Saturday, January 31, 2009

ErrClean Ransomware

Click here to remove ErrClean malware
ErrClean description:
ErrClean Category:Ransomware
The term ransomware is commonly used to describe such software,
although the field known as cryptovirology predates the term "ransomware".

This type of ransom attack can be accomplished by (for example) attaching
a specially crafted file/program to an e-mail message and sending this to the victim.

Detection ErrClean :

ErrClean Files:
[%DESKTOP%]\ErrClean.lnk
[%DESKTOP%]\ErrClean.lnk

ErrClean Folders:
[%APPDATA%]\errclean
[%COMMON_PROGRAMS%]\ErrClean
[%PROGRAM_FILES%]\ErrClean
[%PROGRAM_FILES_COMMON%]\ErrClean

ErrClean Registry Keys:
HKEY_LOCAL_MACHINE\software\purchased products\system error repair
HKEY_LOCAL_MACHINE\software\ugescw
HKEY_CURRENT_USER\software\errclean
HKEY_LOCAL_MACHINE\software\errclean
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\ges_is1

ErrClean Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing ErrClean:

you can run trial version of ExterminateIt, or remove ErrClean manually.

To completely manually remove ErrClean malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with ErrClean.

Read also:
GlueJoiner Trojan Removal
Remove Jpeg2x.dll BHO
Pigeon.AVDY Trojan Cleaner
Pigeon.EYS Trojan Removal instruction

Posted by fresto at 10:59 PM 0 comments

Bancos.HGS Trojan

Click here to remove Bancos.HGS malware
Bancos.HGS description:
Bancos.HGS Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Bancos.HGS:

you can run trial version of ExterminateIt, or remove Bancos.HGS manually.

To completely manually remove Bancos.HGS malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Bancos.HGS.

Read also:
Removing Vxidl.ACS Trojan
Gogfeed Trojan Symptoms

Posted by fresto at 10:09 PM 0 comments

Bancos.GYG Trojan

Click here to remove Bancos.GYG malware
Bancos.GYG description:
Bancos.GYG Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Bancos.GYG:

you can run trial version of ExterminateIt, or remove Bancos.GYG manually.

To completely manually remove Bancos.GYG malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Bancos.GYG.

Read also:
downloaded Trojan Removal
StartPage.Thenew Trojan Cleaner
Wanderer Trojan Removal instruction
Comfy Trojan Cleaner

Posted by fresto at 8:55 PM 0 comments

Ehg.Cisco.Hitbox Tracking Cookie

Click here to remove Ehg.Cisco.Hitbox malware
Ehg.Cisco.Hitbox description:
Ehg.Cisco.Hitbox Category:Tracking Cookie
Tracking cookies, like regular cookies, are small files that get deposited
onto your computer's hard drive as you browse the Internet.
Unlike harmless cookies that normally let you use certain websites more easily,
tracking cookies usually collect and report information about what websites you visit
and what you do at those websites.

Removing Ehg.Cisco.Hitbox:

you can run trial version of ExterminateIt, or remove Ehg.Cisco.Hitbox manually.

To completely manually remove Ehg.Cisco.Hitbox malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Ehg.Cisco.Hitbox.

Read also:
Pigeon.ATO Trojan Removal instruction
Removing Zagaban Trojan
Voyager Trojan Removal instruction

Posted by fresto at 5:23 PM 0 comments

UDP.Bomber Trojan

Click here to remove UDP.Bomber malware
UDP.Bomber description:
UDP.Bomber Category:Trojan,DoS
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
These programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.

DoS trojans conduct such attacks from a single computer with the consent of the user.

Worms can carry a DoS procedure as part of their payload.

Removing UDP.Bomber:

you can run trial version of ExterminateIt, or remove UDP.Bomber manually.

To completely manually remove UDP.Bomber malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with UDP.Bomber.

Read also:
Squeaker Trojan Symptoms
Removing TPE.GEN Trojan

Posted by fresto at 4:07 PM 0 comments

Gramfen Trojan

Click here to remove Gramfen malware
Gramfen description:
Gramfen Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Gramfen:

you can run trial version of ExterminateIt, or remove Gramfen manually.

To completely manually remove Gramfen malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Gramfen.

Read also:
Removing VB.hc Downloader

Posted by fresto at 3:23 PM 0 comments

Mshtmpre BHO

Click here to remove Mshtmpre malware
Mshtmpre description:
Mshtmpre Category:BHO,Hijacker
BHO (Browser Helper Object) Trojan.
The BHO waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.
The method of network transport used by the attacker makes this Trojan unique.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.
Instead, this Trojan encodes the data with a simple XOR algorithm before placing it into
the data section of an ICMP ping packet." explained the company.
Hijackers are software programs that modify users' default browser home page,
search settings, error page settings, or desktop wallpaper without adequate notice, disclosure,
or user consent.

When the default home page is hijacked, the browser opens to the web page set by the hijacker
instead of the user's designated home page. In some cases, the hijacker may block users from
restoring their desired home page.

A search hijacker redirects search results to other pages and may
transmit search and browsing data to unknown servers. An error page hijacker directs
the browser to another page, usually an advertising page, instead of the usual error
page when the requested URL is not found.

A desktop hijacker replaces the desktop wallpaper with advertising
for products and services on the desktop.

Hijackers take control of various parts of your web browser, including your home page,
search pages, and search bar. They may also redirect you to certain sites should you
mistype an address or prevent you from going to a website they would rather you not,
such as sites that combat malware. Some will even redirect you to their own search engine
when you attempt a search. NB: hijackers almost exclusively target Internet Explorer.

Removing Mshtmpre:

you can run trial version of ExterminateIt, or remove Mshtmpre manually.

To completely manually remove Mshtmpre malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Mshtmpre.

Read also:
Wintrim.bf Downloader Symptoms
Pigeon.EBB Trojan Removal instruction
Remove LowSert Downloader

Posted by fresto at 12:16 PM 0 comments

SdBot.bs Backdoor

Click here to remove SdBot.bs malware
SdBot.bs description:
SdBot.bs Category:Backdoor
Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.

Removing SdBot.bs:

you can run trial version of ExterminateIt, or remove SdBot.bs manually.

To completely manually remove SdBot.bs malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with SdBot.bs.

Read also:
StartPage.bx Hijacker Information
Quit Trojan Information
Remove Pigeon.EQL Trojan
SVA Trojan Symptoms

Posted by fresto at 12:00 PM 0 comments

incomeaccess.com Tracking Cookie

Click here to remove incomeaccess.com malware
incomeaccess.com description:
incomeaccess.com Category:Tracking Cookie
Tracking cookies, like regular cookies, are small files that get deposited
onto your computer's hard drive as you browse the Internet.
Unlike harmless cookies that normally let you use certain websites more easily,
tracking cookies usually collect and report information about what websites you visit
and what you do at those websites.

If you fill out forms online with your real name and contact information,
click on banners and then purchase an item, or fill out sweepstakes or contests forms,
then it's possible that major online advertisers know your name and have associated it
with your IP address and other information.

Removing incomeaccess.com:

you can run trial version of ExterminateIt, or remove incomeaccess.com manually.

To completely manually remove incomeaccess.com malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with incomeaccess.com.

Read also:
ShenHua Trojan Removal instruction

Posted by fresto at 8:15 AM 0 comments

Friday, January 30, 2009

Immort DoS

Click here to remove Immort malware
Immort description:
Immort Category:DoS
DoS programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.

Removing Immort:

you can run trial version of ExterminateIt, or remove Immort manually.

To completely manually remove Immort malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Immort.

Read also:
Remove Optix.Lite.server RAT
SillyDl.CJI Trojan Information

Posted by fresto at 2:29 PM 0 comments

Bagle.AY Worm

Click here to remove Bagle.AY malware
Bagle.AY description:
Bagle.AY Category:Worm
Many of the worms which managed to cause significant outbreaks use more then
one propagation method as well as more than one infection technique.

Detection Bagle.AY :

Bagle.AY Registry Values:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Removing Bagle.AY:

you can run trial version of ExterminateIt, or remove Bagle.AY manually.

To completely manually remove Bagle.AY malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Bagle.AY.

Read also:
Pigeon.AVIN Trojan Removal instruction
Win32.SdBot.bfl Backdoor Symptoms
Vxidl.AFV Trojan Information
SlyDude Trojan Symptoms

Posted by fresto at 10:49 AM 0 comments

SillyDl.CIN Trojan

Click here to remove SillyDl.CIN malware
SillyDl.CIN description:
SillyDl.CIN Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing SillyDl.CIN:

you can run trial version of ExterminateIt, or remove SillyDl.CIN manually.

To completely manually remove SillyDl.CIN malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with SillyDl.CIN.

Read also:
OSX.Cosmac Trojan Symptoms
Ortyc Trojan Cleaner
Remove RHS RAT
Backage.Server Trojan Removal instruction
Remove Holzpferd RAT

Posted by fresto at 10:44 AM 0 comments

Xel Backdoor

Click here to remove Xel malware
Xel description:
Xel Category:Backdoor,RAT
Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.

Many trojans and backdoors now have remote administration capabilities
allowing an individual to control the victim's computer.
Many times a file called the server must be opened on the victim's computer before
the trojan can have access to it.

These are generally sent through email, P2P file sharing software,
and in internet downloads. They are usually disguised as a legitimate program or file.
Many server files will display a fake error message when opened, to make it seem like it didn't open.
Some will also kill antivirus and firewall software.

Some RAT trojans are pranks that are most likely being controlled by a friend or enemy on
April Fool's day or a holiday. Prank RATS are generally not harmful, and won't log keystrokes or hack.
They usually do whimsical things like flip the screen upside-down, open the CD-ROM tray,
and swap mouse buttons. However, they can be quite hard to remove.

Removing Xel:

you can run trial version of ExterminateIt, or remove Xel manually.

To completely manually remove Xel malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Xel.

Read also:
Serv.5b.Broken.Link.Uploader Trojan Removal
AdsStore Adware Information
Remove AdultChat Adware
Removing Bat.Soul Trojan

Posted by fresto at 9:52 AM 0 comments

Sonar DoS

Click here to remove Sonar malware
Sonar description:
Sonar Category:DoS
DoS trojans conduct attacks from a single computer with the consent of the user.

Removing Sonar:

you can run trial version of ExterminateIt, or remove Sonar manually.

To completely manually remove Sonar malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Sonar.

Read also:
Menajeto Backdoor Removal instruction

Posted by fresto at 7:32 AM 0 comments

KClient Spyware

Click here to remove KClient malware
KClient description:
KClient Category:Spyware
Spyware is computer software that is installed surreptitiously on a personal computer
to with the computer, without the user's informed consent.

Removing KClient:

you can run trial version of ExterminateIt, or remove KClient manually.

To completely manually remove KClient malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with KClient.

Read also:
Mau Trojan Information
Kloop Trojan Cleaner

Posted by fresto at 3:44 AM 0 comments

SatanicDream DoS

Click here to remove SatanicDream malware
SatanicDream description:
SatanicDream Category:DoS
DoS trojans conduct attacks from a single computer with the consent of the user.

Removing SatanicDream:

you can run trial version of ExterminateIt, or remove SatanicDream manually.

To completely manually remove SatanicDream malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with SatanicDream.

Read also:
Removing Tedon Trojan
Remove SynSpy Backdoor
WordMacro.Horn Trojan Removal
MIRC.MircGirl Trojan Information
Pigeon.EGN Trojan Cleaner

Posted by fresto at 3:23 AM 0 comments

Thursday, January 29, 2009

Agent.ax Trojan

Click here to remove Agent.ax malware
Agent.ax description:
Agent.ax Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Agent.ax:

you can run trial version of ExterminateIt, or remove Agent.ax manually.

To completely manually remove Agent.ax malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Agent.ax.

Read also:
Removing Win32.Dialer.NAQ Adware
Removing new.directions.de Tracking Cookie
Remove BackDoor.dr Trojan

Posted by fresto at 11:51 PM 0 comments

Win95.Zom Trojan

Click here to remove Win95.Zom malware
Win95.Zom description:
Win95.Zom Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Win95.Zom:

you can run trial version of ExterminateIt, or remove Win95.Zom manually.

To completely manually remove Win95.Zom malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Win95.Zom.

Read also:
IROffer.2b21 Backdoor Symptoms

Posted by fresto at 11:12 PM 0 comments

VBS.Winshow Trojan

Click here to remove VBS.Winshow malware
VBS.Winshow description:
VBS.Winshow Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing VBS.Winshow:

you can run trial version of ExterminateIt, or remove VBS.Winshow manually.

To completely manually remove VBS.Winshow malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with VBS.Winshow.

Read also:
PWS.Yahoo Trojan Removal
TrojanDownloader.Win32.SMW Trojan Cleaner
Sup Trojan Cleaner
Remove Trojan.Scanner Trojan

Posted by fresto at 11:00 PM 0 comments

Compo.cav.dr Trojan

Click here to remove Compo.cav.dr malware
Compo.cav.dr description:
Compo.cav.dr Category:Trojan,Backdoor,Downloader,DoS
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
They function in the same way as legal remote administration programs used by system administrators.
This makes them difficult to detect.

Backdoors are installed and launched without the consent of the user of computer.
Often the backdoor will not be visible in the log of active programs.

Once a backdoor has been successfully launched, the computer is wide open.
Backdoor functions can include:


  • Launching/ deleting files

  • Sending/ receiving files

  • Deleting data

  • Displaying notification

  • Rebooting the machine

  • Executing files




Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.
Backdoors combine the functionality of most other types of in one package.

Backdoors have one especially dangerous sub-class: variants that can propagate like worms.
The downloader either launches the new malware or registers it to enable autorun
according to the local operating system requirements.
These programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.

DoS trojans conduct such attacks from a single computer with the consent of the user.

Worms can carry a DoS procedure as part of their payload.

Removing Compo.cav.dr:

you can run trial version of ExterminateIt, or remove Compo.cav.dr manually.

To completely manually remove Compo.cav.dr malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Compo.cav.dr.

Read also:
Remove Bancos.GRK Trojan
Lixy.Server Trojan Removal instruction

Posted by fresto at 10:08 PM 0 comments

Bancos.HLI Trojan

Click here to remove Bancos.HLI malware
Bancos.HLI description:
Bancos.HLI Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Bancos.HLI:

you can run trial version of ExterminateIt, or remove Bancos.HLI manually.

To completely manually remove Bancos.HLI malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Bancos.HLI.

Read also:
WordMacro.Mercado.B:Br Trojan Removal
Substealth Backdoor Symptoms

Posted by fresto at 2:37 PM 0 comments

Satan.Installer Trojan

Click here to remove Satan.Installer malware
Satan.Installer description:
Satan.Installer Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Satan.Installer:

you can run trial version of ExterminateIt, or remove Satan.Installer manually.

To completely manually remove Satan.Installer malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Satan.Installer.

Read also:
LOP Adware Cleaner
Pigeon.AFK Trojan Removal

Posted by fresto at 2:23 PM 0 comments

Wtfm Trojan

Click here to remove Wtfm malware
Wtfm description:
Wtfm Category:Trojan,Backdoor,Downloader,DoS
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
Often the backdoor will not be visible in the log of active programs.
The downloader either launches the new malware or registers it to enable autorun
according to the local operating system requirements.
DoS programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.

