Kill Computer Virus: 11/02/08

Sunday, November 2, 2008

VB.hc Downloader

How To Remove Remove VB.hc?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.

VB.hc is dangerous virus:
This family of Trojans downloads and installs new malware or adware on the computer.
The downloader then either launches the new malware or registers it to enable autorun
according to the local operating system requirements.

The names and locations of malware to be downloaded are either coded into the
Trojan or downloaded from a specified website.

VB.hc Symptoms:

Files: [%SYSTEM%]\logwin.txt [%SYSTEM%]\MXNOVO2005.EXE [%SYSTEM%]\logwin.txt [%SYSTEM%]\MXNOVO2005.EXE

Registry Keys: HKEY_CURRENT_USER\software\vb and vba program settings\mxnovo2005

Registry Values: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices

You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
TrojanDownloader.Win32.Agent.af Trojan Removal
HuntBar.MSIn Hijacker Information
KooWo BHO Symptoms
Media.Access Adware Symptoms
Removing Bancos.ILP Trojan

TopSurfer Toolbar

How To Remove Remove TopSurfer?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.

TopSurfer is dangerous virus:
Toolbar presents itself as a helpful add-on for Internet Explorer but it is a real pest.
It replaces your start page, continuosly open a number of pop up windows and so on.

TopSurfer Symptoms:

Registry Keys: HKEY_CLASSES_ROOT\clsid\{af657644-964c-4348-a8ad-72524b3a3ff1} HKEY_LOCAL_MACHINE\software\classes\clsid\{af657644-964c-4348-a8ad-72524b3a3ff1}

Registry Values: HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar

You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
CMD Backdoor Cleaner
Zserv Trojan Cleaner
Slugspins Downloader Cleaner
SillyDl.CJM Downloader Information
Istbar.dr Downloader Symptoms

Rael Trojan

How To Remove Remove Rael?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.

Rael is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
Often the backdoor will not be visible in the log of active programs.
Trojans-downloaders downloads and installs new malware or adware on the computer.

These programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.

DoS trojans conduct such attacks from a single computer with the consent of the user.

Worms can carry a DoS procedure as part of their payload.

Rael It also known as:


[Kaspersky]Rael.3211

Rael Symptoms:

Files: [%PROFILE_TEMP%]\AutoUpdate0\setup.inf [%PROFILE_TEMP%]\AutoUpdate1\setup.inf [%PROFILE_TEMP%]\AutoUpdate0\setup.inf [%PROFILE_TEMP%]\AutoUpdate1\setup.inf

Folders: [%PROGRAM_FILES%]\autoupdate

Registry Keys: HKEY_LOCAL_MACHINE\Software\AutoLoader

You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Keycorder Spyware Removal
Remove Aiesnap Adware
Nilage Trojan Symptoms
Bancos.FGE Trojan Information
TrojanDownloader.Win32.GoldenPalace Trojan Cleaner

Enhancemysearch Adware

How To Remove Remove Enhancemysearch?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.

Enhancemysearch is dangerous virus:
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

Hijackers are software programs that modify users' default browser home page,
search settings, error page settings, or desktop wallpaper without adequate notice, disclosure,
or user consent.

Enhancemysearch It also known as:


[Kaspersky]Trojan-Dropper.Win32.Delf.z

Enhancemysearch Symptoms:

Files: [%WINDOWS%]\searchen.dat [%WINDOWS%]\del.tmp [%WINDOWS%]\helper101.dll [%WINDOWS%]\searchen.dat [%WINDOWS%]\del.tmp [%WINDOWS%]\helper101.dll

Registry Keys: HKEY_CLASSES_ROOT\clsid\{017c20c1-f86f-11d8-9b25-000acd002ae3} HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{017c20c1-f86f-11d8-9b25-000acd002ae3}

You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
OneStep.Search Toolbar Information
SillyDl.CJM Downloader Removal instruction
Removing BEsys Downloader
Remove Expext.MetaDirect BHO
DlRhifrem Trojan Removal instruction

Aiesnap Adware

How To Remove Remove Aiesnap?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.

