Sunday, November 2, 2008

VB.hc Downloader

How To Remove Remove VB.hc?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
VB.hc is dangerous virus:
This family of Trojans downloads and installs new malware or adware on the computer.
The downloader then either launches the new malware or registers it to enable autorun
according to the local operating system requirements.

The names and locations of malware to be downloaded are either coded into the
Trojan or downloaded from a specified website.


VB.hc Symptoms:

Files:
[%SYSTEM%]\logwin.txt
[%SYSTEM%]\MXNOVO2005.EXE
[%SYSTEM%]\logwin.txt
[%SYSTEM%]\MXNOVO2005.EXE

Registry Keys:
HKEY_CURRENT_USER\software\vb and vba program settings\mxnovo2005

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
TrojanDownloader.Win32.Agent.af Trojan Removal
HuntBar.MSIn Hijacker Information
KooWo BHO Symptoms
Media.Access Adware Symptoms
Removing Bancos.ILP Trojan

TopSurfer Toolbar

How To Remove Remove TopSurfer?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
TopSurfer is dangerous virus:
Toolbar presents itself as a helpful add-on for Internet Explorer but it is a real pest.
It replaces your start page, continuosly open a number of pop up windows and so on.


TopSurfer Symptoms:

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{af657644-964c-4348-a8ad-72524b3a3ff1}
HKEY_LOCAL_MACHINE\software\classes\clsid\{af657644-964c-4348-a8ad-72524b3a3ff1}

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
CMD Backdoor Cleaner
Zserv Trojan Cleaner
Slugspins Downloader Cleaner
SillyDl.CJM Downloader Information
Istbar.dr Downloader Symptoms

Rael Trojan

How To Remove Remove Rael?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Rael is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
Often the backdoor will not be visible in the log of active programs.
Trojans-downloaders downloads and installs new malware or adware on the computer.

These programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.

DoS trojans conduct such attacks from a single computer with the consent of the user.

Worms can carry a DoS procedure as part of their payload.


Rael It also known as:

[Kaspersky]Rael.3211

Rael Symptoms:

Files:
[%PROFILE_TEMP%]\AutoUpdate0\setup.inf
[%PROFILE_TEMP%]\AutoUpdate1\setup.inf
[%PROFILE_TEMP%]\AutoUpdate0\setup.inf
[%PROFILE_TEMP%]\AutoUpdate1\setup.inf

Folders:
[%PROGRAM_FILES%]\autoupdate

Registry Keys:
HKEY_LOCAL_MACHINE\Software\AutoLoader


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Keycorder Spyware Removal
Remove Aiesnap Adware
Nilage Trojan Symptoms
Bancos.FGE Trojan Information
TrojanDownloader.Win32.GoldenPalace Trojan Cleaner

Enhancemysearch Adware

How To Remove Remove Enhancemysearch?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Enhancemysearch is dangerous virus:
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

Hijackers are software programs that modify users' default browser home page,
search settings, error page settings, or desktop wallpaper without adequate notice, disclosure,
or user consent.


Enhancemysearch It also known as:

[Kaspersky]Trojan-Dropper.Win32.Delf.z

Enhancemysearch Symptoms:

Files:
[%WINDOWS%]\searchen.dat
[%WINDOWS%]\del.tmp
[%WINDOWS%]\helper101.dll
[%WINDOWS%]\searchen.dat
[%WINDOWS%]\del.tmp
[%WINDOWS%]\helper101.dll

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{017c20c1-f86f-11d8-9b25-000acd002ae3}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{017c20c1-f86f-11d8-9b25-000acd002ae3}


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
OneStep.Search Toolbar Information
SillyDl.CJM Downloader Removal instruction
Removing BEsys Downloader
Remove Expext.MetaDirect BHO
DlRhifrem Trojan Removal instruction

Aiesnap Adware

How To Remove Remove Aiesnap?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Aiesnap is dangerous virus:
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits


Aiesnap Symptoms:

Files:
[%PROGRAM_FILES%]\iesnap\byq.gif
[%PROGRAM_FILES%]\iesnap\dict.lex
[%PROGRAM_FILES%]\iesnap\light.bmp
[%PROGRAM_FILES%]\iesnap\navneg.dll
[%PROGRAM_FILES%]\iesnap\navoct.dll
[%PROGRAM_FILES%]\iesnap\navplay.exe
[%PROGRAM_FILES%]\iesnap\navpref.dll
[%PROGRAM_FILES%]\iesnap\navseg.dll
[%PROGRAM_FILES%]\iesnap\navstub.dll
[%PROGRAM_FILES%]\iesnap\normal.html
[%PROGRAM_FILES%]\iesnap\octact.ini
[%PROGRAM_FILES%]\iesnap\octstate.ini
[%PROGRAM_FILES%]\iesnap\update.ini
[%PROGRAM_FILES%]\iesnap\updictini.ini
[%PROGRAM_FILES%]\iesnap\yq.gif
[%PROGRAM_FILES%]\iesnap\byq.gif
[%PROGRAM_FILES%]\iesnap\dict.lex
[%PROGRAM_FILES%]\iesnap\light.bmp
[%PROGRAM_FILES%]\iesnap\navneg.dll
[%PROGRAM_FILES%]\iesnap\navoct.dll
[%PROGRAM_FILES%]\iesnap\navplay.exe
[%PROGRAM_FILES%]\iesnap\navpref.dll
[%PROGRAM_FILES%]\iesnap\navseg.dll
[%PROGRAM_FILES%]\iesnap\navstub.dll
[%PROGRAM_FILES%]\iesnap\normal.html
[%PROGRAM_FILES%]\iesnap\octact.ini
[%PROGRAM_FILES%]\iesnap\octstate.ini
[%PROGRAM_FILES%]\iesnap\update.ini
[%PROGRAM_FILES%]\iesnap\updictini.ini
[%PROGRAM_FILES%]\iesnap\yq.gif

Folders:
[%PROGRAM_FILES%]\iesnap\updict
[%PROGRAM_FILES%]\iesnap\upoct
[%PROGRAM_FILES%]\iesnap\upoctex

Registry Keys:
HKEY_CLASSES_ROOT\atlbrwoserwnd.atlwebhost
HKEY_CLASSES_ROOT\atlbrwoserwnd.atlwebhost.1
HKEY_CLASSES_ROOT\clsid\{d804ef17-9395-4b09-9aee-09a3ba229407}
HKEY_CLASSES_ROOT\clsid\{fef08814-1c1a-4708-9fee-2f5ecc8bf9ac}
HKEY_CLASSES_ROOT\interface\{02c11476-ef2b-4a1d-ad2b-8136fd45e15e}
HKEY_CLASSES_ROOT\interface\{4c562af2-f327-410e-b1ee-9b9305e1d946}
HKEY_CLASSES_ROOT\interface\{5153aa97-aca2-4de1-a557-31127aaed272}
HKEY_CLASSES_ROOT\mimefilter.htmlfilter
HKEY_CLASSES_ROOT\mimefilter.htmlfilter.1
HKEY_CLASSES_ROOT\typelib\{5aa5bfd0-f2a3-4c58-bedb-613e592e088a}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\navoct
HKEY_LOCAL_MACHINE\software\navoct
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_navoct
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\navoct


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Removing Bancos.INL Trojan
CWS Adware Symptoms
Elogger Spyware Information
Remove Download.AAO Trojan
BEsys Downloader Symptoms

Dialer.RAS.aj Adware

How To Remove Remove Dialer.RAS.aj?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Dialer.RAS.aj is dangerous virus:
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
BHO (Browser Helper Object) Trojan.
The BHO waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.
The method of network transport used by the attacker makes this Trojan unique.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.
Instead, this Trojan encodes the data with a simple XOR algorithm before placing it into
the data section of an ICMP ping packet." explained the company.
When the default home page is hijacked, the browser opens to the web page set by the hijacker
instead of the user's designated home page. In some cases, the hijacker may block users from
restoring their desired home page.
Toolbar presents itself as a helpful add-on for Internet Explorer but it is a real pest.

Dialer.RAS.aj It also known as:

[McAfee]Dialer-RAS.aj;
[Panda]Adware/Xupiter,Dialer.Gen

Dialer.RAS.aj Symptoms:

Files:
[%WINDOWS%]\downloaded program files\xupitertoolbarloader.inf
[%WINDOWS%]\temp\xupitertoolbarinstaller.exe
[%PROFILE_TEMP%]\msgc.tmp10703064614618.exe
[%SYSTEM%]\t.dll
[%SYSTEM%]\xtupdate.dll
[%SYSTEM%]\xupitertoolbar.dll
[%WINDOWS%]\system\t.dll
[%WINDOWS%]\system\xtupdate.dll
[%WINDOWS%]\system\xupitertoolbar.dll
[%WINDOWS%]\downloaded program files\xupitertoolbarloader.inf
[%WINDOWS%]\temp\xupitertoolbarinstaller.exe
[%PROFILE_TEMP%]\msgc.tmp10703064614618.exe
[%SYSTEM%]\t.dll
[%SYSTEM%]\xtupdate.dll
[%SYSTEM%]\xupitertoolbar.dll
[%WINDOWS%]\system\t.dll
[%WINDOWS%]\system\xtupdate.dll
[%WINDOWS%]\system\xupitertoolbar.dll