Removing Wtfm:

you can run trial version of ExterminateIt, or remove Wtfm manually.

To completely manually remove Wtfm malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Wtfm.

Read also:
Bancos.HOK Trojan Cleaner
Rob Trojan Removal
Agent.gp Trojan Removal instruction

Posted by fresto at 12:04 PM 0 comments

Bancos.FUJ Trojan

Click here to remove Bancos.FUJ malware
Bancos.FUJ description:
Bancos.FUJ Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Bancos.FUJ:

you can run trial version of ExterminateIt, or remove Bancos.FUJ manually.

To completely manually remove Bancos.FUJ malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Bancos.FUJ.

Read also:
Removing Night Trojan

Posted by fresto at 11:39 AM 0 comments

VBS.Sitex Trojan

Click here to remove VBS.Sitex malware
VBS.Sitex description:
VBS.Sitex Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing VBS.Sitex:

you can run trial version of ExterminateIt, or remove VBS.Sitex manually.

To completely manually remove VBS.Sitex malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with VBS.Sitex.

Read also:
Removing QDel15 Trojan

Posted by fresto at 11:07 AM 0 comments

Mass.Instant.Messenger Adware

Click here to remove Mass.Instant.Messenger malware
Mass.Instant.Messenger description:
Mass.Instant.Messenger Category:Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

Removing Mass.Instant.Messenger:

you can run trial version of ExterminateIt, or remove Mass.Instant.Messenger manually.

To completely manually remove Mass.Instant.Messenger malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Mass.Instant.Messenger.

Read also:
Removing fccbrawley.com Tracking Cookie
REG.IRCFlood Trojan Cleaner
Remove Brave.A Trojan

Posted by fresto at 10:50 AM 0 comments

Win32.Dialdoor Trojan

Click here to remove Win32.Dialdoor malware
Win32.Dialdoor description:
Win32.Dialdoor Category:Trojan,Backdoor
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
Often the backdoor will not be visible in the log of active programs.

Removing Win32.Dialdoor:

you can run trial version of ExterminateIt, or remove Win32.Dialdoor manually.

To completely manually remove Win32.Dialdoor malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Win32.Dialdoor.

Read also:
Jigzi Downloader Symptoms
Remove Dref.K Worm

Posted by fresto at 9:56 AM 0 comments

SmartDove Adware

Click here to remove SmartDove malware
SmartDove description:
SmartDove Category:Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits

Detection SmartDove :

SmartDove Files:
[%SYSTEM%]\obwbkya.dll
[%SYSTEM%]\sdxbeia.dll
[%SYSTEM%]\smgykeb.dll
[%SYSTEM%]\obwbkya.dll
[%SYSTEM%]\sdxbeia.dll
[%SYSTEM%]\smgykeb.dll

SmartDove Folders:
[%PROGRAM_FILES_COMMON%]\smartde

SmartDove Registry Keys:
HKEY_LOCAL_MACHINE\software\happiosoft
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sdagentservice

Removing SmartDove:

you can run trial version of ExterminateIt, or remove SmartDove manually.

To completely manually remove SmartDove malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with SmartDove.

Read also:
Remove Nirvana Trojan
Removing Znarf Trojan
Remove Tatfo Trojan
Twobotkill Trojan Information

Posted by fresto at 9:16 AM 0 comments

Bancos.GDR Trojan

Click here to remove Bancos.GDR malware
Bancos.GDR description:
Bancos.GDR Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Bancos.GDR:

you can run trial version of ExterminateIt, or remove Bancos.GDR manually.

To completely manually remove Bancos.GDR malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Bancos.GDR.

Read also:
Tactslay Trojan Cleaner
Win16.Spammer.Kaboom Trojan Cleaner

Posted by fresto at 6:54 AM 0 comments

Pigeon.EYH Trojan

Click here to remove Pigeon.EYH malware
Pigeon.EYH description:
Pigeon.EYH Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Pigeon.EYH:

you can run trial version of ExterminateIt, or remove Pigeon.EYH manually.

To completely manually remove Pigeon.EYH malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Pigeon.EYH.

Read also:
Removing Stability Backdoor

Posted by fresto at 6:52 AM 0 comments

Wednesday, January 28, 2009

Deaft588 Trojan

Click here to remove Deaft588 malware
Deaft588 description:
Deaft588 Category:Trojan,Backdoor,Downloader,DoS
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
Often the backdoor will not be visible in the log of active programs.
Trojans-downloaders downloads and installs new malware or adware on the computer.

These programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.

DoS trojans conduct such attacks from a single computer with the consent of the user.

Worms can carry a DoS procedure as part of their payload.

Removing Deaft588:

you can run trial version of ExterminateIt, or remove Deaft588 manually.

To completely manually remove Deaft588 malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Deaft588.

Read also:
Removing Vxidl.APD Trojan
W95.Yabram.dr Trojan Cleaner
Pigeon.EZI Trojan Removal
Removing Formshared Trojan
Getyahoostrings.dll Trojan Removal

Posted by fresto at 10:25 PM 0 comments

Tvmtwo Adware

Click here to remove Tvmtwo malware
Tvmtwo description:
Tvmtwo Category:Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits

Detection Tvmtwo :

Tvmtwo Registry Values:
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run

Removing Tvmtwo:

you can run trial version of ExterminateIt, or remove Tvmtwo manually.

To completely manually remove Tvmtwo malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Tvmtwo.

Read also:
Agent.hl Trojan Symptoms

Posted by fresto at 9:28 PM 0 comments

Win32.Ranck Trojan

Click here to remove Win32.Ranck malware
Win32.Ranck description:
Win32.Ranck Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Win32.Ranck:

you can run trial version of ExterminateIt, or remove Win32.Ranck manually.

To completely manually remove Win32.Ranck malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Win32.Ranck.

Read also:
Bancos.HCO Trojan Removal instruction

Posted by fresto at 8:48 PM 0 comments

IROffer.2b26 Backdoor

Click here to remove IROffer.2b26 malware
IROffer.2b26 description:
IROffer.2b26 Category:Backdoor
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
They function in the same way as legal remote administration programs used by system administrators.
This makes them difficult to detect.

Backdoors are installed and launched without the consent of the user of computer.
Often the backdoor will not be visible in the log of active programs.

Once a backdoor has been successfully launched, the computer is wide open.
Backdoor functions can include:


  • Launching/ deleting files

  • Sending/ receiving files

  • Deleting data

  • Displaying notification

  • Rebooting the machine

  • Executing files




Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.
Backdoors combine the functionality of most other types of in one package.

Backdoors have one especially dangerous sub-class: variants that can propagate like worms.

Removing IROffer.2b26:

you can run trial version of ExterminateIt, or remove IROffer.2b26 manually.

To completely manually remove IROffer.2b26 malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with IROffer.2b26.

Read also:
Pigeon.ATJ Trojan Removal
Bancos.HEA Trojan Cleaner
SillyDl.CJY Trojan Information

Posted by fresto at 5:56 PM 0 comments

VB.ml Backdoor

Click here to remove VB.ml malware
VB.ml description:
VB.ml Category:Backdoor
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
Often the backdoor will not be visible in the log of active programs.

Removing VB.ml:

you can run trial version of ExterminateIt, or remove VB.ml manually.

To completely manually remove VB.ml malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with VB.ml.

Read also:
Removing BillsDeath Backdoor
SillyDl.DFZ Trojan Removal instruction
IAD.LivePerson Tracking Cookie Symptoms
Removing Bancos.AGY Trojan
Removing Gen0cide Backdoor

Posted by fresto at 5:47 PM 0 comments

websecuritypage.com Hijacker

Click here to remove websecuritypage.com malware
websecuritypage.com description:
websecuritypage.com Category:Hijacker
Hijackers are software programs that modify users' default browser home page,
search settings, error page settings, or desktop wallpaper without adequate notice, disclosure,
or user consent.

When the default home page is hijacked, the browser opens to the web page set by the hijacker
instead of the user's designated home page. In some cases, the hijacker may block users from
restoring their desired home page.

A search hijacker redirects search results to other pages and may
transmit search and browsing data to unknown servers. An error page hijacker directs
the browser to another page, usually an advertising page, instead of the usual error
page when the requested URL is not found.

A desktop hijacker replaces the desktop wallpaper with advertising
for products and services on the desktop.

Hijackers take control of various parts of your web browser, including your home page,
search pages, and search bar. They may also redirect you to certain sites should you
mistype an address or prevent you from going to a website they would rather you not,
such as sites that combat malware. Some will even redirect you to their own search engine
when you attempt a search. NB: hijackers almost exclusively target Internet Explorer.

Removing websecuritypage.com:

you can run trial version of ExterminateIt, or remove websecuritypage.com manually.

To completely manually remove websecuritypage.com malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with websecuritypage.com.

Read also:
Removing Stoned.Realm DoS

Posted by fresto at 5:30 PM 0 comments

FakeSecurityAlert Trojan

Click here to remove FakeSecurityAlert malware
FakeSecurityAlert description:
FakeSecurityAlert Category:Trojan,Adware,Hijacker
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
A desktop hijacker replaces the desktop wallpaper with advertising
for products and services on the desktop.

Detection FakeSecurityAlert :

FakeSecurityAlert Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run

Removing FakeSecurityAlert:

you can run trial version of ExterminateIt, or remove FakeSecurityAlert manually.

To completely manually remove FakeSecurityAlert malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with FakeSecurityAlert.

Read also:
Pigeon.ABZ Trojan Information
Pigeon.AAS Trojan Removal instruction
Small.ath Downloader Cleaner
Bancos.FYL Trojan Symptoms

Posted by fresto at 5:03 PM 0 comments

PHX Trojan

Click here to remove PHX malware
PHX description:
PHX Category:Trojan,Backdoor,Downloader,Hacker Tool,DoS
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.

The downloader either launches the new malware or registers it to enable autorun
according to the local operating system requirements.
These utilities are designed to penetrate remote computers
in order to use them as zombies (by using backdoors) or to download other malicious programs to computer.

Exploits use vulnerabilities in operating systems and applications to achieve the same result.
DoS trojans conduct attacks from a single computer with the consent of the user.

Removing PHX:

you can run trial version of ExterminateIt, or remove PHX manually.

To completely manually remove PHX malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with PHX.

Read also:
W102.hitbox.Tracking.Cookie Tracking Cookie Cleaner
VNC.Enterprise.Edition RAT Symptoms
Removing Gosock Trojan

Posted by fresto at 2:51 PM 0 comments

Bancos.IJF Trojan

Click here to remove Bancos.IJF malware
Bancos.IJF description:
Bancos.IJF Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Bancos.IJF:

you can run trial version of ExterminateIt, or remove Bancos.IJF manually.

To completely manually remove Bancos.IJF malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Bancos.IJF.

Read also:
Pigeon.AVFG Trojan Removal
BackDoor.AOQ Backdoor Symptoms
Mshark Trojan Removal instruction
Removing Rbot.aeu Worm
Key.Generator Backdoor Symptoms

Posted by fresto at 1:40 PM 0 comments

Trinoo.Daemon DoS

Click here to remove Trinoo.Daemon malware
Trinoo.Daemon description:
Trinoo.Daemon Category:DoS
These programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.

DoS trojans conduct such attacks from a single computer with the consent of the user.

Worms can carry a DoS procedure as part of their payload.

Removing Trinoo.Daemon:

you can run trial version of ExterminateIt, or remove Trinoo.Daemon manually.

To completely manually remove Trinoo.Daemon malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Trinoo.Daemon.

Read also:
Phoenix.II.72b RAT Cleaner
Pigeon.AVIS Trojan Cleaner
Remove Banker.CB Trojan

Posted by fresto at 1:28 PM 0 comments

Chameleon Trojan

Click here to remove Chameleon malware
Chameleon description:
Chameleon Category:Trojan,Backdoor,Downloader,DoS
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.

The downloader either launches the new malware or registers it to enable autorun
according to the local operating system requirements.
DoS trojans conduct attacks from a single computer with the consent of the user.

Removing Chameleon:

you can run trial version of ExterminateIt, or remove Chameleon manually.

To completely manually remove Chameleon malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Chameleon.

Read also:
123cha.com Trojan Removal
Removing Billboard Trojan
Removing Bancos.HHO Trojan

Posted by fresto at 12:32 PM 0 comments

Wefoey Trojan

Click here to remove Wefoey malware
Wefoey description:
Wefoey Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Wefoey:

you can run trial version of ExterminateIt, or remove Wefoey manually.

To completely manually remove Wefoey malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Wefoey.

Read also:
PrivacyProtector Ransomware Information

Posted by fresto at 11:57 AM 0 comments

Adware.NaviPromo Trojan

Click here to remove Adware.NaviPromo malware
Adware.NaviPromo description:
Adware.NaviPromo Category:Trojan,Adware
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

Removing Adware.NaviPromo:

you can run trial version of ExterminateIt, or remove Adware.NaviPromo manually.

To completely manually remove Adware.NaviPromo malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Adware.NaviPromo.

Read also:
Keylogger.DLL Trojan Symptoms

Posted by fresto at 10:22 AM 0 comments

VBS.KillOS Trojan

Click here to remove VBS.KillOS malware
VBS.KillOS description:
VBS.KillOS Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing VBS.KillOS:

you can run trial version of ExterminateIt, or remove VBS.KillOS manually.

To completely manually remove VBS.KillOS malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with VBS.KillOS.

Read also:
Bancos.GWW Trojan Symptoms
AnalogX.Server.DoS.Buffer.Overflow.Vulnerabilty DoS Information
eBoom.Search.Bar BHO Removal instruction

Posted by fresto at 9:47 AM 0 comments

Murphy Trojan

Click here to remove Murphy malware
Murphy description:
Murphy Category:Trojan,Backdoor,RAT,Downloader,Hacker Tool,DoS
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
Often the backdoor will not be visible in the log of active programs.
Some RAT trojans are pranks that are most likely being controlled by a friend or enemy on
April Fool's day or a holiday. Prank RATS are generally not harmful, and won't log keystrokes or hack.

The downloader either launches the new malware or registers it to enable autorun
according to the local operating system requirements.
Hacker Tools are designed to penetrate remote computers
in order to use them as zombies or to download other malicious programs to computer.
DoS programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.

Detection Murphy :

Murphy Files:
[%PROGRAMS%]\UCmore - The Search Accelerator\UCmore Tour.lnk
[%PROGRAM_FILES%]\TheSearchAccelerator\IUCmore.dll
[%PROGRAM_FILES%]\TheSearchAccelerator\UCMTSAIE.dll
[%PROGRAMS%]\UCmore - The Search Accelerator\UCmore Tour.lnk
[%PROGRAM_FILES%]\TheSearchAccelerator\IUCmore.dll
[%PROGRAM_FILES%]\TheSearchAccelerator\UCMTSAIE.dll

Murphy Folders:
[%PROGRAMS%]\ucmore - the search accelerator
[%PROGRAM_FILES%]\thesearchaccelerator

Murphy Registry Keys:
HKEY_CLASSES_ROOT\CLSID\{44BE0690-5429-47f0-85BB-3FFD8020233E}
HKEY_CURRENT_USER\software\effective-i\thesearchaccelerator
HKEY_CURRENT_USER\software\maxthon\plugin\toolbar\{44be0690-5429-47f0-85bb-3ffd8020233e}
HKEY_LOCAL_MACHINE\software\classes\clsid\{44be0690-5429-47f0-85bb-3ffd8020233e}
HKEY_LOCAL_MACHINE\software\effective-i\thesearchaccelerator
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\ucmore - the search accelerator

Murphy Registry Values:
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar

Removing Murphy:

you can run trial version of ExterminateIt, or remove Murphy manually.

To completely manually remove Murphy malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Murphy.

Read also:
Remove Anal.FTP Trojan

Posted by fresto at 6:41 AM 0 comments

Troj.Agent.he Trojan

Click here to remove Troj.Agent.he malware
Troj.Agent.he description:
Troj.Agent.he Category:Trojan,Downloader
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
This family of Trojans downloads and installs new malware or adware on the computer.
The downloader then either launches the new malware or registers it to enable autorun
according to the local operating system requirements.

The names and locations of malware to be downloaded are either coded into the
Trojan or downloaded from a specified website.

Detection Troj.Agent.he :

Troj.Agent.he Registry Keys:
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_comxt
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\comxt

Removing Troj.Agent.he:

you can run trial version of ExterminateIt, or remove Troj.Agent.he manually.

To completely manually remove Troj.Agent.he malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Troj.Agent.he.

Read also:
Remove Pigeon.AVDO Trojan

Posted by fresto at 5:03 AM 0 comments

Pigeon.ELQ Trojan

Click here to remove Pigeon.ELQ malware
Pigeon.ELQ description:
Pigeon.ELQ Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Pigeon.ELQ:

you can run trial version of ExterminateIt, or remove Pigeon.ELQ manually.

To completely manually remove Pigeon.ELQ malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Pigeon.ELQ.

Read also:
Removing Shetr Trojan
Pigeon.AVB Trojan Symptoms
Acid.Kor RAT Cleaner
Remove Bropia.Variant Trojan

Posted by fresto at 3:07 AM 0 comments

Win32.IRCBot Trojan

Click here to remove Win32.IRCBot malware
Win32.IRCBot description:
Win32.IRCBot Category:Trojan,Backdoor,DoS
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.

DoS trojans conduct attacks from a single computer with the consent of the user.

Removing Win32.IRCBot:

you can run trial version of ExterminateIt, or remove Win32.IRCBot manually.

To completely manually remove Win32.IRCBot malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Win32.IRCBot.

Read also:
TrojanSpy.Win32.EmailSpyPro Spyware Removal
Spiderman Worm Removal
Disackt Trojan Symptoms
Win.Surfer Trojan Cleaner
Win32.OICQSearch Trojan Information

Posted by fresto at 1:55 AM 0 comments

Tuesday, January 27, 2009

SillyDl.DFG Trojan

Click here to remove SillyDl.DFG malware
SillyDl.DFG description:
SillyDl.DFG Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing SillyDl.DFG:

you can run trial version of ExterminateIt, or remove SillyDl.DFG manually.

To completely manually remove SillyDl.DFG malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with SillyDl.DFG.

Read also:
Removing Bancos.IND Trojan
Remove Doubleheart Trojan
Remove Efso Backdoor
Vxidl.ACD Trojan Information
Shit.Heep RAT Symptoms

Posted by fresto at 7:27 PM 0 comments

Daemonize.aw Trojan

Click here to remove Daemonize.aw malware
Daemonize.aw description:
Daemonize.aw Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Daemonize.aw:

you can run trial version of ExterminateIt, or remove Daemonize.aw manually.

To completely manually remove Daemonize.aw malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Daemonize.aw.

Read also:
R3C.W2K Trojan Removal
Ptakks.Resurrection.III Backdoor Information
Horse.Construction.Kit Trojan Removal instruction
Remove Jolt.Windows Trojan

Posted by fresto at 12:28 PM 0 comments

Buendia Trojan

Click here to remove Buendia malware
Buendia description:
Buendia Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Buendia:

you can run trial version of ExterminateIt, or remove Buendia manually.

To completely manually remove Buendia malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Buendia.

Read also:
Removing Hang.Up.Ping.Win Trojan
SillyDl.CSY Trojan Cleaner
Small.bug Downloader Removal

Posted by fresto at 12:03 PM 0 comments

Pigeon.AVEZ Trojan

Click here to remove Pigeon.AVEZ malware
Pigeon.AVEZ description:
Pigeon.AVEZ Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Pigeon.AVEZ:

you can run trial version of ExterminateIt, or remove Pigeon.AVEZ manually.

To completely manually remove Pigeon.AVEZ malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Pigeon.AVEZ.

Read also:
Removing AOL.Nytworx Trojan
Remove Vxidl.ALH Trojan
Remove Bancos.HNT Trojan
Yulihubot RAT Removal instruction

Posted by fresto at 8:09 AM 0 comments

Bancos.FUL Trojan

Click here to remove Bancos.FUL malware
Bancos.FUL description:
Bancos.FUL Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Bancos.FUL:

you can run trial version of ExterminateIt, or remove Bancos.FUL manually.

To completely manually remove Bancos.FUL malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Bancos.FUL.

Read also:
Remove Pentagon Trojan
Remove Pigeon.AVTQ Trojan

Posted by fresto at 5:31 AM 0 comments

Horse.Construction.Kit Trojan

Click here to remove Horse.Construction.Kit malware
Horse.Construction.Kit description:
Horse.Construction.Kit Category:Trojan,Hacker Tool
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Hacker Tools are designed to penetrate remote computers
in order to use them as zombies or to download other malicious programs to computer.

Removing Horse.Construction.Kit:

you can run trial version of ExterminateIt, or remove Horse.Construction.Kit manually.

To completely manually remove Horse.Construction.Kit malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Horse.Construction.Kit.

Read also:
DLP Backdoor Symptoms
Bancos.AGK Trojan Removal instruction
Vxidl.AJE Trojan Information
Remove Salm Adware
PSW.Lmir.fg Trojan Cleaner

Posted by fresto at 4:11 AM 0 comments

Serveme Backdoor

Click here to remove Serveme malware
Serveme description:
Serveme Category:Backdoor,RAT
Backdoors combine the functionality of most other types of in one package.
Backdoors have one especially dangerous sub-class: variants that can propagate like worms.

Many trojans and backdoors now have remote administration capabilities
allowing an individual to control the victim's computer.
Many times a file called the server must be opened on the victim's computer before
the trojan can have access to it.

These are generally sent through email, P2P file sharing software,
and in internet downloads. They are usually disguised as a legitimate program or file.
Many server files will display a fake error message when opened, to make it seem like it didn't open.
Some will also kill antivirus and firewall software.

Some RAT trojans are pranks that are most likely being controlled by a friend or enemy on
April Fool's day or a holiday. Prank RATS are generally not harmful, and won't log keystrokes or hack.
They usually do whimsical things like flip the screen upside-down, open the CD-ROM tray,
and swap mouse buttons. However, they can be quite hard to remove.

Removing Serveme:

you can run trial version of ExterminateIt, or remove Serveme manually.

To completely manually remove Serveme malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Serveme.

Read also:
atflash.com Tracking Cookie Information
Removing Bancos.GLE Trojan
Pigeon.AWIC Trojan Removal

Posted by fresto at 4:08 AM 0 comments

Pipes RAT

Click here to remove Pipes malware
Pipes description:
Pipes Category:RAT
Many trojans and backdoors now have remote administration capabilities
allowing an individual to control the victim's computer.
Many times a file called the server must be opened on the victim's computer before
the trojan can have access to it.

These are generally sent through email, P2P file sharing software,
and in internet downloads. They are usually disguised as a legitimate program or file.
Many server files will display a fake error message when opened, to make it seem like it didn't open.
Some will also kill antivirus and firewall software.

Some RAT trojans are pranks that are most likely being controlled by a friend or enemy on
April Fool's day or a holiday. Prank RATS are generally not harmful, and won't log keystrokes or hack.
They usually do whimsical things like flip the screen upside-down, open the CD-ROM tray,
and swap mouse buttons. However, they can be quite hard to remove.

Removing Pipes:

you can run trial version of ExterminateIt, or remove Pipes manually.

To completely manually remove Pipes malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Pipes.

Read also:
Pigeon.ALS Trojan Cleaner

Posted by fresto at 2:10 AM 0 comments

NeoUploader Trojan

Click here to remove NeoUploader malware
NeoUploader description:
NeoUploader Category:Trojan,Backdoor,Downloader
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
Often the backdoor will not be visible in the log of active programs.
The downloader either launches the new malware or registers it to enable autorun
according to the local operating system requirements.

Removing NeoUploader:

you can run trial version of ExterminateIt, or remove NeoUploader manually.

To completely manually remove NeoUploader malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with NeoUploader.

Read also:
SmitFraud Trojan Information
Pigeon.AVUD Trojan Information
Piratos Adware Symptoms
Remove StarFlood DoS

Posted by fresto at 1:19 AM 0 comments

Monday, January 26, 2009

Rattler.ICQ Trojan

Click here to remove Rattler.ICQ malware
Rattler.ICQ description:
Rattler.ICQ Category:Trojan,Backdoor,RAT
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
Often the backdoor will not be visible in the log of active programs.
Many trojans and backdoors now have remote administration capabilities
allowing an individual to control the victim's computer.
Many times a file called the server must be opened on the victim's computer before
the trojan can have access to it.

These are generally sent through email, P2P file sharing software,
and in internet downloads. They are usually disguised as a legitimate program or file.
Many server files will display a fake error message when opened, to make it seem like it didn't open.
Some will also kill antivirus and firewall software.

Removing Rattler.ICQ:

you can run trial version of ExterminateIt, or remove Rattler.ICQ manually.

To completely manually remove Rattler.ICQ malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Rattler.ICQ.

Read also:
VB.fi Trojan Removal instruction
SillyDl.CPF Trojan Symptoms

Posted by fresto at 11:48 PM 0 comments

Backdoor.Exploiter Backdoor

Click here to remove Backdoor.Exploiter malware
Backdoor.Exploiter description:
Backdoor.Exploiter Category:Backdoor
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
Often the backdoor will not be visible in the log of active programs.

Removing Backdoor.Exploiter:

you can run trial version of ExterminateIt, or remove Backdoor.Exploiter manually.

To completely manually remove Backdoor.Exploiter malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Backdoor.Exploiter.

Read also:
BackDoor.EJ Trojan Removal
Pigeon.EDP Trojan Cleaner
SillyDl.CCE Downloader Cleaner
Removing Akimov Trojan

Posted by fresto at 10:33 PM 0 comments

Pig.Move.Search BHO

Click here to remove Pig.Move.Search malware
Pig.Move.Search description:
Pig.Move.Search Category:BHO
BHO (Browser Helper Object) Trojan.
The BHO waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.
The method of network transport used by the attacker makes this Trojan unique.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.
Instead, this Trojan encodes the data with a simple XOR algorithm before placing it into
the data section of an ICMP ping packet." explained the company.

Detection Pig.Move.Search :

Pig.Move.Search Files:
[%PROFILE%]\update\sysadInfo.ini
[%PROFILE_TEMP%]\huaci.exe
[%PROFILE_TEMP%]\PigUp.exe
[%PROGRAMS%]\»®´ÃŠÃ‹Ã‘Ë÷.lnk
[%STARTUP%]\»®´ÃŠÃ‹Ã‘Ë÷.lnk
[%SYSTEM%]\drivers\abhcop.sys
[%SYSTEM%]\drivers\hcalway.sys
[%PROFILE%]\update\sysadInfo.ini
[%PROFILE_TEMP%]\huaci.exe
[%PROFILE_TEMP%]\PigUp.exe
[%PROGRAMS%]\»®´ÃŠÃ‹Ã‘Ë÷.lnk
[%STARTUP%]\»®´ÃŠÃ‹Ã‘Ë÷.lnk
[%SYSTEM%]\drivers\abhcop.sys
[%SYSTEM%]\drivers\hcalway.sys

Pig.Move.Search Folders:
[%PROGRAM_FILES%]\huaci
[%PROGRAM_FILES%]\wsearch

Pig.Move.Search Registry Keys:
HKEY_CURRENT_USER\software\pigup
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_hcalway
HKEY_CLASSES_ROOT\clsid\{594be7b2-23b0-4fae-a2b9-0c21cc1417ce}
HKEY_CLASSES_ROOT\interface\{4e1ace40-f681-4cc4-a7c0-ad1e6c9ad86f}
HKEY_CLASSES_ROOT\interface\{a07e6b9b-bb30-4381-a9d8-fabb0648bcef}
HKEY_CLASSES_ROOT\searchm.com
HKEY_CLASSES_ROOT\searchm.com.1
HKEY_CLASSES_ROOT\searchm.search
HKEY_CLASSES_ROOT\searchm.search.1
HKEY_CLASSES_ROOT\typelib\{c5ce084b-31e0-4b34-a33a-82b4ea913cf8}
HKEY_CLASSES_ROOT\typelib\{fd536575-73f7-42a3-9e9f-11688f1a006a}
HKEY_CURRENT_USER\software\msword\search
HKEY_CURRENT_USER\software\pig move search
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\cdsearch
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_abhcop
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\abhcop
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\hcalway

Pig.Move.Search Registry Values:
HKEY_CURRENT_USER\software\pig3
HKEY_CURRENT_USER\software\pig3
HKEY_CURRENT_USER\software\pig3
HKEY_CURRENT_USER\software\pig3
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing Pig.Move.Search:

you can run trial version of ExterminateIt, or remove Pig.Move.Search manually.

To completely manually remove Pig.Move.Search malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Pig.Move.Search.

Read also:
Removing Pigeon.ATR Trojan
Remove SillyDl.CJR Trojan
Remove FileFreedom Adware
Vxidl.ASI Trojan Removal

Posted by fresto at 10:31 PM 0 comments

WordMacro.Italian Trojan

Click here to remove WordMacro.Italian malware
WordMacro.Italian description:
WordMacro.Italian Category:Trojan,Backdoor,Downloader,DoS
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.

The downloader either launches the new malware or registers it to enable autorun
according to the local operating system requirements.
These programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.

DoS trojans conduct such attacks from a single computer with the consent of the user.

Worms can carry a DoS procedure as part of their payload.

Removing WordMacro.Italian:

you can run trial version of ExterminateIt, or remove WordMacro.Italian manually.

To completely manually remove WordMacro.Italian malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with WordMacro.Italian.

Read also:
Vxidl.BAF Trojan Cleaner
Bancos.HXP Trojan Removal
Removing Zapass Trojan
Remove Vxidl.BBZ Trojan
BlazeFind.variant BHO Information

Posted by fresto at 10:23 PM 0 comments

FakeBO RAT

Click here to remove FakeBO malware
FakeBO description:
FakeBO Category:RAT
Some RAT trojans are pranks that are most likely being controlled by a friend or enemy on
April Fool's day or a holiday. Prank RATS are generally not harmful, and won't log keystrokes or hack.

Removing FakeBO:

you can run trial version of ExterminateIt, or remove FakeBO manually.

To completely manually remove FakeBO malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with FakeBO.

