Wednesday, November 26, 2008

Bancos.IMG Trojan

How To Remove Bancos.IMG?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Bancos.IMG is dangerous virus:
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.


Bancos.IMG It also known as:

[Other]Infostealer.Bancos

Bancos.IMG Symptoms:

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
IrcContact Backdoor Cleaner
Backdoor.EggDrop Backdoor Symptoms
Backdoor.SDBot.Server.Variant Trojan Removal
Nakter.Affe RAT Removal
SilentCaller Trojan Removal

Adroar Adware

How To Remove Adroar?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Adroar is dangerous virus:
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

The BHO (Browser Helper Object) waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.
Toolbar presents itself as a helpful add-on for Internet Explorer but it is a real pest.
It replaces your start page, continuosly open a number of pop up windows and so on.
Trojans-downloaders downloads and installs new malware or adware on the computer.



Adroar It also known as:

[Kaspersky]TrojanDownloader.Win32.Adroar;
[Eset]Win32/TrojanDownloader.Adroar.A trojan;
[Panda]Adware/Adroar

Adroar Symptoms:

Files:
[%WINDOWS%]\adroar.dll
[%WINDOWS%]\cpr.exe
[%WINDOWS%]\cpruninst.exe
[%SYSTEM%]\adroar.dll
[%SYSTEM%]\cpr.dll
[%WINDOWS%]\arupdate.exe
[%WINDOWS%]\system\adroar.dll
[%WINDOWS%]\system\cpr.dll
[%WINDOWS%]\adroar.dll
[%WINDOWS%]\cpr.exe
[%WINDOWS%]\cpruninst.exe
[%SYSTEM%]\adroar.dll
[%SYSTEM%]\cpr.dll
[%WINDOWS%]\arupdate.exe
[%WINDOWS%]\system\adroar.dll
[%WINDOWS%]\system\cpr.dll

Registry Keys:
HKEY_CLASSES_ROOT\adroar.band
HKEY_CLASSES_ROOT\adroar.band.1
HKEY_CLASSES_ROOT\clsid\{bdf6ce3d-f5c5-4462-9814-3c8eac330ca8}
HKEY_CLASSES_ROOT\clsid\{e0f0e0e1-5d45-11d4-bc00-2dcc73302d70}
HKEY_CLASSES_ROOT\clsid\{fac6e0e1-5d45-4907-bc00-302d702dcc73}
HKEY_CLASSES_ROOT\cpr.iehelperop
HKEY_CLASSES_ROOT\interface\{91d91d21-8008-429d-821c-7266aac84a9f}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{bdf6ce3d-f5c5-4462-9814-3c8eac330ca8}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{e0f0e0e1-5d45-11d4-bc00-2dcc73302d70}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{fac6e0e1-5d45-4907-bc00-302d702dcc73}
HKEY_CLASSES_ROOT\typelib\{ace8d3ba-7742-44c4-920d-fd25bd1e8245}
HKEY_CURRENT_USER\software\adroarplugin
HKEY_CURRENT_USER\software\cpr
HKEY_LOCAL_MACHINE\software\classes\clsid\{bdf6ce3d-f5c5-4462-9814-3c8eac330ca8}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{bdf6ce3d-f5c5-4462-9814-3c8eac330ca8}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{e0f0e0e1-5d45-11d4-bc00-2dcc73302d70}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{fac6e0e1-5d45-4907-bc00-302d702dcc73}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browserhelperobjects\{bdf6ce3d-f5c5-4462-9814-3c8eac330ca8}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browserhelperobjects\{fac6e0e1-5d45-4907-bc00-302d702dcc73}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\cpr

Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Removing IntermixMedia.KeenValue Adware

Ishowbao BHO

How To Remove Ishowbao?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Ishowbao is dangerous virus:
As this information is entered by the user, it is captured by the BHO (Browser Helper Object) and
sent back to the attacker.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.Trojans-downloaders downloads and installs new malware or adware on the computer.



Ishowbao It also known as:

[Kaspersky]AdWare.Win32.AlexaBar.k

Ishowbao Symptoms:

Files:
[%SYSTEM%]\checknetwork.exe
[%SYSTEM%]\drivers\ispvcr.sys
[%SYSTEM%]\drivers\ispvcr.sys__
[%SYSTEM%]\drivers\tdac.sys
[%SYSTEM%]\googlebar.dll
[%SYSTEM%]\keyword.info
[%SYSTEM%]\website
[%SYSTEM%]\checknetwork.exe
[%SYSTEM%]\drivers\ispvcr.sys
[%SYSTEM%]\drivers\ispvcr.sys__
[%SYSTEM%]\drivers\tdac.sys
[%SYSTEM%]\googlebar.dll
[%SYSTEM%]\keyword.info
[%SYSTEM%]\website

Registry Keys:
HKEY_CLASSES_ROOT\ad.setad
HKEY_CLASSES_ROOT\brushalx.brashset
HKEY_CLASSES_ROOT\brushalx.brashset.1
HKEY_CLASSES_ROOT\clsid\{607e95a1-8f89-4343-b9bc-2efc2b291bb4}
HKEY_CLASSES_ROOT\clsid\{bcf4d74b-e6bd-4c8f-83d7-90d6439705b9}
HKEY_CLASSES_ROOT\interface\{8409d387-4567-4476-9304-94442bd4bae9}
HKEY_CLASSES_ROOT\interface\{8c2e9bc3-b172-4cc0-a74f-2ce206ea45ac}
HKEY_CLASSES_ROOT\typelib\{1ffe957b-16db-43ef-9702-9cf40a9472ec}
HKEY_CLASSES_ROOT\typelib\{fc387a2b-1103-4e9a-81a9-323c5dcfe671}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{607e95a1-8f89-4343-b9bc-2efc2b291bb4}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{bcf4d74b-e6bd-4c8f-83d7-90d6439705b9}


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
IECodec Ransomware Removal instruction

WhatUSeek.com Tracking Cookie

How To Remove WhatUSeek.com?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
WhatUSeek.com is dangerous virus:
Tracking cookies, like regular cookies, are small files that get deposited
onto your computer's hard drive
as you browse the Internet.
Unlike harmless cookies that normally let you use certain websites more easily,
tracking cookies usually collect and report information about what websites you visit
and what you do at those websites.

