll
[%WINDOWS%]\system\ctav3.dll
[%WINDOWS%]\system\ctavp3.dll
[%WINDOWS%]\system\ctavp5.dll
[%WINDOWS%]\system\ctsr2.dll
[%WINDOWS%]\system\psic1.dll
[%WINDOWS%]\system\testadit.dll
[%WINDOWS%]\system\testadit3.dll
[%SYSTEM%]\ctap7.dll
[%SYSTEM%]\ctavp3.dll
[%SYSTEM%]\ctavp5.dll
[%SYSTEM%]\psic1.dll
[%SYSTEM%]\ctav3.dll
[%SYSTEM%]\ctsr2.dll
[%SYSTEM%]\testadit.dll
[%SYSTEM%]\testadit3.dll
[%WINDOWS%]\system\ctap7.dll
[%WINDOWS%]\system\ctav3.dll
[%WINDOWS%]\system\ctavp3.dll
[%WINDOWS%]\system\ctavp5.dll
[%WINDOWS%]\system\ctsr2.dll
[%WINDOWS%]\system\psic1.dll
[%WINDOWS%]\system\testadit.dll
[%WINDOWS%]\system\testadit3.dll

EZSearching Registry Keys:
HKEY_CLASSES_ROOT\clsid\{2f24b54d-3a27-11d8-8169-00c02623048a}
HKEY_CLASSES_ROOT\clsid\{34d516ea-40e3-4e3b-8ba8-505112738ed5}
HKEY_CLASSES_ROOT\clsid\{4b021269-dd24-48b2-96b4-da121e9c0502}
HKEY_CLASSES_ROOT\clsid\{858126b0-3708-4051-ae8e-b48521401ca2}
HKEY_CLASSES_ROOT\clsid\{8db672bd-330f-11d8-8168-00c02623048a}
HKEY_CLASSES_ROOT\clsid\{b418b139-414d-4374-820f-ee74520c5a0d}
HKEY_CLASSES_ROOT\clsid\{b6598677-4b54-42a9-ba67-8b64e3fcd92d}
HKEY_CLASSES_ROOT\clsid\{db0018a2-f7d9-4b71-9651-640143df23f9}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{2f24b54d-3a27-11d8-8169-00c02623048a}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{34d516ea-40e3-4e3b-8ba8-505112738ed5}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{4b021269-dd24-48b2-96b4-da121e9c0502}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{858126b0-3708-4051-ae8e-b48521401ca2}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{8db672bd-330f-11d8-8168-00c02623048a}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{b6598677-4b54-42a9-ba67-8b64e3fcd92d}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{db0018a2-f7d9-4b71-9651-640143df23f9}
HKEY_LOCAL_MACHINE\software\classes\clsid\{2f24b54d-3a27-11d8-8169-00c02623048a}
HKEY_LOCAL_MACHINE\software\classes\clsid\{34d516ea-40e3-4e3b-8ba8-505112738ed5}
HKEY_LOCAL_MACHINE\software\classes\clsid\{4b021269-dd24-48b2-96b4-da121e9c0502}
HKEY_LOCAL_MACHINE\software\classes\clsid\{858126b0-3708-4051-ae8e-b48521401ca2}
HKEY_LOCAL_MACHINE\software\classes\clsid\{8db672bd-330f-11d8-8168-00c02623048a}
HKEY_LOCAL_MACHINE\software\classes\clsid\{b418b139-414d-4374-820f-ee74520c5a0d}
HKEY_LOCAL_MACHINE\software\classes\clsid\{b6598677-4b54-42a9-ba67-8b64e3fcd92d}
HKEY_LOCAL_MACHINE\software\classes\clsid\{db0018a2-f7d9-4b71-9651-640143df23f9}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{2f24b54d-3a27-11d8-8169-00c02623048a}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{34d516ea-40e3-4e3b-8ba8-505112738ed5}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{4b021269-dd24-48b2-96b4-da121e9c0502}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{858126b0-3708-4051-ae8e-b48521401ca2}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{8db672bd-330f-11d8-8168-00c02623048a}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{b6598677-4b54-42a9-ba67-8b64e3fcd92d}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{db0018a2-f7d9-4b71-9651-640143df23f9}

EZSearching Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar

Removing EZSearching:

you can run trial version of ExterminateIt, or remove EZSearching manually.

To completely manually remove EZSearching malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with EZSearching.

Read also:
Removing Sex.com Tracking Cookie
ZHA Trojan Cleaner

Posted by anycidahaeqyj9318 at 4:59 PM 0 comments

ABC Trojan

Click here to remove ABC malware
ABC description:
ABC Category:Trojan,Backdoor,Downloader,DoS
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
Often the backdoor will not be visible in the log of active programs.
The downloader either launches the new malware or registers it to enable autorun
according to the local operating system requirements.
These programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.

DoS trojans conduct such attacks from a single computer with the consent of the user.

Worms can carry a DoS procedure as part of their payload.

Removing ABC:

you can run trial version of ExterminateIt, or remove ABC manually.

To completely manually remove ABC malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with ABC.

Read also:
Removing Iceland Trojan
Vxidl.APO Trojan Symptoms
SysProg Trojan Symptoms
Atnau Trojan Removal instruction
SillyDl.BYV Trojan Removal instruction

Posted by anycidahaeqyj9318 at 4:53 PM 0 comments

VB.df Downloader

Click here to remove VB.df malware
VB.df description:
VB.df Category:Downloader
Trojans-downloaders downloads and installs new malware or adware on the computer.

Detection VB.df :

VB.df Files:
[%DESKTOP%]\digital detective\tempfiles\ibhflwo.exe
[%WINDOWS%]\ibhflwo.exe
[%DESKTOP%]\digital detective\tempfiles\ibhflwo.exe
[%WINDOWS%]\ibhflwo.exe

VB.df Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing VB.df:

you can run trial version of ExterminateIt, or remove VB.df manually.

To completely manually remove VB.df malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with VB.df.

Read also:
Bancos.GBH Trojan Cleaner

Posted by anycidahaeqyj9318 at 3:17 PM 0 comments

HLLP.Tran Trojan

Click here to remove HLLP.Tran malware
HLLP.Tran description:
HLLP.Tran Category:Trojan,Backdoor,Downloader,DoS
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
They function in the same way as legal remote administration programs used by system administrators.
This makes them difficult to detect.

Backdoors are installed and launched without the consent of the user of computer.
Often the backdoor will not be visible in the log of active programs.

Once a backdoor has been successfully launched, the computer is wide open.
Backdoor functions can include:


  • Launching/ deleting files

  • Sending/ receiving files

  • Deleting data

  • Displaying notification

  • Rebooting the machine

  • Executing files




Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.
Backdoors combine the functionality of most other types of in one package.

Backdoors have one especially dangerous sub-class: variants that can propagate like worms.
This family of Trojans downloads and installs new malware or adware on the computer.
The downloader then either launches the new malware or registers it to enable autorun
according to the local operating system requirements.

The names and locations of malware to be downloaded are either coded into the
Trojan or downloaded from a specified website.
DoS programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.

Removing HLLP.Tran:

you can run trial version of ExterminateIt, or remove HLLP.Tran manually.

To completely manually remove HLLP.Tran malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with HLLP.Tran.

Read also:
Vxidl.AEY Trojan Symptoms

Posted by anycidahaeqyj9318 at 2:55 PM 0 comments

HP.Jetdirect.Invalid.FTP.Command DoS

Click here to remove HP.Jetdirect.Invalid.FTP.Command malware
HP.Jetdirect.Invalid.FTP.Command description:
HP.Jetdirect.Invalid.FTP.Command Category:DoS
DoS trojans conduct attacks from a single computer with the consent of the user.

Removing HP.Jetdirect.Invalid.FTP.Command:

you can run trial version of ExterminateIt, or remove HP.Jetdirect.Invalid.FTP.Command manually.

To completely manually remove HP.Jetdirect.Invalid.FTP.Command malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with HP.Jetdirect.Invalid.FTP.Command.

Read also:
Removing Carequinha Backdoor
QFat21 Trojan Removal instruction
Bancos.IME Trojan Removal instruction
Trout Trojan Information

Posted by anycidahaeqyj9318 at 2:14 PM 0 comments

freenet.de Tracking Cookie

Click here to remove freenet.de malware
freenet.de description:
freenet.de Category:Tracking Cookie
Tracking cookies, like regular cookies, are small files that get deposited
onto your computer's hard drive as you browse the Internet.
Unlike harmless cookies that normally let you use certain websites more easily,
tracking cookies usually collect and report information about what websites you visit
and what you do at those websites.

If you fill out forms online with your real name and contact information,
click on banners and then purchase an item, or fill out sweepstakes or contests forms,
then it's possible that major online advertisers know your name and have associated it
with your IP address and other information.

Removing freenet.de:

you can run trial version of ExterminateIt, or remove freenet.de manually.

To completely manually remove freenet.de malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with freenet.de.

Read also:
Isla3551 Trojan Cleaner
BAT.BV.Root Trojan Cleaner

Posted by anycidahaeqyj9318 at 1:59 PM 0 comments

Portal.Of.Doom Backdoor

Click here to remove Portal.Of.Doom malware
Portal.Of.Doom description:
Portal.Of.Doom Category:Backdoor,RAT
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
Often the backdoor will not be visible in the log of active programs.
Many trojans and backdoors now have remote administration capabilities
allowing an individual to control the victim's computer.
Many times a file called the server must be opened on the victim's computer before
the trojan can have access to it.

These are generally sent through email, P2P file sharing software,
and in internet downloads. They are usually disguised as a legitimate program or file.
Many server files will display a fake error message when opened, to make it seem like it didn't open.
Some will also kill antivirus and firewall software.

Some RAT trojans are pranks that are most likely being controlled by a friend or enemy on
April Fool's day or a holiday. Prank RATS are generally not harmful, and won't log keystrokes or hack.
They usually do whimsical things like flip the screen upside-down, open the CD-ROM tray,
and swap mouse buttons. However, they can be quite hard to remove.

Removing Portal.Of.Doom:

you can run trial version of ExterminateIt, or remove Portal.Of.Doom manually.

To completely manually remove Portal.Of.Doom malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Portal.Of.Doom.

Read also:
Remove IRC.SdBot.BDH Trojan
Removing seeq.com Tracking Cookie
Remove Remote.Attack.in.Small.HTTP.Server.ver.Vulnerability DoS
Win32.Stript.joke Trojan Removal

Posted by anycidahaeqyj9318 at 1:31 PM 0 comments

AUJ Trojan

Click here to remove AUJ malware
AUJ description:
AUJ Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing AUJ:

you can run trial version of ExterminateIt, or remove AUJ manually.

To completely manually remove AUJ malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with AUJ.

Read also:
Removing Sibind Trojan
Pigeon.APJ Trojan Removal instruction
Remove RadioActive.beta DoS
GGC223 Backdoor Removal instruction

Posted by anycidahaeqyj9318 at 12:03 PM 0 comments

Wicked Trojan

Click here to remove Wicked malware
Wicked description:
Wicked Category:Trojan,Backdoor,Downloader,DoS
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.

This family of Trojans downloads and installs new malware or adware on the computer.
The downloader then either launches the new malware or registers it to enable autorun
according to the local operating system requirements.

The names and locations of malware to be downloaded are either coded into the
Trojan or downloaded from a specified website.
DoS trojans conduct attacks from a single computer with the consent of the user.

Removing Wicked:

you can run trial version of ExterminateIt, or remove Wicked manually.

To completely manually remove Wicked malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Wicked.

Read also:
Crack Trojan Cleaner
JS.Wonka Hostile Code Removal instruction
Winshare Trojan Cleaner
IPing32 DoS Information

Posted by anycidahaeqyj9318 at 10:23 AM 0 comments

Lockdown.Killer Trojan

Click here to remove Lockdown.Killer malware
Lockdown.Killer description:
Lockdown.Killer Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Lockdown.Killer:

you can run trial version of ExterminateIt, or remove Lockdown.Killer manually.

To completely manually remove Lockdown.Killer malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Lockdown.Killer.

Read also:
BazookaBar BHO Symptoms
PWS.ICQInfo Trojan Removal
BagleDl.AH Trojan Information
SillyDl.CCP Downloader Symptoms
Removing dyndns.info Tracking Cookie

Posted by anycidahaeqyj9318 at 9:38 AM 0 comments

BO Trojan

Click here to remove BO malware
BO description:
BO Category:Trojan,BHO,Backdoor,RAT
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
As this information is entered by the user, it is captured by the BHO (Browser Helper Object) and
sent back to the attacker.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
Often the backdoor will not be visible in the log of active programs.
Some RAT trojans are pranks that are most likely being controlled by a friend or enemy on
April Fool's day or a holiday. Prank RATS are generally not harmful, and won't log keystrokes or hack.

Removing BO:

you can run trial version of ExterminateIt, or remove BO manually.

To completely manually remove BO malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with BO.

Read also:
topping.com.ua Tracking Cookie Cleaner
Remove Hauntpc Trojan
Removing Stumbup Trojan

Posted by anycidahaeqyj9318 at 9:32 AM 0 comments

Win32.VB.ate Trojan

Click here to remove Win32.VB.ate malware
Win32.VB.ate description:
Win32.VB.ate Category:Trojan,Backdoor
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
Often the backdoor will not be visible in the log of active programs.

Detection Win32.VB.ate :

Win32.VB.ate Files:
[%SYSTEM%]\mschkdsk.exe
[%SYSTEM%]\mschkdsk.exe

Win32.VB.ate Registry Values:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Removing Win32.VB.ate:

you can run trial version of ExterminateIt, or remove Win32.VB.ate manually.

To completely manually remove Win32.VB.ate malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Win32.VB.ate.

Read also:
Bancos.GUJ Trojan Information
Pigeon.AYI Trojan Information
Remove Pigeon.FAJ Trojan

Posted by anycidahaeqyj9318 at 9:13 AM 0 comments

Fun.Screenz Adware

Click here to remove Fun.Screenz malware
Fun.Screenz description:
Fun.Screenz Category:Adware,Hijacker
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
Hijackers are software programs that modify users' default browser home page,
search settings, error page settings, or desktop wallpaper without adequate notice, disclosure,
or user consent.

When the default home page is hijacked, the browser opens to the web page set by the hijacker
instead of the user's designated home page. In some cases, the hijacker may block users from
restoring their desired home page.

A search hijacker redirects search results to other pages and may
transmit search and browsing data to unknown servers. An error page hijacker directs
the browser to another page, usually an advertising page, instead of the usual error
page when the requested URL is not found.

A desktop hijacker replaces the desktop wallpaper with advertising
for products and services on the desktop.

Hijackers take control of various parts of your web browser, including your home page,
search pages, and search bar. They may also redirect you to certain sites should you
mistype an address or prevent you from going to a website they would rather you not,
such as sites that combat malware. Some will even redirect you to their own search engine
when you attempt a search. NB: hijackers almost exclusively target Internet Explorer.

Detection Fun.Screenz :

Fun.Screenz Files:
[%DESKTOP%]\click to find and fix errors.lnk
[%DESKTOP%]\free ringtones.lnk
[%DESKTOP%]\click to find and fix errors.lnk
[%DESKTOP%]\free ringtones.lnk
[%SYSTEM%]\aquatic.scr
[%DESKTOP%]\click to find and fix errors.lnk
[%DESKTOP%]\free ringtones.lnk
[%DESKTOP%]\click to find and fix errors.lnk
[%DESKTOP%]\free ringtones.lnk
[%SYSTEM%]\aquatic.scr

Fun.Screenz Folders:
[%PROGRAM_FILES%]\funscreenz-aquatic

Fun.Screenz Registry Keys:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\funscreenz-aquatic

Removing Fun.Screenz:

you can run trial version of ExterminateIt, or remove Fun.Screenz manually.

To completely manually remove Fun.Screenz malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Fun.Screenz.

Read also:
Excel97.Tegrat Trojan Symptoms
Lythium Trojan Symptoms
Delf.bo Downloader Removal instruction
Scanner.Blast RAT Cleaner
Pigeon.AQM Trojan Symptoms

Posted by anycidahaeqyj9318 at 8:56 AM 0 comments

Pigeon.AVPZ Trojan

Click here to remove Pigeon.AVPZ malware
Pigeon.AVPZ description:
Pigeon.AVPZ Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Pigeon.AVPZ:

you can run trial version of ExterminateIt, or remove Pigeon.AVPZ manually.

To completely manually remove Pigeon.AVPZ malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Pigeon.AVPZ.

Read also:
Removing Akosch Backdoor

Posted by anycidahaeqyj9318 at 7:21 AM 0 comments

Triple.Threat Hostile Code

Click here to remove Triple.Threat malware
Triple.Threat description:
Triple.Threat Category:Hostile Code
Hostile code is any process running on a system that is
not authorized by the system administrator, such as Trojans, viruses, or spyware.

Removing Triple.Threat:

you can run trial version of ExterminateIt, or remove Triple.Threat manually.

To completely manually remove Triple.Threat malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Triple.Threat.

Read also:
Remove SFT Trojan
PodcastBar.NetTV Trojan Symptoms
Bancos.HVH Trojan Removal
SillyDl.DBH Trojan Cleaner
Pigeon.AZK Trojan Information

Posted by anycidahaeqyj9318 at 5:39 AM 0 comments

Ishowbao BHO

Click here to remove Ishowbao malware
Ishowbao description:
Ishowbao Category:BHO,Downloader
BHO (Browser Helper Object) Trojan.
The BHO waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.
The method of network transport used by the attacker makes this Trojan unique.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.
Instead, this Trojan encodes the data with a simple XOR algorithm before placing it into
the data section of an ICMP ping packet." explained the company.
The downloader either launches the new malware or registers it to enable autorun
according to the local operating system requirements.

Detection Ishowbao :

Ishowbao Files:
[%SYSTEM%]\checknetwork.exe
[%SYSTEM%]\drivers\ispvcr.sys
[%SYSTEM%]\drivers\ispvcr.sys__
[%SYSTEM%]\drivers\tdac.sys
[%SYSTEM%]\googlebar.dll
[%SYSTEM%]\keyword.info
[%SYSTEM%]\website
[%SYSTEM%]\checknetwork.exe
[%SYSTEM%]\drivers\ispvcr.sys
[%SYSTEM%]\drivers\ispvcr.sys__
[%SYSTEM%]\drivers\tdac.sys
[%SYSTEM%]\googlebar.dll
[%SYSTEM%]\keyword.info
[%SYSTEM%]\website

Ishowbao Registry Keys:
HKEY_CLASSES_ROOT\ad.setad
HKEY_CLASSES_ROOT\brushalx.brashset
HKEY_CLASSES_ROOT\brushalx.brashset.1
HKEY_CLASSES_ROOT\clsid\{607e95a1-8f89-4343-b9bc-2efc2b291bb4}
HKEY_CLASSES_ROOT\clsid\{bcf4d74b-e6bd-4c8f-83d7-90d6439705b9}
HKEY_CLASSES_ROOT\interface\{8409d387-4567-4476-9304-94442bd4bae9}
HKEY_CLASSES_ROOT\interface\{8c2e9bc3-b172-4cc0-a74f-2ce206ea45ac}
HKEY_CLASSES_ROOT\typelib\{1ffe957b-16db-43ef-9702-9cf40a9472ec}
HKEY_CLASSES_ROOT\typelib\{fc387a2b-1103-4e9a-81a9-323c5dcfe671}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{607e95a1-8f89-4343-b9bc-2efc2b291bb4}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{bcf4d74b-e6bd-4c8f-83d7-90d6439705b9}

Removing Ishowbao:

you can run trial version of ExterminateIt, or remove Ishowbao manually.