Read also:
Dailytoolbar Adware Cleaner
Pigeon.ARD Trojan Removal instruction
Toneloc.Utilities.Phun.Pak Adware Symptoms

Posted by fresto at 5:52 PM 0 comments

PCGhost Trojan

Click here to remove PCGhost malware
PCGhost description:
PCGhost Category:Trojan,Spyware
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Spyware is computer software that is installed surreptitiously on a personal computer
to with the computer, without the user's informed consent.

Removing PCGhost:

you can run trial version of ExterminateIt, or remove PCGhost manually.

To completely manually remove PCGhost malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with PCGhost.

Read also:
Vxidl.AHB Trojan Symptoms
Remove Al.Bareki RAT
Lineage.AAC Trojan Removal

Posted by fresto at 2:29 PM 0 comments

XTreme Downloader

Click here to remove XTreme malware
XTreme description:
XTreme Category:Downloader
Trojans-downloaders downloads and installs new malware or adware on the computer.

Removing XTreme:

you can run trial version of ExterminateIt, or remove XTreme manually.

To completely manually remove XTreme malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with XTreme.

Read also:
Bancos.HVW Trojan Information
Hll.Lomza Trojan Removal
SpywareSolver Ransomware Removal

Posted by fresto at 2:00 PM 0 comments

Dadobra.ea Downloader

Click here to remove Dadobra.ea malware
Dadobra.ea description:
Dadobra.ea Category:Downloader
Trojans-downloaders downloads and installs new malware or adware on the computer.

Removing Dadobra.ea:

you can run trial version of ExterminateIt, or remove Dadobra.ea manually.

To completely manually remove Dadobra.ea malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Dadobra.ea.

Read also:
Removing TrojanClicker.Win32.QUpdate Trojan

Posted by fresto at 10:43 AM 0 comments

Pigeon.AWHO Trojan

Click here to remove Pigeon.AWHO malware
Pigeon.AWHO description:
Pigeon.AWHO Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Pigeon.AWHO:

you can run trial version of ExterminateIt, or remove Pigeon.AWHO manually.

To completely manually remove Pigeon.AWHO malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Pigeon.AWHO.

Read also:
Axsploit DoS Information
Remove Pigeon.FAL Trojan
Stel Trojan Removal

Posted by fresto at 10:28 AM 0 comments

Mirtang.BE.corrupt Trojan

Click here to remove Mirtang.BE.corrupt malware
Mirtang.BE.corrupt description:
Mirtang.BE.corrupt Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Mirtang.BE.corrupt:

you can run trial version of ExterminateIt, or remove Mirtang.BE.corrupt manually.

To completely manually remove Mirtang.BE.corrupt malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Mirtang.BE.corrupt.

Read also:
AdServer Tracking Cookie Information
Remove Pigeon.APB Trojan
SillyDl.CYL Trojan Symptoms
Dowque.AAH Trojan Removal

Posted by fresto at 9:20 AM 0 comments

Win32.Lioten.Variant Trojan

Click here to remove Win32.Lioten.Variant malware
Win32.Lioten.Variant description:
Win32.Lioten.Variant Category:Trojan,Worm,Backdoor,DoS
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Worms can be classified according to the propagation method they use,
i.e. how they deliver copies of themselves to new victim machines.
Worms can also be classified by installation method, launch method and finally according
to characteristics standard to all malware: polymorphism, stealth etc.

Many of the worms which managed to cause significant outbreaks use more then
one propagation method as well as more than one infection technique.
The methods are listed separately below.
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
Often the backdoor will not be visible in the log of active programs.
These programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.

DoS trojans conduct such attacks from a single computer with the consent of the user.

Worms can carry a DoS procedure as part of their payload.

Removing Win32.Lioten.Variant:

you can run trial version of ExterminateIt, or remove Win32.Lioten.Variant manually.

To completely manually remove Win32.Lioten.Variant malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Win32.Lioten.Variant.

Read also:
Remove Jack.beta Backdoor
JScript.E2H Trojan Symptoms
cubizz.com Tracking Cookie Removal instruction

Posted by fresto at 8:31 AM 0 comments

PsychWard.big RAT

Click here to remove PsychWard.big malware
PsychWard.big description:
PsychWard.big Category:RAT
Many trojans and backdoors now have remote administration capabilities
allowing an individual to control the victim's computer.
Many times a file called the server must be opened on the victim's computer before
the trojan can have access to it.

These are generally sent through email, P2P file sharing software,
and in internet downloads. They are usually disguised as a legitimate program or file.
Many server files will display a fake error message when opened, to make it seem like it didn't open.
Some will also kill antivirus and firewall software.

Removing PsychWard.big:

you can run trial version of ExterminateIt, or remove PsychWard.big manually.

To completely manually remove PsychWard.big malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with PsychWard.big.

Read also:
Resourcer Trojan Symptoms
Remove Pigeon.EXL Trojan
Liveperson Tracking Cookie Removal instruction
Win32.Qoologic Trojan Removal
Pigeon.ACU Trojan Cleaner

Posted by fresto at 7:05 AM 0 comments

Pigeon.AWGB Trojan

Click here to remove Pigeon.AWGB malware
Pigeon.AWGB description:
Pigeon.AWGB Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Pigeon.AWGB:

you can run trial version of ExterminateIt, or remove Pigeon.AWGB manually.

To completely manually remove Pigeon.AWGB malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Pigeon.AWGB.

Read also:
BTV Trojan Removal
Remove BFGhost Trojan
Foto.Red.Spy Backdoor Symptoms
SatanzCrew Backdoor Removal
PWS Trojan Removal

Posted by fresto at 6:47 AM 0 comments

Keylog.TraceBoy Trojan

Click here to remove Keylog.TraceBoy malware
Keylog.TraceBoy description:
Keylog.TraceBoy Category:Trojan,Spyware
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Spyware is computer software that is installed surreptitiously on a personal computer
to with the computer, without the user's informed consent.

Removing Keylog.TraceBoy:

you can run trial version of ExterminateIt, or remove Keylog.TraceBoy manually.

To completely manually remove Keylog.TraceBoy malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Keylog.TraceBoy.

Read also:
Bombole Trojan Symptoms

Posted by fresto at 5:27 AM 0 comments

Pojer Trojan

Click here to remove Pojer malware
Pojer description:
Pojer Category:Trojan,Backdoor,Downloader,DoS
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
Often the backdoor will not be visible in the log of active programs.
The downloader either launches the new malware or registers it to enable autorun
according to the local operating system requirements.
These programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.

DoS trojans conduct such attacks from a single computer with the consent of the user.

Worms can carry a DoS procedure as part of their payload.

Removing Pojer:

you can run trial version of ExterminateIt, or remove Pojer manually.

To completely manually remove Pojer malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Pojer.

Read also:
Remove Bancos.GCU Trojan

Posted by fresto at 5:07 AM 0 comments

2nd Thought Adware

Click here to remove 2nd Thought malware
2nd Thought description:
2nd Thought Category:Adware,BHO,Popups
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

BHO (Browser Helper Object) Trojan.
The BHO waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.
The method of network transport used by the attacker makes this Trojan unique.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.
Instead, this Trojan encodes the data with a simple XOR algorithm before placing it into
the data section of an ICMP ping packet." explained the company.
Adware is the class of programs that place advertisements on your screen.
These may be in the form of pop-ups, pop-unders, advertisements embedded in programs,
advertisements placed on top of ads in web sites, or any other way the authors can
think of showing you an ad.

The pop-ups generally will not be stopped by pop-up stoppers, and often are
not dependent on your having Internet Explorer open.
They may show up when you are playing a game, writing a document, listening to music,
or anything else. Should you be surfing, the advertisements will often be related to
the web page you are viewing.

Detection 2nd Thought :

2nd Thought Files:
[%PROGRAM_FILES%]\STC\bundles.exe
[%PROGRAM_FILES%]\STC\bundles53.exe
[%PROGRAM_FILES%]\STC\STC.exe
[%SYSTEM%]\2ndsrch.dll
[%SYSTEM%]\stcloader.exe
[%SYSTEM%]\winupdt.001
[%SYSTEM%]\winupdt.bin
[%WINDOWS%]\bundles\2504040824.exe
[%WINDOWS%]\bundles\32wu54rd.exe
[%WINDOWS%]\bundles\bs5-cvuacy.exe
[%WINDOWS%]\bundles\bs5-vmk1.exe
[%WINDOWS%]\bundles\bs5-vwqouc.exe
[%WINDOWS%]\bundles\CSV5P070.exe
[%WINDOWS%]\bundles\ezStub.exe
[%WINDOWS%]\bundles\log.bak.txt
[%WINDOWS%]\bundles\optimize.exe
[%WINDOWS%]\bundles\setup_silent_14725.exe
[%WINDOWS%]\bundles\setup_silent_14765.exe
[%WINDOWS%]\bundles\setup_silent_17299.exe
[%WINDOWS%]\bundles\trafficvenue1.exe
[%WINDOWS%]\bundles\TVM_B5.EXE
[%WINDOWS%]\bundles\Tvm_b5_269.exe
[%PROGRAM_FILES%]\STC\bundles.exe
[%PROGRAM_FILES%]\STC\bundles53.exe
[%PROGRAM_FILES%]\STC\STC.exe
[%SYSTEM%]\2ndsrch.dll
[%SYSTEM%]\stcloader.exe
[%SYSTEM%]\winupdt.001
[%SYSTEM%]\winupdt.bin
[%WINDOWS%]\bundles\2504040824.exe
[%WINDOWS%]\bundles\32wu54rd.exe
[%WINDOWS%]\bundles\bs5-cvuacy.exe
[%WINDOWS%]\bundles\bs5-vmk1.exe
[%WINDOWS%]\bundles\bs5-vwqouc.exe
[%WINDOWS%]\bundles\CSV5P070.exe
[%WINDOWS%]\bundles\ezStub.exe
[%WINDOWS%]\bundles\log.bak.txt
[%WINDOWS%]\bundles\optimize.exe
[%WINDOWS%]\bundles\setup_silent_14725.exe
[%WINDOWS%]\bundles\setup_silent_14765.exe
[%WINDOWS%]\bundles\setup_silent_17299.exe
[%WINDOWS%]\bundles\trafficvenue1.exe
[%WINDOWS%]\bundles\TVM_B5.EXE
[%WINDOWS%]\bundles\Tvm_b5_269.exe

2nd Thought Folders:
[%PROGRAM_FILES%]\STC
[%WINDOWS%]\bundles

2nd Thought Registry Keys:
HKEY_CURRENT_USER\Software\AUN
HKEY_CURRENT_USER\Software\Bundles
HKEY_CURRENT_USER\Software\STC

Removing 2nd Thought:

you can run trial version of ExterminateIt, or remove 2nd Thought manually.

To completely manually remove 2nd Thought malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with 2nd Thought.

Read also:
TrojanDropper.JS.Mimail Trojan Symptoms

Posted by fresto at 4:56 AM 0 comments

Piaoyes RAT

Click here to remove Piaoyes malware
Piaoyes description:
Piaoyes Category:RAT,DoS
Some RAT trojans are pranks that are most likely being controlled by a friend or enemy on
April Fool's day or a holiday. Prank RATS are generally not harmful, and won't log keystrokes or hack.

These programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.

DoS trojans conduct such attacks from a single computer with the consent of the user.

Worms can carry a DoS procedure as part of their payload.

Removing Piaoyes:

you can run trial version of ExterminateIt, or remove Piaoyes manually.

To completely manually remove Piaoyes malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Piaoyes.

Read also:
Removing Stactisu Trojan

Posted by fresto at 1:01 AM 0 comments

SpyAgent.B Trojan

Click here to remove SpyAgent.B malware
SpyAgent.B description:
SpyAgent.B Category:Trojan,Downloader
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Trojans-downloaders downloads and installs new malware or adware on the computer.

Removing SpyAgent.B:

you can run trial version of ExterminateIt, or remove SpyAgent.B manually.

To completely manually remove SpyAgent.B malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with SpyAgent.B.

Read also:
VBS.Daydream Trojan Removal instruction
Keylog5 Spyware Cleaner

Posted by fresto at 12:20 AM 0 comments

Sunday, January 25, 2009

VBS.Regmess Trojan

Click here to remove VBS.Regmess malware
VBS.Regmess description:
VBS.Regmess Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing VBS.Regmess:

you can run trial version of ExterminateIt, or remove VBS.Regmess manually.

To completely manually remove VBS.Regmess malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with VBS.Regmess.

Read also:
Bancos.HBY Trojan Removal instruction
Removing Hkdoor Trojan

Posted by fresto at 7:15 PM 0 comments

Ranky.aa Trojan

Click here to remove Ranky.aa malware
Ranky.aa description:
Ranky.aa Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Ranky.aa:

you can run trial version of ExterminateIt, or remove Ranky.aa manually.

To completely manually remove Ranky.aa malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Ranky.aa.

Read also:
Bancos.FYL Trojan Symptoms
mystat.in.net Tracking Cookie Removal
Removing Mshark Trojan

Posted by fresto at 1:43 PM 0 comments

Bancos.HXK Trojan

Click here to remove Bancos.HXK malware
Bancos.HXK description:
Bancos.HXK Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Bancos.HXK:

you can run trial version of ExterminateIt, or remove Bancos.HXK manually.

To completely manually remove Bancos.HXK malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Bancos.HXK.

Read also:
Mau Trojan Removal
TV Trojan Information

Posted by fresto at 12:15 PM 0 comments

Inhoo Trojan

Click here to remove Inhoo malware
Inhoo description:
Inhoo Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Inhoo:

you can run trial version of ExterminateIt, or remove Inhoo manually.

To completely manually remove Inhoo malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Inhoo.

Read also:
Hingon Trojan Removal
SillyDl.CKN Trojan Symptoms

Posted by fresto at 12:03 PM 0 comments

Acid.Kor RAT

Click here to remove Acid.Kor malware
Acid.Kor description:
Acid.Kor Category:RAT
Many trojans and backdoors now have remote administration capabilities
allowing an individual to control the victim's computer.
Many times a file called the server must be opened on the victim's computer before
the trojan can have access to it.

These are generally sent through email, P2P file sharing software,
and in internet downloads. They are usually disguised as a legitimate program or file.
Many server files will display a fake error message when opened, to make it seem like it didn't open.
Some will also kill antivirus and firewall software.

Detection Acid.Kor :

Acid.Kor Files:
[%WINDOWS%]\msgsvr64.exe
[%WINDOWS%]\msgsvr64.exe

Removing Acid.Kor:

you can run trial version of ExterminateIt, or remove Acid.Kor manually.

To completely manually remove Acid.Kor malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Acid.Kor.

Read also:
VB.af Backdoor Removal instruction
Gen.Nv Trojan Cleaner
Radiate Adware Information

Posted by fresto at 9:36 AM 0 comments

StartNow.HyperBar Adware

Click here to remove StartNow.HyperBar malware
StartNow.HyperBar description:
StartNow.HyperBar Category:Adware,BHO,Toolbar
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

BHO (Browser Helper Object) Trojan.
The BHO waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.
The method of network transport used by the attacker makes this Trojan unique.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.
Instead, this Trojan encodes the data with a simple XOR algorithm before placing it into
the data section of an ICMP ping packet." explained the company.
Toolbar presents itself as a helpful add-on for Internet Explorer but it is a real pest.

