Thursday, December 4, 2008

Nuvens Trojan

How To Remove Nuvens?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Nuvens is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits


Nuvens It also known as:

[Kaspersky]Trojan-Dropper.Win32.Agent.aue,Trojan-Downloader.Win32.Zlob.aaz,Trojan-Downloader.Win32.Zlob.aua,Trojan-Downloader.Win32.Zlob.asf,Trojan-Downlaoder.Win32.Zlob.asd,Trojan-Downloader.Win32.Zlob.bed,Trojan-downloader.Win32.Zlob.bon,Trojan-Downloader.Win32.Zlob.drd;
[McAfee]Puper.dr;
[F-Prot]W32/Zlob.XA;
[Other]Win32/Nuvens.G,Win32/Nuvens.L,Win32/Nuvens.F,Win32/Nuevens.AG,Trojan.Emcodec,Win32/Nuvens.AM,Win32/Nuvens.AL,Win32/Nuvens.C,Trojan.Zlob,Win32/Nuvens.D,Win32.Nuvens.AS,W32/ZlobNS.gen9,Win32/Nuvens.AW,Win32/Nuvens.BD,Win32/Nuvens.AZ,Win32/Nuvens.BB,Win32/Nuvens.BI,Win32/Nuvens.BJ,Win32/Nuvens.BG,Win32/Nuvens.BH,Troj/Zlob-VP,TROJ_ZLOB.BEJ,Win32/Nuvens.U,Win32/Nuvens.CU,Trojan-Downloader.Zlob.Media-Codec,W32/Zlob.AEZS,Troj/Zlobun-Gen,Win32/Nuvens.CH,Win32/Nuvens.DA,Win32/Nuvens.DD,Win32/Nuvens.DE,Win32/Nuvens.DH,Win32/Nuvens.FW,Win32/Nuvens.FX,Win32/Nuvens.FZ,TROJ_ZLOB.DEM,Mal/Zlob-A,Win32/Nuvens.EH,DNSChanger.gen10,TROJ_ZLOB.DOB,Win32/Nuvens.PE,TrojanDownloader:Win32/Zlob.gen!dll,TROJ_ZLOB.EDH,Troj/Zlobar-Fam,Win32/Nuvens.PG,Win32/Nuvens.PH,Trojan:Win32/Zlob.ZWC,Troj/Zlob-AGJ,TrojanDownloader:Win32/Zlob.gen!AL

Nuvens Symptoms:

Files:
[%COMMON_DESKTOPDIRECTORY%]\Online Security Guide.url
[%COMMON_DESKTOPDIRECTORY%]\Security Troubleshooting.url
[%COMMON_STARTMENU%]\Online Security Guide.url
[%COMMON_STARTMENU%]\Security Troubleshooting.url
[%PROGRAM_FILES%]\AOL Toolbar\toolbar.dll
[%PROGRAM_FILES%]\PaintingRoom\paintingroomclasses.dll
[%PROGRAM_FILES%]\PCODEC\uninst.exe
[%PROGRAM_FILES%]\Video ActiveX Object\uninst.exe
[%SYSTEM%]\update26313404.exe
[%SYSTEM%]\vcodec.exe
[%DESKTOP%]\PornMag Pass.lnk
[%DESKTOP%]\PornPass Manager.lnk
[%SYSTEM%]\sttwrd.dll
[%COMMON_DESKTOPDIRECTORY%]\Online Security Guide.url
[%COMMON_DESKTOPDIRECTORY%]\Security Troubleshooting.url
[%COMMON_STARTMENU%]\Online Security Guide.url
[%COMMON_STARTMENU%]\Security Troubleshooting.url
[%PROGRAM_FILES%]\AOL Toolbar\toolbar.dll
[%PROGRAM_FILES%]\PaintingRoom\paintingroomclasses.dll
[%PROGRAM_FILES%]\PCODEC\uninst.exe
[%PROGRAM_FILES%]\Video ActiveX Object\uninst.exe
[%SYSTEM%]\update26313404.exe
[%SYSTEM%]\vcodec.exe
[%DESKTOP%]\PornMag Pass.lnk
[%DESKTOP%]\PornPass Manager.lnk
[%SYSTEM%]\sttwrd.dll