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{6e6dd93e-1fc3-4f43-8afb-1b7b90c9d3eb}
HKEY_CLASSES_ROOT\interface\{1a8b567b-bd3f-44a1-8b94-f50d37a1914e}
HKEY_CLASSES_ROOT\interface\{3a021d2f-5f75-47f5-9bab-a137e1fb015f}
HKEY_CLASSES_ROOT\interface\{d686db39-659a-491a-a35c-60b99495c16e}
HKEY_CLASSES_ROOT\typelib\{43732063-1bda-45a0-bbee-13e014cb4041}
HKEY_CLASSES_ROOT\typelib\{909e0059-f545-42de-9d2c-cc4a3e336ec3}
HKEY_CLASSES_ROOT\typelib\{c6c2871f-7467-4a35-90fa-9e9894bc1916}
HKEY_CLASSES_ROOT\xtsearch.xtsearchhook
HKEY_CLASSES_ROOT\xtsearch.xtsearchhook.1
HKEY_CLASSES_ROOT\xtupdate.xt
HKEY_CLASSES_ROOT\xtupdate.xt.1
HKEY_CLASSES_ROOT\xupitertoolbar.band
HKEY_CLASSES_ROOT\xupitertoolbar.band.1
HKEY_CURRENT_USER\software\xupiter
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\sqwire
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\xupiter
HKEY_CLASSES_ROOT\clsid\{26fd5192-a97c-4b48-a5d7-2420cfdcfdf2}
HKEY_CLASSES_ROOT\clsid\{3c5ba506-6c30-4738-9ced-797acadea8dc}
HKEY_CLASSES_ROOT\clsid\{a27cfcae-9351-4d74-bffc-21eb19693d8c}
HKEY_CLASSES_ROOT\clsid\{d7b3e460-9968-4191-bd6f-beed1bc18482}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{2662bdd7-05d6-408f-b241-ff98face6054}
HKEY_CLASSES_ROOT\sqtoolbar.band
HKEY_CLASSES_ROOT\sqtoolbar.band.1
HKEY_CLASSES_ROOT\xtupdate.
HKEY_CLASSES_ROOT\xupitertoolbar
HKEY_CURRENT_USER\software\microsoft\internet explorer\menuext\power search
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{280168bc-76bf-4cd0-b835-3d686efa8ddc}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{a27cfcae-9351-4d74-bffc-21eb19693d8c}

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\c:/winnt/downloaded program files/wuinst.dll
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\c:/winnt/downloaded program files/wuinst.dll
HKEY_CURRENT_USER\software\microsoft\internetexplorer\main
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\[%WINDOWS%]/downloaded program files/conflict.1/installer.dll
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\[%WINDOWS%]/downloaded program files/conflict.1/installer.dll
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\[%WINDOWS%]/downloaded program files/wuinst.dll
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\[%WINDOWS%]/downloaded program files/wuinst.dll


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Zlob.Fam.Video AX Enhancement Trojan Information
Remove Public Messenger Trojan
TFactory Downloader Cleaner
Uptofind Toolbar Cleaner
Web.Rebates Adware Removal

Staff.Copp Spyware

How To Remove Remove Staff.Copp?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Staff.Copp is dangerous virus:
Spyware is computer software that is installed surreptitiously on a personal computer
to with the computer, without the user's informed consent.


Staff.Copp Symptoms:

Files:
[%DESKTOP%]\StaffCop.lnk
[%PROGRAM_FILES%]\StaffCop Agent\Agent.exe
[%PROGRAM_FILES%]\StaffCop Agent\msvcr71.dll
[%PROGRAM_FILES%]\StaffCop Agent\unins000.dat
[%PROGRAM_FILES%]\StaffCop Agent\unins000.exe
[%DESKTOP%]\StaffCop.lnk
[%PROGRAM_FILES%]\StaffCop Agent\Agent.exe
[%PROGRAM_FILES%]\StaffCop Agent\msvcr71.dll
[%PROGRAM_FILES%]\StaffCop Agent\unins000.dat
[%PROGRAM_FILES%]\StaffCop Agent\unins000.exe

Folders:
[%COMMON_PROGRAMS%]\StaffCop
[%PROGRAM_FILES%]\StaffCop

Registry Keys:
HKEY_CURRENT_USER\software\staffcop
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\staffcop agent_is1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\staffcop_is1
HKEY_LOCAL_MACHINE\software\staffcop

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Media.Access Adware Cleaner
Bancos.INL Trojan Information
Guard Trojan Symptoms
IESearch BHO Information
Ursnif Trojan Removal instruction

NetCrack Trojan

How To Remove Remove NetCrack?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
NetCrack is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
Often the backdoor will not be visible in the log of active programs.
Many trojans and backdoors now have remote administration capabilities
allowing an individual to control the victim's computer.
Many times a file called the server must be opened on the victim's computer before
the trojan can have access to it.