Detection StartNow.HyperBar :

StartNow.HyperBar Files:
[%SYSTEM%]\hyperbar.dll
[%WINDOWS%]\system\hyperbar.dll
[%SYSTEM%]\hyperbar.dll
[%WINDOWS%]\system\hyperbar.dll

StartNow.HyperBar Registry Keys:
HKEY_CLASSES_ROOT\clsid\{1bc1fc4b-b0d2-4d8d-9307-2e40e2a8c257}
HKEY_CLASSES_ROOT\clsid\{4b2f5308-2cb0-40e2-8030-59936ed5d22c}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{4b2f5308-2cb0-40e2-8030-59936ed5d22c}
HKEY_LOCAL_MACHINE\software\classes\clsid\{1bc1fc4b-b0d2-4d8d-9307-2e40e2a8c257}
HKEY_LOCAL_MACHINE\software\classes\clsid\{4b2f5308-2cb0-40e2-8030-59936ed5d22c}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{4b2f5308-2cb0-40e2-8030-59936ed5d22c}

StartNow.HyperBar Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar

Removing StartNow.HyperBar:

you can run trial version of ExterminateIt, or remove StartNow.HyperBar manually.

To completely manually remove StartNow.HyperBar malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with StartNow.HyperBar.

Read also:
Remove Ads.adsag Tracking Cookie
Remove SillyDl.CIX Trojan
SillyDl.DOR Trojan Removal instruction

Posted by fresto at 9:23 AM 0 comments

Win32.StartPage.aa Hijacker

Click here to remove Win32.StartPage.aa malware
Win32.StartPage.aa description:
Win32.StartPage.aa Category:Hijacker
When the default home page is hijacked, the browser opens to the web page set by the hijacker
instead of the user's designated home page. In some cases, the hijacker may block users from
restoring their desired home page.

Removing Win32.StartPage.aa:

you can run trial version of ExterminateIt, or remove Win32.StartPage.aa manually.

To completely manually remove Win32.StartPage.aa malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Win32.StartPage.aa.

Read also:
PhpSpy.ver Trojan Symptoms
SillyDl.DEP Trojan Symptoms
Remove Brain.Wiper Trojan
Backdoor.AFN Trojan Information

Posted by fresto at 1:13 AM 0 comments

Saturday, January 24, 2009

Phishbank.AEQ Trojan

Click here to remove Phishbank.AEQ malware
Phishbank.AEQ description:
Phishbank.AEQ Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Phishbank.AEQ:

you can run trial version of ExterminateIt, or remove Phishbank.AEQ manually.

To completely manually remove Phishbank.AEQ malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Phishbank.AEQ.

Read also:
CGIBomb Hacker Tool Removal instruction

Posted by fresto at 9:45 PM 0 comments

Banload.BBA Trojan

Click here to remove Banload.BBA malware
Banload.BBA description:
Banload.BBA Category:Trojan,Downloader
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
The downloader either launches the new malware or registers it to enable autorun
according to the local operating system requirements.

Removing Banload.BBA:

you can run trial version of ExterminateIt, or remove Banload.BBA manually.

To completely manually remove Banload.BBA malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Banload.BBA.

Read also:
Pigeon.AMF Trojan Cleaner
Bancos.FXY Trojan Removal instruction

Posted by fresto at 9:05 PM 0 comments

Win32.Kyrdor Trojan

Click here to remove Win32.Kyrdor malware
Win32.Kyrdor description:
Win32.Kyrdor Category:Trojan,Backdoor
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Backdoors combine the functionality of most other types of in one package.
Backdoors have one especially dangerous sub-class: variants that can propagate like worms.

Removing Win32.Kyrdor:

you can run trial version of ExterminateIt, or remove Win32.Kyrdor manually.

To completely manually remove Win32.Kyrdor malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Win32.Kyrdor.

Read also:
FastClick.com Tracking Cookie Cleaner
Vxidl.BEP Trojan Cleaner
Difisim Trojan Cleaner
tunes Trojan Removal instruction
Tree Trojan Removal instruction

Posted by fresto at 8:52 PM 0 comments

Generic.ce Trojan

Click here to remove Generic.ce malware
Generic.ce description:
Generic.ce Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Generic.ce:

you can run trial version of ExterminateIt, or remove Generic.ce manually.

To completely manually remove Generic.ce malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Generic.ce.

Read also:
NOVO Trojan Removal
Pigeon.EGI Trojan Removal instruction

Posted by fresto at 5:17 PM 0 comments

Sexfiles Adware

Click here to remove Sexfiles malware
Sexfiles description:
Sexfiles Category:Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

Removing Sexfiles:

you can run trial version of ExterminateIt, or remove Sexfiles manually.

To completely manually remove Sexfiles malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Sexfiles.

Read also:
Spyboter.aq Backdoor Information
Removing Tabela Trojan
Removing ICQ.PWS Trojan
W112.hitbox.Tracking.Cookie Tracking Cookie Removal

Posted by fresto at 4:49 PM 0 comments

Revenge Trojan

Click here to remove Revenge malware
Revenge description:
Revenge Category:Trojan,Backdoor,Downloader,DoS
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Backdoors combine the functionality of most other types of in one package.
Backdoors have one especially dangerous sub-class: variants that can propagate like worms.

The downloader either launches the new malware or registers it to enable autorun
according to the local operating system requirements.
DoS trojans conduct attacks from a single computer with the consent of the user.

Removing Revenge:

you can run trial version of ExterminateIt, or remove Revenge manually.

To completely manually remove Revenge malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Revenge.

Read also:
BasicMath.Process Trojan Removal instruction
Macro.Word97.Claud Trojan Information
Removing JS.Destroyer98 Trojan
Removing Memory.Manager Backdoor
Backdoor.Prorat Backdoor Cleaner

Posted by fresto at 4:43 PM 0 comments

Statman DoS

Click here to remove Statman malware
Statman description:
Statman Category:DoS
DoS programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.

Removing Statman:

you can run trial version of ExterminateIt, or remove Statman manually.

To completely manually remove Statman malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Statman.

Read also:
Maxserving Tracking Cookie Symptoms
Delf.er Backdoor Cleaner
Bancos.GBS Trojan Removal

Posted by fresto at 4:18 PM 0 comments

Scorpech Trojan

Click here to remove Scorpech malware
Scorpech description:
Scorpech Category:Trojan,Adware
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits

Removing Scorpech:

you can run trial version of ExterminateIt, or remove Scorpech manually.

To completely manually remove Scorpech malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Scorpech.

Read also:
Priority.Beta Backdoor Removal

Posted by fresto at 3:29 PM 0 comments

PSW.QQlog.ah Trojan

Click here to remove PSW.QQlog.ah malware
PSW.QQlog.ah description:
PSW.QQlog.ah Category:Trojan,Hijacker,Hacker Tool
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
A Search hijacker redirects search results to other pages and may
transmit search and browsing data to unknown servers. An error page hijacker directs
the browser to another page, usually an advertising page, instead of the usual error
page when the requested URL is not found.
These utilities are designed to penetrate remote computers
in order to use them as zombies (by using backdoors) or to download other malicious programs to computer.

Exploits use vulnerabilities in operating systems and applications to achieve the same result.

Removing PSW.QQlog.ah:

you can run trial version of ExterminateIt, or remove PSW.QQlog.ah manually.

To completely manually remove PSW.QQlog.ah malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with PSW.QQlog.ah.

Read also:
Removing Bancos.HPW Trojan
ICQ.Password.Sniff Trojan Removal instruction
Lineage Trojan Removal

Posted by fresto at 11:27 AM 0 comments

NeoNet Trojan

Click here to remove NeoNet malware
NeoNet description:
NeoNet Category:Trojan,Backdoor
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
They function in the same way as legal remote administration programs used by system administrators.
This makes them difficult to detect.

Backdoors are installed and launched without the consent of the user of computer.
Often the backdoor will not be visible in the log of active programs.

Once a backdoor has been successfully launched, the computer is wide open.
Backdoor functions can include:


  • Launching/ deleting files

  • Sending/ receiving files

  • Deleting data

  • Displaying notification

  • Rebooting the machine

  • Executing files




Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.
Backdoors combine the functionality of most other types of in one package.

Backdoors have one especially dangerous sub-class: variants that can propagate like worms.

Removing NeoNet:

you can run trial version of ExterminateIt, or remove NeoNet manually.

To completely manually remove NeoNet malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with NeoNet.

Read also:
KeyLogger.ae Spyware Information
Removing SillyDl.CRP Trojan
Pigeon.AHK Trojan Removal instruction
Win32.Evncil Trojan Removal instruction
JS.Nuvens Trojan Cleaner

Posted by fresto at 10:43 AM 0 comments

HotMail.Hacker Trojan

Click here to remove HotMail.Hacker malware
HotMail.Hacker description:
HotMail.Hacker Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing HotMail.Hacker:

you can run trial version of ExterminateIt, or remove HotMail.Hacker manually.

To completely manually remove HotMail.Hacker malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with HotMail.Hacker.

Read also:
Removing Pigeon.AVAA Trojan
Win32.Randex Trojan Removal
Bancos.FVV Trojan Information

Posted by fresto at 6:58 AM 0 comments

SillyDl.CGP Trojan

Click here to remove SillyDl.CGP malware
SillyDl.CGP description:
SillyDl.CGP Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing SillyDl.CGP:

you can run trial version of ExterminateIt, or remove SillyDl.CGP manually.

To completely manually remove SillyDl.CGP malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with SillyDl.CGP.

Read also:
Bancos.GNF Trojan Cleaner
CWS.bfxtray Hijacker Symptoms
MyGulp Trojan Removal

Posted by fresto at 6:11 AM 0 comments

VB.dz Trojan

Click here to remove VB.dz malware
VB.dz description:
VB.dz Category:Trojan,Backdoor
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.

Removing VB.dz:

you can run trial version of ExterminateIt, or remove VB.dz manually.

To completely manually remove VB.dz malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with VB.dz.

Read also:
Pigeon.EEQ Trojan Removal
SillyDl.CRD Trojan Cleaner

Posted by fresto at 5:15 AM 0 comments

NameShifter Trojan

Click here to remove NameShifter malware
NameShifter description:
NameShifter Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing NameShifter:

you can run trial version of ExterminateIt, or remove NameShifter manually.

To completely manually remove NameShifter malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with NameShifter.

Read also:
TrojanDownloader.Win32.Femad Trojan Information
OS.Warp.FTP.Server DoS Removal

Posted by fresto at 4:23 AM 0 comments

WebDownloader.Mini.web Downloader

Click here to remove WebDownloader.Mini.web malware
WebDownloader.Mini.web description:
WebDownloader.Mini.web Category:Downloader
The downloader either launches the new malware or registers it to enable autorun
according to the local operating system requirements.

Removing WebDownloader.Mini.web:

you can run trial version of ExterminateIt, or remove WebDownloader.Mini.web manually.

To completely manually remove WebDownloader.Mini.web malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with WebDownloader.Mini.web.

Read also:
Remove SubSeven.Defcon Trojan

Posted by fresto at 2:10 AM 0 comments

AntilamLite Trojan

Click here to remove AntilamLite malware
AntilamLite description:
AntilamLite Category:Trojan,Backdoor,Hacker Tool
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.

These utilities are designed to penetrate remote computers
in order to use them as zombies (by using backdoors) or to download other malicious programs to computer.

Exploits use vulnerabilities in operating systems and applications to achieve the same result.

Removing AntilamLite:

you can run trial version of ExterminateIt, or remove AntilamLite manually.

To completely manually remove AntilamLite malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with AntilamLite.

Read also:
Chinese_Keywords Adware Removal instruction
Removing Pigeon.BBE Trojan

Posted by fresto at 2:07 AM 0 comments

Vendeta Trojan

Click here to remove Vendeta malware
Vendeta description:
Vendeta Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Vendeta:

you can run trial version of ExterminateIt, or remove Vendeta manually.

To completely manually remove Vendeta malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Vendeta.

Read also:
SpyCapture Spyware Symptoms
Noob Trojan Cleaner
Remove Tibs.Packed Trojan
SillyDl.DAV Trojan Symptoms
CWS.DNSRelay Hijacker Removal

Posted by fresto at 1:20 AM 0 comments

Friday, January 23, 2009

VB.oa Backdoor

Click here to remove VB.oa malware
VB.oa description:
VB.oa Category:Backdoor
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
They function in the same way as legal remote administration programs used by system administrators.
This makes them difficult to detect.

Backdoors are installed and launched without the consent of the user of computer.
Often the backdoor will not be visible in the log of active programs.

Once a backdoor has been successfully launched, the computer is wide open.
Backdoor functions can include:


  • Launching/ deleting files

  • Sending/ receiving files

  • Deleting data

  • Displaying notification

  • Rebooting the machine

  • Executing files




Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.
Backdoors combine the functionality of most other types of in one package.

Backdoors have one especially dangerous sub-class: variants that can propagate like worms.

Removing VB.oa:

you can run trial version of ExterminateIt, or remove VB.oa manually.

To completely manually remove VB.oa malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with VB.oa.

Read also:
Win32.Assault Trojan Removal instruction
Remove Pigeon.ELH Trojan

Posted by fresto at 11:07 PM 0 comments

KGB.Spy.Software Spyware

Click here to remove KGB.Spy.Software malware
KGB.Spy.Software description:
KGB.Spy.Software Category:Spyware
Spyware can even change computer settings, resulting in slow connection speeds,
different home pages, and loss of Internet or other programs.
In an attempt to increase the understanding of spyware, a more formal classification
of its included software types is captured under the term privacy-invasive software.

Detection KGB.Spy.Software :

KGB.Spy.Software Files:
[%PROGRAM_FILES%]\KGB Keylogger\winlogon.dll
[%DESKTOP%]\KGB Spy.lnk
[%PROGRAM_FILES%]\KGB Keylogger\winlogon.dll
[%DESKTOP%]\KGB Spy.lnk

KGB.Spy.Software Folders:
[%PROGRAM_FILES%]\kgb spy
[%COMMON_PROGRAMS%]\KGB Spy
[%PROGRAMS%]\kgb spy

KGB.Spy.Software Registry Keys:
HKEY_CURRENT_USER\software\kgb spy
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\kgb spy

KGB.Spy.Software Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing KGB.Spy.Software:

you can run trial version of ExterminateIt, or remove KGB.Spy.Software manually.

To completely manually remove KGB.Spy.Software malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with KGB.Spy.Software.

Read also:
IRC.Floodz DoS Information
Kroey Trojan Removal

Posted by fresto at 7:28 PM 0 comments

INF.AZVPWS Trojan

Click here to remove INF.AZVPWS malware
INF.AZVPWS description:
INF.AZVPWS Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing INF.AZVPWS:

you can run trial version of ExterminateIt, or remove INF.AZVPWS manually.

To completely manually remove INF.AZVPWS malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with INF.AZVPWS.