To completely manually remove Ishowbao malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Ishowbao.

Read also:
Removing W112.hitbox.Tracking.Cookie Tracking Cookie

Posted by anycidahaeqyj9318 at 5:29 AM 0 comments

adlink.net Tracking Cookie

Click here to remove adlink.net malware
adlink.net description:
adlink.net Category:Tracking Cookie
Tracking cookies, like regular cookies, are small files that get deposited
onto your computer's hard drive as you browse the Internet.
Unlike harmless cookies that normally let you use certain websites more easily,
tracking cookies usually collect and report information about what websites you visit
and what you do at those websites.

If you fill out forms online with your real name and contact information,
click on banners and then purchase an item, or fill out sweepstakes or contests forms,
then it's possible that major online advertisers know your name and have associated it
with your IP address and other information.

Removing adlink.net:

you can run trial version of ExterminateIt, or remove adlink.net manually.

To completely manually remove adlink.net malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with adlink.net.

Read also:
DS.Web Downloader Information
Intended.COM Trojan Cleaner
Pigeon.ELM Trojan Removal instruction
Remove Pigeon.EIF Trojan

Posted by anycidahaeqyj9318 at 4:42 AM 0 comments

Win32.Zombget Trojan

Click here to remove Win32.Zombget malware
Win32.Zombget description:
Win32.Zombget Category:Trojan,Worm,Downloader
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Many of the worms which managed to cause significant outbreaks use more then
one propagation method as well as more than one infection technique.

This family of Trojans downloads and installs new malware or adware on the computer.
The downloader then either launches the new malware or registers it to enable autorun
according to the local operating system requirements.

The names and locations of malware to be downloaded are either coded into the
Trojan or downloaded from a specified website.

Removing Win32.Zombget:

you can run trial version of ExterminateIt, or remove Win32.Zombget manually.

To completely manually remove Win32.Zombget malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Win32.Zombget.

Read also:
Remove Vxidl.ASZ Trojan
Server.iad.LivePerson Tracking Cookie Removal instruction
Removing Ads.clickad.com Tracking Cookie

Posted by anycidahaeqyj9318 at 4:30 AM 0 comments

Friday, January 30, 2009

AntiMks.1beta Trojan

Click here to remove AntiMks.1beta malware
AntiMks.1beta description:
AntiMks.1beta Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing AntiMks.1beta:

you can run trial version of ExterminateIt, or remove AntiMks.1beta manually.

To completely manually remove AntiMks.1beta malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with AntiMks.1beta.

Read also:
Remove Pigeon.EPT Trojan
Ice.Storm.Killerz RAT Removal instruction

Posted by anycidahaeqyj9318 at 10:24 AM 0 comments

Win32.Spotbot Trojan

Click here to remove Win32.Spotbot malware
Win32.Spotbot description:
Win32.Spotbot Category:Trojan,Backdoor
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
They function in the same way as legal remote administration programs used by system administrators.
This makes them difficult to detect.

Backdoors are installed and launched without the consent of the user of computer.
Often the backdoor will not be visible in the log of active programs.

Once a backdoor has been successfully launched, the computer is wide open.
Backdoor functions can include:


  • Launching/ deleting files

  • Sending/ receiving files

  • Deleting data

  • Displaying notification

  • Rebooting the machine

  • Executing files




Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.
Backdoors combine the functionality of most other types of in one package.

Backdoors have one especially dangerous sub-class: variants that can propagate like worms.

Removing Win32.Spotbot:

you can run trial version of ExterminateIt, or remove Win32.Spotbot manually.

To completely manually remove Win32.Spotbot malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Win32.Spotbot.

Read also:
Trojan.Spy.Win32.Sters Trojan Cleaner
Remove Stadich Trojan
MD Adware Symptoms
JS.SillyDlScript Trojan Removal instruction

Posted by anycidahaeqyj9318 at 5:11 AM 0 comments

Pigeon.ANR Trojan

Click here to remove Pigeon.ANR malware
Pigeon.ANR description:
Pigeon.ANR Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Pigeon.ANR:

you can run trial version of ExterminateIt, or remove Pigeon.ANR manually.

To completely manually remove Pigeon.ANR malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Pigeon.ANR.

Read also:
External Backdoor Removal instruction
Bancos.HYM Trojan Removal

Posted by anycidahaeqyj9318 at 3:43 AM 0 comments

Thursday, January 29, 2009

SubSeven.BruitForcer Backdoor

Click here to remove SubSeven.BruitForcer malware
SubSeven.BruitForcer description:
SubSeven.BruitForcer Category:Backdoor
Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.

Removing SubSeven.BruitForcer:

you can run trial version of ExterminateIt, or remove SubSeven.BruitForcer manually.

To completely manually remove SubSeven.BruitForcer malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with SubSeven.BruitForcer.

Read also:
Pigeon.ASV Trojan Symptoms
Zlob.Fam.WinMediaCodec Trojan Information
Bat.Batarj Trojan Cleaner
Remove Vxidl.AEY Trojan
YourEnhancement Downloader Cleaner

Posted by anycidahaeqyj9318 at 11:19 PM 0 comments

Skrat.A!client Trojan

Click here to remove Skrat.A!client malware
Skrat.A!client description:
Skrat.A!client Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Skrat.A!client:

you can run trial version of ExterminateIt, or remove Skrat.A!client manually.

To completely manually remove Skrat.A!client malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Skrat.A!client.

Read also:
Cannabis Trojan Removal instruction
Tollehs Trojan Removal
SysDLL2 Trojan Symptoms
Remove Naras Trojan
Tencent Adware Cleaner

Posted by anycidahaeqyj9318 at 10:07 PM 0 comments

Namaz Trojan

Click here to remove Namaz malware
Namaz description:
Namaz Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Namaz:

you can run trial version of ExterminateIt, or remove Namaz manually.

To completely manually remove Namaz malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Namaz.

Read also:
DivoPlayer Adware Removal
Removing Bancos.GYQ Trojan
Desktophijack.C Trojan Symptoms

Posted by anycidahaeqyj9318 at 8:25 PM 0 comments

SillyDl.AWW Downloader

Click here to remove SillyDl.AWW malware
SillyDl.AWW description:
SillyDl.AWW Category:Downloader
The downloader either launches the new malware or registers it to enable autorun
according to the local operating system requirements.

Removing SillyDl.AWW:

you can run trial version of ExterminateIt, or remove SillyDl.AWW manually.

To completely manually remove SillyDl.AWW malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with SillyDl.AWW.

Read also:
TrojanNotifier.Win32.Small Trojan Symptoms
Bancos.HGJ Trojan Symptoms

Posted by anycidahaeqyj9318 at 8:07 PM 0 comments

VBS.CyberShadow Trojan

Click here to remove VBS.CyberShadow malware
VBS.CyberShadow description:
VBS.CyberShadow Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing VBS.CyberShadow:

you can run trial version of ExterminateIt, or remove VBS.CyberShadow manually.

To completely manually remove VBS.CyberShadow malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with VBS.CyberShadow.

Read also:
Pigeon.AVOW Trojan Removal instruction
Removing Bancos.GQH Trojan
Remove Ghost.Keylogger.Lite Spyware
Likha Trojan Information
Remove SpySender.65b RAT

Posted by anycidahaeqyj9318 at 12:59 PM 0 comments

SillyDl.DAW Trojan

Click here to remove SillyDl.DAW malware
SillyDl.DAW description:
SillyDl.DAW Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing SillyDl.DAW:

you can run trial version of ExterminateIt, or remove SillyDl.DAW manually.

To completely manually remove SillyDl.DAW malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with SillyDl.DAW.

Read also:
Removing PervScan Trojan
Bobdoor Trojan Cleaner
AG Trojan Cleaner
Vxidl.AWG Trojan Symptoms
Remove Win32.Harvester.Spy.Tro Trojan

Posted by anycidahaeqyj9318 at 11:44 AM 0 comments

Delf.bw Spyware

Click here to remove Delf.bw malware
Delf.bw description:
Delf.bw Category:Spyware,Downloader
Spyware programs can collect various types of personal information,
such as Internet surfing habit, sites that have been visited,
but can also interfere with user control of the computer in other ways,
such as installing additional software, redirecting Web browser activity,
accessing websites blindly that will cause more harmful viruses,
or diverting advertising revenue to a third party.
Trojans-downloaders downloads and installs new malware or adware on the computer.

Removing Delf.bw:

you can run trial version of ExterminateIt, or remove Delf.bw manually.

To completely manually remove Delf.bw malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Delf.bw.

Read also:
Remove Oeminfo Trojan
Remove Beta25 Trojan
Boro Trojan Removal instruction

Posted by anycidahaeqyj9318 at 11:00 AM 0 comments

affistats.com Tracking Cookie

Click here to remove affistats.com malware
affistats.com description:
affistats.com Category:Tracking Cookie
Tracking cookies, like regular cookies, are small files that get deposited
onto your computer's hard drive as you browse the Internet.
Unlike harmless cookies that normally let you use certain websites more easily,
tracking cookies usually collect and report information about what websites you visit
and what you do at those websites.

Removing affistats.com:

you can run trial version of ExterminateIt, or remove affistats.com manually.

To completely manually remove affistats.com malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with affistats.com.

Read also:
Bat.KillFiles.ad Trojan Removal
ProBot.Activity.Monitor Spyware Removal instruction
Removing Bancos.HXT Trojan

Posted by anycidahaeqyj9318 at 9:35 AM 0 comments

PPRich Adware

Click here to remove PPRich malware
PPRich description:
PPRich Category:Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

Detection PPRich :

PPRich Files:
[%APPDATA%]\Intuit\UPS Shipping Manager\Database\AbstractServerRequest.blb
[%APPDATA%]\Intuit\UPS Shipping Manager\Database\Activity.blb
[%APPDATA%]\Intuit\UPS Shipping Manager\Database\AUFServerRequest.blb
[%APPDATA%]\Intuit\UPS Shipping Manager\Database\LogItem.blb
[%APPDATA%]\Intuit\UPS Shipping Manager\Database\Manifest.blb
[%APPDATA%]\Intuit\UPS Shipping Manager\Database\Package.blb
[%APPDATA%]\Intuit\UPS Shipping Manager\Database\Shipment.blb
[%APPDATA%]\Intuit\UPS Shipping Manager\Database\UPSMailAttachment.blb
[%APPDATA%]\Intuit\UPS Shipping Manager\Database\UPSMailMessage.blb
[%APPDATA%]\Thornsoft Development\ClipMate5\Long-Term\blobimg.blb
[%APPDATA%]\Thornsoft Development\ClipMate5\Long-Term\blobjpg.blb
[%APPDATA%]\Thornsoft Development\ClipMate5\Long-Term\blobpng.blb
[%APPDATA%]\Thornsoft Development\ClipMate5\Long-Term\users.idx
[%APPDATA%]\Thornsoft Development\ClipMate6\blobimg.blb
[%APPDATA%]\Thornsoft Development\ClipMate6\users.idx
[%APPDATA%]\Z-Firm LLC\OrderManager\database\BucketItem.blb
[%APPDATA%]\Z-Firm LLC\OrderManager\database\Payment.blb
[%APPDATA%]\Z-Firm LLC\OrderManager\database\ReportTemplate.blb
[%APPDATA%]\Z-Firm LLC\ShipRush v4\Database.v4\AbstractServerRequest.blb
[%APPDATA%]\Z-Firm LLC\ShipRush v4\Database.v4\Activity.blb
[%APPDATA%]\Z-Firm LLC\ShipRush v4\Database.v4\AUFServerRequest.blb
[%APPDATA%]\Z-Firm LLC\ShipRush v4\Database.v4\LogItem.blb
[%APPDATA%]\Z-Firm LLC\ShipRush v4\Database.v4\Manifest.blb
[%APPDATA%]\Z-Firm LLC\ShipRush v4\Database.v4\PrintableDocument.blb
[%APPDATA%]\Z-Firm LLC\ShipRush v4\Database.v4\UPSMailAttachment.blb
[%APPDATA%]\Z-Firm LLC\ShipRush v4\Database.v4\UPSMailMessage.blb
[%APPDATA%]\Z-Firm LLC\ShipRush v5\Database.v5\AUFServerRequest.blb
[%APPDATA%]\Z-Firm LLC\ShipRush v5\Database.v5\UPSMailAttachment.blb
[%APPDATA%]\Z-Firm LLC\ShipRush v5\Database.v5\UPSMailMessage.blb
[%PROFILE_TEMP%]\19040.blb
[%PROFILE_TEMP%]\19041.blb
[%PROFILE_TEMP%]\19042.blb
[%PROFILE_TEMP%]\19043.blb
[%PROFILE_TEMP%]\19044.blb
[%PROFILE_TEMP%]\DMSTemp\PrivateDB\DMS27B\34920.blb
[%PROFILE_TEMP%]\DMSTemp\PrivateDB\DMS294\28240.blb
[%PROFILE_TEMP%]\DMSTemp\PrivateDB\DMS2A\27840.blb
[%PROGRAM_FILES%]\Axence\NetTools\3.1\Atlases\00000000\AgentsData.blb
[%PROGRAM_FILES%]\Axence\NetTools\3.1\Atlases\00000000\AlertsGeneratedItem_Actions.blb
[%PROGRAM_FILES%]\Axence\NetTools\3.1\Atlases\00000000\Counters.blb
[%PROGRAM_FILES%]\Axence\NetTools\3.1\Atlases\00000000\History.blb
[%PROGRAM_FILES%]\Axence\NetTools\3.1\Atlases\00000000\Hosts.blb
[%PROGRAM_FILES%]\Axence\NetTools\3.1\Atlases\00000000\Networks.blb
[%PROGRAM_FILES%]\Axence\NetTools\3.1\Atlases\00000000\Reports.blb
[%PROGRAM_FILES%]\Axence\NetTools\3.1\Atlases\SYSTEM\Atlases.blb
[%PROFILE%]\Ustawienia lokalne\Temp\19040.blb
[%PROFILE%]\Ustawienia lokalne\Temp\19041.blb
[%PROFILE%]\Ustawienia lokalne\Temp\19042.blb
[%PROFILE%]\Ustawienia lokalne\Temp\19043.blb
[%PROFILE%]\Ustawienia lokalne\Temp\19044.blb
[%SYSTEM%]\Temp\alrsvc.txt.ppg
[%WINDOWS%]\SysPPHash.dll
[%WINDOWS%]\SysPPMultThd.dll
[%APPDATA%]\Intuit\UPS Shipping Manager\Database\AbstractServerRequest.blb
[%APPDATA%]\Intuit\UPS Shipping Manager\Database\Activity.blb
[%APPDATA%]\Intuit\UPS Shipping Manager\Database\AUFServerRequest.blb
[%APPDATA%]\Intuit\UPS Shipping Manager\Database\LogItem.blb
[%APPDATA%]\Intuit\UPS Shipping Manager\Database\Manifest.blb
[%APPDATA%]\Intuit\UPS Shipping Manager\Database\Package.blb
[%APPDATA%]\Intuit\UPS Shipping Manager\Database\Shipment.blb
[%APPDATA%]\Intuit\UPS Shipping Manager\Database\UPSMailAttachment.blb
[%APPDATA%]\Intuit\UPS Shipping Manager\Database\UPSMailMessage.blb
[%APPDATA%]\Thornsoft Development\ClipMate5\Long-Term\blobimg.blb
[%APPDATA%]\Thornsoft Development\ClipMate5\Long-Term\blobjpg.blb
[%APPDATA%]\Thornsoft Development\ClipMate5\Long-Term\blobpng.blb
[%APPDATA%]\Thornsoft Development\ClipMate5\Long-Term\users.idx
[%APPDATA%]\Thornsoft Development\ClipMate6\blobimg.blb
[%APPDATA%]\Thornsoft Development\ClipMate6\users.idx
[%APPDATA%]\Z-Firm LLC\OrderManager\database\BucketItem.blb
[%APPDATA%]\Z-Firm LLC\OrderManager\database\Payment.blb
[%APPDATA%]\Z-Firm LLC\OrderManager\database\ReportTemplate.blb
[%APPDATA%]\Z-Firm LLC\ShipRush v4\Database.v4\AbstractServerRequest.blb
[%APPDATA%]\Z-Firm LLC\ShipRush v4\Database.v4\Activity.blb
[%APPDATA%]\Z-Firm LLC\ShipRush v4\Database.v4\AUFServerRequest.blb
[%APPDATA%]\Z-Firm LLC\ShipRush v4\Database.v4\LogItem.blb
[%APPDATA%]\Z-Firm LLC\ShipRush v4\Database.v4\Manifest.blb
[%APPDATA%]\Z-Firm LLC\ShipRush v4\Database.v4\PrintableDocument.blb
[%APPDATA%]\Z-Firm LLC\ShipRush v4\Database.v4\UPSMailAttachment.blb
[%APPDATA%]\Z-Firm LLC\ShipRush v4\Database.v4\UPSMailMessage.blb
[%APPDATA%]\Z-Firm LLC\ShipRush v5\Database.v5\AUFServerRequest.blb
[%APPDATA%]\Z-Firm LLC\ShipRush v5\Database.v5\UPSMailAttachment.blb
[%APPDATA%]\Z-Firm LLC\ShipRush v5\Database.v5\UPSMailMessage.blb
[%PROFILE_TEMP%]\19040.blb
[%PROFILE_TEMP%]\19041.blb
[%PROFILE_TEMP%]\19042.blb
[%PROFILE_TEMP%]\19043.blb
[%PROFILE_TEMP%]\19044.blb
[%PROFILE_TEMP%]\DMSTemp\PrivateDB\DMS27B\34920.blb
[%PROFILE_TEMP%]\DMSTemp\PrivateDB\DMS294\28240.blb
[%PROFILE_TEMP%]\DMSTemp\PrivateDB\DMS2A\27840.blb
[%PROGRAM_FILES%]\Axence\NetTools\3.1\Atlases\00000000\AgentsData.blb
[%PROGRAM_FILES%]\Axence\NetTools\3.1\Atlases\00000000\AlertsGeneratedItem_Actions.blb
[%PROGRAM_FILES%]\Axence\NetTools\3.1\Atlases\00000000\Counters.blb
[%PROGRAM_FILES%]\Axence\NetTools\3.1\Atlases\00000000\History.blb
[%PROGRAM_FILES%]\Axence\NetTools\3.1\Atlases\00000000\Hosts.blb
[%PROGRAM_FILES%]\Axence\NetTools\3.1\Atlases\00000000\Networks.blb
[%PROGRAM_FILES%]\Axence\NetTools\3.1\Atlases\00000000\Reports.blb
[%PROGRAM_FILES%]\Axence\NetTools\3.1\Atlases\SYSTEM\Atlases.blb
[%PROFILE%]\Ustawienia lokalne\Temp\19040.blb
[%PROFILE%]\Ustawienia lokalne\Temp\19041.blb
[%PROFILE%]\Ustawienia lokalne\Temp\19042.blb
[%PROFILE%]\Ustawienia lokalne\Temp\19043.blb
[%PROFILE%]\Ustawienia lokalne\Temp\19044.blb
[%SYSTEM%]\Temp\alrsvc.txt.ppg
[%WINDOWS%]\SysPPHash.dll
[%WINDOWS%]\SysPPMultThd.dll