If you fill out forms online with your real name and contact information,
click on banners and then purchase an item, or fill out sweepstakes or contests forms,
then it's possible that major online advertisers know your name and have associated it
with your IP address and other information.


WhatUSeek.com Symptoms:

Registry Keys:
HKEY_LOCAL_MACHINE\software\pestpatrolbait\baitkey

Registry Values:
HKEY_LOCAL_MACHINE\software\pestpatrolbait\baitkeyval
HKEY_LOCAL_MACHINE\software\pestpatrolbait\baitkeyval


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Removing ExtraToolbar Toolbar
Removing Vxidl.AGO Trojan

Khe.Sanh Backdoor

How To Remove Khe.Sanh?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Khe.Sanh is dangerous virus:
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
Often the backdoor will not be visible in the log of active programs.
Some RAT trojans are pranks that are most likely being controlled by a friend or enemy on
April Fool's day or a holiday. Prank RATS are generally not harmful, and won't log keystrokes or hack.



Khe.Sanh It also known as:

[Kaspersky]Backdoor.KheSanh.20;
[McAfee]BackDoor-EU;
[F-Prot]security risk or a "backdoor" program;
[Panda]Bck/Khesanh;
[Computer Associates]Backdoor/KheSanh,Backdoor/KheSanh!Server,Win32.KheSanh.20

Khe.Sanh Symptoms:

Files:
[%WINDOWS%]\system\trjp.exe
[%WINDOWS%]\system\trjp.exe


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Removing Hitpop Trojan
Remove Reztuto Trojan
Removing QuickFlicks.Streaming.Player BHO
Removing DlRhifrem Trojan

Powerscan Adware

How To Remove Powerscan?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Powerscan is dangerous virus:
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits


Powerscan It also known as:

[Panda]Adware/PowerScan

Powerscan Symptoms:

Files:
[%PROFILE_TEMP%]\powerscan.exe
[%PROGRAMS%]\power scan\power scan.lnk
[%PROFILE_TEMP%]\powerscan.exe
[%PROGRAMS%]\power scan\power scan.lnk

Folders:
[%PROGRAM_FILES%]\power scan
[%STARTMENU%]\programs\power scan
[%PROFILE%]\start menu\programs\power scan

Registry Keys:
HKEY_CURRENT_USER\software\powerscan
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\power scan
HKEY_LOCAL_MACHINE\software\powerscan

Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\[%WINDOWS%]/downloaded program files/pcpowerscan.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\[%WINDOWS%]/downloaded program files/pcpowerscan.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Targa Hacker Tool Symptoms
Mdrop.BLR Trojan Information
Pigeon.AVMQ Trojan Removal instruction

MalwareBurn Ransomware

How To Remove MalwareBurn?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
MalwareBurn is dangerous virus:
A cryptovirus, cryptotrojan or cryptoworm is a type of
malware that encrypts the data belonging to an individual on a computer,
demanding a ransom for its restoration.

The term ransomware is commonly used to describe software that encrypts the data
belonging to an individual on a computer, demanding a ransom for its restoration.
Although the field known as cryptovirology predates the term "ransomware".


MalwareBurn It also known as:

[Kaspersky]FraudTool.Win32.MalwareWipe.q;
[Panda]MalwareBurn;
[Other]MalwareBurn,Troj/Fakevir-AJ,Win32/MalwareBurn,MalwareBurn Installer

MalwareBurn Symptoms:

Files:
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\MalwareBurn 7.1.lnk
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\MalwareBurn 7.2.lnk
[%DESKTOP%]\MalwareBurn 7.1.lnk
[%DESKTOP%]\MalwareBurn 7.2.lnk
[%PROGRAM_FILES%]\MalwareBurn 6.9\MalwareBurn 6.9.exe
[%PROGRAM_FILES%]\MalwareBurn 7.2\MalwareBurn 7.2.exe
[%STARTMENU%]\MalwareBurn 7.1.lnk
[%STARTMENU%]\MalwareBurn 7.2.lnk
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\MalwareBurn 7.3.lnk
[%DESKTOP%]\MalwareBurn 7.2.lnk
[%DESKTOP%]\MalwareBurn 7.3.lnk
[%PROFILE_TEMP%]\MWLanguage.ini
[%STARTMENU%]\MalwareBurn 7.3.lnk
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\MalwareBurn 7.1.lnk
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\MalwareBurn 7.2.lnk
[%DESKTOP%]\MalwareBurn 7.1.lnk
[%DESKTOP%]\MalwareBurn 7.2.lnk
[%PROGRAM_FILES%]\MalwareBurn 6.9\MalwareBurn 6.9.exe
[%PROGRAM_FILES%]\MalwareBurn 7.2\MalwareBurn 7.2.exe
[%STARTMENU%]\MalwareBurn 7.1.lnk
[%STARTMENU%]\MalwareBurn 7.2.lnk
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\MalwareBurn 7.3.lnk
[%DESKTOP%]\MalwareBurn 7.2.lnk
[%DESKTOP%]\MalwareBurn 7.3.lnk
[%PROFILE_TEMP%]\MWLanguage.ini
[%STARTMENU%]\MalwareBurn 7.3.lnk

Folders:
[%COMMON_PROGRAMS%]\MalwareBurn 7.2
[%PROGRAMS%]\MalwareBurn 7.1
[%PROGRAMS%]\MalwareBurn 7.2
[%PROGRAM_FILES%]\MalwareBurn 6.9
[%PROGRAM_FILES%]\MalwareBurn 7.0
[%PROGRAM_FILES%]\MalwareBurn 7.1
[%PROGRAM_FILES%]\MalwareBurn 7.2
[%PROGRAMS%]\MalwareBurn 7.3
[%PROGRAM_FILES%]\MalwareBurn 7.3