Read also:
Bancos.HKW Trojan Information
Elite.Keylogger Spyware Information

Posted by fresto at 6:19 PM 0 comments

Backdoor.BO2K.Setup Trojan

Click here to remove Backdoor.BO2K.Setup malware
Backdoor.BO2K.Setup description:
Backdoor.BO2K.Setup Category:Trojan,Backdoor
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Backdoors combine the functionality of most other types of in one package.
Backdoors have one especially dangerous sub-class: variants that can propagate like worms.

Removing Backdoor.BO2K.Setup:

you can run trial version of ExterminateIt, or remove Backdoor.BO2K.Setup manually.

To completely manually remove Backdoor.BO2K.Setup malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Backdoor.BO2K.Setup.

Read also:
Removing Small.axn Downloader
Remove DlRage Trojan

Posted by fresto at 3:31 PM 0 comments

Win16.MyPicz Trojan

Click here to remove Win16.MyPicz malware
Win16.MyPicz description:
Win16.MyPicz Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Win16.MyPicz:

you can run trial version of ExterminateIt, or remove Win16.MyPicz manually.

To completely manually remove Win16.MyPicz malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Win16.MyPicz.

Read also:
Removing Pigeon.DZV Trojan
Pigeon.EYU Trojan Cleaner
SpywareWall Adware Removal instruction
AD Trojan Symptoms

Posted by fresto at 2:36 PM 0 comments

HacDef.R Trojan

Click here to remove HacDef.R malware
HacDef.R description:
HacDef.R Category:Trojan,Backdoor
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
Often the backdoor will not be visible in the log of active programs.

Removing HacDef.R:

you can run trial version of ExterminateIt, or remove HacDef.R manually.

To completely manually remove HacDef.R malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with HacDef.R.

Read also:
Drifting Trojan Removal
Pigeon.EEF Trojan Information
Win32.Tormador Trojan Cleaner

Posted by fresto at 1:57 PM 0 comments

Bancos.HHM Trojan

Click here to remove Bancos.HHM malware
Bancos.HHM description:
Bancos.HHM Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Bancos.HHM:

you can run trial version of ExterminateIt, or remove Bancos.HHM manually.

To completely manually remove Bancos.HHM malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Bancos.HHM.

Read also:
Daemaen Trojan Removal instruction
Win32.TrojanDownloader.SMW Trojan Information
SillyDl.BZO Trojan Cleaner
Removing SillyDl.DKM Trojan

Posted by fresto at 12:12 PM 0 comments

Vxidl.ATB Trojan

Click here to remove Vxidl.ATB malware
Vxidl.ATB description:
Vxidl.ATB Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Vxidl.ATB:

you can run trial version of ExterminateIt, or remove Vxidl.ATB manually.

To completely manually remove Vxidl.ATB malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Vxidl.ATB.

Read also:
Pigeon.AVCG Trojan Removal
Rahac!Dropper Trojan Removal instruction
Euthanasia Hacker Tool Removal instruction
Pigeon.EZU Trojan Removal

Posted by fresto at 10:04 AM 0 comments

Remote.Config RAT

Click here to remove Remote.Config malware
Remote.Config description:
Remote.Config Category:RAT
Some RAT trojans are pranks that are most likely being controlled by a friend or enemy on
April Fool's day or a holiday. Prank RATS are generally not harmful, and won't log keystrokes or hack.

Removing Remote.Config:

you can run trial version of ExterminateIt, or remove Remote.Config manually.

To completely manually remove Remote.Config malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Remote.Config.

Read also:
Bancos.IJW Trojan Symptoms
Bancos.GKN Trojan Symptoms
Remove Klog201 Spyware
AdDestroyer Adware Information

Posted by fresto at 9:13 AM 0 comments

Baidu (BDSearch) Adware

Click here to remove Baidu (BDSearch) malware
Baidu (BDSearch) description:
Baidu (BDSearch) Category:Adware,BHO,Toolbar
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
As this information is entered by the user, it is captured by the BHO (Browser Helper Object) and
sent back to the attacker.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.Toolbar presents itself as a helpful add-on for Internet Explorer but it is a real pest.

Detection Baidu (BDSearch) :

Baidu (BDSearch) Files:
[%PROGRAM_FILES%]\baidu\bar\baidubar.dat
[%PROGRAM_FILES%]\baidu\bar\BaiduBar.dll
[%PROGRAM_FILES%]\baidu\bar\bang.ini
[%PROGRAM_FILES%]\baidu\bar\bang.ini.1
[%PROGRAM_FILES%]\baidu\bar\bdgdins.dll
[%PROGRAM_FILES%]\baidu\bar\loadmovie.swf
[%PROGRAM_FILES%]\baidu\bar\baidubar.dat
[%PROGRAM_FILES%]\baidu\bar\BaiduBar.dll
[%PROGRAM_FILES%]\baidu\bar\bang.ini
[%PROGRAM_FILES%]\baidu\bar\bang.ini.1
[%PROGRAM_FILES%]\baidu\bar\bdgdins.dll
[%PROGRAM_FILES%]\baidu\bar\loadmovie.swf

Baidu (BDSearch) Folders:
[%PROGRAM_FILES%]\Baidu
[%PROGRAM_FILES%]\baidu\bar

Baidu (BDSearch) Registry Keys:
HKEY_CLASSES_ROOT\clsid\{77FEF28E-EB96-44FF-B511-3185DEA48697}
HKEY_CLASSES_ROOT\clsid\{B580CF65-E151-49C3-B73F-70B13FCA8E86}

Baidu (BDSearch) Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar

Removing Baidu (BDSearch):

you can run trial version of ExterminateIt, or remove Baidu (BDSearch) manually.

To completely manually remove Baidu (BDSearch) malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Baidu (BDSearch).

Read also:
Removing SillyDl.CFU Trojan
Removing Bancos.GZC Trojan
Frethog.ACE Trojan Symptoms

Posted by fresto at 8:28 AM 0 comments

PSW.Fakemsn Trojan

Click here to remove PSW.Fakemsn malware
PSW.Fakemsn description:
PSW.Fakemsn Category:Trojan,Hacker Tool
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
These utilities are designed to penetrate remote computers
in order to use them as zombies (by using backdoors) or to download other malicious programs to computer.

Exploits use vulnerabilities in operating systems and applications to achieve the same result.

Removing PSW.Fakemsn:

you can run trial version of ExterminateIt, or remove PSW.Fakemsn manually.

To completely manually remove PSW.Fakemsn malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with PSW.Fakemsn.

Read also:
Libnet Trojan Removal

Posted by fresto at 7:58 AM 0 comments

Pigeon.AKY Trojan

Click here to remove Pigeon.AKY malware
Pigeon.AKY description:
Pigeon.AKY Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Pigeon.AKY:

you can run trial version of ExterminateIt, or remove Pigeon.AKY manually.

To completely manually remove Pigeon.AKY malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Pigeon.AKY.

Read also:
SongSpy Spyware Cleaner

Posted by fresto at 6:15 AM 0 comments

Bancos.IMK Trojan

Click here to remove Bancos.IMK malware
Bancos.IMK description:
Bancos.IMK Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Detection Bancos.IMK :

Bancos.IMK Registry Keys:
HKEY_CURRENT_USER\farfarway 1.0

Bancos.IMK Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing Bancos.IMK:

you can run trial version of ExterminateIt, or remove Bancos.IMK manually.

To completely manually remove Bancos.IMK malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Bancos.IMK.

Read also:
Pigeon.EWC Trojan Removal instruction
RtKit.Server Trojan Symptoms
SubSeven.DLL Backdoor Information
Removing Net.trash RAT

Posted by fresto at 5:03 AM 0 comments

PersonalMoneyTree Adware

Click here to remove PersonalMoneyTree malware
PersonalMoneyTree description:
PersonalMoneyTree Category:Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

Detection PersonalMoneyTree :

PersonalMoneyTree Files:
[%SYSTEM%]\preuninstallpmt.exe
[%SYSTEM%]\preuninstallpmt.exe

PersonalMoneyTree Folders:
[%PROGRAMS%]\personal money tree
[%PROGRAM_FILES%]\personal money tree

PersonalMoneyTree Registry Keys:
HKEY_CLASSES_ROOT\clsid\{d1a3a43b-05a1-40cd-834c-053e6c03b258}
HKEY_CLASSES_ROOT\comparishopper.application
HKEY_LOCAL_MACHINE\software\pmt
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\menuorder\start menu\programs\personal money tree
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\personal money tree

PersonalMoneyTree Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing PersonalMoneyTree:

you can run trial version of ExterminateIt, or remove PersonalMoneyTree manually.

To completely manually remove PersonalMoneyTree malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with PersonalMoneyTree.

Read also:
PSW.Deathmin Trojan Information
Fraggle.Rock.Lite Trojan Cleaner

Posted by fresto at 3:34 AM 0 comments

Aloap Trojan

Click here to remove Aloap malware
Aloap description:
Aloap Category:Trojan,Backdoor
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Backdoors combine the functionality of most other types of in one package.
Backdoors have one especially dangerous sub-class: variants that can propagate like worms.

Removing Aloap:

you can run trial version of ExterminateIt, or remove Aloap manually.

To completely manually remove Aloap malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Aloap.

Read also:
SillyDl.CEX Trojan Removal instruction

Posted by fresto at 3:27 AM 0 comments

Small.hx Trojan

Click here to remove Small.hx malware
Small.hx description:
Small.hx Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Small.hx:

you can run trial version of ExterminateIt, or remove Small.hx manually.

To completely manually remove Small.hx malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Small.hx.

Read also:
PVWind Trojan Cleaner

Posted by fresto at 2:31 AM 0 comments

Bancos.GXD Trojan

Click here to remove Bancos.GXD malware
Bancos.GXD description:
Bancos.GXD Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Bancos.GXD:

you can run trial version of ExterminateIt, or remove Bancos.GXD manually.

To completely manually remove Bancos.GXD malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Bancos.GXD.

Read also:
Removing Natspammer Trojan
Padtru Trojan Symptoms
NetKillx Backdoor Cleaner

Posted by fresto at 1:52 AM 0 comments

Cermpsy Trojan

Click here to remove Cermpsy malware
Cermpsy description:
Cermpsy Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Cermpsy:

you can run trial version of ExterminateIt, or remove Cermpsy manually.

To completely manually remove Cermpsy malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Cermpsy.

Read also:
Vxidl.BFN Trojan Information
PagoMaster Adware Removal instruction
New.Malware Trojan Removal
JS.MS06 Trojan Removal

Posted by fresto at 1:15 AM 0 comments

Pigeon.DZA Trojan

Click here to remove Pigeon.DZA malware
Pigeon.DZA description:
Pigeon.DZA Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Pigeon.DZA:

you can run trial version of ExterminateIt, or remove Pigeon.DZA manually.

To completely manually remove Pigeon.DZA malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Pigeon.DZA.

Read also:
Bancos.GMY Trojan Information
Removing Liberty.SSSS Trojan
Netvaiser Backdoor Removal
Zmk Trojan Symptoms

Posted by fresto at 12:45 AM 0 comments

Galapoper Trojan

Click here to remove Galapoper malware
Galapoper description:
Galapoper Category:Trojan,Hacker Tool
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
These utilities are designed to penetrate remote computers
in order to use them as zombies (by using backdoors) or to download other malicious programs to computer.

Exploits use vulnerabilities in operating systems and applications to achieve the same result.

Removing Galapoper:

you can run trial version of ExterminateIt, or remove Galapoper manually.

To completely manually remove Galapoper malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Galapoper.

Read also:
Removing 180SearchAssistant Adware
QZap124 Trojan Removal instruction

Posted by fresto at 12:41 AM 0 comments

Thursday, January 22, 2009

Lid BHO

Click here to remove Lid malware
Lid description:
Lid Category:BHO
BHO (Browser Helper Object) Trojan.
The BHO waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.
The method of network transport used by the attacker makes this Trojan unique.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.
Instead, this Trojan encodes the data with a simple XOR algorithm before placing it into
the data section of an ICMP ping packet." explained the company.

Removing Lid:

you can run trial version of ExterminateIt, or remove Lid manually.

To completely manually remove Lid malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Lid.

Read also:
eyereturn.com Tracking Cookie Cleaner

Posted by fresto at 10:03 PM 0 comments

TPE.GEN Trojan

Click here to remove TPE.GEN malware
TPE.GEN description:
TPE.GEN Category:Trojan,Hacker Tool
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Hacker Tools are designed to penetrate remote computers
in order to use them as zombies or to download other malicious programs to computer.

Removing TPE.GEN:

you can run trial version of ExterminateIt, or remove TPE.GEN manually.

To completely manually remove TPE.GEN malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with TPE.GEN.

Read also:
QFZ RAT Cleaner
Removing Italian.Boy Trojan
Pigeon.AVUK Trojan Removal
FastKill Trojan Symptoms
Pigeon.ESG Trojan Symptoms

Posted by fresto at 9:55 PM 0 comments

Bancos.IKL Trojan

Click here to remove Bancos.IKL malware
Bancos.IKL description:
Bancos.IKL Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Bancos.IKL:

you can run trial version of ExterminateIt, or remove Bancos.IKL manually.

To completely manually remove Bancos.IKL malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Bancos.IKL.

Read also:
Rip.Utils Trojan Information
ToXiCiTy Trojan Removal instruction

Posted by fresto at 8:39 PM 0 comments

Pigeon.EPD Trojan

Click here to remove Pigeon.EPD malware
Pigeon.EPD description:
Pigeon.EPD Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Pigeon.EPD:

you can run trial version of ExterminateIt, or remove Pigeon.EPD manually.

To completely manually remove Pigeon.EPD malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Pigeon.EPD.

Read also:
Removing Pigeon.AUZR Trojan

Posted by fresto at 8:03 PM 0 comments

Actual.Spy Spyware

Click here to remove Actual.Spy malware
Actual.Spy description:
Actual.Spy Category:Spyware,Hijacker
Spyware can even change computer settings, resulting in slow connection speeds,
different home pages, and loss of Internet or other programs.
In an attempt to increase the understanding of spyware, a more formal classification
of its included software types is captured under the term privacy-invasive software.
Hijackers are software programs that modify users' default browser home page,
search settings, error page settings, or desktop wallpaper without adequate notice, disclosure,
or user consent.

When the default home page is hijacked, the browser opens to the web page set by the hijacker
instead of the user's designated home page. In some cases, the hijacker may block users from
restoring their desired home page.

A search hijacker redirects search results to other pages and may
transmit search and browsing data to unknown servers. An error page hijacker directs
the browser to another page, usually an advertising page, instead of the usual error
page when the requested URL is not found.

A desktop hijacker replaces the desktop wallpaper with advertising
for products and services on the desktop.

Hijackers take control of various parts of your web browser, including your home page,
search pages, and search bar. They may also redirect you to certain sites should you
mistype an address or prevent you from going to a website they would rather you not,
such as sites that combat malware. Some will even redirect you to their own search engine
when you attempt a search. NB: hijackers almost exclusively target Internet Explorer.

Detection Actual.Spy :

Actual.Spy Files:
[%WINDOWS%]\system\actualspy.lnk
[%DESKTOP%]\Actual Spy.lnk
[%WINDOWS%]\system\actualspy.lnk
[%DESKTOP%]\Actual Spy.lnk

Actual.Spy Folders:
[%COMMON_PROGRAMS%]\Actual Spy
[%PROGRAM_FILES%]\asmonitor
[%PROGRAMS%]\actual spy

Actual.Spy Registry Keys:
HKEY_CURRENT_USER\software\asmonitor
HKEY_LOCAL_MACHINE\software\asmonitor
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\actualspy_is1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\actual spy_is1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\actual spy_is1

Actual.Spy Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run

Removing Actual.Spy:

you can run trial version of ExterminateIt, or remove Actual.Spy manually.

To completely manually remove Actual.Spy malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Actual.Spy.

Read also:
Supreme.Desktop Adware Symptoms
Agent.qs Backdoor Removal instruction
Pigeon.AUZY Trojan Removal
GIC Backdoor Information
Remove TrojanDownloader Downloader

Posted by fresto at 5:51 PM 0 comments

Pigeon.AVVD Trojan

Click here to remove Pigeon.AVVD malware
Pigeon.AVVD description:
Pigeon.AVVD Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Pigeon.AVVD:

you can run trial version of ExterminateIt, or remove Pigeon.AVVD manually.

To completely manually remove Pigeon.AVVD malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Pigeon.AVVD.

Read also:
Removing TrojanDownloader.Win32.Swizzor Trojan

Posted by fresto at 5:01 PM 0 comments

Bancos.HBN Trojan

Click here to remove Bancos.HBN malware
Bancos.HBN description:
Bancos.HBN Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Bancos.HBN:

you can run trial version of ExterminateIt, or remove Bancos.HBN manually.

To completely manually remove Bancos.HBN malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Bancos.HBN.

Read also:
Frethog.ACE Trojan Symptoms
Pigeon.ETG Trojan Removal

Posted by fresto at 12:20 PM 0 comments

Pigeon.ADL Trojan

Click here to remove Pigeon.ADL malware
Pigeon.ADL description:
Pigeon.ADL Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Pigeon.ADL:

you can run trial version of ExterminateIt, or remove Pigeon.ADL manually.

To completely manually remove Pigeon.ADL malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Pigeon.ADL.

Read also:
Delf.mn Backdoor Information
Bancos.HHB Trojan Removal instruction
Sincom.az Spyware Cleaner

Posted by fresto at 11:52 AM 0 comments

Shadown Trojan

Click here to remove Shadown malware
Shadown description:
Shadown Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Shadown:

you can run trial version of ExterminateIt, or remove Shadown manually.

To completely manually remove Shadown malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Shadown.

Read also:
Optix.Lite.Firewall.Bypass RAT Removal instruction

Posted by fresto at 10:11 AM 0 comments

Pigeon.ARU Trojan

Click here to remove Pigeon.ARU malware
Pigeon.ARU description:
Pigeon.ARU Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Pigeon.ARU:

you can run trial version of ExterminateIt, or remove Pigeon.ARU manually.

To completely manually remove Pigeon.ARU malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Pigeon.ARU.

Read also:
W95.Babylonia Trojan Symptoms

Posted by fresto at 9:16 AM 0 comments

SWCall Trojan

Click here to remove SWCall malware
SWCall description:
SWCall Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing SWCall:

you can run trial version of ExterminateIt, or remove SWCall manually.

To completely manually remove SWCall malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with SWCall.

Read also:
Removing Hapchain Trojan
Genvir Trojan Removal instruction

Posted by fresto at 8:24 AM 0 comments

IRC.Wup Backdoor

Click here to remove IRC.Wup malware
IRC.Wup description:
IRC.Wup Category:Backdoor
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
Often the backdoor will not be visible in the log of active programs.

Removing IRC.Wup:

you can run trial version of ExterminateIt, or remove IRC.Wup manually.

To completely manually remove IRC.Wup malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with IRC.Wup.

Read also:
ANTIMAC Trojan Symptoms
Darjen Trojan Cleaner
Pigeon.AVRJ Trojan Cleaner
Removing Real.Spy.Common.Components Spyware
Removing InCommander.KeySpy Trojan

Posted by fresto at 6:11 AM 0 comments

Kill.xfs DoS

Click here to remove Kill.xfs malware
Kill.xfs description:
Kill.xfs Category:DoS
These programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.

DoS trojans conduct such attacks from a single computer with the consent of the user.

Worms can carry a DoS procedure as part of their payload.

Removing Kill.xfs:

you can run trial version of ExterminateIt, or remove Kill.xfs manually.

To completely manually remove Kill.xfs malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Kill.xfs.

Read also:
Remove Bancos.AGF Trojan
NetAmine RAT Removal
Removing Trout Trojan

Posted by fresto at 3:55 AM 0 comments

Zlob.Fam.PrivateVideo Trojan

Click here to remove Zlob.Fam.PrivateVideo malware
Zlob.Fam.PrivateVideo description:
Zlob.Fam.PrivateVideo Category:Trojan,Popups
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Adware is the class of programs that place advertisements on your screen.
These may be in the form of pop-ups, pop-unders, advertisements embedded in programs,
advertisements placed on top of ads in web sites, or any other way the authors can
think of showing you an ad.

The pop-ups generally will not be stopped by pop-up stoppers, and often are
not dependent on your having Internet Explorer open.
They may show up when you are playing a game, writing a document, listening to music,
or anything else. Should you be surfing, the advertisements will often be related to
the web page you are viewing.

Detection Zlob.Fam.PrivateVideo :

Zlob.Fam.PrivateVideo Folders:
[%PROGRAMS%]\PrivateVideo
[%PROGRAM_FILES%]\PrivateVideo

Zlob.Fam.PrivateVideo Registry Keys:
HKEY_CLASSES_ROOT\privatevideo
HKEY_CURRENT_USER\Software\PrivateVideo
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PrivateVideo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PrivateVideo

Removing Zlob.Fam.PrivateVideo:

you can run trial version of ExterminateIt, or remove Zlob.Fam.PrivateVideo manually.

To completely manually remove Zlob.Fam.PrivateVideo malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Zlob.Fam.PrivateVideo.

Read also:
Removing Wabrex Trojan
Bancos.GLT Trojan Symptoms
Removing BAT.Filler Trojan

Posted by fresto at 3:30 AM 0 comments

Bus.Conquerer Trojan

Click here to remove Bus.Conquerer malware
Bus.Conquerer description:
Bus.Conquerer Category:Trojan,Backdoor,RAT
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Backdoors combine the functionality of most other types of in one package.
Backdoors have one especially dangerous sub-class: variants that can propagate like worms.

Many trojans and backdoors now have remote administration capabilities
allowing an individual to control the victim's computer.
Many times a file called the server must be opened on the victim's computer before
the trojan can have access to it.

These are generally sent through email, P2P file sharing software,
and in internet downloads. They are usually disguised as a legitimate program or file.
Many server files will display a fake error message when opened, to make it seem like it didn't open.
Some will also kill antivirus and firewall software.

Some RAT trojans are pranks that are most likely being controlled by a friend or enemy on
April Fool's day or a holiday. Prank RATS are generally not harmful, and won't log keystrokes or hack.
They usually do whimsical things like flip the screen upside-down, open the CD-ROM tray,
and swap mouse buttons. However, they can be quite hard to remove.

Removing Bus.Conquerer:

you can run trial version of ExterminateIt, or remove Bus.Conquerer manually.

To completely manually remove Bus.Conquerer malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Bus.Conquerer.

Read also:
Removing Nimador Backdoor
Pipi Trojan Information
TrojanDownloader.LowZones.bx Downloader Cleaner

Posted by fresto at 2:09 AM 0 comments

SpecificClick.com Tracking Cookie

Click here to remove SpecificClick.com malware
SpecificClick.com description:
SpecificClick.com Category:Tracking Cookie
Tracking cookies, like regular cookies, are small files that get deposited
onto your computer's hard drive as you browse the Internet.
Unlike harmless cookies that normally let you use certain websites more easily,
tracking cookies usually collect and report information about what websites you visit
and what you do at those websites.

If you fill out forms online with your real name and contact information,
click on banners and then purchase an item, or fill out sweepstakes or contests forms,
then it's possible that major online advertisers know your name and have associated it
with your IP address and other information.

Removing SpecificClick.com:

you can run trial version of ExterminateIt, or remove SpecificClick.com manually.

To completely manually remove SpecificClick.com malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with SpecificClick.com.

Read also:
Remove SillyDl.CCG Trojan
Fixer.AntiSpy Trojan Information
SpyDawn Adware Removal instruction

Posted by fresto at 12:57 AM 0 comments

Wednesday, January 21, 2009

SillyDl.DER Trojan

Click here to remove SillyDl.DER malware
SillyDl.DER description:
SillyDl.DER Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing SillyDl.DER:

you can run trial version of ExterminateIt, or remove SillyDl.DER manually.

To completely manually remove SillyDl.DER malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with SillyDl.DER.

Read also:
Removing KooWo BHO
Removing Lernost Trojan

Posted by fresto at 10:27 PM 0 comments

Briss Spyware

Click here to remove Briss malware
Briss description:
Briss Category:Spyware,Downloader
Spyware can even change computer settings, resulting in slow connection speeds,
different home pages, and loss of Internet or other programs.
In an attempt to increase the understanding of spyware, a more formal classification
of its included software types is captured under the term privacy-invasive software.
Trojans-downloaders downloads and installs new malware or adware on the computer.

Detection Briss :

Briss Files:
[%WINDOWS%]\downloaded program files\bridge.inf
[%WINDOWS%]\downloaded program files\bridge.inf

Removing Briss:

you can run trial version of ExterminateIt, or remove Briss manually.

To completely manually remove Briss malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Briss.

Read also:
pege.org Tracking Cookie Symptoms
Di.Nuke Trojan Information

Posted by fresto at 9:03 PM 0 comments

Lampscore Trojan

Click here to remove Lampscore malware
Lampscore description:
Lampscore Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Lampscore:

you can run trial version of ExterminateIt, or remove Lampscore manually.

To completely manually remove Lampscore malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Lampscore.

Read also:
Skoob Trojan Removal
Vxidl.AOI Trojan Information

Posted by fresto at 8:55 PM 0 comments

Pigeon.AUZS Trojan

Click here to remove Pigeon.AUZS malware
Pigeon.AUZS description:
Pigeon.AUZS Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Pigeon.AUZS:

you can run trial version of ExterminateIt, or remove Pigeon.AUZS manually.

To completely manually remove Pigeon.AUZS malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Pigeon.AUZS.

Read also:
Remove Deluxe.Fone.Code.Hacker Adware
Win32.ARPKiller DoS Information
KPass DoS Information

Posted by fresto at 7:37 PM 0 comments

Ozzy Trojan

Click here to remove Ozzy malware
Ozzy description:
Ozzy Category:Trojan,Backdoor,Downloader,DoS
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Backdoors combine the functionality of most other types of in one package.
Backdoors have one especially dangerous sub-class: variants that can propagate like worms.

This family of Trojans downloads and installs new malware or adware on the computer.
The downloader then either launches the new malware or registers it to enable autorun
according to the local operating system requirements.

The names and locations of malware to be downloaded are either coded into the
Trojan or downloaded from a specified website.
DoS trojans conduct attacks from a single computer with the consent of the user.

Removing Ozzy:

you can run trial version of ExterminateIt, or remove Ozzy manually.

To completely manually remove Ozzy malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Ozzy.

Read also:
Bancos.GMB Trojan Symptoms
VBS.Noob Trojan Removal instruction
Agent.kf Trojan Information

Posted by fresto at 2:22 PM 0 comments

AxNTFileSecurity Hostile Code

Click here to remove AxNTFileSecurity malware
AxNTFileSecurity description:
AxNTFileSecurity Category:Hostile Code
Hostile code is any process running on a system that is
not authorized by the system administrator, such as Trojans, viruses, or spyware.

Removing AxNTFileSecurity:

you can run trial version of ExterminateIt, or remove AxNTFileSecurity manually.

To completely manually remove AxNTFileSecurity malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with AxNTFileSecurity.

Read also:
SMS.Lanmen DoS Cleaner
Small.atc Downloader Cleaner

Posted by fresto at 10:03 AM 0 comments

Trivada.com Tracking Cookie

Click here to remove Trivada.com malware
Trivada.com description:
Trivada.com Category:Tracking Cookie
Tracking cookies, like regular cookies, are small files that get deposited
onto your computer's hard drive as you browse the Internet.
Unlike harmless cookies that normally let you use certain websites more easily,
tracking cookies usually collect and report information about what websites you visit
and what you do at those websites.

If you fill out forms online with your real name and contact information,
click on banners and then purchase an item, or fill out sweepstakes or contests forms,
then it's possible that major online advertisers know your name and have associated it
with your IP address and other information.

Removing Trivada.com:

you can run trial version of ExterminateIt, or remove Trivada.com manually.

To completely manually remove Trivada.com malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Trivada.com.

Read also:
Icon.Changer Trojan Information
Remove MasterParadise.Setup Backdoor
Snake's.Socks Backdoor Cleaner
DRVSCAN Trojan Symptoms
Starimp Trojan Information

Posted by fresto at 8:44 AM 0 comments

Diallegit Adware

Click here to remove Diallegit malware
Diallegit description:
Diallegit Category:Adware
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits

Detection Diallegit :

Diallegit Files:
[%SYSTEM%]\msmmi.exe
[%SYSTEM%]\msmmi.exe

Diallegit Registry Keys:
HKEY_LOCAL_MACHINE\software\msmmi

Diallegit Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing Diallegit:

you can run trial version of ExterminateIt, or remove Diallegit manually.

To completely manually remove Diallegit malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Diallegit.

Read also:
RemoteHAK Backdoor Removal
Virus.Collectors.Toolbox Trojan Removal
Bancos.GNJ Trojan Cleaner
Remove Searchbar.findthewebsiteyouneed.Tracking.Cookie Tracking Cookie
mc2.ru Tracking Cookie Cleaner

Posted by fresto at 7:19 AM 0 comments

Docag Trojan

Click here to remove Docag malware
Docag description:
Docag Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Docag:

you can run trial version of ExterminateIt, or remove Docag manually.

To completely manually remove Docag malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Docag.

Read also:
PWS.MSNFake.gen Trojan Cleaner
Removing Wharps Trojan
Vxidl.AAT Trojan Removal
Removing Vxidl.AAI Trojan

Posted by fresto at 6:40 AM 0 comments

Xrenoder Adware

Click here to remove Xrenoder malware
Xrenoder description:
Xrenoder Category:Adware,BHO,Hijacker,Downloader
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
As this information is entered by the user, it is captured by the BHO (Browser Helper Object) and
sent back to the attacker.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.A Search hijacker redirects search results to other pages and may
transmit search and browsing data to unknown servers. An error page hijacker directs
the browser to another page, usually an advertising page, instead of the usual error
page when the requested URL is not found.
The downloader either launches the new malware or registers it to enable autorun
according to the local operating system requirements.

Detection Xrenoder :

Xrenoder Files:
[%WINDOWS%]\downloaded program files\conflict.1\istactivex.dll
[%WINDOWS%]\downloaded program files\conflict.1\istactivex.dll

Xrenoder Folders:
[%FAVORITES%]\adult sites
[%FAVORITES%]\free adult content

Xrenoder Registry Keys:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\c:\winnt\downloaded program files\istactivex.dll
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\[%WINDOWS%]\downloaded program files\istactivex.dll

Removing Xrenoder:

you can run trial version of ExterminateIt, or remove Xrenoder manually.