PPRich Folders:
[%PROGRAM_FILES%]\PPRich

PPRich Registry Keys:
HKEY_CLASSES_ROOT\clsid\{9d966685-3d58-4170-b008-05bd7c1628b0}
HKEY_CLASSES_ROOT\clsid\{a4ca69a9-5ca7-4110-9922-62dfdd902a07}
HKEY_CLASSES_ROOT\interface\{57523abf-6c26-4fb9-b6ea-6cecfc403764}
HKEY_CLASSES_ROOT\interface\{6b32aa76-2071-4b16-ae16-d206fc99ea5a}
HKEY_CLASSES_ROOT\interface\{780bb4cb-f55b-4965-8cec-86834d7a14d8}
HKEY_CLASSES_ROOT\minippgou.cominippgou
HKEY_CLASSES_ROOT\pprich.player
HKEY_CLASSES_ROOT\typelib\{45e3d498-da44-40d2-8f3b-59b34426ffab}
HKEY_CLASSES_ROOT\typelib\{819b7e0d-3ed5-4217-9fd6-5e8241ae6a25}
HKEY_CLASSES_ROOT\clsid\{083863f1-70de-11d0-bd40-00a0c911ce86}\instance\{4ccbc79c-7f0d-4be0-94d7-e69e236488cf}
HKEY_CLASSES_ROOT\clsid\{4ccbc79c-7f0d-4be0-94d7-e69e236488cf}

Removing PPRich:

you can run trial version of ExterminateIt, or remove PPRich manually.

To completely manually remove PPRich malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with PPRich.

Read also:
TimeDead Trojan Removal instruction

Posted by anycidahaeqyj9318 at 1:28 AM 0 comments

Wednesday, January 28, 2009

Laplink.LaplinkGold RAT

Click here to remove Laplink.LaplinkGold malware
Laplink.LaplinkGold description:
Laplink.LaplinkGold Category:RAT
Many trojans and backdoors now have remote administration capabilities
allowing an individual to control the victim's computer.
Many times a file called the server must be opened on the victim's computer before
the trojan can have access to it.

These are generally sent through email, P2P file sharing software,
and in internet downloads. They are usually disguised as a legitimate program or file.
Many server files will display a fake error message when opened, to make it seem like it didn't open.
Some will also kill antivirus and firewall software.

Removing Laplink.LaplinkGold:

you can run trial version of ExterminateIt, or remove Laplink.LaplinkGold manually.

To completely manually remove Laplink.LaplinkGold malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Laplink.LaplinkGold.

Read also:
Chisyne Trojan Cleaner
LinkSynergy.com Tracking Cookie Information
Remove LookQuick Toolbar
Soho.Anywhere Trojan Information

Posted by anycidahaeqyj9318 at 8:40 PM 0 comments

Schoolbus Backdoor

Click here to remove Schoolbus malware
Schoolbus description:
Schoolbus Category:Backdoor,RAT,Hacker Tool
Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.

Many trojans and backdoors now have remote administration capabilities
allowing an individual to control the victim's computer.
Many times a file called the server must be opened on the victim's computer before
the trojan can have access to it.

These are generally sent through email, P2P file sharing software,
and in internet downloads. They are usually disguised as a legitimate program or file.
Many server files will display a fake error message when opened, to make it seem like it didn't open.
Some will also kill antivirus and firewall software.

Some RAT trojans are pranks that are most likely being controlled by a friend or enemy on
April Fool's day or a holiday. Prank RATS are generally not harmful, and won't log keystrokes or hack.
They usually do whimsical things like flip the screen upside-down, open the CD-ROM tray,
and swap mouse buttons. However, they can be quite hard to remove.
Hacker Tools are designed to penetrate remote computers
in order to use them as zombies or to download other malicious programs to computer.

Removing Schoolbus:

you can run trial version of ExterminateIt, or remove Schoolbus manually.

To completely manually remove Schoolbus malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Schoolbus.

Read also:
Remove trulia.com Tracking Cookie
Agobot.bq Trojan Removal instruction

Posted by anycidahaeqyj9318 at 7:24 PM 0 comments

Generic.Del Trojan

Click here to remove Generic.Del malware
Generic.Del description:
Generic.Del Category:Trojan,Downloader
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
This family of Trojans downloads and installs new malware or adware on the computer.
The downloader then either launches the new malware or registers it to enable autorun
according to the local operating system requirements.

The names and locations of malware to be downloaded are either coded into the
Trojan or downloaded from a specified website.

Removing Generic.Del:

you can run trial version of ExterminateIt, or remove Generic.Del manually.

To completely manually remove Generic.Del malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Generic.Del.

Read also:
Remove IRCBot.ma Backdoor
Zlob.ad Downloader Information
SysNT Trojan Symptoms
Dream Trojan Cleaner
Removing 2nd Thought Adware

Posted by anycidahaeqyj9318 at 2:00 PM 0 comments

Pigeon.AHR Trojan

Click here to remove Pigeon.AHR malware
Pigeon.AHR description:
Pigeon.AHR Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Pigeon.AHR:

you can run trial version of ExterminateIt, or remove Pigeon.AHR manually.

To completely manually remove Pigeon.AHR malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Pigeon.AHR.

Read also:
TX Adware Information

Posted by anycidahaeqyj9318 at 1:50 PM 0 comments

Kox DoS

Click here to remove Kox malware
Kox description:
Kox Category:DoS
These programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.

DoS trojans conduct such attacks from a single computer with the consent of the user.

Worms can carry a DoS procedure as part of their payload.

Removing Kox:

you can run trial version of ExterminateIt, or remove Kox manually.

To completely manually remove Kox malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Kox.

Read also:
Predator Trojan Information
Remove Blastit Trojan

Posted by anycidahaeqyj9318 at 7:29 AM 0 comments

Posmod Trojan

Click here to remove Posmod malware
Posmod description:
Posmod Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Posmod:

you can run trial version of ExterminateIt, or remove Posmod manually.

To completely manually remove Posmod malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Posmod.

Read also:
FTPList Trojan Information
Pigeon.AWHY Trojan Information
Andromeda Trojan Removal instruction
Pcapmerge Trojan Removal instruction
Removing Vxidl.ARJ Trojan

Posted by anycidahaeqyj9318 at 4:20 AM 0 comments

Bancos.FXO Trojan

Click here to remove Bancos.FXO malware
Bancos.FXO description:
Bancos.FXO Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Bancos.FXO:

you can run trial version of ExterminateIt, or remove Bancos.FXO manually.

To completely manually remove Bancos.FXO malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Bancos.FXO.

Read also:
Calego Trojan Cleaner
Removing Pcclient Trojan
Xeol Backdoor Removal
Skyscraper Backdoor Removal instruction

Posted by anycidahaeqyj9318 at 4:05 AM 0 comments

Bat.Mobius Trojan

Click here to remove Bat.Mobius malware
Bat.Mobius description:
Bat.Mobius Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Bat.Mobius:

you can run trial version of ExterminateIt, or remove Bat.Mobius manually.

To completely manually remove Bat.Mobius malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Bat.Mobius.

Read also:
Bancos.FYT Trojan Information

Posted by anycidahaeqyj9318 at 2:47 AM 0 comments

EyeWeb Adware

Click here to remove EyeWeb malware
EyeWeb description:
EyeWeb Category:Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

Removing EyeWeb:

you can run trial version of ExterminateIt, or remove EyeWeb manually.

To completely manually remove EyeWeb malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with EyeWeb.

Read also:
Pigeon.AWKF Trojan Information
Bat.Me9yrs Backdoor Removal

Posted by anycidahaeqyj9318 at 12:25 AM 0 comments

Tuesday, January 27, 2009

Small.lw Downloader

Click here to remove Small.lw malware
Small.lw description:
Small.lw Category:Downloader
This family of Trojans downloads and installs new malware or adware on the computer.
The downloader then either launches the new malware or registers it to enable autorun
according to the local operating system requirements.

The names and locations of malware to be downloaded are either coded into the
Trojan or downloaded from a specified website.

Removing Small.lw:

you can run trial version of ExterminateIt, or remove Small.lw manually.

To completely manually remove Small.lw malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Small.lw.

Read also:
SillyDl.BBP Trojan Removal instruction
Remove Pigeon.EII Trojan

Posted by anycidahaeqyj9318 at 11:01 PM 0 comments

W95.Heretic Trojan

Click here to remove W95.Heretic malware
W95.Heretic description:
W95.Heretic Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing W95.Heretic:

you can run trial version of ExterminateIt, or remove W95.Heretic manually.

To completely manually remove W95.Heretic malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with W95.Heretic.

Read also:
Backdoor.Asylum Trojan Information
Lookup.Abeb BHO Information

Posted by anycidahaeqyj9318 at 8:52 PM 0 comments

not.virus:Joke.Wellcome Trojan

Click here to remove not.virus:Joke.Wellcome malware
not.virus:Joke.Wellcome description:
not.virus:Joke.Wellcome Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing not.virus:Joke.Wellcome:

you can run trial version of ExterminateIt, or remove not.virus:Joke.Wellcome manually.

To completely manually remove not.virus:Joke.Wellcome malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with not.virus:Joke.Wellcome.

Read also:
SillyDl.DJW Trojan Symptoms
Removing InCommand.67b Backdoor

Posted by anycidahaeqyj9318 at 8:20 PM 0 comments

Frethog.ACR Trojan

Click here to remove Frethog.ACR malware
Frethog.ACR description:
Frethog.ACR Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Frethog.ACR:

you can run trial version of ExterminateIt, or remove Frethog.ACR manually.

To completely manually remove Frethog.ACR malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Frethog.ACR.

Read also:
Bancos.FWU Trojan Information

Posted by anycidahaeqyj9318 at 6:37 PM 0 comments

PSW.LMIR.ez Trojan

Click here to remove PSW.LMIR.ez malware
PSW.LMIR.ez description:
PSW.LMIR.ez Category:Trojan,Hacker Tool
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
These utilities are designed to penetrate remote computers
in order to use them as zombies (by using backdoors) or to download other malicious programs to computer.

Exploits use vulnerabilities in operating systems and applications to achieve the same result.

Removing PSW.LMIR.ez:

you can run trial version of ExterminateIt, or remove PSW.LMIR.ez manually.

To completely manually remove PSW.LMIR.ez malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with PSW.LMIR.ez.

Read also:
Remove slotchbar Hijacker
PSW.Deathmin Trojan Cleaner
Pigeon.AWIT Trojan Symptoms
Pigeon.BBK Trojan Cleaner

Posted by anycidahaeqyj9318 at 3:39 PM 0 comments

Bancos.HPP Trojan

Click here to remove Bancos.HPP malware
Bancos.HPP description:
Bancos.HPP Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Bancos.HPP:

you can run trial version of ExterminateIt, or remove Bancos.HPP manually.

To completely manually remove Bancos.HPP malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Bancos.HPP.

Read also:
NVHD.COMSPEC Trojan Removal instruction
Costrat Adware Information

Posted by anycidahaeqyj9318 at 3:31 PM 0 comments

Vxidl.ALT Trojan

Click here to remove Vxidl.ALT malware
Vxidl.ALT description:
Vxidl.ALT Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Vxidl.ALT:

you can run trial version of ExterminateIt, or remove Vxidl.ALT manually.

To completely manually remove Vxidl.ALT malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Vxidl.ALT.

Read also:
Vxidl.BEG Trojan Symptoms
Small.et Trojan Removal

Posted by anycidahaeqyj9318 at 2:26 PM 0 comments

Agent.BDO Trojan

Click here to remove Agent.BDO malware
Agent.BDO description:
Agent.BDO Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Detection Agent.BDO :

Agent.BDO Files:
[%WINDOWS%]\AntiAdwa.exe
[%WINDOWS%]\NTServer.DLL
[%WINDOWS%]\sclgntfys.dll
[%WINDOWS%]\winamps.dll
[%WINDOWS%]\AntiAdwa.exe
[%WINDOWS%]\NTServer.DLL
[%WINDOWS%]\sclgntfys.dll
[%WINDOWS%]\winamps.dll

Agent.BDO Folders:
[%SYSTEM%]\system\.setupq

Agent.BDO Registry Keys:
HKEY_CLASSES_ROOT\clsid\{fdc9c3c0-4b00-1d11-abed-70495e710015}
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\sclgntfys
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\.setupq
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\umwdfmgr

Removing Agent.BDO:

you can run trial version of ExterminateIt, or remove Agent.BDO manually.

To completely manually remove Agent.BDO malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Agent.BDO.

Read also:
MSN.Energy DoS Removal
W95.Prizzy Trojan Removal
Sockets.de.Troie RAT Removal
McVeigh Trojan Removal
Banbra.dd Trojan Symptoms

Posted by anycidahaeqyj9318 at 1:52 PM 0 comments

Pest Trap Ransomware

Click here to remove Pest Trap malware
Pest Trap description:
Pest Trap Category:Ransomware
A cryptovirus, cryptotrojan or cryptoworm is a type of
malware that encrypts the data belonging to an individual on a computer,
demanding a ransom for its restoration.

The term ransomware is commonly used to describe software that encrypts the data
belonging to an individual on a computer, demanding a ransom for its restoration.
Although the field known as cryptovirology predates the term "ransomware".

Detection Pest Trap :

Pest Trap Files:
[%DESKTOP%]\pesttrap.lnk
[%PROGRAM_FILES%]\PestTrap\base.avd
[%PROGRAM_FILES%]\PestTrap\base001.avd
[%PROGRAM_FILES%]\PestTrap\base002.avd
[%PROGRAM_FILES%]\PestTrap\found.wav
[%PROGRAM_FILES%]\PestTrap\heur000.dll
[%PROGRAM_FILES%]\PestTrap\heur001.dll
[%PROGRAM_FILES%]\PestTrap\heur002.dll
[%PROGRAM_FILES%]\PestTrap\heur003.dll
[%PROGRAM_FILES%]\PestTrap\notfound.wav
[%PROGRAM_FILES%]\PestTrap\PestTrap.dvm
[%PROGRAM_FILES%]\PestTrap\PestTrap.exe
[%PROGRAM_FILES%]\PestTrap\removed.wav
[%PROGRAM_FILES%]\PestTrap\Uninstall.exe
[%DESKTOP%]\pesttrap.lnk
[%PROGRAM_FILES%]\PestTrap\base.avd
[%PROGRAM_FILES%]\PestTrap\base001.avd
[%PROGRAM_FILES%]\PestTrap\base002.avd
[%PROGRAM_FILES%]\PestTrap\found.wav
[%PROGRAM_FILES%]\PestTrap\heur000.dll
[%PROGRAM_FILES%]\PestTrap\heur001.dll
[%PROGRAM_FILES%]\PestTrap\heur002.dll
[%PROGRAM_FILES%]\PestTrap\heur003.dll
[%PROGRAM_FILES%]\PestTrap\notfound.wav
[%PROGRAM_FILES%]\PestTrap\PestTrap.dvm
[%PROGRAM_FILES%]\PestTrap\PestTrap.exe
[%PROGRAM_FILES%]\PestTrap\removed.wav
[%PROGRAM_FILES%]\PestTrap\Uninstall.exe

Pest Trap Folders:
[%PROGRAMS%]\pesttrap
[%PROGRAM_FILES%]\pesttrap

Pest Trap Registry Keys:
HKEY_CURRENT_USER\Software\PestTrap
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Pest Trap

Pest Trap Registry Values:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run

Removing Pest Trap:

you can run trial version of ExterminateIt, or remove Pest Trap manually.

To completely manually remove Pest Trap malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Pest Trap.

Read also:
Hanson DoS Information
Removing Ecoly Trojan
SillyDl.CTR Trojan Symptoms
SillyDl.CXS Trojan Removal instruction

Posted by anycidahaeqyj9318 at 1:32 PM 0 comments

Pigeon.ATI Trojan

Click here to remove Pigeon.ATI malware
Pigeon.ATI description:
Pigeon.ATI Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Pigeon.ATI:

you can run trial version of ExterminateIt, or remove Pigeon.ATI manually.

To completely manually remove Pigeon.ATI malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Pigeon.ATI.

Read also:
Porndial Trojan Removal

Posted by anycidahaeqyj9318 at 7:27 AM 0 comments

Snackpot Trojan

Click here to remove Snackpot malware
Snackpot description:
Snackpot Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Snackpot:

you can run trial version of ExterminateIt, or remove Snackpot manually.

To completely manually remove Snackpot malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Snackpot.

Read also:
Removing Pigeon.AVFD Trojan
Moonpie Trojan Removal
Bancos.GQO Trojan Removal
Key.Spy.Software Spyware Information
Removing Shit.Heep RAT

Posted by anycidahaeqyj9318 at 2:46 AM 0 comments

DOS32.Volat Trojan

Click here to remove DOS32.Volat malware
DOS32.Volat description:
DOS32.Volat Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing DOS32.Volat:

you can run trial version of ExterminateIt, or remove DOS32.Volat manually.

To completely manually remove DOS32.Volat malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with DOS32.Volat.

Read also:
Sstrojg Trojan Removal instruction
Remove Wadspeld Trojan

Posted by anycidahaeqyj9318 at 2:41 AM 0 comments

Xterm.Exp DoS

Click here to remove Xterm.Exp malware
Xterm.Exp description:
Xterm.Exp Category:DoS
These programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.