Registry Keys:
HKEY_CLASSES_ROOT\AppID\{70F17C8C-1744-41B6-9D07-575DB448DCC5}
HKEY_CLASSES_ROOT\Interface\{05519A3D-374E-4FF6-97D0-15B9A3DB923B}
HKEY_CLASSES_ROOT\Interface\{07525684-7E91-4716-9D3C-C63C70B36726}
HKEY_CLASSES_ROOT\Interface\{148DC552-52B7-4FFA-8078-6807C8B77E2C}
HKEY_CLASSES_ROOT\Interface\{1E885D38-978D-4D75-8ED9-DC3DF65CEF84}
HKEY_CLASSES_ROOT\Interface\{28BFEED2-2F5C-4B41-BB6A-C32A984A0807}
HKEY_CLASSES_ROOT\Interface\{63D19899-4F76-45C7-A683-479C4AFA8D26}
HKEY_CLASSES_ROOT\Interface\{6A4D7335-C26D-4664-8C16-22F0270795BE}
HKEY_CLASSES_ROOT\Interface\{72390CC1-9066-473C-8F89-48E4BB4F4FC8}
HKEY_CLASSES_ROOT\Interface\{7EEFDDBA-0E72-4F13-9C7E-B65809055CD0}
HKEY_CLASSES_ROOT\Interface\{8777FBBE-EB42-4316-8C2C-BC5CA02AABCD}
HKEY_CLASSES_ROOT\Interface\{ABF5B9E3-DB23-4599-8046-86EBD63D93AD}
HKEY_CLASSES_ROOT\Interface\{AD6EABD4-8104-4CDE-9863-9FF1D009A5A7}
HKEY_CLASSES_ROOT\Interface\{CAF77A53-F979-476C-856B-CA2FDCBBE29D}
HKEY_CLASSES_ROOT\Interface\{D13E5B43-1955-4792-A1FA-CC8346EAAA76}
HKEY_CLASSES_ROOT\Interface\{E726C7FA-5451-45EF-A20F-58B00284ECC8}
HKEY_CLASSES_ROOT\Interface\{F2ED6330-EC94-471C-B0E1-6E5BF1D87E24}
HKEY_CLASSES_ROOT\TypeLib\{F7AFFF3A-9CE4-4A38-AE44-936B7F4F9EA8}
HKEY_LOCAL_MACHINE\SOFTWARE\MalwareBurn 6.9
HKEY_LOCAL_MACHINE\SOFTWARE\MalwareBurn 7.0
HKEY_LOCAL_MACHINE\SOFTWARE\MalwareBurn 7.1
HKEY_LOCAL_MACHINE\SOFTWARE\MalwareBurn 7.2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MalwareBurn 7.1.exe 7.1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MalwareBurn 7.2.exe 7.2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MalwareBurn 6.9
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MalwareBurn 7.1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MalwareBurn 7.2
HKEY_CLASSES_ROOT\clsid\{47dc4218-ae5b-32b9-3ef8-c7f9cf2b564f}
HKEY_CLASSES_ROOT\interface\{111e76cd-5697-4ab1-b565-5eeee0c4d32c}
HKEY_CLASSES_ROOT\interface\{1dd6c99e-1633-44a4-a79b-f94025b84464}
HKEY_CLASSES_ROOT\interface\{27fdb0c3-b5d9-4da0-8c34-f98d0d7f3070}
HKEY_CLASSES_ROOT\interface\{304c8263-a779-444b-bcc7-c7a4571089b9}
HKEY_CLASSES_ROOT\interface\{322d6515-0ace-43ac-aa5a-3d22646b032d}
HKEY_CLASSES_ROOT\interface\{3aeab122-7b2c-4809-bf6b-0b6c7779fc5a}
HKEY_CLASSES_ROOT\interface\{43f5d878-f503-4a42-bb8c-757aa4fe5ef2}
HKEY_CLASSES_ROOT\interface\{44cf1ab5-66db-41b6-a603-b0491e3d77e1}
HKEY_CLASSES_ROOT\interface\{55439bec-53c8-40b1-a887-00dc19881d05}
HKEY_CLASSES_ROOT\interface\{5c2529f3-212c-4071-a3b2-bce187c05ba4}
HKEY_CLASSES_ROOT\interface\{66690145-c842-4277-98aa-2dfb6e3c9ed0}
HKEY_CLASSES_ROOT\interface\{7451dc3a-0c5b-4ea0-8a25-248a8728ab10}
HKEY_CLASSES_ROOT\interface\{7ad0c9a5-87c5-436c-b9e0-5057076dffdb}
HKEY_CLASSES_ROOT\interface\{7d009f2a-ef06-49c2-9067-ad364a767e1c}
HKEY_CLASSES_ROOT\interface\{7ebeb35d-5c00-45df-950d-5b88aaf99970}
HKEY_CLASSES_ROOT\interface\{8855fbba-8629-42ed-8b3f-9d62e0cc1eaa}
HKEY_CLASSES_ROOT\interface\{8aaefee3-f0f1-48d2-b4af-1140c2cf0084}
HKEY_CLASSES_ROOT\interface\{98405bd6-42c5-4ed7-ba88-66b148cf6384}
HKEY_CLASSES_ROOT\interface\{9f6cb5de-349a-418d-8c05-84e50ca10e1e}
HKEY_CLASSES_ROOT\interface\{ba45be78-a410-4c98-9f69-7106bf3d8e43}
HKEY_CLASSES_ROOT\interface\{d153fb67-91fe-4429-b1fa-99a0524ab25a}
HKEY_CLASSES_ROOT\interface\{d4241357-4196-41c5-b38c-253b6a1d4aaa}
HKEY_CLASSES_ROOT\interface\{d5aae7d9-9b3e-434e-86fe-32099cbefbf6}
HKEY_CLASSES_ROOT\interface\{d8cf2a7c-d097-4944-aa73-15813638c219}
HKEY_CLASSES_ROOT\interface\{e1b12865-3c42-47d7-b795-b3c54ba72304}
HKEY_CLASSES_ROOT\interface\{e7c9566b-6124-4723-a1d7-d0cdfa83a7b9}
HKEY_CLASSES_ROOT\interface\{eeee579b-8784-454d-86af-0a665aa47785}
HKEY_CLASSES_ROOT\interface\{f1b71eaf-b846-4ad4-b24f-1a60e2b591eb}
HKEY_CLASSES_ROOT\interface\{f4976d08-3233-4d80-90f5-a5687d5441da}
HKEY_CLASSES_ROOT\interface\{f6951c72-5c71-4c23-ba63-fab949fe18ff}
HKEY_CLASSES_ROOT\interface\{f9e0f1d4-1cdd-4287-b282-bb22ce2b2966}
HKEY_CLASSES_ROOT\interface\{fcdca78f-85e4-4add-a676-76b8a09f66d9}
HKEY_CLASSES_ROOT\typelib\{2fbe52cc-a9cd-4ff0-b70e-cf107684ccbd}
HKEY_CLASSES_ROOT\typelib\{db7b7b16-ac9f-46d4-833a-757cef63e95a}
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\menuorder\start menu\programs\malwareburn 7.2
HKEY_LOCAL_MACHINE\software\malwareburn 7.2
HKEY_LOCAL_MACHINE\software\malwareburn 7.3
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\malwareburn 7.2.exe 7.2
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\malwareburn 7.3.exe 7.3
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\malwareburn 7.2
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\malwareburn 7.3

Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\software\microsoft\windows\shellnoroam\muicache
HKEY_LOCAL_MACHINE\software\licenses
HKEY_LOCAL_MACHINE\software\licenses
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Remove MaConnect Adware
Removing SillyDl.AVT Downloader

Arkhew Trojan

How To Remove Arkhew?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Arkhew is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.


Arkhew It also known as:

[Kaspersky]Trojan.Win32.Small.ir;
[Other]Win32/Arkhew,Win32/Arkhew.C

Arkhew Symptoms:

Files:
[%SYSTEM%]\thecat.exe
[%SYSTEM%]\thecat.exe


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Remove Pigeon.ERM Trojan
Malware.Stopper Trojan Removal

aSpy Spyware

How To Remove aSpy?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
aSpy is dangerous virus:
Spyware is computer software that is installed surreptitiously on a personal computer
to with the computer, without the user's informed consent.


aSpy Symptoms:

Folders:
[%PROGRAM_FILES%]\aSpy


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Bancos.GSM Trojan Symptoms
Remove Vxidl.BFC Trojan
Bancos.HQH Trojan Removal instruction

Draprof Trojan

How To Remove Draprof?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Draprof is dangerous virus:
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.


Draprof Symptoms:

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Remove VB.vh Backdoor
Removing StartPage.aba Hijacker

SillyDl.DNB Trojan

How To Remove SillyDl.DNB?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
SillyDl.DNB is dangerous virus:
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.


SillyDl.DNB It also known as:

[Kaspersky]Trojan-Downloader.Win32.Small.hcm

SillyDl.DNB Symptoms:

Registry Values:
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
PornDialer.PluginAccess Trojan Symptoms

TrojanDownloader.Win32.Agent.ay Trojan

How To Remove TrojanDownloader.Win32.Agent.ay?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
TrojanDownloader.Win32.Agent.ay is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
The downloader either launches the new malware or registers it to enable autorun
according to the local operating system requirements.


TrojanDownloader.Win32.Agent.ay It also known as:

[Panda]Trj/Downloader.GW

TrojanDownloader.Win32.Agent.ay Symptoms:

Files:
[%WINDOWS%]\iehr.dll
[%PROGRAM_FILES%]\internet explorer\plugins\iehr.dll
[%WINDOWS%]\iehr.dll
[%PROGRAM_FILES%]\internet explorer\plugins\iehr.dll


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Removing Win32.Rybot Trojan
BAT.SS Trojan Removal
Bancos.AAF Trojan Symptoms
Remove ICQ99.War.Suite Trojan
Remove SillyDl.CBQ Trojan

Cottered Trojan

How To Remove Cottered?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Cottered is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.


Cottered Symptoms:

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Remove Surf.Spy Spyware
Akl2 Spyware Information
WebBar Toolbar Removal instruction
Removing DlQQHelp Trojan
Removing nextcard.com Tracking Cookie

SunShineSpy Ransomware

How To Remove SunShineSpy?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
SunShineSpy is dangerous virus:
The term ransomware is commonly used to describe such software,
although the field known as cryptovirology predates the term "ransomware".

This type of ransom attack can be accomplished by (for example) attaching
a specially crafted file/program to an e-mail message and sending this to the victim.


SunShineSpy Symptoms:

Files:
[%DESKTOP%]\Sunshine Spy.lnk
[%STARTUP%]\SunshineSpy.lnk
[%DESKTOP%]\Sunshine Spy.lnk
[%STARTUP%]\SunshineSpy.lnk

Folders:
[%PROGRAMS%]\Sunshine Spy
[%PROGRAM_FILES%]\SunshineSpy

Registry Keys:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\sunshine spy 1.0
HKEY_LOCAL_MACHINE\software\wise solutions\wise installation system\repair\[%PROGRAM_FILES%]\sunshinespy\install.log\icons\1
HKEY_LOCAL_MACHINE\software\wise solutions\wise installation system\repair\[%PROGRAM_FILES%]\sunshinespy\install.log\icons\2

Registry Values:
HKEY_CURRENT_USER\software\microsoft\internet explorer\main


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Backformat Trojan Symptoms
ezPorn Trojan Removal instruction
Remove Pigeon.DZP Trojan

Win32.Agent.ir Trojan

How To Remove Win32.Agent.ir?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Win32.Agent.ir is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Spyware is computer software that is installed surreptitiously on a personal computer
to with the computer, without the user's informed consent.
BHO (Browser Helper Object) Trojan.
The BHO waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.
The method of network transport used by the attacker makes this Trojan unique.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.
Instead, this Trojan encodes the data with a simple XOR algorithm before placing it into
the data section of an ICMP ping packet." explained the company.


Win32.Agent.ir Symptoms:

Files:
[%WINDOWS%]\system\btlmct32.dll
[%WINDOWS%]\system\btlmct32.dll

Registry Keys:
HKEY_CLASSES_ROOT\CLSID\{626482AF-17D0-5DFC-C12D-32A58E631863}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{626482AF-17D0-5DFC-C12D-32A58E631863}


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
PWS.Mafia Trojan Information

Nethief Trojan

How To Remove Nethief?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Nethief is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.

Many trojans and backdoors now have remote administration capabilities
allowing an individual to control the victim's computer.
Many times a file called the server must be opened on the victim's computer before
the trojan can have access to it.

