Thursday, October 16, 2008

TrojanDownloader.Win32.VB.ah Trojan

How To Remove Remove TrojanDownloader.Win32.VB.ah?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
TrojanDownloader.Win32.VB.ah is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Trojans-downloaders downloads and installs new malware or adware on the computer.



TrojanDownloader.Win32.VB.ah It also known as:

[Panda]Trojan Horse

TrojanDownloader.Win32.VB.ah Symptoms:

Files:
[%WINDOWS%]\ast.exe
[%WINDOWS%]\wast.exe
[%WINDOWS%]\ast.exe
[%WINDOWS%]\wast.exe


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Khurak Trojan Removal instruction
Zlob.Fam.Brain Codec Trojan Information
ClientMan.bho1 BHO Removal
Uptofind Toolbar Cleaner
SillyDl.DKZ Downloader Cleaner

SillyDl.DKZ Downloader

How To Remove Remove SillyDl.DKZ?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
SillyDl.DKZ is dangerous virus:
The downloader either launches the new malware or registers it to enable autorun
according to the local operating system requirements.


SillyDl.DKZ It also known as:

[Other]Win32/SillyDl.DKZ,Mal/Packer

SillyDl.DKZ Symptoms:

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{b9751a53-4494-4d7c-9732-ae3058d8145f}
HKEY_CLASSES_ROOT\interface\{e8228620-4388-458d-b0c6-9b380608464d}
HKEY_CLASSES_ROOT\typelib\{7cd28230-f09e-4929-8f14-a7ac01a17007}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{b9751a53-4494-4d7c-9732-ae3058d8145f}


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Khurak Trojan Cleaner
CWS.DNSRelay Hijacker Removal instruction
TrojanDownloader.Win32.Small.rn Downloader Symptoms
Remove Livuto Trojan
Remove Zlob.Fam.Brain Codec Trojan

ClientMan.bho1 BHO

How To Remove Remove ClientMan.bho1?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
ClientMan.bho1 is dangerous virus:
As this information is entered by the user, it is captured by the BHO (Browser Helper Object) and
sent back to the attacker.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.

ClientMan.bho1 Symptoms:

Files:
[%WINDOWS%]\mscdka.dll
[%WINDOWS%]\mseclk.dll
[%WINDOWS%]\mseffm.dll
[%WINDOWS%]\msncjk.dll
[%WINDOWS%]\msobfl.dll
[%WINDOWS%]\mscdka.dll
[%WINDOWS%]\mseclk.dll
[%WINDOWS%]\mseffm.dll
[%WINDOWS%]\msncjk.dll
[%WINDOWS%]\msobfl.dll


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
CWS.DNSRelay Hijacker Information
IETray Adware Cleaner
Win32 Trojan Symptoms
Zlob.Fam.Brain Codec Trojan Information
Remove Uptofind Toolbar

Livuto Trojan

How To Remove Remove Livuto?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Livuto is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
The downloader either launches the new malware or registers it to enable autorun
according to the local operating system requirements.


Livuto It also known as:

[Kaspersky]Trojan-Downloader.Win32.Agent.bgg,Trojan.Win32.Obfuscated.fr,Trojan-Downloader.Win32.QQHelper.mo,Trojan-Downloader.WIn32.Agent.dix,Trojan-Downloader.Win32.Hmir.as,Rootkit.Win32.Agent.fw;
[McAfee]Generic Downloader.ab,Downloader-BBM,AdClicker-ER.dll,BackDoor-CVM;
[Other]Win32/Livuto.Z,Win32/Livuto.X,Win32/Livuto.BW,Win32/Livuto.CB,Adware.NewWeb,Trojan.Farfi,Backdoor:Win32/Farfi.B!sys,Rootkit.gen6,Win32/Livuto.CT,Downloader,TROJ_DLOADER.MPL,Win32/Livuto.CU,Backdoor:Win32/Farfli.B.dll,Farfli.gen3,Win32/Livuto!generic,Rootkit.gen2

Livuto Symptoms:

Files:
[%PROFILE_TEMP%]\HostEx\TempA_.exe
[%PROFILE_TEMP%]\module1.exe
[%PROFILE_TEMP%]\module2.exe
[%PROGRAM_FILES%]\WZCN\cn_ie_wzcn.dll
[%PROGRAM_FILES%]\WZCN\configuration.xml
[%PROGRAM_FILES%]\WZCN\language.ini
[%PROGRAM_FILES%]\WZCN\uninst.exe
[%PROGRAM_FILES%]\WZCN\wazap.ico
[%SYSTEM%]\winttrs
[%WINDOWS%]\system\10310.exe
[%WINDOWS%]\system\Mvvp.dll
[%WINDOWS%]\system\sdfa
[%PROFILE_TEMP%]\HostEx\TempA_.exe
[%PROFILE_TEMP%]\module1.exe
[%PROFILE_TEMP%]\module2.exe
[%PROGRAM_FILES%]\WZCN\cn_ie_wzcn.dll
[%PROGRAM_FILES%]\WZCN\configuration.xml
[%PROGRAM_FILES%]\WZCN\language.ini
[%PROGRAM_FILES%]\WZCN\uninst.exe
[%PROGRAM_FILES%]\WZCN\wazap.ico
[%SYSTEM%]\winttrs
[%WINDOWS%]\system\10310.exe
[%WINDOWS%]\system\Mvvp.dll
[%WINDOWS%]\system\sdfa

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{1f58177b-1cad-42d0-85c1-a4b63c2f0715}
HKEY_CLASSES_ROOT\clsid\{35ec0410-555e-4402-b372-d9a6e0bf6795}
HKEY_CLASSES_ROOT\clsid\{43e40178-0298-4789-b74c-388340a3be6b}
HKEY_CLASSES_ROOT\clsid\{d2a47409-32d6-4dae-ba00-75ed194b16a0}
HKEY_CLASSES_ROOT\clsid\{d500885e-e400-41ca-804b-cd6373a7eef2}
HKEY_CLASSES_ROOT\clsid\{f57f0570-4eeb-4af5-930d-97a35796ae82}
HKEY_CLASSES_ROOT\interface\{5aa68e42-c1f2-449a-8230-5917fa0e6a60}
HKEY_CLASSES_ROOT\interface\{77cf20d2-b091-4496-83da-acb897068778}
HKEY_CLASSES_ROOT\interface\{a0f4099e-ba1a-4d10-89b4-dc0c67db9528}
HKEY_CLASSES_ROOT\interface\{b275354a-9f09-420b-911b-29f8bb8a302d}
HKEY_CLASSES_ROOT\interface\{d99abe4e-0faf-41c3-b482-2da133c5d083}
HKEY_CLASSES_ROOT\soduisearch.datacenter
HKEY_CLASSES_ROOT\soduisearch.datacenter.1
HKEY_CLASSES_ROOT\soduisearch.sodui
HKEY_CLASSES_ROOT\soduisearch.sodui.1
HKEY_CLASSES_ROOT\soduisearch.soduicontainer
HKEY_CLASSES_ROOT\soduisearch.soduicontainer.1
HKEY_CLASSES_ROOT\typelib\{2eae3758-19ac-487a-8999-bc6bb6391e0d}\1.0
HKEY_CLASSES_ROOT\typelib\{af63ff93-7ad3-48f3-a06a-13ebf3c4ddde}\1.0
HKEY_CLASSES_ROOT\wzcn.wzcnbho
HKEY_CLASSES_ROOT\wzcn.wzcnbho.1

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{d500885e-e400-41ca-804b-cd6373a7eef2}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Uptofind Toolbar Symptoms
IETray Adware Cleaner
TrojanDownloader.Win32.Small.rn Downloader Removal
BEsys Downloader Removal instruction
Zlob.Fam.Brain Codec Trojan Cleaner

TrojanDownloader.Win32.Small.rn Downloader

How To Remove Remove TrojanDownloader.Win32.Small.rn?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
TrojanDownloader.Win32.Small.rn is dangerous virus:
This family of Trojans downloads and installs new malware or adware on the computer.
The downloader then either launches the new malware or registers it to enable autorun
according to the local operating system requirements.

The names and locations of malware to be downloaded are either coded into the
Trojan or downloaded from a specified website.