Aiesnap is dangerous virus:
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits

Aiesnap Symptoms:

Files: [%PROGRAM_FILES%]\iesnap\byq.gif [%PROGRAM_FILES%]\iesnap\dict.lex [%PROGRAM_FILES%]\iesnap\light.bmp [%PROGRAM_FILES%]\iesnap\navneg.dll [%PROGRAM_FILES%]\iesnap\navoct.dll [%PROGRAM_FILES%]\iesnap\navplay.exe [%PROGRAM_FILES%]\iesnap\navpref.dll [%PROGRAM_FILES%]\iesnap\navseg.dll [%PROGRAM_FILES%]\iesnap\navstub.dll [%PROGRAM_FILES%]\iesnap\normal.html [%PROGRAM_FILES%]\iesnap\octact.ini [%PROGRAM_FILES%]\iesnap\octstate.ini [%PROGRAM_FILES%]\iesnap\update.ini [%PROGRAM_FILES%]\iesnap\updictini.ini [%PROGRAM_FILES%]\iesnap\yq.gif [%PROGRAM_FILES%]\iesnap\byq.gif [%PROGRAM_FILES%]\iesnap\dict.lex [%PROGRAM_FILES%]\iesnap\light.bmp [%PROGRAM_FILES%]\iesnap\navneg.dll [%PROGRAM_FILES%]\iesnap\navoct.dll [%PROGRAM_FILES%]\iesnap\navplay.exe [%PROGRAM_FILES%]\iesnap\navpref.dll [%PROGRAM_FILES%]\iesnap\navseg.dll [%PROGRAM_FILES%]\iesnap\navstub.dll [%PROGRAM_FILES%]\iesnap\normal.html [%PROGRAM_FILES%]\iesnap\octact.ini [%PROGRAM_FILES%]\iesnap\octstate.ini [%PROGRAM_FILES%]\iesnap\update.ini [%PROGRAM_FILES%]\iesnap\updictini.ini [%PROGRAM_FILES%]\iesnap\yq.gif

Folders: [%PROGRAM_FILES%]\iesnap\updict [%PROGRAM_FILES%]\iesnap\upoct [%PROGRAM_FILES%]\iesnap\upoctex

Registry Keys: HKEY_CLASSES_ROOT\atlbrwoserwnd.atlwebhost HKEY_CLASSES_ROOT\atlbrwoserwnd.atlwebhost.1 HKEY_CLASSES_ROOT\clsid\{d804ef17-9395-4b09-9aee-09a3ba229407} HKEY_CLASSES_ROOT\clsid\{fef08814-1c1a-4708-9fee-2f5ecc8bf9ac} HKEY_CLASSES_ROOT\interface\{02c11476-ef2b-4a1d-ad2b-8136fd45e15e} HKEY_CLASSES_ROOT\interface\{4c562af2-f327-410e-b1ee-9b9305e1d946} HKEY_CLASSES_ROOT\interface\{5153aa97-aca2-4de1-a557-31127aaed272} HKEY_CLASSES_ROOT\mimefilter.htmlfilter HKEY_CLASSES_ROOT\mimefilter.htmlfilter.1 HKEY_CLASSES_ROOT\typelib\{5aa5bfd0-f2a3-4c58-bedb-613e592e088a} HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\navoct HKEY_LOCAL_MACHINE\software\navoct HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_navoct HKEY_LOCAL_MACHINE\system\currentcontrolset\services\navoct

You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Removing Bancos.INL Trojan
CWS Adware Symptoms
Elogger Spyware Information
Remove Download.AAO Trojan
BEsys Downloader Symptoms

Dialer.RAS.aj Adware

How To Remove Remove Dialer.RAS.aj?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.