These are generally sent through email, P2P file sharing software,
and in internet downloads. They are usually disguised as a legitimate program or file.
Many server files will display a fake error message when opened, to make it seem like it didn't open.
Some will also kill antivirus and firewall software.


Nethief It also known as:

[Kaspersky]Backdoor.Nethief.15,Backdoor.Nethief.18,Backdoor.Nethief.19,Backdoor.Nethief.20,Backdoor.Nethief.27,Backdoor.Nethief.13,Backdoor.Nethief.XP.c,Backdoor.Nethief,Backdoor.Nethief.12,Backdoor.Nethief.22,Backdoor.Nethief.30,Backdoor.Nethief.XP.d,Backdoor.Nethief.38,Backdoor.Nethief.39,Backdoor.Nethief.25,Backdoor.Nethief.35,Backdoor.Nethief.37,Backdoor.Nethief.113,Backdoor.Nethief.XP.e,Backdoor.Nethief.42,Backdoor.Nethief.XP.f,Backdoor.Nethief.XP.b,Backdoor.Nethief.45,Backdoor.Nethief.XP.a,Backdoor.Nethief.46,Backdoor.Nethief.47,Backdoor.Nethief.49,Backdoor.Nethief.50,Backdoor.Nethief.51,Backdoor.Nethief.53,Trojan.Win32.Delsha.c,Backdoor.Win32.Nethief.aa;
[Eset]Win32/Nethief.51 trojan,Win32/Nethief.53 trojan,Win32/Nethief.C trojan,Win32/Randon.S worm;
[McAfee]BackDoor-TW;
[F-Prot]security risk or a "backdoor" program,security risk named W32/Nethiev.G;
[Panda]Backdoor Program,Bck/Nethief.14,Bck/Nethief.12,Bck/Nethief.18,Backdoor Program.LC,Bck/Nethief.19,Bck/Nethief.20,Bck/Nethief.13,Bck/NethiefXP.C,Bck/Nethief.23,Bck/Nethief.30,Bck/Nethief,Bck/Nethief.39,Bck/Nethief.1.0.0.1,Bck/Nethief.35,Bck/Nethief.113,Bck/Nethief.XP.e,Bck/Nethief.42,Bck/NetThief.43,Trj/Nethief.XP,Bck/Netthief.49,Trj/W32.Delsha;
[Computer Associates]Win32.Nethief.D,Win32/Nethief.1_4!PWS!Trojan,Backdoor/Nethief.12!Server,Backdoor/NetThief.19,Win32.Nethief.G,Backdoor/Nethief.2_0,Win32.Nethief.H,Win32/Nethief.2_0!PWS!Trojan,Backdoor/NetThief.13,Win32.Nethief.C,Backdoor/Nethief.31!Server,Backdoor/Nethief.XP.C,Win32.Nethief.M,Backdoor/Nethief!Server,Backdoor/NetThief.17,Win32.Nethief.F,Backdoor/Nethief.A,Win32.Nethief.I,Backdoor/Nethief.30!Server,Win32.Nethief.L,Backdoor/Nethief.XP.D,Win32.Nethief.N,Backdoor/Nethief.38,Backdoor/Nethief.39,Win32.Nethief.P,Backdoor/NetThief.XP.C,Backdoor/Nethief.3.5,Backdoor/Nethief.37,Backdoor/Nethief.D!Server,Backdoor/Nethief.43!Server,Win32.Nethief.S,Backdoor/Nethief.XP,Backdoor/Nethief.XP.B,Win32.Nethief.O,Backdoor/Nethief.45!Server,Win32.Nethief.U,Backdoor/Nethief.46!Server,Win32.Nethief.V,Backdoor/Nethief.47!Server,Win32.Nethief.W,Backdoor/Nethief.48!Server,Win32.Nethief.X,Backdoor/Nethief.49!Client,Backdoor/Nethief.50!Client,Backdoor/Nethief.51!Server,Win32.Nethief.AA,Backdoor/Nethief.C,Win32/Noshare.L!Trojan,Win32.Noshare.L

Nethief Symptoms:

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Pigeon.AWE Trojan Removal
Remove Win16.StalkerX Trojan

Secdrop Trojan

How To Remove Secdrop?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Secdrop is dangerous virus:
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

This family of Trojans downloads and installs new malware or adware on the computer.
The downloader then either launches the new malware or registers it to enable autorun
according to the local operating system requirements.

The names and locations of malware to be downloaded are either coded into the
Trojan or downloaded from a specified website.


Secdrop It also known as:

[Kaspersky]Downloader.Win32.WinFixer.i,Downloader.Win32.Winfixer.i,Trojan.win32.Agent.wd,Trojan-Dropper.Win32.PurityScan.ag,AdWare.Win32.PurityScan.u,Packed.Win32.Tibs,Trojan.Win32.LowZones.du,Trojan-Downloader.Win32.Agent.awf,Trojan.Win32.Dialer.on,Trojan.Win32.LowZones.ds,Trojan-Clicker.Win32.Vb.pg,Trojan.Wn32.Dialer.hh,Trojan-Downloader.Win32.Tiny.id,Trojan.Win32.Agent.anr,Trojan-Downloader.Win32.VB.kq,Trojan-Clicker.Win32.Small.bj;
[McAfee]Adware-MediaTickets,StartPage-JJ,QLowZones-23,QLowZones-3,Generic.b,Dialer-gen;
[F-Prot]W32/Dialer.JL,W32/Adclicker.NY;
[Other]Win32/Secdrop.LM,Win32/Secdrop!generic,WIn32/Secdrop.LR,trojan.Dropper,Win32/Secdrop.LS,Win32/Secdrop.MK,Adware.MediaTicket,Win32/Secdrop.MO,Trojan.LowZones,Win32/Secdrop.LV,Dialer.Sfonditalia,Win32/Secdrop.LO,Win32/Secdrop.MC,Win32/Secdrop.NA,Win32/Secdrop.NG,Trojan.Zonebac,W32/QLowZones.A,Win32/Secdrop.NB,Win32/Secdrop.NL,Trojan.Lowzones,Win32/Secdrop.ND,Plugin,W32/Dialer.GIE,Win32/Secdrop.OC,Win32/Secdrop.OB,Win32/Secdrop.OH,Win32/Secdrop.OJ,W32/Agent.NXJ,Win32/Secdrop.KL,Win32/Secdrop.OL,TrojanClicker:Win32/Small.EF,Win32/Secdrop.OO,Backdoor:Win32/Zonebac.gen!A,W32/Agent.BBEW

