Saturday, October 18, 2008

Zserv Trojan

How To Remove Remove Zserv?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Zserv is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
Trojans-downloaders downloads and installs new malware or adware on the computer.

Zserv It also known as:

[Kaspersky]TrojanDownloader.Win32.Agent.ae;
[Eset]Win32/TrojanDownloader.Agent.AE trojan;
[Panda]Trj/Downloader.GK;
[Computer Associates]Win32.SillyDl.CM,Win32/SillyDL.37888!Trojan

Zserv Symptoms:

Files:
[%PROFILE_TEMP%]\THI14B9.tmp\zserv.inf
[%PROFILE_TEMP%]\THI1571.tmp\zserv.inf
[%PROFILE_TEMP%]\THI179.tmp\zserv.inf
[%PROFILE_TEMP%]\THI1E3A.tmp\zserv.inf
[%PROFILE_TEMP%]\THI1F2E.tmp\zserv.inf
[%PROFILE_TEMP%]\THI1F92.tmp\zserv.inf
[%PROFILE_TEMP%]\THI1F98.tmp\zserv.inf
[%PROFILE_TEMP%]\THI214B.tmp\zserv.inf
[%PROFILE_TEMP%]\THI2545.tmp\zserv.inf
[%PROFILE_TEMP%]\THI26AD.tmp\zserv.inf
[%PROFILE_TEMP%]\THI270F.tmp\zserv.inf
[%PROFILE_TEMP%]\THI28B1.tmp\zserv.inf
[%PROFILE_TEMP%]\THI2DED.tmp\zserv.inf
[%PROFILE_TEMP%]\THI2E49.tmp\zserv.inf
[%PROFILE_TEMP%]\THI2F1A.tmp\zserv.inf
[%PROFILE_TEMP%]\THI2F24.tmp\zserv.inf
[%PROFILE_TEMP%]\THI30C6.tmp\zserv.inf
[%PROFILE_TEMP%]\THI31A1.tmp\zserv.inf
[%PROFILE_TEMP%]\THI3203.tmp\zserv.inf
[%PROFILE_TEMP%]\THI321.tmp\zserv.inf
[%PROFILE_TEMP%]\THI334E.tmp\zserv.inf
[%PROFILE_TEMP%]\THI3459.tmp\zserv.inf
[%PROFILE_TEMP%]\THI366F.tmp\zserv.inf
[%PROFILE_TEMP%]\THI37CB.tmp\zserv.inf
[%PROFILE_TEMP%]\THI397C.tmp\zserv.inf
[%PROFILE_TEMP%]\THI39BF.tmp\zserv.inf
[%PROFILE_TEMP%]\THI3BF4.tmp\zserv.inf
[%PROFILE_TEMP%]\THI407B.tmp\zserv.inf
[%PROFILE_TEMP%]\THI4081.tmp\zserv.inf
[%PROFILE_TEMP%]\THI4369.tmp\zserv.inf
[%PROFILE_TEMP%]\THI44B3.tmp\zserv.inf
[%PROFILE_TEMP%]\THI497D.tmp\zserv.inf
[%PROFILE_TEMP%]\THI49C7.tmp\zserv.inf
[%PROFILE_TEMP%]\THI4CE6.tmp\zserv.inf
[%PROFILE_TEMP%]\THI4DED.tmp\zserv.inf
[%PROFILE_TEMP%]\THI4E63.tmp\zserv.inf
[%PROFILE_TEMP%]\THI500B.tmp\zserv.inf
[%PROFILE_TEMP%]\THI509.tmp\zserv.inf
[%PROFILE_TEMP%]\THI50D.tmp\zserv.inf
[%PROFILE_TEMP%]\THI5297.tmp\zserv.inf
[%PROFILE_TEMP%]\THI55D3.tmp\zserv.inf
[%PROFILE_TEMP%]\THI56BF.tmp\zserv.inf
[%PROFILE_TEMP%]\THI56C5.tmp\zserv.inf
[%PROFILE_TEMP%]\THI5780.tmp\zserv.inf
[%PROFILE_TEMP%]\THI593B.tmp\zserv.inf
[%PROFILE_TEMP%]\THI5B86.tmp\zserv.inf
[%PROFILE_TEMP%]\THI5E93.tmp\zserv.inf
[%PROFILE_TEMP%]\THI5ECD.tmp\zserv.inf