DoS trojans conduct such attacks from a single computer with the consent of the user.

Worms can carry a DoS procedure as part of their payload.

Removing Xterm.Exp:

you can run trial version of ExterminateIt, or remove Xterm.Exp manually.

To completely manually remove Xterm.Exp malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Xterm.Exp.

Read also:
Yahoo!.Remover DoS Removal
Pigeon.EVC Trojan Removal instruction
VB.wg Downloader Symptoms

Posted by anycidahaeqyj9318 at 2:06 AM 0 comments

Vxidl.AVT Trojan

Click here to remove Vxidl.AVT malware
Vxidl.AVT description:
Vxidl.AVT Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Vxidl.AVT:

you can run trial version of ExterminateIt, or remove Vxidl.AVT manually.

To completely manually remove Vxidl.AVT malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Vxidl.AVT.

Read also:
Maxifiles Adware Removal
Terminate Trojan Removal instruction
Inferno.Industries.Uploader Downloader Cleaner

Posted by anycidahaeqyj9318 at 12:07 AM 0 comments

Monday, January 26, 2009

Phantom.FTP.Server Backdoor

Click here to remove Phantom.FTP.Server malware
Phantom.FTP.Server description:
Phantom.FTP.Server Category:Backdoor,Hacker Tool
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
They function in the same way as legal remote administration programs used by system administrators.
This makes them difficult to detect.

Backdoors are installed and launched without the consent of the user of computer.
Often the backdoor will not be visible in the log of active programs.

Once a backdoor has been successfully launched, the computer is wide open.
Backdoor functions can include:


  • Launching/ deleting files

  • Sending/ receiving files

  • Deleting data

  • Displaying notification

  • Rebooting the machine

  • Executing files




Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.
Backdoors combine the functionality of most other types of in one package.

Backdoors have one especially dangerous sub-class: variants that can propagate like worms.
Exploits use vulnerabilities in operating systems and applications to achieve the same result.

Removing Phantom.FTP.Server:

you can run trial version of ExterminateIt, or remove Phantom.FTP.Server manually.

To completely manually remove Phantom.FTP.Server malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Phantom.FTP.Server.

Read also:
VB.wg Downloader Information
Katien Backdoor Information

Posted by anycidahaeqyj9318 at 11:53 PM 0 comments

Vxidl.AZF Trojan

Click here to remove Vxidl.AZF malware
Vxidl.AZF description:
Vxidl.AZF Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Vxidl.AZF:

you can run trial version of ExterminateIt, or remove Vxidl.AZF manually.

To completely manually remove Vxidl.AZF malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Vxidl.AZF.

Read also:
PSW.GaoPro Trojan Removal instruction
Bancos.GTZ Trojan Removal
GAMSofts.TelSrv.attack DoS Removal instruction

Posted by anycidahaeqyj9318 at 11:25 PM 0 comments

Small.DWC Downloader

Click here to remove Small.DWC malware
Small.DWC description:
Small.DWC Category:Downloader
Trojans-downloaders downloads and installs new malware or adware on the computer.

Detection Small.DWC :

Small.DWC Files:
[%SYSTEM%]\cwxtligetea.dll
[%WINDOWS%]\inf\msmgr32.dll
[%SYSTEM%]\cwxtligetea.dll
[%WINDOWS%]\inf\msmgr32.dll

Small.DWC Registry Keys:
HKEY_CLASSES_ROOT\clsid\{9f143c3a-1457-6cca-03a7-7aa23b61e40f}

Small.DWC Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler

Removing Small.DWC:

you can run trial version of ExterminateIt, or remove Small.DWC manually.

To completely manually remove Small.DWC malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Small.DWC.

Read also:
Lookup.Chgrgs BHO Symptoms
User.Logger Spyware Removal
Bancos.GJP Trojan Symptoms
Remove Backdoor.Mnets.Server Trojan
VCodec Trojan Removal

Posted by anycidahaeqyj9318 at 11:07 PM 0 comments

WorldWideVegas.com Tracking Cookie

Click here to remove WorldWideVegas.com malware
WorldWideVegas.com description:
WorldWideVegas.com Category:Tracking Cookie
Tracking cookies, like regular cookies, are small files that get deposited
onto your computer's hard drive as you browse the Internet.
Unlike harmless cookies that normally let you use certain websites more easily,
tracking cookies usually collect and report information about what websites you visit
and what you do at those websites.

Removing WorldWideVegas.com:

you can run trial version of ExterminateIt, or remove WorldWideVegas.com manually.

To completely manually remove WorldWideVegas.com malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with WorldWideVegas.com.

Read also:
Remove Bancos.FYP Trojan

Posted by anycidahaeqyj9318 at 10:09 PM 0 comments

VBS.Hatred Trojan

Click here to remove VBS.Hatred malware
VBS.Hatred description:
VBS.Hatred Category:Trojan,Backdoor,Downloader,DoS
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
Often the backdoor will not be visible in the log of active programs.
This family of Trojans downloads and installs new malware or adware on the computer.
The downloader then either launches the new malware or registers it to enable autorun
according to the local operating system requirements.

The names and locations of malware to be downloaded are either coded into the
Trojan or downloaded from a specified website.
DoS trojans conduct attacks from a single computer with the consent of the user.

Removing VBS.Hatred:

you can run trial version of ExterminateIt, or remove VBS.Hatred manually.

To completely manually remove VBS.Hatred malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with VBS.Hatred.

Read also:
DelFin.Media.Viewer Trojan Removal
SillyDl.AAA Downloader Removal instruction
Remove Win32.Greenbind.Joiner Trojan

Posted by anycidahaeqyj9318 at 9:48 PM 0 comments

Poxbot Trojan

Click here to remove Poxbot malware
Poxbot description:
Poxbot Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Poxbot:

you can run trial version of ExterminateIt, or remove Poxbot manually.

To completely manually remove Poxbot malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Poxbot.

Read also:
Backdoor.Delf Trojan Information
Monker Adware Information

Posted by anycidahaeqyj9318 at 9:43 PM 0 comments

Agent.te Adware

Click here to remove Agent.te malware
Agent.te description:
Agent.te Category:Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

Removing Agent.te:

you can run trial version of ExterminateIt, or remove Agent.te manually.

To completely manually remove Agent.te malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Agent.te.

Read also:
Removing Pigeon.AVED Trojan
Pigeon.EKD Trojan Information
Lopdotcom Tracking Cookie Cleaner
Bancos.IFN Trojan Cleaner

Posted by anycidahaeqyj9318 at 9:07 PM 0 comments

Apron Hijacker

Click here to remove Apron malware
Apron description:
Apron Category:Hijacker,Downloader
Hijackers are software programs that modify users' default browser home page,
search settings, error page settings, or desktop wallpaper without adequate notice, disclosure,
or user consent.

When the default home page is hijacked, the browser opens to the web page set by the hijacker
instead of the user's designated home page. In some cases, the hijacker may block users from
restoring their desired home page.

A search hijacker redirects search results to other pages and may
transmit search and browsing data to unknown servers. An error page hijacker directs
the browser to another page, usually an advertising page, instead of the usual error
page when the requested URL is not found.

A desktop hijacker replaces the desktop wallpaper with advertising
for products and services on the desktop.

Hijackers take control of various parts of your web browser, including your home page,
search pages, and search bar. They may also redirect you to certain sites should you
mistype an address or prevent you from going to a website they would rather you not,
such as sites that combat malware. Some will even redirect you to their own search engine
when you attempt a search. NB: hijackers almost exclusively target Internet Explorer.
This family of Trojans downloads and installs new malware or adware on the computer.
The downloader then either launches the new malware or registers it to enable autorun
according to the local operating system requirements.

The names and locations of malware to be downloaded are either coded into the
Trojan or downloaded from a specified website.

Removing Apron:

you can run trial version of ExterminateIt, or remove Apron manually.

To completely manually remove Apron malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Apron.

Read also:
Removing Pigeon.ELJ Trojan
Lemir.dk Trojan Removal instruction

Posted by anycidahaeqyj9318 at 7:58 PM 0 comments

Small.gr Downloader

Click here to remove Small.gr malware
Small.gr description:
Small.gr Category:Downloader
The downloader either launches the new malware or registers it to enable autorun
according to the local operating system requirements.

Detection Small.gr :

Small.gr Files:
[%PROFILE%]\applic~1\srytuikb.exe
[%PROFILE%]\applic~1\srytuikb.exe

Removing Small.gr:

you can run trial version of ExterminateIt, or remove Small.gr manually.

To completely manually remove Small.gr malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Small.gr.

Read also:
Riot.AMF Trojan Cleaner
Pigeon.ESM Trojan Cleaner
Fast.Internet.Utility.666b Trojan Cleaner
Shorni Trojan Cleaner

Posted by anycidahaeqyj9318 at 6:25 PM 0 comments

Bancos.GGV Trojan

Click here to remove Bancos.GGV malware
Bancos.GGV description:
Bancos.GGV Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Bancos.GGV:

you can run trial version of ExterminateIt, or remove Bancos.GGV manually.

To completely manually remove Bancos.GGV malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Bancos.GGV.

Read also:
Burger Trojan Cleaner
Cyberloard Trojan Removal
SillyDl.BYD Trojan Cleaner

Posted by anycidahaeqyj9318 at 4:12 PM 0 comments

Exit.Win.Predator Trojan

Click here to remove Exit.Win.Predator malware
Exit.Win.Predator description:
Exit.Win.Predator Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Exit.Win.Predator:

you can run trial version of ExterminateIt, or remove Exit.Win.Predator manually.

To completely manually remove Exit.Win.Predator malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Exit.Win.Predator.

Read also:
Remove KVNab Adware
TrojanDownloader.VBS.Gen Trojan Symptoms
Starware BHO Removal instruction
TrojanDownloader.Stubby Trojan Information
VBS.Bingd Trojan Removal

Posted by anycidahaeqyj9318 at 8:43 AM 0 comments

Koska Trojan

Click here to remove Koska malware
Koska description:
Koska Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Koska:

you can run trial version of ExterminateIt, or remove Koska manually.

To completely manually remove Koska malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Koska.

Read also:
BadBlood Trojan Information
Remove SmitFraud Trojan
PWS.Pexp Trojan Cleaner
Small.na Trojan Symptoms

Posted by anycidahaeqyj9318 at 8:28 AM 0 comments

PWS.QQThief Trojan

Click here to remove PWS.QQThief malware
PWS.QQThief description:
PWS.QQThief Category:Trojan,Hacker Tool
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Exploits use vulnerabilities in operating systems and applications to achieve the same result.

Removing PWS.QQThief:

you can run trial version of ExterminateIt, or remove PWS.QQThief manually.

To completely manually remove PWS.QQThief malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with PWS.QQThief.

Read also:
Remove BJCG Spyware
Chakau.Server Trojan Removal instruction

Posted by anycidahaeqyj9318 at 5:32 AM 0 comments

Win32.Bedrill Trojan

Click here to remove Win32.Bedrill malware
Win32.Bedrill description:
Win32.Bedrill Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Win32.Bedrill:

you can run trial version of ExterminateIt, or remove Win32.Bedrill manually.

To completely manually remove Win32.Bedrill malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Win32.Bedrill.

Read also:
JS.Defhome Trojan Symptoms
Remove Ping.Door Backdoor
Removing Bancos.HOA Trojan
Removing Pigeon.AHL Trojan
Remove Pigeon.ALP Trojan

Posted by anycidahaeqyj9318 at 4:47 AM 0 comments

SafeguardProtect BHO

Click here to remove SafeguardProtect malware
SafeguardProtect description:
SafeguardProtect Category:BHO,Hijacker
As this information is entered by the user, it is captured by the BHO (Browser Helper Object) and
sent back to the attacker.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.Hijackers are software programs that modify users' default browser home page,
search settings, error page settings, or desktop wallpaper without adequate notice, disclosure,
or user consent.

When the default home page is hijacked, the browser opens to the web page set by the hijacker
instead of the user's designated home page. In some cases, the hijacker may block users from
restoring their desired home page.

A search hijacker redirects search results to other pages and may
transmit search and browsing data to unknown servers. An error page hijacker directs
the browser to another page, usually an advertising page, instead of the usual error
page when the requested URL is not found.

A desktop hijacker replaces the desktop wallpaper with advertising
for products and services on the desktop.

Hijackers take control of various parts of your web browser, including your home page,
search pages, and search bar. They may also redirect you to certain sites should you
mistype an address or prevent you from going to a website they would rather you not,
such as sites that combat malware. Some will even redirect you to their own search engine
when you attempt a search. NB: hijackers almost exclusively target Internet Explorer.

Detection SafeguardProtect :

SafeguardProtect Files:
[%SYSTEM%]\64E150A5-0140-4623-9B4B-91E2CD094B85
[%SYSTEM%]\sfg.dll
[%SYSTEM%]\sfg_2908.dll
[%SYSTEM%]\veev1028.dll
[%SYSTEM%]\kdpupd.dll
[%SYSTEM%]\veevo.dll
[%WINDOWS%]\system\kdpupd.dll
[%WINDOWS%]\system\veevo.dll
[%SYSTEM%]\64E150A5-0140-4623-9B4B-91E2CD094B85
[%SYSTEM%]\sfg.dll
[%SYSTEM%]\sfg_2908.dll
[%SYSTEM%]\veev1028.dll
[%SYSTEM%]\kdpupd.dll
[%SYSTEM%]\veevo.dll
[%WINDOWS%]\system\kdpupd.dll
[%WINDOWS%]\system\veevo.dll

SafeguardProtect Registry Keys:
HKEY_CLASSES_ROOT\core.plumber
HKEY_CLASSES_ROOT\core.plumber.1
HKEY_CLASSES_ROOT\typelib\{5556dbc8-e7b3-32f0-bdb5-9b80a0f1f32f}
HKEY_CLASSES_ROOT\clsid\{6cdf3c49-20e6-48d7-811b-9f5dd17f1d90}
HKEY_CLASSES_ROOT\clsid\{6e1c5e3d-a8e6-4a92-820f-bfcfe45ba158}
HKEY_CLASSES_ROOT\clsid\{6e34d984-4054-45e3-8452-0159a2f0d232}
HKEY_CLASSES_ROOT\clsid\{f281ffc7-6c63-4bf9-83f2-ab7a6157b109}
HKEY_CLASSES_ROOT\interface\{3f7b1190-c778-4fcf-b504-848b1e73e981}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{6cdf3c49-20e6-48d7-811b-9f5dd17f1d90}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{6e1c5e3d-a8e6-4a92-820f-bfcfe45ba158}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{6e34d984-4054-45e3-8452-0159a2f0d232}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{f281ffc7-6c63-4bf9-83f2-ab7a6157b109}
HKEY_LOCAL_MACHINE\software\classes\clsid\{6cdf3c49-20e6-48d7-811b-9f5dd17f1d90}
HKEY_LOCAL_MACHINE\software\classes\clsid\{6e1c5e3d-a8e6-4a92-820f-bfcfe45ba158}
HKEY_LOCAL_MACHINE\software\classes\clsid\{6e34d984-4054-45e3-8452-0159a2f0d232}
HKEY_LOCAL_MACHINE\software\classes\clsid\{f281ffc7-6c63-4bf9-83f2-ab7a6157b109}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{6cdf3c49-20e6-48d7-811b-9f5dd17f1d90}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{6e1c5e3d-a8e6-4a92-820f-bfcfe45ba158}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{6e34d984-4054-45e3-8452-0159a2f0d232}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{f281ffc7-6c63-4bf9-83f2-ab7a6157b109}

SafeguardProtect Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\safeguard\library

Removing SafeguardProtect:

you can run trial version of ExterminateIt, or remove SafeguardProtect manually.

To completely manually remove SafeguardProtect malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with SafeguardProtect.

Read also:
Removing FameLeads Tracking Cookie
SillyDl.DND Downloader Removal instruction
SillyDl.DER Trojan Removal instruction

Posted by anycidahaeqyj9318 at 12:05 AM 0 comments

Sunday, January 25, 2009

Back.Orifice.pre Trojan

Click here to remove Back.Orifice.pre malware
Back.Orifice.pre description:
Back.Orifice.pre Category:Trojan,Backdoor,RAT
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
Often the backdoor will not be visible in the log of active programs.
Many trojans and backdoors now have remote administration capabilities
allowing an individual to control the victim's computer.
Many times a file called the server must be opened on the victim's computer before
the trojan can have access to it.

These are generally sent through email, P2P file sharing software,
and in internet downloads. They are usually disguised as a legitimate program or file.
Many server files will display a fake error message when opened, to make it seem like it didn't open.
Some will also kill antivirus and firewall software.

Some RAT trojans are pranks that are most likely being controlled by a friend or enemy on
April Fool's day or a holiday. Prank RATS are generally not harmful, and won't log keystrokes or hack.
They usually do whimsical things like flip the screen upside-down, open the CD-ROM tray,
and swap mouse buttons. However, they can be quite hard to remove.

Removing Back.Orifice.pre:

you can run trial version of ExterminateIt, or remove Back.Orifice.pre manually.

To completely manually remove Back.Orifice.pre malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Back.Orifice.pre.

Read also:
Vxidl.AFO Trojan Cleaner
Tatfo Trojan Cleaner
Surfiage Trojan Cleaner
InjShell RAT Symptoms
Ranky.aa Trojan Information

Posted by anycidahaeqyj9318 at 10:44 PM 0 comments

Win32.StartPage Trojan

Click here to remove Win32.StartPage malware
Win32.StartPage description:
Win32.StartPage Category:Trojan,Hijacker,Toolbar
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Hijackers are software programs that modify users' default browser home page,
search settings, error page settings, or desktop wallpaper without adequate notice, disclosure,
or user consent.
Toolbar presents itself as a helpful add-on for Internet Explorer but it is a real pest.
It replaces your start page, continuosly open a number of pop up windows and so on.

Detection Win32.StartPage :

Win32.StartPage Files:
[%SYSTEM%]\b384cx3z4m.dll
[%SYSTEM%]\pghi.dll
[%WINDOWS%]\system\anilgba.dll
[%SYSTEM%]\b384cx3z4m.dll
[%SYSTEM%]\pghi.dll
[%WINDOWS%]\system\anilgba.dll

Removing Win32.StartPage:

you can run trial version of ExterminateIt, or remove Win32.StartPage manually.

To completely manually remove Win32.StartPage malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Win32.StartPage.

Read also:
Ping.Door Backdoor Removal

Posted by anycidahaeqyj9318 at 10:42 PM 0 comments

VB.ot Trojan

Click here to remove VB.ot malware
VB.ot description:
VB.ot Category:Trojan,Backdoor
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.