Secdrop Symptoms:

Files:
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\e1xplorer.lnk
[%COMMON_APPDATA%]\wsxs\delfinAF.edx
[%COMMON_APPDATA%]\wsxs\delfinBD.edx
[%COMMON_APPDATA%]\wsxs\delfinCO.edx
[%COMMON_APPDATA%]\wsxs\delfinDL.edx
[%COMMON_APPDATA%]\wsxs\delfinED.edx
[%COMMON_APPDATA%]\wsxs\delfinID.edx
[%COMMON_APPDATA%]\wsxs\delfinKY.edx
[%COMMON_APPDATA%]\wsxs\delfinLD.edx
[%COMMON_APPDATA%]\wsxs\delfinLO.ebd
[%COMMON_APPDATA%]\wsxs\delfinSI.edx
[%COMMON_APPDATA%]\wsxs\delfinST.ebd
[%COMMON_APPDATA%]\wsxs\delfinTG.ebd
[%FAVORITES%]\e1xplorer.lnk
[%SYSTEM%]\iedunper.exe
[%SYSTEM%]\kenrel32.dll
[%SYSTEM%]\msbase.exe
[%SYSTEM%]\vfp02.exe
[%WINDOWS%]\xload.exe
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\e1xplorer.lnk
[%COMMON_APPDATA%]\wsxs\delfinAF.edx
[%COMMON_APPDATA%]\wsxs\delfinBD.edx
[%COMMON_APPDATA%]\wsxs\delfinCO.edx
[%COMMON_APPDATA%]\wsxs\delfinDL.edx
[%COMMON_APPDATA%]\wsxs\delfinED.edx
[%COMMON_APPDATA%]\wsxs\delfinID.edx
[%COMMON_APPDATA%]\wsxs\delfinKY.edx
[%COMMON_APPDATA%]\wsxs\delfinLD.edx
[%COMMON_APPDATA%]\wsxs\delfinLO.ebd
[%COMMON_APPDATA%]\wsxs\delfinSI.edx
[%COMMON_APPDATA%]\wsxs\delfinST.ebd
[%COMMON_APPDATA%]\wsxs\delfinTG.ebd
[%FAVORITES%]\e1xplorer.lnk
[%SYSTEM%]\iedunper.exe
[%SYSTEM%]\kenrel32.dll
[%SYSTEM%]\msbase.exe
[%SYSTEM%]\vfp02.exe
[%WINDOWS%]\xload.exe

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_CURRENT_USER\software\microsoft\internet explorer\main
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Small.alg Downloader Information
BTV Trojan Symptoms
Bancos.GIS Trojan Removal instruction
Busky Trojan Removal instruction

Cyn Trojan

How To Remove Cyn?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Cyn is dangerous virus:
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
They function in the same way as legal remote administration programs used by system administrators.
This makes them difficult to detect.

Backdoors are installed and launched without the consent of the user of computer.
Often the backdoor will not be visible in the log of active programs.

Once a backdoor has been successfully launched, the computer is wide open.
Backdoor functions can include:


  • Launching/ deleting files

  • Sending/ receiving files

  • Deleting data

  • Displaying notification

  • Rebooting the machine

  • Executing files




Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.
Backdoors combine the functionality of most other types of in one package.

Backdoors have one especially dangerous sub-class: variants that can propagate like worms.
Many trojans and backdoors now have remote administration capabilities
allowing an individual to control the victim's computer.
Many times a file called the server must be opened on the victim's computer before
the trojan can have access to it.

These are generally sent through email, P2P file sharing software,
and in internet downloads. They are usually disguised as a legitimate program or file.
Many server files will display a fake error message when opened, to make it seem like it didn't open.
Some will also kill antivirus and firewall software.


Cyn It also known as:

[Kaspersky]Backdoor.Cyn.101,Backdoor.Cyn.102,Backdoor.Cyn.103,Backdoor.Cyn.103.b,Backdoor.Cyn.12.a,Backdoor.Cyn.121,Backdoor.Cyn.20,Backdoor.Cyn.21.a;
[Eset]Win32/Cyn.101 trojan,Win32/Cyn.102.Server trojan,Win32/Cyn.103.A trojan,Win32/Cyn.103.B trojan,Win32/Cyn.12 trojan,Win32/Cyn.121 trojan;
[McAfee]BackDoor-PB;
[F-Prot]security risk or a "backdoor" program;
[Panda]Bck/Cyn.102,Bck/Cyn.103,Bck/Cyn.103.b,Bck/Cyn.10,Bck/Cyn.12,Backdoor Program,Backdoor Program.LC,Bck/Cyn.20,Bck/Cyn.22,Bck/Cyn,Bck/Cyn.21.a;
[Computer Associates]Backdoor/Cyn.102,Win32.Cyn.102,Backdoor/CYN!Server,Backdoor/Cyn.103.B,Win32.Cyn.103,Win32.Cyn.103.B,Backdoor/Cyn.101!Server,Win32.Cyn.101,Backdoor/Cyn.12!Server,Win32.Cyn.102.C,Backdoor/Cyn.1_2!Server,Win32.Cyn.121,Backdoor/Latinus_Server_family,Win32.Cyn.20,Backdoor/Cyn.2.1,Backdoor/Cyn.21!Server,Backdoor/Cyn.21.a,Win32.Cyn.21

Cyn Symptoms:

Files:
[%WINDOWS%]\user32.exe
[%WINDOWS%]\user32.exe

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Small.ja Downloader Information

Perl.Termapp Trojan

How To Remove Perl.Termapp?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Perl.Termapp is dangerous virus:
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.


Perl.Termapp Symptoms:

Registry Keys:
HKEY_LOCAL_MACHINE\software\microsoft\rotator
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\adrotator

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
TrojanDownloader.Win32.IstBar.aj Downloader Symptoms
LookQuick Toolbar Removal
Removing Psyber.Streaming.Server RAT
Remove Geschenk Trojan

VB.ot Trojan

How To Remove VB.ot?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
VB.ot is dangerous virus:
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
Often the backdoor will not be visible in the log of active programs.