Dialer.RAS.aj is dangerous virus:
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
BHO (Browser Helper Object) Trojan.
The BHO waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.
The method of network transport used by the attacker makes this Trojan unique.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.
Instead, this Trojan encodes the data with a simple XOR algorithm before placing it into
the data section of an ICMP ping packet." explained the company.
When the default home page is hijacked, the browser opens to the web page set by the hijacker
instead of the user's designated home page. In some cases, the hijacker may block users from
restoring their desired home page.
Toolbar presents itself as a helpful add-on for Internet Explorer but it is a real pest.

Dialer.RAS.aj It also known as:


[McAfee]Dialer-RAS.aj;
[Panda]Adware/Xupiter,Dialer.Gen

Dialer.RAS.aj Symptoms:

Files: [%WINDOWS%]\downloaded program files\xupitertoolbarloader.inf [%WINDOWS%]\temp\xupitertoolbarinstaller.exe [%PROFILE_TEMP%]\msgc.tmp10703064614618.exe [%SYSTEM%]\t.dll [%SYSTEM%]\xtupdate.dll [%SYSTEM%]\xupitertoolbar.dll [%WINDOWS%]\system\t.dll [%WINDOWS%]\system\xtupdate.dll [%WINDOWS%]\system\xupitertoolbar.dll [%WINDOWS%]\downloaded program files\xupitertoolbarloader.inf [%WINDOWS%]\temp\xupitertoolbarinstaller.exe [%PROFILE_TEMP%]\msgc.tmp10703064614618.exe [%SYSTEM%]\t.dll [%SYSTEM%]\xtupdate.dll [%SYSTEM%]\xupitertoolbar.dll [%WINDOWS%]\system\t.dll [%WINDOWS%]\system\xtupdate.dll [%WINDOWS%]\system\xupitertoolbar.dll

Registry Keys: HKEY_CLASSES_ROOT\clsid\{6e6dd93e-1fc3-4f43-8afb-1b7b90c9d3eb} HKEY_CLASSES_ROOT\interface\{1a8b567b-bd3f-44a1-8b94-f50d37a1914e} HKEY_CLASSES_ROOT\interface\{3a021d2f-5f75-47f5-9bab-a137e1fb015f} HKEY_CLASSES_ROOT\interface\{d686db39-659a-491a-a35c-60b99495c16e} HKEY_CLASSES_ROOT\typelib\{43732063-1bda-45a0-bbee-13e014cb4041} HKEY_CLASSES_ROOT\typelib\{909e0059-f545-42de-9d2c-cc4a3e336ec3} HKEY_CLASSES_ROOT\typelib\{c6c2871f-7467-4a35-90fa-9e9894bc1916} HKEY_CLASSES_ROOT\xtsearch.xtsearchhook HKEY_CLASSES_ROOT\xtsearch.xtsearchhook.1 HKEY_CLASSES_ROOT\xtupdate.xt HKEY_CLASSES_ROOT\xtupdate.xt.1 HKEY_CLASSES_ROOT\xupitertoolbar.band HKEY_CLASSES_ROOT\xupitertoolbar.band.1 HKEY_CURRENT_USER\software\xupiter HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\sqwire HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\xupiter HKEY_CLASSES_ROOT\clsid\{26fd5192-a97c-4b48-a5d7-2420cfdcfdf2} HKEY_CLASSES_ROOT\clsid\{3c5ba506-6c30-4738-9ced-797acadea8dc} HKEY_CLASSES_ROOT\clsid\{a27cfcae-9351-4d74-bffc-21eb19693d8c} HKEY_CLASSES_ROOT\clsid\{d7b3e460-9968-4191-bd6f-beed1bc18482} HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{2662bdd7-05d6-408f-b241-ff98face6054} HKEY_CLASSES_ROOT\sqtoolbar.band HKEY_CLASSES_ROOT\sqtoolbar.band.1 HKEY_CLASSES_ROOT\xtupdate. HKEY_CLASSES_ROOT\xupitertoolbar HKEY_CURRENT_USER\software\microsoft\internet explorer\menuext\power search HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{280168bc-76bf-4cd0-b835-3d686efa8ddc} HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{a27cfcae-9351-4d74-bffc-21eb19693d8c}