To completely manually remove Xrenoder malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Xrenoder.

Read also:
Remove WriteBoot.VirTool Backdoor
Remove Trojan.Scanner Trojan
Win32.VB.fd Trojan Symptoms
BH Trojan Information
Remove TrialDest.SFX!Server Backdoor

Posted by fresto at 3:27 AM 0 comments

Tuesday, January 20, 2009

Msndakait10 Trojan

Click here to remove Msndakait10 malware
Msndakait10 description:
Msndakait10 Category:Trojan,Backdoor,Hacker Tool
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.

Exploits use vulnerabilities in operating systems and applications to achieve the same result.

Removing Msndakait10:

you can run trial version of ExterminateIt, or remove Msndakait10 manually.

To completely manually remove Msndakait10 malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Msndakait10.

Read also:
Wineatea Downloader Symptoms
Dementia Trojan Removal instruction
Pigeon.AVVA Trojan Cleaner
Pigeon.AFL Trojan Symptoms

Posted by fresto at 8:21 PM 0 comments

trb.com Tracking Cookie

Click here to remove trb.com malware
trb.com description:
trb.com Category:Tracking Cookie
Tracking cookies, like regular cookies, are small files that get deposited
onto your computer's hard drive as you browse the Internet.
Unlike harmless cookies that normally let you use certain websites more easily,
tracking cookies usually collect and report information about what websites you visit
and what you do at those websites.

If you fill out forms online with your real name and contact information,
click on banners and then purchase an item, or fill out sweepstakes or contests forms,
then it's possible that major online advertisers know your name and have associated it
with your IP address and other information.

Removing trb.com:

you can run trial version of ExterminateIt, or remove trb.com manually.

To completely manually remove trb.com malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with trb.com.

Read also:
Pigeon.ANU Trojan Removal

Posted by fresto at 8:16 PM 0 comments

Winsock DoS

Click here to remove Winsock malware
Winsock description:
Winsock Category:DoS
These programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.

DoS trojans conduct such attacks from a single computer with the consent of the user.

Worms can carry a DoS procedure as part of their payload.

Removing Winsock:

you can run trial version of ExterminateIt, or remove Winsock manually.

To completely manually remove Winsock malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Winsock.

Read also:
Remove Mirtang Trojan
Remove Arcamax.com Tracking Cookie

Posted by fresto at 8:07 PM 0 comments

FakeDelReg Trojan

Click here to remove FakeDelReg malware
FakeDelReg description:
FakeDelReg Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing FakeDelReg:

you can run trial version of ExterminateIt, or remove FakeDelReg manually.

To completely manually remove FakeDelReg malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with FakeDelReg.

Read also:
Alureon! Trojan Information
Removing Doly.Se.Build Backdoor
Removing Ovason RAT
Pigeon.AVIC Trojan Information

Posted by fresto at 7:28 PM 0 comments

AntiSpyPro Ransomware

Click here to remove AntiSpyPro malware
AntiSpyPro description:
AntiSpyPro Category:Ransomware
A cryptovirus, cryptotrojan or cryptoworm is a type of
malware that encrypts the data belonging to an individual on a computer,
demanding a ransom for its restoration.

The term ransomware is commonly used to describe software that encrypts the data
belonging to an individual on a computer, demanding a ransom for its restoration.
Although the field known as cryptovirology predates the term "ransomware".

Detection AntiSpyPro :

AntiSpyPro Files:
[%PROFILE%]\Desktop\AntiSpy Pro 2.4.lnk
[%PROFILE%]\Start Menu\Programs\AntiSpy Pro 2.4.lnk
[%PROFILE%]\Desktop\AntiSpy Pro 2.4.lnk
[%PROFILE%]\Start Menu\Programs\AntiSpy Pro 2.4.lnk

AntiSpyPro Folders:
[%PROGRAM_FILES%]\AntiSpyPro

AntiSpyPro Registry Keys:
HKEY_CURRENT_USER\software\antispy-pro
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\antispy pro

Removing AntiSpyPro:

you can run trial version of ExterminateIt, or remove AntiSpyPro manually.

To completely manually remove AntiSpyPro malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with AntiSpyPro.

Read also:
Win32.Greenbind.Joiner Trojan Removal
Xexeaw Trojan Symptoms
MiniLD Trojan Removal
Removing MSN.Energy DoS

Posted by fresto at 6:20 PM 0 comments

Yinker Trojan

Click here to remove Yinker malware
Yinker description:
Yinker Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing Yinker:

you can run trial version of ExterminateIt, or remove Yinker manually.

To completely manually remove Yinker malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Yinker.

Read also:
TimeDead Trojan Cleaner

Posted by fresto at 5:12 PM 0 comments

Email.Spy.Monitor Spyware

Click here to remove Email.Spy.Monitor malware
Email.Spy.Monitor description:
Email.Spy.Monitor Category:Spyware
Spyware is computer software that is installed surreptitiously on a personal computer
to with the computer, without the user's informed consent.

Detection Email.Spy.Monitor :

Email.Spy.Monitor Files:
[%SYSTEM%]\adsnwe.exe
[%SYSTEM%]\adsnwe.exe

Email.Spy.Monitor Folders:
[%PROGRAM_FILES%]\EMLCS

Email.Spy.Monitor Registry Keys:
HKEY_CLASSES_ROOT\chilkat.email2
HKEY_CLASSES_ROOT\chilkat.email2.1
HKEY_CLASSES_ROOT\chilkat.emailbundle2
HKEY_CLASSES_ROOT\chilkat.emailbundle2.1
HKEY_CLASSES_ROOT\chilkat.mailman2
HKEY_CLASSES_ROOT\chilkat.mailman2.1
HKEY_CLASSES_ROOT\chilkatmail2.chilkatemail2
HKEY_CLASSES_ROOT\chilkatmail2.chilkatemail2.1
HKEY_CLASSES_ROOT\chilkatmail2.chilkatemailbundle2
HKEY_CLASSES_ROOT\chilkatmail2.chilkatemailbundle2.1
HKEY_CLASSES_ROOT\chilkatmail2.chilkatmailman2
HKEY_CLASSES_ROOT\chilkatmail2.chilkatmailman2.1
HKEY_CLASSES_ROOT\clsid\{5883ca7c-b619-45c9-8e5d-dd6f7ea91785}
HKEY_CLASSES_ROOT\clsid\{a4643a87-99a0-4404-9bc5-2322bdd61637}
HKEY_CLASSES_ROOT\clsid\{a46e5261-9956-4767-88ca-dfced050d09e}
HKEY_CLASSES_ROOT\clsid\{a7ec2cd3-9941-4fd4-9d01-105dc16a4313}
HKEY_CLASSES_ROOT\interface\{06544919-f559-4ae5-9001-f903bd8a84e6}
HKEY_CLASSES_ROOT\interface\{51a0888c-9970-44de-8c2c-835ba870d06f}
HKEY_CLASSES_ROOT\interface\{5acae4b8-62d9-4124-a58a-9b1258b77e99}
HKEY_CLASSES_ROOT\interface\{7d37ded8-1945-4e42-a3fd-b9620e0ad8e3}
HKEY_CLASSES_ROOT\interface\{c4c23b78-db98-444c-b601-dcac6ebbec54}
HKEY_CLASSES_ROOT\interface\{ccb7fb40-99ec-4678-9202-52798da78aba}
HKEY_CLASSES_ROOT\interface\{d12fb216-99da-4eb3-9cc0-c0f760b174a0}
HKEY_CLASSES_ROOT\interface\{d56c1af1-3fde-471c-9bc2-c52515f260c1}
HKEY_CLASSES_ROOT\interface\{e656b867-992c-4462-a27d-ebe604ec3a48}
HKEY_CLASSES_ROOT\interface\{fc279bc4-9e6e-4999-93e2-3ae39cce2927}
HKEY_CLASSES_ROOT\mapiprop.mapipropwrapper
HKEY_CLASSES_ROOT\typelib\{1df3afed-99e0-4474-9900-954b8fd24e86}
HKEY_CLASSES_ROOT\typelib\{64debe33-c381-465b-a707-3f56c5b93470}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\email spy monitor_is1

Email.Spy.Monitor Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing Email.Spy.Monitor:

you can run trial version of ExterminateIt, or remove Email.Spy.Monitor manually.

To completely manually remove Email.Spy.Monitor malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Email.Spy.Monitor.

Read also:
Removing CWS.AlFaSearch Hijacker
Removing SillyDl.DFQ Trojan
BestSearchEngine Trojan Information

Posted by fresto at 4:54 PM 0 comments

Raven Trojan

Click here to remove Raven malware
Raven description:
Raven Category:Trojan,Spyware,Backdoor,RAT,Hacker Tool
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Spyware is computer software that is installed surreptitiously on a personal computer
to intercept or take partial control over the user's interaction
with the computer, without the user's informed consent.

While the term spyware suggests software that secretly monitors the user's behavior,
the functions of spyware extend well beyond simple monitoring.

Spyware programs can collect various types of personal information,
such as Internet surfing habit, sites that have been visited,
but can also interfere with user control of the computer in other ways,
such as installing additional software, redirecting Web browser activity,
accessing websites blindly that will cause more harmful viruses,
or diverting advertising revenue to a third party.

Spyware can even change computer settings, resulting in slow connection speeds,
different home pages, and loss of Internet or other programs.
In an attempt to increase the understanding of spyware, a more formal classification
of its included software types is captured under the term privacy-invasive software.
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
They function in the same way as legal remote administration programs used by system administrators.
This makes them difficult to detect.

Backdoors are installed and launched without the consent of the user of computer.
Often the backdoor will not be visible in the log of active programs.

Once a backdoor has been successfully launched, the computer is wide open.
Backdoor functions can include:


  • Launching/ deleting files

  • Sending/ receiving files

  • Deleting data

  • Displaying notification

  • Rebooting the machine

  • Executing files




Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.
Backdoors combine the functionality of most other types of in one package.

Backdoors have one especially dangerous sub-class: variants that can propagate like worms.
Some RAT trojans are pranks that are most likely being controlled by a friend or enemy on
April Fool's day or a holiday. Prank RATS are generally not harmful, and won't log keystrokes or hack.

These utilities are designed to penetrate remote computers
in order to use them as zombies (by using backdoors) or to download other malicious programs to computer.

Exploits use vulnerabilities in operating systems and applications to achieve the same result.

Removing Raven:

you can run trial version of ExterminateIt, or remove Raven manually.

To completely manually remove Raven malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Raven.

Read also:
Remove Vxidl.AFI Trojan
Visi?n.de.Control Backdoor Cleaner

Posted by fresto at 4:14 PM 0 comments

Onfloa Trojan

Click here to remove Onfloa malware
Onfloa description:
Onfloa Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Onfloa:

you can run trial version of ExterminateIt, or remove Onfloa manually.

To completely manually remove Onfloa malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Onfloa.

Read also:
Shaggy Trojan Removal

Posted by fresto at 1:55 PM 0 comments

VCL.Restart Trojan

Click here to remove VCL.Restart malware
VCL.Restart description:
VCL.Restart Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing VCL.Restart:

you can run trial version of ExterminateIt, or remove VCL.Restart manually.

To completely manually remove VCL.Restart malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with VCL.Restart.

Read also:
Removing SageAnalyst Tracking Cookie
Win32.VB.gs Trojan Symptoms

Posted by fresto at 1:11 PM 0 comments

Nulprot Trojan

Click here to remove Nulprot malware
Nulprot description:
Nulprot Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Nulprot:

you can run trial version of ExterminateIt, or remove Nulprot manually.

To completely manually remove Nulprot malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Nulprot.

Read also:
Remove Win32.NetBackup Trojan

Posted by fresto at 12:26 PM 0 comments

Login Trojan

Click here to remove Login malware
Login description:
Login Category:Trojan,Hacker Tool,Hostile Code
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Exploits use vulnerabilities in operating systems and applications to achieve the same result.
Hostile code is any process running on a system that is
not authorized by the system administrator, such as Trojans, viruses, or spyware.

Removing Login:

you can run trial version of ExterminateIt, or remove Login manually.

To completely manually remove Login malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Login.

Read also:
Videogate.VG.Companion BHO Cleaner
Pigeon.APE Trojan Symptoms
SkyRat RAT Removal
Ascend.foo.denial.of.service DoS Symptoms

Posted by fresto at 11:05 AM 0 comments

Bancos.IHI Trojan

Click here to remove Bancos.IHI malware
Bancos.IHI description:
Bancos.IHI Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Bancos.IHI:

you can run trial version of ExterminateIt, or remove Bancos.IHI manually.

To completely manually remove Bancos.IHI malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Bancos.IHI.

Read also:
SillyDl.CNV Trojan Removal instruction
Removing Tactslay Trojan
Playboy Trojan Symptoms

Posted by fresto at 8:51 AM 0 comments

Pigeon.EWH Trojan

Click here to remove Pigeon.EWH malware
Pigeon.EWH description:
Pigeon.EWH Category:Trojan
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Removing Pigeon.EWH:

you can run trial version of ExterminateIt, or remove Pigeon.EWH manually.

To completely manually remove Pigeon.EWH malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Pigeon.EWH.

Read also:
Servedby.Advertising.com Tracking Cookie Cleaner
Removing Progenic RAT

Posted by fresto at 7:35 AM 0 comments

Musanub Trojan

Click here to remove Musanub malware
Musanub description:
Musanub Category:Trojan,Backdoor
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.

Removing Musanub:

you can run trial version of ExterminateIt, or remove Musanub manually.

To completely manually remove Musanub malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Musanub.

Read also:
Pigeon.AVTQ Trojan Cleaner

Posted by fresto at 5:43 AM 0 comments

SillyDl.CHL Trojan

Click here to remove SillyDl.CHL malware
SillyDl.CHL description:
SillyDl.CHL Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Removing SillyDl.CHL:

you can run trial version of ExterminateIt, or remove SillyDl.CHL manually.

To completely manually remove SillyDl.CHL malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with SillyDl.CHL.

Read also:
Sylvia Trojan Cleaner
Ogre.2009!Trojan Trojan Removal instruction
Vxidl.BDY Trojan Symptoms

Posted by fresto at 5:20 AM 0 comments

Monday, January 19, 2009

keywordmax.com Tracking Cookie

Click here to remove keywordmax.com malware
keywordmax.com description:
keywordmax.com Category:Tracking Cookie
Tracking cookies, like regular cookies, are small files that get deposited
onto your computer's hard drive as you browse the Internet.
Unlike harmless cookies that normally let you use certain websites more easily,
tracking cookies usually collect and report information about what websites you visit
and what you do at those websites.

Removing keywordmax.com:

you can run trial version of ExterminateIt, or remove keywordmax.com manually.

To completely manually remove keywordmax.com malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with keywordmax.com.

Read also:
Remove HP.Jetdirect.multiple DoS
SingaRaja Hacker Tool Symptoms
Remove Pigeon.EHF Trojan
Remove SkyRat.Show.version RAT
Removing Cigilog Trojan

Posted by fresto at