VB.ot Symptoms:

Files:
[%WINDOWS%]\zodiac.ico
[%WINDOWS%]\zodiac.ico

Folders:
[%DESKTOP%]\get $10 free now at zodiac casino.ico
[%DESKTOP%]\icon\get $10 free now at zodiac casino.ico

Registry Values:
HKEY_CURRENT_USER\software\winrar sfx
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\userassist\{75048700-ef1f-11d0-9888-006097deacf9}\count
HKEY_CURRENT_USER\software\winrar sfx


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Xdoor Backdoor Removal instruction
TrojanClicker.Win32.Delf.ab Trojan Information
Removing adoptimizer.eu Tracking Cookie
Adware.Ezula Adware Information

Startpage.po Hijacker

How To Remove Startpage.po?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Startpage.po is dangerous virus:
Hijackers take control of various parts of your web browser, including your home page,
search pages, and search bar. They may also redirect you to certain sites should you
mistype an address or prevent you from going to a website they would rather you not,
such as sites that combat malware. Some will even redirect you to their own search engine
when you attempt a search.


Startpage.po Symptoms:

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{cbefb350-ed5b-4115-b846-c1041676b377}
HKEY_CLASSES_ROOT\interface\{42c2951d-e6f1-405c-a382-10c06bf313a3}
HKEY_CLASSES_ROOT\typelib\{597cef18-42b9-4db4-930a-f1f25cc0f0e3}


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Remove PC.Activity.Monitor.Professional Spyware

WhenU.UControl Adware

How To Remove WhenU.UControl?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
WhenU.UControl is dangerous virus:
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits


WhenU.UControl Symptoms:

Files:
[%COMMON_APPDATA%]\UControl\UControl Scan and Remove\ucontroldef.dat
[%COMMON_APPDATA%]\UControl\UControl Scan and Remove\ucontrolstatic.dat
[%PROGRAM_FILES_COMMON%]\UControl\UControl Scan and Remove\ucontrol_help.chm
[%COMMON_APPDATA%]\UControl\UControl Scan and Remove\ucontroldef.dat
[%COMMON_APPDATA%]\UControl\UControl Scan and Remove\ucontrolstatic.dat
[%PROGRAM_FILES_COMMON%]\UControl\UControl Scan and Remove\ucontrol_help.chm

Folders:
[%PROGRAM_FILES_COMMON%]\ucontrol
[%APPDATA%]\ucontrol
[%PROGRAM_FILES%]\common files\ucontrol

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{0c4c45db-a4dc-4cf4-8f1d-8cadf97855c9}
HKEY_CLASSES_ROOT\clsid\{70271f18-b604-40fe-a8cd-15baeb11ed84}
HKEY_CLASSES_ROOT\clsid\{cb8acef9-1085-4b47-b969-963e56aa9543}
HKEY_CLASSES_ROOT\interface\{0a65ca2b-edb9-48b1-92da-1d92c72498e4}
HKEY_CLASSES_ROOT\typelib\{916d4be3-6b0f-4e73-871a-17bd6ef3b2f9}\1.0
HKEY_CLASSES_ROOT\typelib\{a001a440-e479-4fa9-8270-2cc9f0e69e2c}\1.0
HKEY_CLASSES_ROOT\ucontrolscanandremove.ucontrolscanner
HKEY_CLASSES_ROOT\wss_sp_gen.class1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\ucontrol scan and remove
HKEY_LOCAL_MACHINE\software\ucontrol


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Remove SideFind Trojan

VideoPorno Adware

How To Remove VideoPorno?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
VideoPorno is dangerous virus:
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits


VideoPorno It also known as:

[Kaspersky]Trojan.Win32.Dialer.oq;
[Other]Win32/Secdrop.MU,Dialer.Sfonditialia

VideoPorno Symptoms:

Files:
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\VIDEOPORNO.lnk
[%DESKTOP%]\VIDEOPORNO.lnk
[%FAVORITES%]\VIDEOPORNO.lnk
[%PROFILE%]\My Documents\VIDEOPORNO.lnk
[%PROGRAMS%]\VIDEOPORNO.lnk
[%STARTMENU%]\VIDEOPORNO.lnk
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\VIDEOPORNO.lnk
[%DESKTOP%]\VIDEOPORNO.lnk
[%FAVORITES%]\VIDEOPORNO.lnk
[%PROFILE%]\My Documents\VIDEOPORNO.lnk
[%PROGRAMS%]\VIDEOPORNO.lnk
[%STARTMENU%]\VIDEOPORNO.lnk


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Bancos.HHR Trojan Removal instruction
Removing Toledorz Backdoor
TrojanDropper.Win32.Briars Trojan Symptoms
Deftcode Backdoor Removal instruction
UltraKeyboard Spyware Removal

SearchBoss Toolbar

How To Remove SearchBoss?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
SearchBoss is dangerous virus:
Toolbar presents itself as a helpful add-on for Internet Explorer but it is a real pest.

SearchBoss Symptoms:

Files:
[%SYSTEM%]\searchbosstoolbar.dll
[%WINDOWS%]\system\searchbosstoolbar.dll
[%SYSTEM%]\searchbosstoolbar.dll
[%WINDOWS%]\system\searchbosstoolbar.dll

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{e2b1672a-da31-4f7d-a2bf-c18c50bf8f6f}
HKEY_LOCAL_MACHINE\software\classes\clsid\{e2b1672a-da31-4f7d-a2bf-c18c50bf8f6f}

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Lydra Trojan Removal
Free.Popup.Killer Trojan Removal instruction

Glieder Trojan

How To Remove Glieder?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Glieder is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
The downloader either launches the new malware or registers it to enable autorun
according to the local operating system requirements.