These are generally sent through email, P2P file sharing software,
and in internet downloads. They are usually disguised as a legitimate program or file.
Many server files will display a fake error message when opened, to make it seem like it didn't open.
Some will also kill antivirus and firewall software.


NetCrack It also known as:

[Kaspersky]Backdoor.NetCrack.11.a,Backdoor.NetCrack.12,Backdoor.NetCrack.13.a,Backdoor.NetCrack.13.b,Backdoor.NetCrack.13.e,Backdoor.NetCrack.13.f;
[McAfee]BackDoor-AJU;
[F-Prot]security risk or a "backdoor" program;
[Panda]Backdoor Program,Bck/NetCrack,Bck/NetCrack.13.b;
[Computer Associates]Backdoor/Netcrack.1.1!Server,Backdoor/NetCrack.11.A!Server,Win32.NetCrack.11,Win32/NetCrack.11!Trojan,Backdoor/NetCrack.12,Backdoor/NetCrack.12!DLL,Win32.Avenger.12,Backdoor/Netcrack.1_3_B,Win32/NPassword_DLL!Trojan,Win32.NetCrack.13,Win32/NetCrack.13.Trojan

NetCrack Symptoms:

Files:
[%WINDOWS%]\system\vrml.exe
[%WINDOWS%]\system\vrml.exe


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Removing Livuto Trojan
Removing Infiltrator Trojan
TrafficJam Adware Symptoms
Free.Keylogger Spyware Symptoms
Removing Bancos.FGE Trojan

Husrtdo Trojan

How To Remove Remove Husrtdo?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Husrtdo is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.


Husrtdo It also known as:

[Kaspersky]Trojan.Win32.Delf.ada;
[McAfee]Spy-Agent.ch;
[Other]Win32/Husrtdo.A

Husrtdo Symptoms:

Files:
[%SYSTEM%]\almqe.exe
[%SYSTEM%]\almqe.dll
[%SYSTEM%]\nekyn.kjm
[%SYSTEM%]\almqe.exe
[%SYSTEM%]\almqe.dll
[%SYSTEM%]\nekyn.kjm

Registry Keys:
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{tlqmpgcq-jyvu-pfap-hqmu-jnflywibhmkb}

Registry Values:
HKEY_CURRENT_USER\software\adobe\ialc
HKEY_CURRENT_USER\software\adobe\ialc


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Livuto Trojan Cleaner
StartPage.adh Hijacker Cleaner
Thrap Trojan Removal
Fuzfle Trojan Removal instruction
Bancos.ILP Trojan Removal

Nilage Trojan

How To Remove Remove Nilage?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Nilage is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.


Nilage It also known as:

[Kaspersky]Trojan-PSW.Win32.Nilage.abh;
[Other]Troj/WoW-EA

Nilage Symptoms:

Files:
[%SYSTEM%]\command.pif
[%SYSTEM%]\dxdiag.com
[%SYSTEM%]\MSCONFIG.COM
[%SYSTEM%]\regedit.com
[%PROGRAM_FILES%]\Internet Explorer\iexplore.com
[%PROGRAM_FILES_COMMON%]\iexplore.pif
[%SYSTEM%]\finder.com
[%SYSTEM%]\rundll32.com
[%WINDOWS%]\1.com
[%WINDOWS%]\Debug\DebugProgram.exe
[%WINDOWS%]\ExERoute.exe
[%WINDOWS%]\explorer.com
[%WINDOWS%]\finder.com
[%SYSTEM%]\command.pif
[%SYSTEM%]\dxdiag.com
[%SYSTEM%]\MSCONFIG.COM
[%SYSTEM%]\regedit.com
[%PROGRAM_FILES%]\Internet Explorer\iexplore.com
[%PROGRAM_FILES_COMMON%]\iexplore.pif
[%SYSTEM%]\finder.com
[%SYSTEM%]\rundll32.com
[%WINDOWS%]\1.com
[%WINDOWS%]\Debug\DebugProgram.exe
[%WINDOWS%]\ExERoute.exe
[%WINDOWS%]\explorer.com
[%WINDOWS%]\finder.com

Registry Keys:
HKEY_CURRENT_USER\software\vb and vba program settings\microsoft soft debuger
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\iexplore.pif


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Thrap Trojan Symptoms
Win32.TrojanDropper.Delf.NAC Trojan Cleaner
Win32 Trojan Removal
eMule Worm Information
Mini.Oblivion Backdoor Symptoms