TrojanDownloader.Win32.Small.rn It also known as:

[Panda]Adware/Ndware

TrojanDownloader.Win32.Small.rn Symptoms:

Files:
[%SYSTEM%]\ndw.exe
[%SYSTEM%]\ndw.exe

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Khurak Trojan Cleaner
Win32 Trojan Symptoms
Zlob.Fam.Brain Codec Trojan Symptoms
Remove BEsys Downloader
Uptofind Toolbar Information

Zlob.Fam.Brain Codec Trojan

How To Remove Remove Zlob.Fam.Brain Codec?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Zlob.Fam.Brain Codec is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Adware is the class of programs that place advertisements on your screen.
These may be in the form of pop-ups, pop-unders, advertisements embedded in programs,
advertisements placed on top of ads in web sites, or any other way the authors can
think of showing you an ad.

The pop-ups generally will not be stopped by pop-up stoppers, and often are
not dependent on your having Internet Explorer open.
They may show up when you are playing a game, writing a document, listening to music,
or anything else. Should you be surfing, the advertisements will often be related to
the web page you are viewing.


Zlob.Fam.Brain Codec Symptoms:

Folders:
[%PROGRAM_FILES%]\Brain Codec

Registry Keys:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Brain Codec


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
IETray Adware Information
Nunci Hijacker Removal instruction
Khurak Trojan Removal
Removing Uptofind Toolbar
CWS.DNSRelay Hijacker Information

Win32 Trojan

How To Remove Remove Win32?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Win32 is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
BHO (Browser Helper Object) Trojan.
The BHO waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.
The method of network transport used by the attacker makes this Trojan unique.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.
Instead, this Trojan encodes the data with a simple XOR algorithm before placing it into
the data section of an ICMP ping packet." explained the company.
Worms can be classified by installation method, launch method and finally according
to characteristics standard to all malware: polymorphism, stealth etc.

Many of the worms which managed to cause significant outbreaks use more then
one propagation method as well as more than one infection technique.

Backdoors combine the functionality of most other types of in one package.
Backdoors have one especially dangerous sub-class: variants that can propagate like worms.

Some RAT trojans are pranks that are most likely being controlled by a friend or enemy on
April Fool's day or a holiday. Prank RATS are generally not harmful, and won't log keystrokes or hack.

These utilities are designed to penetrate remote computers
in order to use them as zombies (by using backdoors) or to download other malicious programs to computer.

Exploits use vulnerabilities in operating systems and applications to achieve the same result.
These programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.

DoS trojans conduct such attacks from a single computer with the consent of the user.

Worms can carry a DoS procedure as part of their payload.


Win32 It also known as:

[Kaspersky]Backdoor.GF.13,Nuker.c2;
[Eset]Win32/Dialer.U trojan;
[McAfee]GirlFriend;
[F-Prot]destructive program;
[Panda]Trj/AF.20,Dialer.Gen,Dialer.UM,Dialer.JL,Dialer.BB,Trojan Horse,Dialer.KI,Bck/GF.13,Trj/W32.Nuker.c2;
[Other]Adware-SafeSurf.dr,W32/Agen.HLE

Win32 Symptoms:

Files:
[%PROFILE%]\start menu\w1inmovieplugin.lnk
[%SYSTEM%]\services\dial.exe
[%WINDOWS%]\system\services\coolers.exe
[%WINDOWS%]\system\services\dale.exe
[%WINDOWS%]\system\services\losvse.exe
[%PROFILE%]\start menu\w1inmovieplugin.lnk
[%SYSTEM%]\services\dial.exe
[%WINDOWS%]\system\services\coolers.exe
[%WINDOWS%]\system\services\dale.exe
[%WINDOWS%]\system\services\losvse.exe

Folders:
[%PROGRAM_FILES%]\dfind.x32
[%PROGRAM_FILES%]\dfind.x64

Registry Keys:
HKEY_CURRENT_USER\software\dfind.x32
HKEY_CURRENT_USER\software\dfind.x64
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\dfind32109
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\dfind64109


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
CWS Adware Cleaner
BEsys Downloader Cleaner
Removing IETray Adware
Nunci Hijacker Symptoms
CWS.DNSRelay Hijacker Removal