Glieder It also known as:

[Kaspersky]Trojan-Downloader.Win32.Bagle.ay,Trojan-Downloader.Win32.Bagle.ak,trojan-Downloader.Win32.Bagle.ba,Trojan-Proxy.Win32.Mitglieder.ei,Trojan-Downloader.Win32.Badge.be,Trojan-Downlaoder.Win32.Bagle.bp,Email-Worm.Win32.Bagle.ij,Trojan-Downloader.Win32.Bagle.bp,Trojan-Downloader.win32.Bagle.bp;
[McAfee]W32/Beagle.dldr,W32/Bagle.dldr,W32/Badge.fj;
[Other]Win32/Glieder.DS,W#@.Beagle.EB,Win32/Glieder.DU,W32.Beagle.EB,Win32/Glieder.DV,Win32/Glieder.DW,Win32/Glieder.DX,Win32/Glieder.DY,Win32/Glieder.EA,Win32/Glieder.CL,W32/Mitglied.OA,Bagle.CQ,Win32/Glieder.ED,Win32/Glieder.EB,WIn32.Glieder.EG,Win32/Glieder.EG,Win32/Glieder.EI,Trojan.Tooso.R,Win32/Glieder.EL,Bloodhound.Beagle,Win32/Glieder.FD,Win32/Glieder.FG,Win32/Glieder.FE,Win32/Glieder.FF,Trojan.Mitglieder

Glieder Symptoms:

Files:
[%SYSTEM%]\hldrrr.exe
[%SYSTEM%]\ldr64.dll
[%SYSTEM%]\hldrrr.exe
[%SYSTEM%]\ldr64.dll

Registry Keys:
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ldr64

Registry Values:
HKEY_CURRENT_USER\software\firstrrrun


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Bonzo.exe Trojan Cleaner

VB.jq Trojan

How To Remove VB.jq?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
VB.jq is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.


VB.jq Symptoms:

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Zango.Walls.of.Jericho Adware Removal
Removing Qhost.hf Trojan

Hupigon.ah Backdoor

How To Remove Hupigon.ah?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Hupigon.ah is dangerous virus:
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
Often the backdoor will not be visible in the log of active programs.


Hupigon.ah Symptoms:

Registry Keys:
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\rwx2005


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Removing Stylersom Trojan
Remove Adtech Adware

Jaros RAT

How To Remove Jaros?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Jaros is dangerous virus:
Many trojans and backdoors now have remote administration capabilities
allowing an individual to control the victim's computer.
Many times a file called the server must be opened on the victim's computer before
the trojan can have access to it.

These are generally sent through email, P2P file sharing software,
and in internet downloads. They are usually disguised as a legitimate program or file.
Many server files will display a fake error message when opened, to make it seem like it didn't open.
Some will also kill antivirus and firewall software.

Some RAT trojans are pranks that are most likely being controlled by a friend or enemy on
April Fool's day or a holiday. Prank RATS are generally not harmful, and won't log keystrokes or hack.
They usually do whimsical things like flip the screen upside-down, open the CD-ROM tray,
and swap mouse buttons. However, they can be quite hard to remove.


Jaros Symptoms:

Registry Values:
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Fujacks Trojan Information
Removing Cool Trojan
SecondPower.Multimedia.Speedbar BHO Cleaner

Zep Trojan

How To Remove Zep?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Zep is dangerous virus:
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.


Zep It also known as:

[Eset]Bat.Wavefunc.Zep.163 virus;
[Panda]BAT/Zep;
[Computer Associates]Zep

Zep Symptoms:

Files:
[%PROGRAM_FILES%]\desktop messenger\8876480\6.1.0.155-8876480l\program\restart.exe
[%PROGRAM_FILES%]\desktop messenger\8876480\6.1.0.155-8876480l\program\restart.exe


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Midnight.Oil Adware Information
Remove Henbang Trojan
Dipti Backdoor Information

PWS.Zhengtu Trojan

How To Remove PWS.Zhengtu?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
PWS.Zhengtu is dangerous virus:
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Exploits use vulnerabilities in operating systems and applications to achieve the same result.


PWS.Zhengtu It also known as:

[McAfee]PWS-Zhengtu;
[Other]Win32/Frethog.BG,Infostealer.Gampass,Win32/Tuzheng

PWS.Zhengtu Symptoms:

Files:
[%SYSTEM%]\CN_SPI32.DLL
[%SYSTEM%]\CN_SPI32.DLL


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Absolute.Key.Logger Spyware Symptoms
Remove ServerDisk Trojan

Ertfor Trojan

How To Remove Ertfor?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Ertfor is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Trojans-downloaders downloads and installs new malware or adware on the computer.



Ertfor It also known as:

[Kaspersky]Trojan-Downloader.Win32.Small.ddx,Trojan-Downloader.Win32.Small.hcm,Trojan-Downloader.Win32.Small.fyx;
[McAfee]Downloader-AXM;
[F-Prot]W32/DL_smallP.W;
[Other]Win32/Ertfor.B,Win32/Ertfor.A,Win32/Ertfor.H,Win32/Ertfor.G,W32/DLoader.dam

Ertfor Symptoms:

Files:
[%SYSTEM%]\zxhstn.exe
[%SYSTEM%]\zxhstn.exe

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{b5ac49a2-94f2-42bd-f434-2604812c897d}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{b5ac49a2-94f2-42bd-f434-2604812c897d}

Registry Values:
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_CURRENT_USER\software\micrsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Neworld.Server Backdoor Removal
Ad.Popper Adware Cleaner
MSN.com Tracking Cookie Cleaner
Removing Vxidl.BBY Trojan
Win32.7thSphere Trojan Symptoms

Funsys Trojan

How To Remove Funsys?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Funsys is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.


Funsys It also known as:

[Other]Win32/Funsys.B

Funsys Symptoms:

Files:
[%SYSTEM%]\SysInfo.dll
[%SYSTEM%]\SysInfo.dll

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{989d2feb-5411-4565-8988-1dd2c5263377}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{989d2feb-5411-4565-8988-1dd2c5263377}


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
SDRY.com Tracking Cookie Removal instruction
Remove Remote.Revise Backdoor
Remove Arcvvir Trojan
SillyDl.CPB Trojan Removal instruction
Removing Family.Key.Logger Spyware

Banker.aci Trojan

How To Remove Banker.aci?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Banker.aci is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.


Banker.aci Symptoms:

Registry Keys:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{17da0c9e-4a27-4ac5-bb75-5d24b8cdb972}


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Pompos Trojan Information