Detection VB.ot :

VB.ot Files:
[%WINDOWS%]\zodiac.ico
[%WINDOWS%]\zodiac.ico

VB.ot Folders:
[%DESKTOP%]\get $10 free now at zodiac casino.ico
[%DESKTOP%]\icon\get $10 free now at zodiac casino.ico

VB.ot Registry Values:
HKEY_CURRENT_USER\software\winrar sfx
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\userassist\{75048700-ef1f-11d0-9888-006097deacf9}\count
HKEY_CURRENT_USER\software\winrar sfx

Removing VB.ot:

you can run trial version of ExterminateIt, or remove VB.ot manually.

To completely manually remove VB.ot malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with VB.ot.

Read also:
Poncs Trojan Information

Posted by anycidahaeqyj9318 at 9:43 PM 0 comments

SillyDl.CTX Trojan

Click here to remove SillyDl.CTX malware
SillyDl.CTX description:
SillyDl.CTX Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing SillyDl.CTX:

you can run trial version of ExterminateIt, or remove SillyDl.CTX manually.

To completely manually remove SillyDl.CTX malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with SillyDl.CTX.

Read also:
Remove Tabela Trojan

Posted by anycidahaeqyj9318 at 6:26 PM 0 comments

Kads Trojan

Click here to remove Kads malware
Kads description:
Kads Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Kads:

you can run trial version of ExterminateIt, or remove Kads manually.

To completely manually remove Kads malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Kads.

Read also:
Remove TrojanDownloader.Win32.Webaut Trojan
Win32.DCom Trojan Removal instruction
QZap124 Trojan Symptoms

Posted by anycidahaeqyj9318 at 2:52 PM 0 comments

IEPageHelper Adware

Click here to remove IEPageHelper malware
IEPageHelper description:
IEPageHelper Category:Adware,BHO
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

BHO (Browser Helper Object) Trojan.
The BHO waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.
The method of network transport used by the attacker makes this Trojan unique.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.
Instead, this Trojan encodes the data with a simple XOR algorithm before placing it into
the data section of an ICMP ping packet." explained the company.

Detection IEPageHelper :

IEPageHelper Files:
[%SYSTEM%]\inetdctr.dll
[%WINDOWS%]\system\inetdctr.dll
[%SYSTEM%]\inetdctr.dll
[%WINDOWS%]\system\inetdctr.dll

IEPageHelper Registry Keys:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1C4DA27D-4D52-4465-A089-98E01BB725CA}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6F42CAD-2559-48DF-AF30-89E480AF5DFA}
HKEY_CLASSES_ROOT\clsid\{1c4da27d-4d52-4465-a089-98e01bb725ca}
HKEY_CLASSES_ROOT\clsid\{a6f42cad-2559-48df-af30-89e480af5dfa}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{1c4da27d-4d52-4465-a089-98e01bb725ca}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{a6f42cad-2559-48df-af30-89e480af5dfa}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{1c4da27d-4d52-4465-a089-98e01bb725ca}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{a6f42cad-2559-48df-af30-89e480af5dfa}

Removing IEPageHelper:

you can run trial version of ExterminateIt, or remove IEPageHelper manually.

To completely manually remove IEPageHelper malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with IEPageHelper.

Read also:
Remove Bap Trojan
Remove Vxidl.AXX Trojan
BackDoor.AEZ RAT Removal
Removing Dead Trojan

Posted by anycidahaeqyj9318 at 12:13 PM 0 comments

Keyfop Trojan

Click here to remove Keyfop malware
Keyfop description:
Keyfop Category:Trojan,Spyware
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Spyware programs can collect various types of personal information,
such as Internet surfing habit, sites that have been visited,
but can also interfere with user control of the computer in other ways,
such as installing additional software, redirecting Web browser activity,
accessing websites blindly that will cause more harmful viruses,
or diverting advertising revenue to a third party.

Removing Keyfop:

you can run trial version of ExterminateIt, or remove Keyfop manually.

To completely manually remove Keyfop malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Keyfop.

Read also:
Bilateral Backdoor Symptoms
WinSpy Trojan Cleaner

Posted by anycidahaeqyj9318 at 11:35 AM 0 comments

Small Trojan

Click here to remove Small malware
Small description:
Small Category:Trojan,Adware,Spyware,Worm,Backdoor,Downloader,Hacker Tool,DoS
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

Spyware programs can collect various types of personal information,
such as Internet surfing habit, sites that have been visited,
but can also interfere with user control of the computer in other ways,
such as installing additional software, redirecting Web browser activity,
accessing websites blindly that will cause more harmful viruses,
or diverting advertising revenue to a third party.
Many of the worms which managed to cause significant outbreaks use more then
one propagation method as well as more than one infection technique.

Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
Often the backdoor will not be visible in the log of active programs.
The downloader either launches the new malware or registers it to enable autorun
according to the local operating system requirements.
These utilities are designed to penetrate remote computers
in order to use them as zombies (by using backdoors) or to download other malicious programs to computer.

Exploits use vulnerabilities in operating systems and applications to achieve the same result.
DoS programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.

Detection Small :

Small Files:
[%DESKTOP%]\WinZIP\Password Recovery V3.54\license.txt
[%PROFILE_TEMP%]\winlogon.exe
[%PROGRAM_FILES%]\WinRAR\Advanced Archive Password Recovery 2.20\license.txt
[%SYSTEM%]\insqcb.ins
[%WINDOWS%]\downloaded program files\qabar.inf
[%SYSTEM%]\ldcore.dll
[%SYSTEM%]\ljo.dll
[%SYSTEM%]\mjice.dll
[%SYSTEM%]\msntorms.exe
[%SYSTEM%]\plenb.dll
[%SYSTEM%]\zAskop.dll
[%WINDOWS%]\system\objna.dll
[%DESKTOP%]\WinZIP\Password Recovery V3.54\license.txt
[%PROFILE_TEMP%]\winlogon.exe
[%PROGRAM_FILES%]\WinRAR\Advanced Archive Password Recovery 2.20\license.txt
[%SYSTEM%]\insqcb.ins
[%WINDOWS%]\downloaded program files\qabar.inf
[%SYSTEM%]\ldcore.dll
[%SYSTEM%]\ljo.dll
[%SYSTEM%]\mjice.dll
[%SYSTEM%]\msntorms.exe
[%SYSTEM%]\plenb.dll
[%SYSTEM%]\zAskop.dll
[%WINDOWS%]\system\objna.dll

Small Registry Keys:
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_a-load
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\a-load

Small Registry Values:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop
HKEY_CURRENT_USER\software\microsoft\internet explorer\security
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing Small:

you can run trial version of ExterminateIt, or remove Small manually.

To completely manually remove Small malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Small.

Read also:
IE.Defender Ransomware Information
Remove Stuff DoS

Posted by anycidahaeqyj9318 at 7:58 AM 0 comments

Subot Trojan

Click here to remove Subot malware
Subot description:
Subot Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Subot:

you can run trial version of ExterminateIt, or remove Subot manually.

To completely manually remove Subot malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Subot.

Read also:
Win32.FakeDel Trojan Symptoms
Smurflog Trojan Removal
Removing Rwins RAT
Agent.og Trojan Information
ANSI.Deloss Trojan Symptoms

Posted by anycidahaeqyj9318 at 7:00 AM 0 comments

yesadvertising.com Tracking Cookie

Click here to remove yesadvertising.com malware
yesadvertising.com description:
yesadvertising.com Category:Tracking Cookie
Tracking cookies, like regular cookies, are small files that get deposited
onto your computer's hard drive as you browse the Internet.
Unlike harmless cookies that normally let you use certain websites more easily,
tracking cookies usually collect and report information about what websites you visit
and what you do at those websites.

Removing yesadvertising.com:

you can run trial version of ExterminateIt, or remove yesadvertising.com manually.

To completely manually remove yesadvertising.com malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with yesadvertising.com.

Read also:
Agent.dd Adware Information

Posted by anycidahaeqyj9318 at 6:55 AM 0 comments

Win32.Gichty DoS

Click here to remove Win32.Gichty malware
Win32.Gichty description:
Win32.Gichty Category:DoS
DoS programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.

Removing Win32.Gichty:

you can run trial version of ExterminateIt, or remove Win32.Gichty manually.

To completely manually remove Win32.Gichty malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Win32.Gichty.

Read also:
Removing TrojanDownloader.Win32.VB.cn Downloader
Bancos.FVK Trojan Symptoms
Removing Ehaha Trojan
Win32.Stupen.joke Trojan Information
Remove Pigeon.AVAN Trojan

Posted by anycidahaeqyj9318 at 6:27 AM 0 comments

Tefut Trojan

Click here to remove Tefut malware
Tefut description:
Tefut Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Tefut:

you can run trial version of ExterminateIt, or remove Tefut manually.

To completely manually remove Tefut malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Tefut.

Read also:
Lapidario Trojan Symptoms
VBS Trojan Cleaner
SillyDl.DHX Trojan Information
SillyDl.CTY Trojan Symptoms

Posted by anycidahaeqyj9318 at 4:58 AM 0 comments

GURL.Watcher Spyware

Click here to remove GURL.Watcher malware
GURL.Watcher description:
GURL.Watcher Category:Spyware
Spyware can even change computer settings, resulting in slow connection speeds,
different home pages, and loss of Internet or other programs.
In an attempt to increase the understanding of spyware, a more formal classification
of its included software types is captured under the term privacy-invasive software.

Removing GURL.Watcher:

you can run trial version of ExterminateIt, or remove GURL.Watcher manually.

To completely manually remove GURL.Watcher malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with GURL.Watcher.

Read also:
WM.Chat.System RAT Cleaner
Leggi.Messaggi Adware Information
Pigeon.AQS Trojan Removal

Posted by anycidahaeqyj9318 at 4:36 AM 0 comments

Pigeon.AVFQ Trojan

Click here to remove Pigeon.AVFQ malware
Pigeon.AVFQ description:
Pigeon.AVFQ Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Pigeon.AVFQ:

you can run trial version of ExterminateIt, or remove Pigeon.AVFQ manually.

To completely manually remove Pigeon.AVFQ malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Pigeon.AVFQ.

Read also:
Remove SillyDl.CZU Trojan
Foofle Trojan Removal instruction

Posted by anycidahaeqyj9318 at 2:07 AM 0 comments

Lobster Downloader

Click here to remove Lobster malware
Lobster description:
Lobster Category:Downloader
This family of Trojans downloads and installs new malware or adware on the computer.
The downloader then either launches the new malware or registers it to enable autorun
according to the local operating system requirements.

The names and locations of malware to be downloaded are either coded into the
Trojan or downloaded from a specified website.

Detection Lobster :

Lobster Files:
[%PROFILE_TEMP%]\winpkt\Packet.dll
[%SYSTEM%]\prviowfk.pax
[%PROFILE_TEMP%]\winpkt\Packet.dll
[%SYSTEM%]\prviowfk.pax

Removing Lobster:

you can run trial version of ExterminateIt, or remove Lobster manually.

To completely manually remove Lobster malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Lobster.

Read also:
DBKiller.LameToy.11a Trojan Information
Mau Trojan Cleaner

Posted by anycidahaeqyj9318 at 12:33 AM 0 comments

Saturday, January 24, 2009

Vxidl.AON Trojan

Click here to remove Vxidl.AON malware
Vxidl.AON description:
Vxidl.AON Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Vxidl.AON:

you can run trial version of ExterminateIt, or remove Vxidl.AON manually.

To completely manually remove Vxidl.AON malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Vxidl.AON.

Read also:
Musanub Trojan Removal
Removing Wuzhil Trojan
Remove Bancos.HZU Trojan

Posted by anycidahaeqyj9318 at 8:12 PM 0 comments

Bancos.IGF Trojan

Click here to remove Bancos.IGF malware
Bancos.IGF description:
Bancos.IGF Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Bancos.IGF:

you can run trial version of ExterminateIt, or remove Bancos.IGF manually.

To completely manually remove Bancos.IGF malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Bancos.IGF.

Read also:
Bancos.DDC Trojan Information
Remove Dcmbot Trojan

Posted by anycidahaeqyj9318 at 7:43 PM 0 comments

Merro Trojan

Click here to remove Merro malware
Merro description:
Merro Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Merro:

you can run trial version of ExterminateIt, or remove Merro manually.

To completely manually remove Merro malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Merro.

Read also:
Removing BlueBoy Trojan
Win32.DlFeer Downloader Removal instruction
Pigeon.EES Trojan Information

Posted by anycidahaeqyj9318 at 6:52 PM 0 comments

Tunnel Trojan

Click here to remove Tunnel malware
Tunnel description:
Tunnel Category:Trojan,Backdoor
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Backdoors combine the functionality of most other types of in one package.
Backdoors have one especially dangerous sub-class: variants that can propagate like worms.

Removing Tunnel:

you can run trial version of ExterminateIt, or remove Tunnel manually.

To completely manually remove Tunnel malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Tunnel.

Read also:
ClausulaDialer Adware Symptoms
HideIt Trojan Removal
Zlob.Fam.VideoBox Trojan Removal
Phishbank.AQE Trojan Symptoms
WordMacro.Concept Trojan Symptoms

Posted by anycidahaeqyj9318 at 6:33 PM 0 comments

Bancos.FVW Trojan

Click here to remove Bancos.FVW malware
Bancos.FVW description:
Bancos.FVW Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Bancos.FVW:

you can run trial version of ExterminateIt, or remove Bancos.FVW manually.

To completely manually remove Bancos.FVW malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Bancos.FVW.

Read also:
Pigeon.APK Trojan Symptoms

Posted by anycidahaeqyj9318 at 6:23 PM 0 comments

Aircop.Dropper Trojan

Click here to remove Aircop.Dropper malware
Aircop.Dropper description:
Aircop.Dropper Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Aircop.Dropper:

you can run trial version of ExterminateIt, or remove Aircop.Dropper manually.

To completely manually remove Aircop.Dropper malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Aircop.Dropper.

Read also:
Cyclone DoS Cleaner
Vxidl.ABA Trojan Symptoms
Tripod Tracking Cookie Cleaner
Rsbot Trojan Removal instruction
MSNRat Backdoor Cleaner

Posted by anycidahaeqyj9318 at 5:55 PM 0 comments

InLook.01c Backdoor

Click here to remove InLook.01c malware
InLook.01c description:
InLook.01c Category:Backdoor
Backdoors combine the functionality of most other types of in one package.
Backdoors have one especially dangerous sub-class: variants that can propagate like worms.

Removing InLook.01c:

you can run trial version of ExterminateIt, or remove InLook.01c manually.

To completely manually remove InLook.01c malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with InLook.01c.

Read also:
NOT.Pest Adware Removal
Lineage.ACL Trojan Removal
Removing Conferox Trojan

Posted by anycidahaeqyj9318 at 5:24 PM 0 comments

AsbMay Backdoor

Click here to remove AsbMay malware
AsbMay description:
AsbMay Category:Backdoor
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
They function in the same way as legal remote administration programs used by system administrators.
This makes them difficult to detect.

Backdoors are installed and launched without the consent of the user of computer.
Often the backdoor will not be visible in the log of active programs.

Once a backdoor has been successfully launched, the computer is wide open.
Backdoor functions can include:


  • Launching/ deleting files

  • Sending/ receiving files

  • Deleting data

  • Displaying notification

  • Rebooting the machine

  • Executing files




Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.
Backdoors combine the functionality of most other types of in one package.

Backdoors have one especially dangerous sub-class: variants that can propagate like worms.

Detection AsbMay :

AsbMay Files:
[%WINDOWS%]\OF.sys
[%WINDOWS%]\OF.sys

AsbMay Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing AsbMay:

you can run trial version of ExterminateIt, or remove AsbMay manually.

To completely manually remove AsbMay malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with AsbMay.

Read also:
FirstCash.Websearch Adware Information
Havar Trojan Symptoms
Vxidl.BBF Trojan Symptoms

Posted by anycidahaeqyj9318 at 1:59 PM 0 comments

ANSI.Bombing Worm

Click here to remove ANSI.Bombing malware
ANSI.Bombing description:
ANSI.Bombing Category:Worm
Many of the worms which managed to cause significant outbreaks use more then
one propagation method as well as more than one infection technique.

Removing ANSI.Bombing:

you can run trial version of ExterminateIt, or remove ANSI.Bombing manually.

To completely manually remove ANSI.Bombing malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with ANSI.Bombing.

Read also:
Pigeon.ANQ Trojan Symptoms
Pigeon.AQE Trojan Cleaner

Posted by anycidahaeqyj9318 at 12:23 PM 0 comments

Agobot.ht Backdoor

Click here to remove Agobot.ht malware
Agobot.ht description:
Agobot.ht Category:Backdoor
Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.

Removing Agobot.ht:

you can run trial version of ExterminateIt, or remove Agobot.ht manually.

To completely manually remove Agobot.ht malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Agobot.ht.

Read also:
AmigaAnywhere Backdoor Symptoms
Remove Bancos.GQJ Trojan

Posted by anycidahaeqyj9318 at 9:35 AM 0 comments

Win32.Terrorist Trojan

Click here to remove Win32.Terrorist malware
Win32.Terrorist description:
Win32.Terrorist Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Win32.Terrorist:

you can run trial version of ExterminateIt, or remove Win32.Terrorist manually.

To completely manually remove Win32.Terrorist malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Win32.Terrorist.

Read also:
Comforest Trojan Removal instruction
SillyDl.CND Trojan Information
Remove Bancos.HKM Trojan
Win32.PWS.Barrio.DLL Trojan Information

Posted by anycidahaeqyj9318 at 9:04 AM 0 comments

SillyDl.DPF Trojan

Click here to remove SillyDl.DPF malware
SillyDl.DPF description:
SillyDl.DPF Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing SillyDl.DPF:

you can run trial version of ExterminateIt, or remove SillyDl.DPF manually.

To completely manually remove SillyDl.DPF malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with SillyDl.DPF.

Read also:
AOL.PS.hp Trojan Removal instruction
Win32.Jinmoze Trojan Symptoms

Posted by anycidahaeqyj9318 at 8:47 AM 0 comments

ZetaMail.Mail.POP3.SMTP.Server.Win98.NT.Denial.of.Service DoS

Click here to remove ZetaMail.Mail.POP3.SMTP.Server.Win98.NT.Denial.of.Service malware
ZetaMail.Mail.POP3.SMTP.Server.Win98.NT.Denial.of.Service description:
ZetaMail.Mail.POP3.SMTP.Server.Win98.NT.Denial.of.Service Category:DoS
DoS trojans conduct attacks from a single computer with the consent of the user.

Removing ZetaMail.Mail.POP3.SMTP.Server.Win98.NT.Denial.of.Service:

you can run trial version of ExterminateIt, or remove ZetaMail.Mail.POP3.SMTP.Server.Win98.NT.Denial.of.Service manually.