[%PROFILE_TEMP%]\THI5F39.tmp\zserv.inf
[%PROFILE_TEMP%]\THI6364.tmp\zserv.inf
[%PROFILE_TEMP%]\THI650A.tmp\zserv.inf
[%PROFILE_TEMP%]\THI65B2.tmp\zserv.inf
[%PROFILE_TEMP%]\THI6605.tmp\zserv.inf
[%PROFILE_TEMP%]\THI6929.tmp\zserv.inf
[%PROFILE_TEMP%]\THI6C80.tmp\zserv.inf
[%PROFILE_TEMP%]\THI6D25.tmp\zserv.inf
[%PROFILE_TEMP%]\THI6E3A.tmp\zserv.inf
[%PROFILE_TEMP%]\THI6E6C.tmp\zserv.inf
[%PROFILE_TEMP%]\THI6FBC.tmp\zserv.inf
[%PROFILE_TEMP%]\THI70DD.tmp\zserv.inf
[%PROFILE_TEMP%]\THI727E.tmp\zserv.inf
[%PROFILE_TEMP%]\THI7373.tmp\zserv.inf
[%PROFILE_TEMP%]\THI7438.tmp\zserv.inf
[%PROFILE_TEMP%]\THI76A1.tmp\zserv.inf
[%PROFILE_TEMP%]\THI76F0.tmp\zserv.inf
[%PROFILE_TEMP%]\THI77BF.tmp\zserv.inf
[%PROFILE_TEMP%]\THI77EE.tmp\zserv.inf
[%PROFILE_TEMP%]\THI78DF.tmp\zserv.inf
[%PROFILE_TEMP%]\THI7A45.tmp\zserv.inf
[%PROFILE_TEMP%]\THI7D53.tmp\zserv.inf
[%PROFILE_TEMP%]\THI7F4.tmp\zserv.inf
[%PROFILE_TEMP%]\THIA83.tmp\zserv.inf
[%PROFILE_TEMP%]\THIE6C.tmp\zserv.inf
[%PROFILE_TEMP%]\zserv.inf
[%WINDOWS%]\inf\zserv.inf
[%WINDOWS%]\ZServ.dll
[%WINDOWS%]\zserv.dll
[%PROFILE_TEMP%]\THI14B9.tmp\zserv.inf
[%PROFILE_TEMP%]\THI1571.tmp\zserv.inf
[%PROFILE_TEMP%]\THI179.tmp\zserv.inf
[%PROFILE_TEMP%]\THI1E3A.tmp\zserv.inf
[%PROFILE_TEMP%]\THI1F2E.tmp\zserv.inf
[%PROFILE_TEMP%]\THI1F92.tmp\zserv.inf
[%PROFILE_TEMP%]\THI1F98.tmp\zserv.inf
[%PROFILE_TEMP%]\THI214B.tmp\zserv.inf
[%PROFILE_TEMP%]\THI2545.tmp\zserv.inf
[%PROFILE_TEMP%]\THI26AD.tmp\zserv.inf
[%PROFILE_TEMP%]\THI270F.tmp\zserv.inf
[%PROFILE_TEMP%]\THI28B1.tmp\zserv.inf
[%PROFILE_TEMP%]\THI2DED.tmp\zserv.inf
[%PROFILE_TEMP%]\THI2E49.tmp\zserv.inf
[%PROFILE_TEMP%]\THI2F1A.tmp\zserv.inf
[%PROFILE_TEMP%]\THI2F24.tmp\zserv.inf
[%PROFILE_TEMP%]\THI30C6.tmp\zserv.inf
[%PROFILE_TEMP%]\THI31A1.tmp\zserv.inf
[%PROFILE_TEMP%]\THI3203.tmp\zserv.inf
[%PROFILE_TEMP%]\THI321.tmp\zserv.inf
[%PROFILE_TEMP%]\THI334E.tmp\zserv.inf
[%PROFILE_TEMP%]\THI3459.tmp\zserv.inf
[%PROFILE_TEMP%]\THI366F.tmp\zserv.inf
[%PROFILE_TEMP%]\THI37CB.tmp\zserv.inf
[%PROFILE_TEMP%]\THI397C.tmp\zserv.inf
[%PROFILE_TEMP%]\THI39BF.tmp\zserv.inf
[%PROFILE_TEMP%]\THI3BF4.tmp\zserv.inf
[%PROFILE_TEMP%]\THI407B.tmp\zserv.inf
[%PROFILE_TEMP%]\THI4081.tmp\zserv.inf
[%PROFILE_TEMP%]\THI4369.tmp\zserv.inf
[%PROFILE_TEMP%]\THI44B3.tmp\zserv.inf
[%PROFILE_TEMP%]\THI497D.tmp\zserv.inf