Registry Values: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\c:/winnt/downloaded program files/wuinst.dll HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\c:/winnt/downloaded program files/wuinst.dll HKEY_CURRENT_USER\software\microsoft\internetexplorer\main HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\[%WINDOWS%]/downloaded program files/conflict.1/installer.dll HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\[%WINDOWS%]/downloaded program files/conflict.1/installer.dll HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\[%WINDOWS%]/downloaded program files/wuinst.dll HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\[%WINDOWS%]/downloaded program files/wuinst.dll

You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Zlob.Fam.Video AX Enhancement Trojan Information
Remove Public Messenger Trojan
TFactory Downloader Cleaner
Uptofind Toolbar Cleaner
Web.Rebates Adware Removal

Staff.Copp Spyware

How To Remove Remove Staff.Copp?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.

Staff.Copp is dangerous virus:
Spyware is computer software that is installed surreptitiously on a personal computer
to with the computer, without the user's informed consent.

Staff.Copp Symptoms:

Files: [%DESKTOP%]\StaffCop.lnk [%PROGRAM_FILES%]\StaffCop Agent\Agent.exe [%PROGRAM_FILES%]\StaffCop Agent\msvcr71.dll [%PROGRAM_FILES%]\StaffCop Agent\unins000.dat [%PROGRAM_FILES%]\StaffCop Agent\unins000.exe [%DESKTOP%]\StaffCop.lnk [%PROGRAM_FILES%]\StaffCop Agent\Agent.exe [%PROGRAM_FILES%]\StaffCop Agent\msvcr71.dll [%PROGRAM_FILES%]\StaffCop Agent\unins000.dat [%PROGRAM_FILES%]\StaffCop Agent\unins000.exe

Folders: [%COMMON_PROGRAMS%]\StaffCop [%PROGRAM_FILES%]\StaffCop

Registry Keys: HKEY_CURRENT_USER\software\staffcop HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\staffcop agent_is1 HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\staffcop_is1 HKEY_LOCAL_MACHINE\software\staffcop

Registry Values: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Media.Access Adware Cleaner
Bancos.INL Trojan Information
Guard Trojan Symptoms
IESearch BHO Information
Ursnif Trojan Removal instruction

NetCrack Trojan

How To Remove Remove NetCrack?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.

NetCrack is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
Often the backdoor will not be visible in the log of active programs.
Many trojans and backdoors now have remote administration capabilities
allowing an individual to control the victim's computer.
Many times a file called the server must be opened on the victim's computer before
the trojan can have access to it.

These are generally sent through email, P2P file sharing software,
and in internet downloads. They are usually disguised as a legitimate program or file.
Many server files will display a fake error message when opened, to make it seem like it didn't open.
Some will also kill antivirus and firewall software.

NetCrack It also known as:


[Kaspersky]Backdoor.NetCrack.11.a,Backdoor.NetCrack.12,Backdoor.NetCrack.13.a,Backdoor.NetCrack.13.b,Backdoor.NetCrack.13.e,Backdoor.NetCrack.13.f;
[McAfee]BackDoor-AJU;
[F-Prot]security risk or a "backdoor" program;
[Panda]Backdoor Program,Bck/NetCrack,Bck/NetCrack.13.b;
[Computer Associates]Backdoor/Netcrack.1.1!Server,Backdoor/NetCrack.11.A!Server,Win32.NetCrack.11,Win32/NetCrack.11!Trojan,Backdoor/NetCrack.12,Backdoor/NetCrack.12!DLL,Win32.Avenger.12,Backdoor/Netcrack.1_3_B,Win32/NPassword_DLL!Trojan,Win32.NetCrack.13,Win32/NetCrack.13.Trojan

NetCrack Symptoms:

Files: [%WINDOWS%]\system\vrml.exe [%WINDOWS%]\system\vrml.exe

You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Removing Livuto Trojan
Removing Infiltrator Trojan
TrafficJam Adware Symptoms
Free.Keylogger Spyware Symptoms
Removing Bancos.FGE Trojan

Husrtdo Trojan

How To Remove Remove Husrtdo?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.