To completely manually remove ZetaMail.Mail.POP3.SMTP.Server.Win98.NT.Denial.of.Service malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with ZetaMail.Mail.POP3.SMTP.Server.Win98.NT.Denial.of.Service.

Read also:
Pigeon.ADJ Trojan Cleaner
PAL.KeyLogPro Spyware Removal instruction
IstBar.ak Downloader Information

Posted by anycidahaeqyj9318 at 5:12 AM 0 comments

small.aly Downloader

Click here to remove small.aly malware
small.aly description:
small.aly Category:Downloader
The downloader either launches the new malware or registers it to enable autorun
according to the local operating system requirements.

Removing small.aly:

you can run trial version of ExterminateIt, or remove small.aly manually.

To completely manually remove small.aly malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with small.aly.

Read also:
WDonn Trojan Cleaner

Posted by anycidahaeqyj9318 at 4:03 AM 0 comments

Web.Rebates Adware

Click here to remove Web.Rebates malware
Web.Rebates description:
Web.Rebates Category:Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits

Detection Web.Rebates :

Web.Rebates Files:
[%PROFILE_TEMP%]\jkill.exe
[%PROFILE_TEMP%]\temp.fr????\webrebates.dll
[%PROFILE_TEMP%]\temp.fr????\websrebates\websrebates\weblrebates.dat
[%PROFILE_TEMP%]\temp.fr????\websrebates\websrebates\webprebates.dat
[%PROFILE_TEMP%]\temp.fr????\websrebates\websrebates\websrebates.dat
[%PROFILE_TEMP%]\webrebates.exe
[%PROGRAM_FILES%]\WebRebates4\w11150.exe
[%PROGRAM_FILES%]\WebRebates4\webrebates.dll
[%PROGRAM_FILES%]\WebRebates4\webrebates.exe
[%PROGRAM_FILES%]\WebRebates4\webrebates2.dll
[%WINDOWS%]\Temp\webrebates.exe
[%PROFILE_TEMP%]\jkill.exe
[%PROFILE_TEMP%]\temp.fr????\webrebates.dll
[%PROFILE_TEMP%]\temp.fr????\websrebates\websrebates\weblrebates.dat
[%PROFILE_TEMP%]\temp.fr????\websrebates\websrebates\webprebates.dat
[%PROFILE_TEMP%]\temp.fr????\websrebates\websrebates\websrebates.dat
[%PROFILE_TEMP%]\webrebates.exe
[%PROGRAM_FILES%]\WebRebates4\w11150.exe
[%PROGRAM_FILES%]\WebRebates4\webrebates.dll
[%PROGRAM_FILES%]\WebRebates4\webrebates.exe
[%PROGRAM_FILES%]\WebRebates4\webrebates2.dll
[%WINDOWS%]\Temp\webrebates.exe

Web.Rebates Folders:
[%PROGRAM_FILES%]\webrebates4
[%PROGRAM_FILES%]\web_rebates

Web.Rebates Registry Keys:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\untopr11150
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\untopr1150

Web.Rebates Registry Values:
HKEY_CURRENT_USER\software\microsoft\internet explorer\new windows\allow
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce

Removing Web.Rebates:

you can run trial version of ExterminateIt, or remove Web.Rebates manually.

To completely manually remove Web.Rebates malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Web.Rebates.

Read also:
Removing Bancos.IGM Trojan

Posted by anycidahaeqyj9318 at 1:07 AM 0 comments

Friday, January 23, 2009

Silent.Chaos DoS

Click here to remove Silent.Chaos malware
Silent.Chaos description:
Silent.Chaos Category:DoS
DoS trojans conduct attacks from a single computer with the consent of the user.

Removing Silent.Chaos:

you can run trial version of ExterminateIt, or remove Silent.Chaos manually.

To completely manually remove Silent.Chaos malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Silent.Chaos.

Read also:
Removing Pigeon.ADL Trojan
TrojanDownloader.Win32.Agent.eb Trojan Cleaner
ControlTotal.k[2] Backdoor Cleaner

Posted by anycidahaeqyj9318 at 11:05 PM 0 comments

BrowserAid.Startium BHO

Click here to remove BrowserAid.Startium malware
BrowserAid.Startium description:
BrowserAid.Startium Category:BHO,Toolbar
As this information is entered by the user, it is captured by the BHO (Browser Helper Object) and
sent back to the attacker.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.Toolbar presents itself as a helpful add-on for Internet Explorer but it is a real pest.

Detection BrowserAid.Startium :

BrowserAid.Startium Files:
[%SYSTEM%]\stlbupdt.dll
[%DESKTOP%]\mypcsearch.lnk
[%SYSTEM%]\stlbad123.dll
[%SYSTEM%]\stlbdist.dll
[%WINDOWS%]\mwsvm.dat
[%WINDOWS%]\system\stlbad123.dll
[%WINDOWS%]\system\stlbdist.dll
[%WINDOWS%]\system\stlbupdt.dll
[%SYSTEM%]\stlbupdt.dll
[%DESKTOP%]\mypcsearch.lnk
[%SYSTEM%]\stlbad123.dll
[%SYSTEM%]\stlbdist.dll
[%WINDOWS%]\mwsvm.dat
[%WINDOWS%]\system\stlbad123.dll
[%WINDOWS%]\system\stlbdist.dll
[%WINDOWS%]\system\stlbupdt.dll

BrowserAid.Startium Registry Keys:
HKEY_CLASSES_ROOT\clsid\{2cf0b992-5eeb-4143-99c0-5297ef71f44a}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{2cf0b992-5eeb-4143-99c0-5297ef71f443}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{2cf0b992-5eeb-4143-99c0-5297ef71f444}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{2cf0b992-5eeb-4143-99c0-5297ef71f44a}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{2cf0b992-5eeb-4143-99c2-5297ef71f44a}
HKEY_LOCAL_MACHINE\software\classes\clsid\{2cf0b992-5eeb-4143-99c0-5297ef71f443}
HKEY_LOCAL_MACHINE\software\classes\clsid\{2cf0b992-5eeb-4143-99c0-5297ef71f444}
HKEY_LOCAL_MACHINE\software\classes\clsid\{2cf0b992-5eeb-4143-99c0-5297ef71f44a}
HKEY_LOCAL_MACHINE\software\classes\clsid\{2cf0b992-5eeb-4143-99c2-5297ef71f44a}
HKEY_LOCAL_MACHINE\software\classes\clsid\{2cf0b992-5eeb-4143-99c2-5297ef71f44b}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{2cf0b992-5eeb-4143-99c0-5297ef71f444}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{2cf0b992-5eeb-4143-99c0-5297ef71f44a}

BrowserAid.Startium Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing BrowserAid.Startium:

you can run trial version of ExterminateIt, or remove BrowserAid.Startium manually.

To completely manually remove BrowserAid.Startium malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with BrowserAid.Startium.

Read also:
Univ.gr5 Trojan Symptoms
Chopham Trojan Information
NukeWar Trojan Removal instruction

Posted by anycidahaeqyj9318 at 6:15 PM 0 comments

WinF**k Trojan

Click here to remove WinF**k malware
WinF**k description:
WinF**k Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing WinF**k:

you can run trial version of ExterminateIt, or remove WinF**k manually.

To completely manually remove WinF**k malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with WinF**k.

Read also:
Removing Bancos.GLA Trojan
Bancos.GIM Trojan Removal instruction
Removing Pigeon.AVAV Trojan

Posted by anycidahaeqyj9318 at 5:07 PM 0 comments

VB.yq Backdoor

Click here to remove VB.yq malware
VB.yq description:
VB.yq Category:Backdoor
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
Often the backdoor will not be visible in the log of active programs.

Removing VB.yq:

you can run trial version of ExterminateIt, or remove VB.yq manually.

To completely manually remove VB.yq malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with VB.yq.

Read also:
Bancos.GEZ Trojan Cleaner
Bancos.IDD Trojan Cleaner
Win32.GoBind Trojan Information

Posted by anycidahaeqyj9318 at 3:48 PM 0 comments

Win32.FormMail DoS

Click here to remove Win32.FormMail malware
Win32.FormMail description:
Win32.FormMail Category:DoS
These programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.

DoS trojans conduct such attacks from a single computer with the consent of the user.

Worms can carry a DoS procedure as part of their payload.

Removing Win32.FormMail:

you can run trial version of ExterminateIt, or remove Win32.FormMail manually.

To completely manually remove Win32.FormMail malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Win32.FormMail.

Read also:
Computer.Spying.System.Server Spyware Removal
Vxidl.AUQ Trojan Symptoms
dyndns.info Tracking Cookie Symptoms
Remove Bat.Virusm Trojan

Posted by anycidahaeqyj9318 at 1:38 PM 0 comments

SexArena Trojan

Click here to remove SexArena malware
SexArena description:
SexArena Category:Trojan,Adware,Hijacker
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
Hijackers take control of various parts of your web browser, including your home page,
search pages, and search bar. They may also redirect you to certain sites should you
mistype an address or prevent you from going to a website they would rather you not,
such as sites that combat malware. Some will even redirect you to their own search engine
when you attempt a search.

Removing SexArena:

you can run trial version of ExterminateIt, or remove SexArena manually.

To completely manually remove SexArena malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with SexArena.

Read also:
Delf.hf Backdoor Removal instruction

Posted by anycidahaeqyj9318 at 1:21 PM 0 comments

Zlob.Fam.Internet Security Trojan

Click here to remove Zlob.Fam.Internet Security malware
Zlob.Fam.Internet Security description:
Zlob.Fam.Internet Security Category:Trojan,Popups
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Adware is the class of programs that place advertisements on your screen.
These may be in the form of pop-ups, pop-unders, advertisements embedded in programs,
advertisements placed on top of ads in web sites, or any other way the authors can
think of showing you an ad.

The pop-ups generally will not be stopped by pop-up stoppers, and often are
not dependent on your having Internet Explorer open.
They may show up when you are playing a game, writing a document, listening to music,
or anything else. Should you be surfing, the advertisements will often be related to
the web page you are viewing.

Detection Zlob.Fam.Internet Security :

Zlob.Fam.Internet Security Folders:
[%PROGRAM_FILES%]\Internet Security
[%PROGRAM_FILES%]\Video Access ActiveX Object

Zlob.Fam.Internet Security Registry Keys:
HKEY_CURRENT_USER\Software\Internet Security
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video Access ActiveX Object

Removing Zlob.Fam.Internet Security:

you can run trial version of ExterminateIt, or remove Zlob.Fam.Internet Security manually.

To completely manually remove Zlob.Fam.Internet Security malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Zlob.Fam.Internet Security.

Read also:
Gas.Gripe Trojan Cleaner

Posted by anycidahaeqyj9318 at 1:01 PM 0 comments

Win32.WDonn Downloader

Click here to remove Win32.WDonn malware
Win32.WDonn description:
Win32.WDonn Category:Downloader
Trojans-downloaders downloads and installs new malware or adware on the computer.

Removing Win32.WDonn:

you can run trial version of ExterminateIt, or remove Win32.WDonn manually.

To completely manually remove Win32.WDonn malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Win32.WDonn.

Read also:
Vxidl.AYI Trojan Symptoms

Posted by anycidahaeqyj9318 at 12:16 PM 0 comments

Orach Trojan

Click here to remove Orach malware
Orach description:
Orach Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Orach:

you can run trial version of ExterminateIt, or remove Orach manually.

To completely manually remove Orach malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Orach.

Read also:
Removing Playgame Trojan
Backdoor.DOOR.E!Server Trojan Symptoms
Removing Stealth Trojan

Posted by anycidahaeqyj9318 at 4:47 AM 0 comments

Thursday, January 22, 2009

SillyDl.DHY Trojan

Click here to remove SillyDl.DHY malware
SillyDl.DHY description:
SillyDl.DHY Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Detection SillyDl.DHY :

SillyDl.DHY Files:
[%SYSTEM%]\Att.xpt
[%SYSTEM%]\ischot.exe
[%SYSTEM%]\mscheld.xpt
[%SYSTEM%]\MscheldB.exe
[%SYSTEM%]\MscheldBra.exe
[%SYSTEM%]\MscheldBra2.exe
[%SYSTEM%]\Mscheldncx.scr
[%SYSTEM%]\Mscheldork.scr
[%SYSTEM%]\msnnet.exe
[%SYSTEM%]\zt3.exe
[%WINDOWS%]\MscheldB.ocx
[%WINDOWS%]\MscheldBra.ocx
[%WINDOWS%]\MscheldBra2.ocx
[%WINDOWS%]\netstart.ocx
[%SYSTEM%]\Att.xpt
[%SYSTEM%]\ischot.exe
[%SYSTEM%]\mscheld.xpt
[%SYSTEM%]\MscheldB.exe
[%SYSTEM%]\MscheldBra.exe
[%SYSTEM%]\MscheldBra2.exe
[%SYSTEM%]\Mscheldncx.scr
[%SYSTEM%]\Mscheldork.scr
[%SYSTEM%]\msnnet.exe
[%SYSTEM%]\zt3.exe
[%WINDOWS%]\MscheldB.ocx
[%WINDOWS%]\MscheldBra.ocx
[%WINDOWS%]\MscheldBra2.ocx
[%WINDOWS%]\netstart.ocx

Removing SillyDl.DHY:

you can run trial version of ExterminateIt, or remove SillyDl.DHY manually.

To completely manually remove SillyDl.DHY malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with SillyDl.DHY.

Read also:
Remove No.Hope Trojan
Is.My.Mate.Cheating.Online Spyware Removal instruction

Posted by anycidahaeqyj9318 at 10:16 PM 0 comments

Alureon Trojan

Click here to remove Alureon malware
Alureon description:
Alureon Category:Trojan,BHO,Hijacker,Downloader
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
BHO (Browser Helper Object) Trojan.
The BHO waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.
The method of network transport used by the attacker makes this Trojan unique.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.
Instead, this Trojan encodes the data with a simple XOR algorithm before placing it into
the data section of an ICMP ping packet." explained the company.
When the default home page is hijacked, the browser opens to the web page set by the hijacker
instead of the user's designated home page. In some cases, the hijacker may block users from
restoring their desired home page.
The downloader either launches the new malware or registers it to enable autorun
according to the local operating system requirements.

Detection Alureon :

Alureon Files:
[%LOCAL_APPDATA%]\Temp\~nsu.tmp\Au_.exe
[%SYSTEM%]\winnet.dll
[%WINDOWS%]\image.dll
[%DESKTOP%]\asd3.dll
[%DESKTOP%]\playercodec1000.exe
[%DESKTOP%]\tbar.exe
[%FAVORITES%]\!!! exclusive youngest porn !!!.url
[%FAVORITES%]\censored youngest porn.url
[%FAVORITES%]\free hidden cams world.url
[%FAVORITES%]\free spy cam.url
[%FAVORITES%]\free web cams chats.url
[%FAVORITES%]\free xxx pics & movies.url
[%FAVORITES%]\fresh xxx pics & movie.url
[%FAVORITES%]\get this 4 free.url
[%FAVORITES%]\super xxx pics.url
[%FAVORITES%]\young masha sucking huge dick until her lips teared open.url
[%FAVORITES%]\~ fully categories porn database. enjoy!.url
[%FAVORITES%]\~ new porn pics everyday.url
[%PROGRAMS%]\FreeVideo\Uninstall.lnk
[%SYSTEM%]\dmcal.exe
[%SYSTEM%]\dmfap.exe
[%SYSTEM%]\dmfsg.exe
[%SYSTEM%]\dmrfp.exe
[%SYSTEM%]\dmthp.exe
[%SYSTEM%]\kddmx.exe
[%SYSTEM%]\kdoxr.exe
[%SYSTEM%]\mlwlr.exe
[%SYSTEM%]\msmk.dll
[%SYSTEM%]\nzbxn.exe
[%SYSTEM%]\sysobjwertb.dll
[%SYSTEM%]\wmstrbum.exe
[%WINDOWS%]\cracrwinz.exe
[%WINDOWS%]\msew\msew32.dll
[%WINDOWS%]\msew\msiesh.dll
[%WINDOWS%]\msew\mssearch.dll
[%WINDOWS%]\tromomwin32.exe
[%LOCAL_APPDATA%]\Temp\~nsu.tmp\Au_.exe
[%SYSTEM%]\winnet.dll
[%WINDOWS%]\image.dll
[%DESKTOP%]\asd3.dll
[%DESKTOP%]\playercodec1000.exe
[%DESKTOP%]\tbar.exe
[%FAVORITES%]\!!! exclusive youngest porn !!!.url
[%FAVORITES%]\censored youngest porn.url
[%FAVORITES%]\free hidden cams world.url
[%FAVORITES%]\free spy cam.url
[%FAVORITES%]\free web cams chats.url
[%FAVORITES%]\free xxx pics & movies.url
[%FAVORITES%]\fresh xxx pics & movie.url
[%FAVORITES%]\get this 4 free.url
[%FAVORITES%]\super xxx pics.url
[%FAVORITES%]\young masha sucking huge dick until her lips teared open.url
[%FAVORITES%]\~ fully categories porn database. enjoy!.url
[%FAVORITES%]\~ new porn pics everyday.url
[%PROGRAMS%]\FreeVideo\Uninstall.lnk
[%SYSTEM%]\dmcal.exe
[%SYSTEM%]\dmfap.exe
[%SYSTEM%]\dmfsg.exe
[%SYSTEM%]\dmrfp.exe
[%SYSTEM%]\dmthp.exe
[%SYSTEM%]\kddmx.exe
[%SYSTEM%]\kdoxr.exe
[%SYSTEM%]\mlwlr.exe
[%SYSTEM%]\msmk.dll
[%SYSTEM%]\nzbxn.exe
[%SYSTEM%]\sysobjwertb.dll
[%SYSTEM%]\wmstrbum.exe
[%WINDOWS%]\cracrwinz.exe
[%WINDOWS%]\msew\msew32.dll
[%WINDOWS%]\msew\msiesh.dll
[%WINDOWS%]\msew\mssearch.dll
[%WINDOWS%]\tromomwin32.exe

Alureon Folders:
[%PROGRAMS%]\HQvideo
[%PROGRAMS%]\MovieBox
[%PROGRAMS%]\PornoPlayer
[%PROGRAMS%]\VideoBox
[%PROGRAMS%]\VideoPlugin
[%PROGRAMS%]\XXXAccess
[%PROGRAMS%]\XXXPlugin
[%PROGRAM_FILES%]\FreeVideo
[%PROGRAM_FILES%]\HQvideo
[%PROGRAM_FILES%]\MovieBox
[%PROGRAM_FILES%]\PornoPlayer
[%PROGRAM_FILES%]\VideoBox
[%PROGRAM_FILES%]\VideoPlugin
[%PROGRAM_FILES%]\XXXAccess
[%PROGRAM_FILES%]\XXXPlugin
[%PROGRAMS%]\SelectiveAdmission
[%PROGRAM_FILES%]\SelectiveAdmission
[%PROGRAM_FILES%]\WinMsg