Folders:
[%PROGRAM_FILES%]\Gold Codec
[%PROGRAM_FILES%]\Image ActiveX Access
[%PROGRAM_FILES%]\IntCodec
[%PROGRAM_FILES%]\iVideoCodec
[%PROGRAM_FILES%]\MMediaCodec
[%PROGRAM_FILES%]\MPVIDEOCODEC
[%PROGRAM_FILES%]\Online Image Add-on
[%PROGRAM_FILES%]\paintingroom
[%PROGRAM_FILES%]\PornMag Pass
[%PROGRAM_FILES%]\PornPass Manager
[%PROGRAM_FILES%]\QualityCodec
[%PROGRAM_FILES%]\SoftCodec
[%PROGRAM_FILES%]\StrCodec
[%PROGRAM_FILES%]\Video ActiveX Access
[%PROGRAM_FILES%]\Video ActiveX Object
[%PROGRAM_FILES%]\VideoCompressionCodec
[%PROGRAM_FILES%]\VideoKeyCodec
[%PROGRAM_FILES%]\VideosCodec
[%PROGRAMS%]\Gold Codec
[%PROGRAMS%]\IntCodec
[%PROGRAMS%]\PornMag Pass
[%PROGRAMS%]\PornPass Manager
[%PROGRAM_FILES%]\Brain Codec

Registry Keys:
HKEY_CLASSES_ROOT\AVZipEnchancer.Chl
HKEY_CLASSES_ROOT\clsid\{fe8aca46-adf0-4785-b550-89762dc330e6}
HKEY_CLASSES_ROOT\codecssoftwarepackage.chl
HKEY_CLASSES_ROOT\emediacodek.chl
HKEY_CLASSES_ROOT\imageactivexobject.chl
HKEY_CLASSES_ROOT\interface\{e29be7f1-e2d8-4036-91ce-c3f8aac42495}
HKEY_CLASSES_ROOT\paintingroomclasses.animatedicon
HKEY_CLASSES_ROOT\paintingroomclasses.animatedicon.1
HKEY_CLASSES_ROOT\typelib\{979c2ead-48cb-454a-adfa-a123158dd508}
HKEY_CLASSES_ROOT\videoaxobject.chl
HKEY_CLASSES_ROOT\VSEnchancer.Chl
HKEY_CURRENT_USER\Software\Internet Security
HKEY_CURRENT_USER\Software\Online Add-on
HKEY_CURRENT_USER\software\paintingroom
HKEY_CURRENT_USER\Software\PornMag Pass
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iVideoCodec
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MMediaCodec
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MPVIDEOCODEC
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\PornMag Pass
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PornPass Manager
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QualityCodec
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftCodec
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\strCodec
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video ActiveX Object
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video AX Object
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VideoCompressionCodec
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VideoKeyCodec
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VideosCodec
HKEY_LOCAL_MACHINE\software\paintingroom
HKEY_CLASSES_ROOT\avzipenchancer.chl
HKEY_CLASSES_ROOT\clsid\{f0c5ef8b-f4bb-4612-9ea8-361fff3da3d5}
HKEY_CLASSES_ROOT\imageactivexobject
HKEY_CLASSES_ROOT\videoaccessactivex.chl
HKEY_CLASSES_ROOT\vsenchancer.chl
HKEY_CURRENT_USER\software\online add-on
HKEY_CURRENT_USER\software\pornmag pass
HKEY_CURRENT_USER\software\\internet security
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\brain codec
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\image activex solution
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\ivideocodec
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\mmediacodec
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\mpvideocodec
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\pornmag pass
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\pornpass manager
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\qualitycodec
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\softcodec
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\strcodec
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\video activex object
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\video add-on
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\video ax object
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\videocompressioncodec
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\videokeycodec
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\videoscodec

Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\intcodec
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\intcodec
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\intcodec
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\intcodec
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\intcodec
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\intcodec
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\intcodec
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\pcodec
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\pcodec
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\pcodec
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\pcodec
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\pcodec
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\pcodec
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\pcodec
HKEY_CURRENT_USER\software\security tools
HKEY_CURRENT_USER\software\security tools
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\intcodec
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\intcodec
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\intcodec
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\intcodec
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\intcodec
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\intcodec
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\intcodec
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\pcodec
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\pcodec
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\pcodec
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\pcodec
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\pcodec
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\pcodec
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\pcodec


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Lufoure Trojan Information

No comments: