Sunday, November 16, 2008

Kather Trojan

How To Remove Kather?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Kather is dangerous virus:
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Trojans-downloaders downloads and installs new malware or adware on the computer.

Kather It also known as:

[Panda]Trojan Horse.LC;
[Computer Associates]Win32.Kather.D,Win32/Kather.c!Downloader

Kather Symptoms:

Files:
[%DESKTOP%]\backup from old drive\Program Files\Citrix\GoToMyPC\g2svc.exe
[%DESKTOP%]\backup from old drive\Program Files\Citrix\GoToMyPC\gopcsrv.exe
[%MYVIDEO%]\Program Files\Citrix\GoToMyPC\g2svc.exe
[%MYVIDEO%]\Program Files\Citrix\GoToMyPC\gopcsrv.exe
[%PROGRAM_FILES%]\Citrix\GoToMyPC\g2comm.exe
[%PROGRAM_FILES%]\Citrix\GoToMyPC\g2fileh.exe
[%PROGRAM_FILES%]\Citrix\GoToMyPC\g2host.exe
[%PROGRAM_FILES%]\Citrix\GoToMyPC\g2mainh.exe
[%PROGRAM_FILES%]\Citrix\GoToMyPC\g2pre.exe
[%PROGRAM_FILES%]\Citrix\GoToMyPC\g2printh.exe
[%PROGRAM_FILES%]\Citrix\GoToMyPC\G2ProcessFactory.exe
[%PROGRAM_FILES%]\Citrix\GoToMyPC\g2svc.exe
[%PROGRAM_FILES%]\Citrix\GoToMyPC\g2tray.exe
[%PROGRAM_FILES%]\Citrix\GoToMyPC\G2WinLogon.dll
[%PROGRAM_FILES%]\Citrix\GoToMyPC\g2winlogon_x64.dll
[%PROGRAM_FILES%]\Citrix\GoToMyPC\gopcsrv.exe
[%PROGRAM_FILES%]\Citrix\GoToMyPC\gotomon.dll
[%SYSTEM%]\gotomon.dll
[%DESKTOP%]\backup from old drive\Program Files\Citrix\GoToMyPC\g2svc.exe
[%DESKTOP%]\backup from old drive\Program Files\Citrix\GoToMyPC\gopcsrv.exe
[%MYVIDEO%]\Program Files\Citrix\GoToMyPC\g2svc.exe
[%MYVIDEO%]\Program Files\Citrix\GoToMyPC\gopcsrv.exe
[%PROGRAM_FILES%]\Citrix\GoToMyPC\g2comm.exe
[%PROGRAM_FILES%]\Citrix\GoToMyPC\g2fileh.exe
[%PROGRAM_FILES%]\Citrix\GoToMyPC\g2host.exe
[%PROGRAM_FILES%]\Citrix\GoToMyPC\g2mainh.exe
[%PROGRAM_FILES%]\Citrix\GoToMyPC\g2pre.exe
[%PROGRAM_FILES%]\Citrix\GoToMyPC\g2printh.exe
[%PROGRAM_FILES%]\Citrix\GoToMyPC\G2ProcessFactory.exe
[%PROGRAM_FILES%]\Citrix\GoToMyPC\g2svc.exe
[%PROGRAM_FILES%]\Citrix\GoToMyPC\g2tray.exe
[%PROGRAM_FILES%]\Citrix\GoToMyPC\G2WinLogon.dll
[%PROGRAM_FILES%]\Citrix\GoToMyPC\g2winlogon_x64.dll
[%PROGRAM_FILES%]\Citrix\GoToMyPC\gopcsrv.exe
[%PROGRAM_FILES%]\Citrix\GoToMyPC\gotomon.dll
[%SYSTEM%]\gotomon.dll

Folders:
[%PROGRAM_FILES%]\citrix\gotomypc

Registry Keys:
HKEY_CLASSES_ROOT\gotomypc.starthereloader
HKEY_CLASSES_ROOT\gotomypc.starthereloader.1
HKEY_LOCAL_MACHINE\software\citrix\gotomypc
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\gotomypc
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\g2svc.exe
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\print\monitors\gotomypc port
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gotomypc

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Comforest Trojan Cleaner
Removing System33 Trojan
WebAccount Adware Information

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)