Alureon Registry Keys:
HKEY_CLASSES_ROOT\freevideo
HKEY_CLASSES_ROOT\HQvideo
HKEY_CLASSES_ROOT\MovieBox
HKEY_CLASSES_ROOT\pornoplayer
HKEY_CLASSES_ROOT\VideoBox
HKEY_CLASSES_ROOT\videoplugin
HKEY_CLASSES_ROOT\xxxaccess
HKEY_CLASSES_ROOT\xxxplugin
HKEY_CURRENT_USER\software\freevideo
HKEY_CURRENT_USER\Software\HQvideo
HKEY_CURRENT_USER\Software\MovieBox
HKEY_CURRENT_USER\software\pornoplayer
HKEY_CURRENT_USER\Software\VideoBox
HKEY_CURRENT_USER\software\videoplugin
HKEY_CURRENT_USER\software\xxxaccess
HKEY_CURRENT_USER\software\xxxplugin
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FreeVideo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VideoBox
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\videoplugin
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\xxxplugin
HKEY_CLASSES_ROOT\clsid\{85cbfde0-b26b-4ee5-bd3c-4de111de763e}
HKEY_CLASSES_ROOT\hqvideo
HKEY_CLASSES_ROOT\moviebox
HKEY_CLASSES_ROOT\selectiveadmission
HKEY_CLASSES_ROOT\videobox
HKEY_CURRENT_USER\software\hqvideo
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\_r
HKEY_CURRENT_USER\software\moviebox
HKEY_CURRENT_USER\software\selectiveadmission
HKEY_CURRENT_USER\software\videobox
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversino\uninstall\moviebox
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversino\uninstall\pornoplayer
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{85cbfde0-b26b-4ee5-bd3c-4de111de763e}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\freevideo
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\selectiveadmission
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\videobox
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\xxxaccess
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\windows management service

Alureon Registry Values:
HKEY_CURRENT_USER\software\microsoft\internet explorer\urlsearchhooks
HKEY_CURRENT_USER\software\microsoft\windows\currentversion
HKEY_CURRENT_USER\software\microsoft\windows\currentversion
HKEY_CURRENT_USER\software\microsoft\windows\currentversion
HKEY_CURRENT_USER\software\microsoft\windows\currentversion
HKEY_CURRENT_USER\software\microsoft\windows\currentversion
HKEY_CURRENT_USER\software\microsoft\windows\currentversion
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\searchbar
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{9c830788-3ef6-4c70-8fce-1e890dc53533}, dhcpnameserver=85.255.115.42
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{9c830788-3ef6-4c70-8fce-1e890dc53533}, dhcpnameserver=85.255.115.82
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{9c830788-3ef6-4c70-8fce-1e890dc53533}, nameserver=85.255.115.82

Removing Alureon:

you can run trial version of ExterminateIt, or remove Alureon manually.

To completely manually remove Alureon malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Alureon.

Read also:
Remove Starimp Trojan
Bancos.HTY Trojan Cleaner
Win32.Nulnuler Trojan Removal

Posted by anycidahaeqyj9318 at 9:31 PM 0 comments

Kazzy Backdoor

Click here to remove Kazzy malware
Kazzy description:
Kazzy Category:Backdoor
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
Often the backdoor will not be visible in the log of active programs.

Detection Kazzy :

Kazzy Files:
[%SYSTEM%]\mssocks.exe
[%SYSTEM%]\mssocks.exe

Removing Kazzy:

you can run trial version of ExterminateIt, or remove Kazzy manually.

To completely manually remove Kazzy malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Kazzy.

Read also:
Dowque.AFJ Trojan Information
Vxidl.AYF Trojan Removal

Posted by anycidahaeqyj9318 at 6:23 PM 0 comments

Lamer.Booter DoS

Click here to remove Lamer.Booter malware
Lamer.Booter description:
Lamer.Booter Category:DoS
DoS trojans conduct attacks from a single computer with the consent of the user.

Removing Lamer.Booter:

you can run trial version of ExterminateIt, or remove Lamer.Booter manually.

To completely manually remove Lamer.Booter malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Lamer.Booter.

Read also:
SillyDl.DND Downloader Removal
Remove Lesbian.Frenzy Trojan
Predator Trojan Cleaner

Posted by anycidahaeqyj9318 at 5:12 PM 0 comments

Agent.og Trojan

Click here to remove Agent.og malware
Agent.og description:
Agent.og Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Agent.og:

you can run trial version of ExterminateIt, or remove Agent.og manually.

To completely manually remove Agent.og malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Agent.og.

Read also:
Insteax Trojan Information

Posted by anycidahaeqyj9318 at 3:11 PM 0 comments

Bancos.IEM Trojan

Click here to remove Bancos.IEM malware
Bancos.IEM description:
Bancos.IEM Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Bancos.IEM:

you can run trial version of ExterminateIt, or remove Bancos.IEM manually.

To completely manually remove Bancos.IEM malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Bancos.IEM.

Read also:
Remove Pigeon.AUP Trojan
Plimp Trojan Information
Removing Surrender Trojan

Posted by anycidahaeqyj9318 at 3:00 PM 0 comments

Phishbank.AVZ Trojan

Click here to remove Phishbank.AVZ malware
Phishbank.AVZ description:
Phishbank.AVZ Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Phishbank.AVZ:

you can run trial version of ExterminateIt, or remove Phishbank.AVZ manually.

To completely manually remove Phishbank.AVZ malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Phishbank.AVZ.

Read also:
Noshare Trojan Information
Pigeon.AUZY Trojan Removal instruction
Mich Trojan Symptoms

Posted by anycidahaeqyj9318 at 11:40 AM 0 comments

Coldfeet Trojan

Click here to remove Coldfeet malware
Coldfeet description:
Coldfeet Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Coldfeet:

you can run trial version of ExterminateIt, or remove Coldfeet manually.

To completely manually remove Coldfeet malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Coldfeet.

Read also:
Ipflood Trojan Symptoms
MainEntryPoint Tracking Cookie Information

Posted by anycidahaeqyj9318 at 9:49 AM 0 comments

Skc Trojan

Click here to remove Skc malware
Skc description:
Skc Category:Trojan,Hacker Tool
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
These utilities are designed to penetrate remote computers
in order to use them as zombies (by using backdoors) or to download other malicious programs to computer.

Exploits use vulnerabilities in operating systems and applications to achieve the same result.

Removing Skc:

you can run trial version of ExterminateIt, or remove Skc manually.

To completely manually remove Skc malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Skc.

Read also:
Pigeon.AVPU Trojan Removal instruction
MySpaceBar.IE Hijacker Cleaner
Spirit.2001a.Beta.Edition RAT Removal
Remote.Attack.in.Small.HTTP.Server.ver.Vulnerability DoS Information
SillyDl.BCQ Downloader Cleaner

Posted by anycidahaeqyj9318 at 9:47 AM 0 comments

QZap113 Trojan

Click here to remove QZap113 malware
QZap113 description:
QZap113 Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing QZap113:

you can run trial version of ExterminateIt, or remove QZap113 manually.

To completely manually remove QZap113 malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with QZap113.

Read also:
PFCSet RAT Information
Sheldor Adware Removal
imedia.co.il Tracking Cookie Symptoms
Pigeon.EKD Trojan Symptoms
Barrio Trojan Symptoms

Posted by anycidahaeqyj9318 at 8:48 AM 0 comments

Flask.MPEG Trojan

Click here to remove Flask.MPEG malware
Flask.MPEG description:
Flask.MPEG Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Flask.MPEG:

you can run trial version of ExterminateIt, or remove Flask.MPEG manually.

To completely manually remove Flask.MPEG malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Flask.MPEG.

Read also:
Removing 411Ferret Adware
Mywife.C Worm Symptoms
Backage.Server Trojan Removal

Posted by anycidahaeqyj9318 at 7:15 AM 0 comments

TCP DoS

Click here to remove TCP malware
TCP description:
TCP Category:DoS
DoS trojans conduct attacks from a single computer with the consent of the user.

Removing TCP:

you can run trial version of ExterminateIt, or remove TCP manually.

To completely manually remove TCP malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with TCP.

Read also:
Insane.TCP Trojan Information

Posted by anycidahaeqyj9318 at 6:16 AM 0 comments

all.by Tracking Cookie

Click here to remove all.by malware
all.by description:
all.by Category:Tracking Cookie
Tracking cookies, like regular cookies, are small files that get deposited
onto your computer's hard drive as you browse the Internet.
Unlike harmless cookies that normally let you use certain websites more easily,
tracking cookies usually collect and report information about what websites you visit
and what you do at those websites.

If you fill out forms online with your real name and contact information,
click on banners and then purchase an item, or fill out sweepstakes or contests forms,
then it's possible that major online advertisers know your name and have associated it
with your IP address and other information.

Removing all.by:

you can run trial version of ExterminateIt, or remove all.by manually.

To completely manually remove all.by malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with all.by.

Read also:
Remove Zlob.Fam.MovieBox Trojan
Removing Samaevsh Trojan
Removing ZA.Killer Trojan
IRC.Advertiser.Bot Trojan Removal
Hellz.Addiction.10b Backdoor Removal instruction

Posted by anycidahaeqyj9318 at 6:11 AM 0 comments

Pigeon.ASJ Trojan

Click here to remove Pigeon.ASJ malware
Pigeon.ASJ description:
Pigeon.ASJ Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Pigeon.ASJ:

you can run trial version of ExterminateIt, or remove Pigeon.ASJ manually.

To completely manually remove Pigeon.ASJ malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Pigeon.ASJ.

Read also:
Remove NetSlayer Backdoor

Posted by anycidahaeqyj9318 at 5:23 AM 0 comments

Wednesday, January 21, 2009

Vxidl.AAV Trojan

Click here to remove Vxidl.AAV malware
Vxidl.AAV description:
Vxidl.AAV Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Vxidl.AAV:

you can run trial version of ExterminateIt, or remove Vxidl.AAV manually.

To completely manually remove Vxidl.AAV malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Vxidl.AAV.

Read also:
SandBoxer Adware Information
Remove BeamCrack Trojan
NetMama Spyware Cleaner
Removing Alien Trojan

Posted by anycidahaeqyj9318 at 8:59 PM 0 comments

SillyDl.CYK Trojan

Click here to remove SillyDl.CYK malware
SillyDl.CYK description:
SillyDl.CYK Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing SillyDl.CYK:

you can run trial version of ExterminateIt, or remove SillyDl.CYK manually.

To completely manually remove SillyDl.CYK malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with SillyDl.CYK.

Read also:
Pigeon.EDW Trojan Removal
Remove Frethog.ACC Trojan
Removing VBS.Eraser Trojan
AOHell Trojan Information
Remove Le.Colonel RAT

Posted by anycidahaeqyj9318 at 3:36 PM 0 comments

Avalent Trojan

Click here to remove Avalent malware
Avalent description:
Avalent Category:Trojan,Backdoor,DoS
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
They function in the same way as legal remote administration programs used by system administrators.
This makes them difficult to detect.

Backdoors are installed and launched without the consent of the user of computer.
Often the backdoor will not be visible in the log of active programs.

Once a backdoor has been successfully launched, the computer is wide open.
Backdoor functions can include:


  • Launching/ deleting files

  • Sending/ receiving files

  • Deleting data

  • Displaying notification

  • Rebooting the machine

  • Executing files




Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.
Backdoors combine the functionality of most other types of in one package.

Backdoors have one especially dangerous sub-class: variants that can propagate like worms.
These programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.

DoS trojans conduct such attacks from a single computer with the consent of the user.

Worms can carry a DoS procedure as part of their payload.

Removing Avalent:

you can run trial version of ExterminateIt, or remove Avalent manually.

To completely manually remove Avalent malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Avalent.

Read also:
Remove Valla Trojan
Oprobe Trojan Cleaner

Posted by anycidahaeqyj9318 at 12:11 PM 0 comments

VBS.Flood Trojan

Click here to remove VBS.Flood malware
VBS.Flood description:
VBS.Flood Category:Trojan,Hacker Tool,DoS
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
These utilities are designed to penetrate remote computers
in order to use them as zombies (by using backdoors) or to download other malicious programs to computer.

Exploits use vulnerabilities in operating systems and applications to achieve the same result.
DoS programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.

Removing VBS.Flood:

you can run trial version of ExterminateIt, or remove VBS.Flood manually.

To completely manually remove VBS.Flood malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with VBS.Flood.

Read also:
Mailspy Trojan Cleaner
IRC.Chamel DoS Cleaner
Nympho Trojan Symptoms
Syschk Trojan Removal instruction

Posted by anycidahaeqyj9318 at 11:59 AM 0 comments

SillyDl.CYT Trojan

Click here to remove SillyDl.CYT malware
SillyDl.CYT description:
SillyDl.CYT Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing SillyDl.CYT:

you can run trial version of ExterminateIt, or remove SillyDl.CYT manually.

To completely manually remove SillyDl.CYT malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with SillyDl.CYT.

Read also:
SillyDl.CNL Trojan Symptoms
Remove Mirkillerv Trojan
Remove Root.Access.Anonymous.Emailer Hacker Tool
Remove VBS.Mulu Trojan
SillyDl.CSH Trojan Removal

Posted by anycidahaeqyj9318 at 11:43 AM 0 comments

Ns Trojan

Click here to remove Ns malware
Ns description:
Ns Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Ns:

you can run trial version of ExterminateIt, or remove Ns manually.

To completely manually remove Ns malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Ns.

Read also:
HLL.ow.4032a Trojan Removal instruction
Vortexx.Project.Bomber DoS Information
CHCB Backdoor Cleaner
Lineag.AIP Trojan Information
Remove AOL.RTools Trojan

Posted by anycidahaeqyj9318 at 9:09 AM 0 comments

Pigeon.AVGC Trojan

Click here to remove Pigeon.AVGC malware
Pigeon.AVGC description:
Pigeon.AVGC Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Pigeon.AVGC:

you can run trial version of ExterminateIt, or remove Pigeon.AVGC manually.

To completely manually remove Pigeon.AVGC malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Pigeon.AVGC.

Read also:
Remove Bancos.HSD Trojan
SillyDl.DLJ Trojan Information

Posted by anycidahaeqyj9318 at 8:27 AM 0 comments

Ad.Flow.com Tracking Cookie

Click here to remove Ad.Flow.com malware
Ad.Flow.com description:
Ad.Flow.com Category:Tracking Cookie
Tracking cookies, like regular cookies, are small files that get deposited
onto your computer's hard drive as you browse the Internet.
Unlike harmless cookies that normally let you use certain websites more easily,
tracking cookies usually collect and report information about what websites you visit
and what you do at those websites.

Removing Ad.Flow.com:

you can run trial version of ExterminateIt, or remove Ad.Flow.com manually.

To completely manually remove Ad.Flow.com malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Ad.Flow.com.

Read also:
Removing IRCBot.ma Backdoor
Removing Donald.Dick.Beta Trojan
Minicom Trojan Removal
motigo.com Tracking Cookie Removal

Posted by anycidahaeqyj9318 at 8:12 AM 0 comments

EZCyberSearch Adware

Click here to remove EZCyberSearch malware
EZCyberSearch description:
EZCyberSearch Category:Adware,BHO,Toolbar
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
BHO (Browser Helper Object) Trojan.
The BHO waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.
The method of network transport used by the attacker makes this Trojan unique.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.
Instead, this Trojan encodes the data with a simple XOR algorithm before placing it into
the data section of an ICMP ping packet." explained the company.
Toolbar presents itself as a helpful add-on for Internet Explorer but it is a real pest.

Detection EZCyberSearch :

EZCyberSearch Files:
[%SYSTEM%]\ctadl1.dll
[%SYSTEM%]\ezsearch.dll
[%SYSTEM%]\surebar.dll
[%WINDOWS%]\system\ctadl1.dll
[%WINDOWS%]\system\ezsearch.dll
[%WINDOWS%]\system\surebar.dll
[%WINDOWS%]\temp\ezsearch.dll
[%SYSTEM%]\ctadl1.dll
[%SYSTEM%]\ezsearch.dll
[%SYSTEM%]\surebar.dll
[%WINDOWS%]\system\ctadl1.dll
[%WINDOWS%]\system\ezsearch.dll
[%WINDOWS%]\system\surebar.dll
[%WINDOWS%]\temp\ezsearch.dll

EZCyberSearch Registry Keys:
HKEY_CLASSES_ROOT\clsid\{270b845c-712c-4773-bee0-ae2d2001cd0f}
HKEY_CLASSES_ROOT\clsid\{27f2ee5e-3e74-40bb-ae16-2d9eeec6c0cf}
HKEY_CLASSES_ROOT\clsid\{4580026c-022a-4fda-87bc-eda848d0b7a6}
HKEY_CLASSES_ROOT\clsid\{58ed251a-509e-45ca-bd0e-d25ac8f56f60}
HKEY_CLASSES_ROOT\clsid\{5b330393-333b-4e47-877c-763ee9cee1a6}
HKEY_CLASSES_ROOT\clsid\{760a9dde-1433-4a7c-8189-d6735bb5d3dd}
HKEY_CLASSES_ROOT\clsid\{aefcdec8-eb7d-429f-bc73-4f30d07bfe41}
HKEY_CLASSES_ROOT\clsid\{cce83e45-30b2-4bae-b1f5-25d128d27a43}
HKEY_CLASSES_ROOT\clsid\{f6b19c26-d8e5-40d6-94bd-a56fae4c77c3}
HKEY_CLASSES_ROOT\ezsearchbar.bho
HKEY_CLASSES_ROOT\ezsearchbar.bho.1
HKEY_CLASSES_ROOT\ezsearchbar.csrcbnd
HKEY_CLASSES_ROOT\ezsearchbar.csrcbnd.1
HKEY_CLASSES_ROOT\ezsearchbar.inst
HKEY_CLASSES_ROOT\ezsearchbar.inst.1
HKEY_CLASSES_ROOT\interface\{27f2ee5e-3e74-40bb-ae16-2d9eeec6c0cf}
HKEY_CLASSES_ROOT\interface\{58ed251a-509e-45ca-bd0e-d25ac8f56f60}
HKEY_CLASSES_ROOT\interface\{5b330393-333b-4e47-877c-763ee9cee1a6}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{760a9dde-1433-4a7c-8189-d6735bb5d3dd}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{aefcdec8-eb7d-429f-bc73-4f30d07bfe41}
HKEY_CLASSES_ROOT\typelib\{f6b19c26-d8e5-40d6-94bd-a56fae4c77c3}
HKEY_CURRENT_USER\software\ezsearchbar
HKEY_LOCAL_MACHINE\software\classes\clsid\{270b845c-712c-4773-bee0-ae2d2001cd0f}
HKEY_LOCAL_MACHINE\software\classes\clsid\{760a9dde-1433-4a7c-8189-d6735bb5d3dd}
HKEY_LOCAL_MACHINE\software\classes\clsid\{aefcdec8-eb7d-429f-bc73-4f30d07bfe41}
HKEY_LOCAL_MACHINE\software\classes\clsid\{cce83e45-30b2-4bae-b1f5-25d128d27a43}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{760a9dde-1433-4a7c-8189-d6735bb5d3dd}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{aefcdec8-eb7d-429f-bc73-4f30d07bfe41}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\ezsearchbar
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\s

EZCyberSearch Registry Values:
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar

Removing EZCyberSearch:

you can run trial version of ExterminateIt, or remove EZCyberSearch manually.