Husrtdo is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Husrtdo It also known as:


[Kaspersky]Trojan.Win32.Delf.ada;
[McAfee]Spy-Agent.ch;
[Other]Win32/Husrtdo.A

Husrtdo Symptoms:

Files: [%SYSTEM%]\almqe.exe [%SYSTEM%]\almqe.dll [%SYSTEM%]\nekyn.kjm [%SYSTEM%]\almqe.exe [%SYSTEM%]\almqe.dll [%SYSTEM%]\nekyn.kjm

Registry Keys: HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{tlqmpgcq-jyvu-pfap-hqmu-jnflywibhmkb}

Registry Values: HKEY_CURRENT_USER\software\adobe\ialc HKEY_CURRENT_USER\software\adobe\ialc

You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Livuto Trojan Cleaner
StartPage.adh Hijacker Cleaner
Thrap Trojan Removal
Fuzfle Trojan Removal instruction
Bancos.ILP Trojan Removal

Nilage Trojan

How To Remove Remove Nilage?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.

Nilage is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Nilage It also known as:


[Kaspersky]Trojan-PSW.Win32.Nilage.abh;
[Other]Troj/WoW-EA

Nilage Symptoms:

Files: [%SYSTEM%]\command.pif [%SYSTEM%]\dxdiag.com [%SYSTEM%]\MSCONFIG.COM [%SYSTEM%]\regedit.com [%PROGRAM_FILES%]\Internet Explorer\iexplore.com [%PROGRAM_FILES_COMMON%]\iexplore.pif [%SYSTEM%]\finder.com [%SYSTEM%]\rundll32.com [%WINDOWS%]\1.com [%WINDOWS%]\Debug\DebugProgram.exe [%WINDOWS%]\ExERoute.exe [%WINDOWS%]\explorer.com [%WINDOWS%]\finder.com [%SYSTEM%]\command.pif [%SYSTEM%]\dxdiag.com [%SYSTEM%]\MSCONFIG.COM [%SYSTEM%]\regedit.com [%PROGRAM_FILES%]\Internet Explorer\iexplore.com [%PROGRAM_FILES_COMMON%]\iexplore.pif [%SYSTEM%]\finder.com [%SYSTEM%]\rundll32.com [%WINDOWS%]\1.com [%WINDOWS%]\Debug\DebugProgram.exe [%WINDOWS%]\ExERoute.exe [%WINDOWS%]\explorer.com [%WINDOWS%]\finder.com

Registry Keys: HKEY_CURRENT_USER\software\vb and vba program settings\microsoft soft debuger HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\iexplore.pif

You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Thrap Trojan Symptoms
Win32.TrojanDropper.Delf.NAC Trojan Cleaner
Win32 Trojan Removal
eMule Worm Information
Mini.Oblivion Backdoor Symptoms

Kill Computer Virus

Sunday, November 2, 2008

VB.hc Downloader

VB.hc Symptoms:

TopSurfer Toolbar

TopSurfer Symptoms:

Rael Trojan

Rael Symptoms:

Enhancemysearch Adware

Enhancemysearch Symptoms:

Aiesnap Adware

Aiesnap Symptoms:

Dialer.RAS.aj Adware

Dialer.RAS.aj Symptoms:

Staff.Copp Spyware

Staff.Copp Symptoms:

NetCrack Trojan

NetCrack Symptoms:

Husrtdo Trojan

Husrtdo Symptoms:

Nilage Trojan

Nilage Symptoms:

Blog Archive

About Me