[%PROFILE_TEMP%]\THI49C7.tmp\zserv.inf
[%PROFILE_TEMP%]\THI4CE6.tmp\zserv.inf
[%PROFILE_TEMP%]\THI4DED.tmp\zserv.inf
[%PROFILE_TEMP%]\THI4E63.tmp\zserv.inf
[%PROFILE_TEMP%]\THI500B.tmp\zserv.inf
[%PROFILE_TEMP%]\THI509.tmp\zserv.inf
[%PROFILE_TEMP%]\THI50D.tmp\zserv.inf
[%PROFILE_TEMP%]\THI5297.tmp\zserv.inf
[%PROFILE_TEMP%]\THI55D3.tmp\zserv.inf
[%PROFILE_TEMP%]\THI56BF.tmp\zserv.inf
[%PROFILE_TEMP%]\THI56C5.tmp\zserv.inf
[%PROFILE_TEMP%]\THI5780.tmp\zserv.inf
[%PROFILE_TEMP%]\THI593B.tmp\zserv.inf
[%PROFILE_TEMP%]\THI5B86.tmp\zserv.inf
[%PROFILE_TEMP%]\THI5E93.tmp\zserv.inf
[%PROFILE_TEMP%]\THI5ECD.tmp\zserv.inf
[%PROFILE_TEMP%]\THI5F39.tmp\zserv.inf
[%PROFILE_TEMP%]\THI6364.tmp\zserv.inf
[%PROFILE_TEMP%]\THI650A.tmp\zserv.inf
[%PROFILE_TEMP%]\THI65B2.tmp\zserv.inf
[%PROFILE_TEMP%]\THI6605.tmp\zserv.inf
[%PROFILE_TEMP%]\THI6929.tmp\zserv.inf
[%PROFILE_TEMP%]\THI6C80.tmp\zserv.inf
[%PROFILE_TEMP%]\THI6D25.tmp\zserv.inf
[%PROFILE_TEMP%]\THI6E3A.tmp\zserv.inf
[%PROFILE_TEMP%]\THI6E6C.tmp\zserv.inf
[%PROFILE_TEMP%]\THI6FBC.tmp\zserv.inf
[%PROFILE_TEMP%]\THI70DD.tmp\zserv.inf
[%PROFILE_TEMP%]\THI727E.tmp\zserv.inf
[%PROFILE_TEMP%]\THI7373.tmp\zserv.inf
[%PROFILE_TEMP%]\THI7438.tmp\zserv.inf
[%PROFILE_TEMP%]\THI76A1.tmp\zserv.inf
[%PROFILE_TEMP%]\THI76F0.tmp\zserv.inf
[%PROFILE_TEMP%]\THI77BF.tmp\zserv.inf
[%PROFILE_TEMP%]\THI77EE.tmp\zserv.inf
[%PROFILE_TEMP%]\THI78DF.tmp\zserv.inf
[%PROFILE_TEMP%]\THI7A45.tmp\zserv.inf
[%PROFILE_TEMP%]\THI7D53.tmp\zserv.inf
[%PROFILE_TEMP%]\THI7F4.tmp\zserv.inf
[%PROFILE_TEMP%]\THIA83.tmp\zserv.inf
[%PROFILE_TEMP%]\THIE6C.tmp\zserv.inf
[%PROFILE_TEMP%]\zserv.inf
[%WINDOWS%]\inf\zserv.inf
[%WINDOWS%]\ZServ.dll
[%WINDOWS%]\zserv.dll

Registry Keys:
HKEY_CLASSES_ROOT\CLSID\{00000000-C1EC-0345-6EC2-4D0300000000}
HKEY_CLASSES_ROOT\interface\{a93b84c6-5278-473a-8027-f6304a291a7a}
HKEY_CLASSES_ROOT\typelib\{f0f4c299-735e-4eac-b2f9-f97324d5cc1d}
HKEY_CLASSES_ROOT\zservdll.zservdllobj
HKEY_CLASSES_ROOT\zservdll.zservdllobj.1
HKEY_CURRENT_USER\software\zserv
HKEY_LOCAL_MACHINE\software\couponage
HKEY_CLASSES_ROOT\clsid\{00000000-c1ec-0345-6ec2-4d0300000000}

You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Removing Ursnif Trojan
Win32 Trojan Cleaner
Nunci Hijacker Removal instruction
ThumbSnatcher Adware Information
BEsys Downloader Symptoms

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)