To completely manually remove EZCyberSearch malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with EZCyberSearch.

Read also:
Remove MailSpam.Liame.10b4 Hacker Tool
Pigeon.AWJG Trojan Removal instruction
Delf.cs Trojan Removal

Posted by anycidahaeqyj9318 at 6:03 AM 0 comments

BrowserToolbar Adware

Click here to remove BrowserToolbar malware
BrowserToolbar description:
BrowserToolbar Category:Adware,Downloader
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
Trojans-downloaders downloads and installs new malware or adware on the computer.

Detection BrowserToolbar :

BrowserToolbar Files:
[%WINDOWS%]\absr.exe
[%WINDOWS%]\abstr.exe
[%WINDOWS%]\ausvc.exe
[%WINDOWS%]\auupg.exe
[%WINDOWS%]\bvt.exe
[%WINDOWS%]\coolstuff.ocx
[%WINDOWS%]\ea.bin
[%WINDOWS%]\mnsvc.exe
[%WINDOWS%]\mtbcd.bak
[%WINDOWS%]\undo.exe
[%WINDOWS%]\absr.exe
[%WINDOWS%]\abstr.exe
[%WINDOWS%]\ausvc.exe
[%WINDOWS%]\auupg.exe
[%WINDOWS%]\bvt.exe
[%WINDOWS%]\coolstuff.ocx
[%WINDOWS%]\ea.bin
[%WINDOWS%]\mnsvc.exe
[%WINDOWS%]\mtbcd.bak
[%WINDOWS%]\undo.exe

BrowserToolbar Registry Keys:
HKEY_CLASSES_ROOT\clsid\{6541b981-2e27-46b1-a2cc-8264a75b74fe}
HKEY_CLASSES_ROOT\clsid\{6d8b1b74-4ab8-473b-b479-253fa1936802}
HKEY_CLASSES_ROOT\clsid\{868b015f-3515-44db-b0ad-182cd058985e}
HKEY_CLASSES_ROOT\clsid\{9a05fe9b-5b52-4d13-a77d-fa7c38557a8e}
HKEY_CLASSES_ROOT\clsid\{bae85c97-2cd4-45c3-a1ed-e4cef7c6aa52}
HKEY_CLASSES_ROOT\clsid\{c76be992-2bc3-41a4-8b87-a8c01fe419a7}
HKEY_CLASSES_ROOT\clsid\{f53c844a-d9c8-4e92-b923-c05b46c4a7e3}
HKEY_LOCAL_MACHINE\software\classes\appid\{8b034058-08b0-4cb3-b2e8-60238b4967f2}
HKEY_LOCAL_MACHINE\software\classes\clsid\{6541b981-2e27-46b1-a2cc-8264a75b74fe}
HKEY_LOCAL_MACHINE\software\classes\clsid\{868b015f-3515-44db-b0ad-182cd058985e}
HKEY_LOCAL_MACHINE\software\classes\clsid\{9a05fe9b-5b52-4d13-a77d-fa7c38557a8e}
HKEY_LOCAL_MACHINE\software\classes\clsid\{bae85c97-2cd4-45c3-a1ed-e4cef7c6aa52}
HKEY_LOCAL_MACHINE\software\classes\clsid\{c76be992-2bc3-41a4-8b87-a8c01fe419a7}
HKEY_LOCAL_MACHINE\software\classes\clsid\{f53c844a-d9c8-4e92-b923-c05b46c4a7e3}
HKEY_LOCAL_MACHINE\software\classes\clsid\{fbe091e5-df43-4ffb-aecc-7e3a3bc7b0d9}
HKEY_LOCAL_MACHINE\software\classes\typelib\{6d8b1b74-4ab8-473b-b479-253fa1936802}

BrowserToolbar Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing BrowserToolbar:

you can run trial version of ExterminateIt, or remove BrowserToolbar manually.

To completely manually remove BrowserToolbar malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with BrowserToolbar.

Read also:
precisead.com Tracking Cookie Information
PWS.Kcom Trojan Removal instruction
SexHound Tracking Cookie Cleaner
Chopham Trojan Information
Zdl Trojan Cleaner

Posted by anycidahaeqyj9318 at 5:10 AM 0 comments

Baidu Adware

Click here to remove Baidu malware
Baidu description:
Baidu Category:Adware,BHO
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

As this information is entered by the user, it is captured by the BHO (Browser Helper Object) and
sent back to the attacker.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.

Removing Baidu:

you can run trial version of ExterminateIt, or remove Baidu manually.

To completely manually remove Baidu malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Baidu.

Read also:
Win32.Sima Trojan Information
Remove SillyProxy Trojan
MobileWorld Adware Removal instruction

Posted by anycidahaeqyj9318 at 4:07 AM 0 comments

Visio5Macro.Unstable Trojan

Click here to remove Visio5Macro.Unstable malware
Visio5Macro.Unstable description:
Visio5Macro.Unstable Category:Trojan,Backdoor,Downloader,DoS
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
Often the backdoor will not be visible in the log of active programs.
Trojans-downloaders downloads and installs new malware or adware on the computer.

DoS programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.

Removing Visio5Macro.Unstable:

you can run trial version of ExterminateIt, or remove Visio5Macro.Unstable manually.

To completely manually remove Visio5Macro.Unstable malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Visio5Macro.Unstable.

Read also:
Bat.Shadow Trojan Symptoms
Removing Backage Trojan
Elephant2 Trojan Removal instruction
googleadservices.com Tracking Cookie Removal instruction

Posted by anycidahaeqyj9318 at 1:55 AM 0 comments

AquaVoxFreeze DoS

Click here to remove AquaVoxFreeze malware
AquaVoxFreeze description:
AquaVoxFreeze Category:DoS
These programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.

DoS trojans conduct such attacks from a single computer with the consent of the user.

Worms can carry a DoS procedure as part of their payload.

Removing AquaVoxFreeze:

you can run trial version of ExterminateIt, or remove AquaVoxFreeze manually.

To completely manually remove AquaVoxFreeze malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with AquaVoxFreeze.

Read also:
REG.InjectDown Trojan Removal
exit.ad.de Tracking Cookie Symptoms

Posted by anycidahaeqyj9318 at 12:54 AM 0 comments

Tuesday, January 20, 2009

Kenny Backdoor

Click here to remove Kenny malware
Kenny description:
Kenny Category:Backdoor,RAT
Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.

Some RAT trojans are pranks that are most likely being controlled by a friend or enemy on
April Fool's day or a holiday. Prank RATS are generally not harmful, and won't log keystrokes or hack.

Detection Kenny :

Kenny Files:
[%WINDOWS%]\system\heavy attack force by cyberkillar.exe
[%WINDOWS%]\system\heavy attack force by cyberkillar.exe

Removing Kenny:

you can run trial version of ExterminateIt, or remove Kenny manually.

To completely manually remove Kenny malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Kenny.

Read also:
Removing Rocket.Science DoS
ReVerb Backdoor Removal instruction

Posted by anycidahaeqyj9318 at 9:52 PM 0 comments

Porno.Top Adware

Click here to remove Porno.Top malware
Porno.Top description:
Porno.Top Category:Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits

Detection Porno.Top :

Porno.Top Folders:
[%PROGRAM_FILES%]\porno top

Porno.Top Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing Porno.Top:

you can run trial version of ExterminateIt, or remove Porno.Top manually.

To completely manually remove Porno.Top malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Porno.Top.

Read also:
Aleph DoS Symptoms
Dyfuca.dm Downloader Removal instruction
VirTool.BAT.Sphinx Trojan Information
Fc.Ip.Sweep DoS Removal instruction
Win32.VB.gs Trojan Information

Posted by anycidahaeqyj9318 at 8:00 PM 0 comments

NeoJoiner Trojan

Click here to remove NeoJoiner malware
NeoJoiner description:
NeoJoiner Category:Trojan,Hacker Tool
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Hacker Tools are designed to penetrate remote computers
in order to use them as zombies or to download other malicious programs to computer.

Removing NeoJoiner:

you can run trial version of ExterminateIt, or remove NeoJoiner manually.

To completely manually remove NeoJoiner malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with NeoJoiner.

Read also:
MMTask Adware Symptoms
Remove Renmog Trojan

Posted by anycidahaeqyj9318 at 7:11 PM 0 comments

Vxidl.AIM Trojan

Click here to remove Vxidl.AIM malware
Vxidl.AIM description:
Vxidl.AIM Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Vxidl.AIM:

you can run trial version of ExterminateIt, or remove Vxidl.AIM manually.

To completely manually remove Vxidl.AIM malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Vxidl.AIM.

Read also:
Vxidl.AHS Trojan Information
Remove SillyProxy Trojan
Lineage.ABC Trojan Cleaner
123bar BHO Removal

Posted by anycidahaeqyj9318 at 6:10 PM 0 comments

TrojanSpy.Win32.Blackhand Trojan

Click here to remove TrojanSpy.Win32.Blackhand malware
TrojanSpy.Win32.Blackhand description:
TrojanSpy.Win32.Blackhand Category:Trojan,Spyware
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Spyware is computer software that is installed surreptitiously on a personal computer
to with the computer, without the user's informed consent.

Removing TrojanSpy.Win32.Blackhand:

you can run trial version of ExterminateIt, or remove TrojanSpy.Win32.Blackhand manually.

To completely manually remove TrojanSpy.Win32.Blackhand malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with TrojanSpy.Win32.Blackhand.

Read also:
OptServe Adware Symptoms
Lopdotcom Tracking Cookie Information
Removing Bancos.HGR Trojan
Removing Shadow.Bot DoS
Win.Romaker Trojan Removal instruction

Posted by anycidahaeqyj9318 at 5:07 PM 0 comments

MyWebSearch (MySearch) Adware

Click here to remove MyWebSearch (MySearch) malware
MyWebSearch (MySearch) description:
MyWebSearch (MySearch) Category:Adware,BHO,Toolbar
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
BHO (Browser Helper Object) Trojan.
The BHO waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.
The method of network transport used by the attacker makes this Trojan unique.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.
Instead, this Trojan encodes the data with a simple XOR algorithm before placing it into
the data section of an ICMP ping packet." explained the company.
Toolbar presents itself as a helpful add-on for Internet Explorer but it is a real pest.
It replaces your start page, continuosly open a number of pop up windows and so on.

Detection MyWebSearch (MySearch) :

MyWebSearch (MySearch) Files:
[%PROGRAM_FILES%]\MyGlobalSearch\bar\1.bin\MGSBAR.DLL
[%PROGRAM_FILES%]\MyGlobalSearch\bar\1.bin\MGSBAR.DLL

MyWebSearch (MySearch) Registry Keys:
HKEY_CLASSES_ROOT\CLSID\{37B85A21-692B-4205-9CAD-2626E4993404}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{37B85A21-692B-4205-9CAD-2626E4993404}

Removing MyWebSearch (MySearch):

you can run trial version of ExterminateIt, or remove MyWebSearch (MySearch) manually.

To completely manually remove MyWebSearch (MySearch) malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with MyWebSearch (MySearch).

Read also:
Tool.AVP4SRU Trojan Removal instruction

Posted by anycidahaeqyj9318 at 2:47 PM 0 comments

Internet Explorer Security Plugin Trojan

Click here to remove Internet Explorer Security Plugin malware
Internet Explorer Security Plugin description:
Internet Explorer Security Plugin Category:Trojan,Popups
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
The pop-ups generally will not be stopped by pop-up stoppers, and often are
not dependent on your having Internet Explorer open.

Detection Internet Explorer Security Plugin :

Internet Explorer Security Plugin Registry Keys:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Internet Explorer Security Plugin 2006

Removing Internet Explorer Security Plugin:

you can run trial version of ExterminateIt, or remove Internet Explorer Security Plugin manually.

To completely manually remove Internet Explorer Security Plugin malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Internet Explorer Security Plugin.

Read also:
AOL.WinSpy Trojan Removal
Mnemonix.Atomic RAT Removal instruction
Win32.AdURL Adware Cleaner
Remove Pigeon.AVRX Trojan

Posted by anycidahaeqyj9318 at 2:08 PM 0 comments

startpage.ajj Adware

Click here to remove startpage.ajj malware
startpage.ajj description:
startpage.ajj Category:Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

Removing startpage.ajj:

you can run trial version of ExterminateIt, or remove startpage.ajj manually.

To completely manually remove startpage.ajj malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with startpage.ajj.

Read also:
Pigeon.BAB Trojan Symptoms
H2K Trojan Information
Removing quarterserver.de Tracking Cookie
Remove Bat.qu Trojan
Removing Grower Trojan

Posted by anycidahaeqyj9318 at 7:52 AM 0 comments

BackDoor.CZO Backdoor

Click here to remove BackDoor.CZO malware
BackDoor.CZO description:
BackDoor.CZO Category:Backdoor
Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.

Removing BackDoor.CZO:

you can run trial version of ExterminateIt, or remove BackDoor.CZO manually.

To completely manually remove BackDoor.CZO malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with BackDoor.CZO.

Read also:
Remove FG.Server Trojan

Posted by anycidahaeqyj9318 at 7:37 AM 0 comments

Bat.Shadow Trojan

Click here to remove Bat.Shadow malware
Bat.Shadow description:
Bat.Shadow Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Bat.Shadow:

you can run trial version of ExterminateIt, or remove Bat.Shadow manually.

To completely manually remove Bat.Shadow malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Bat.Shadow.

Read also:
Removing LeapFrog Trojan
Lanax Trojan Information

Posted by anycidahaeqyj9318 at 7:15 AM 0 comments

SUMO.Lag.Killer DoS

Click here to remove SUMO.Lag.Killer malware
SUMO.Lag.Killer description:
SUMO.Lag.Killer Category:DoS
These programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.

DoS trojans conduct such attacks from a single computer with the consent of the user.

Worms can carry a DoS procedure as part of their payload.

Removing SUMO.Lag.Killer:

you can run trial version of ExterminateIt, or remove SUMO.Lag.Killer manually.

To completely manually remove SUMO.Lag.Killer malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with SUMO.Lag.Killer.

Read also:
Remove SkyRat RAT
Removing EasyNet RAT

Posted by anycidahaeqyj9318 at 5:54 AM 0 comments

Delf.aaa Backdoor

Click here to remove Delf.aaa malware
Delf.aaa description:
Delf.aaa Category:Backdoor
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
Often the backdoor will not be visible in the log of active programs.

Removing Delf.aaa:

you can run trial version of ExterminateIt, or remove Delf.aaa manually.

To completely manually remove Delf.aaa malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Delf.aaa.

Read also:
Syschk Trojan Cleaner
Remove Earthlink.net.Tracking.Cookie Tracking Cookie
GIC Backdoor Information
AmigaAnywhere Backdoor Cleaner

Posted by anycidahaeqyj9318 at 1:33 AM 0 comments

Mozilla Backdoor

Click here to remove Mozilla malware
Mozilla description:
Mozilla Category:Backdoor
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
They function in the same way as legal remote administration programs used by system administrators.
This makes them difficult to detect.

Backdoors are installed and launched without the consent of the user of computer.
Often the backdoor will not be visible in the log of active programs.

Once a backdoor has been successfully launched, the computer is wide open.
Backdoor functions can include:


  • Launching/ deleting files

  • Sending/ receiving files

  • Deleting data

  • Displaying notification

  • Rebooting the machine

  • Executing files




Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.
Backdoors combine the functionality of most other types of in one package.

Backdoors have one especially dangerous sub-class: variants that can propagate like worms.

Removing Mozilla:

you can run trial version of ExterminateIt, or remove Mozilla manually.

To completely manually remove Mozilla malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Mozilla.

Read also:
Removing Vxidl.AQN Trojan
Rbot.GHJ Worm Removal
Uncapper Trojan Symptoms

Posted by anycidahaeqyj9318 at 1:18 AM 0 comments

MMTask Adware

Click here to remove MMTask malware
MMTask description:
MMTask Category:Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits

Detection MMTask :

MMTask Files:
[%SYSTEM%]\mmtask1.exe
[%SYSTEM%]\mmtask2.exe
[%PROGRAM_FILES%]\ecommerce\dialer.exe
[%PROGRAM_FILES%]\ecommerce\dialer.ini
[%SYSTEM%]\mmtask0.exe
[%WINDOWS%]\system\mmtask0.exe
[%WINDOWS%]\system\mmtask1.exe
[%WINDOWS%]\system\mmtask2.exe
[%SYSTEM%]\mmtask1.exe
[%SYSTEM%]\mmtask2.exe
[%PROGRAM_FILES%]\ecommerce\dialer.exe
[%PROGRAM_FILES%]\ecommerce\dialer.ini
[%SYSTEM%]\mmtask0.exe
[%WINDOWS%]\system\mmtask0.exe
[%WINDOWS%]\system\mmtask1.exe
[%WINDOWS%]\system\mmtask2.exe

MMTask Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing MMTask:

you can run trial version of ExterminateIt, or remove MMTask manually.

To completely manually remove MMTask malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with MMTask.

Read also:
Vxidl.ARA Trojan Cleaner
Mosucker Trojan Cleaner
Arcamax.com Tracking Cookie Cleaner

Posted by anycidahaeqyj9318 at 12:19 AM 0 comments

Monday, January 19, 2009

Pigeon.AVLO Trojan

Click here to remove Pigeon.AVLO malware
Pigeon.AVLO description:
Pigeon.AVLO Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Pigeon.AVLO:

you can run trial version of ExterminateIt, or remove Pigeon.AVLO manually.

To completely manually remove Pigeon.AVLO malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Pigeon.AVLO.

Read also:
Win32.Shareme Trojan Removal instruction

Posted by anycidahaeqyj9318 at 8:08 PM 0 comments

LB5.Bomb DoS

Click here to remove LB5.Bomb malware
LB5.Bomb description:
LB5.Bomb Category:DoS
These programs attack web servers by sending numerous requests