Tuesday, December 2, 2008

BigBrother RAT

How To Remove BigBrother?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
BigBrother is dangerous virus:
Some RAT trojans are pranks that are most likely being controlled by a friend or enemy on
April Fool's day or a holiday. Prank RATS are generally not harmful, and won't log keystrokes or hack.



BigBrother It also known as:

[McAfee]BigBrother;
[Panda]Application/Bigbro.A

BigBrother Symptoms:

Folders:
[%PROGRAM_FILES%]\bigbrother


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Vxidl.AVI Trojan Removal instruction
Ezik Spyware Removal instruction
Win.Surfer Trojan Removal
Winmgts Trojan Information

Sectemp Adware

How To Remove Sectemp?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Sectemp is dangerous virus:
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.



Sectemp Symptoms:

Registry Values:
HKEY_LOCAL_MACHINE\software\sectemp
HKEY_LOCAL_MACHINE\software\sectemp
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\sectemp
HKEY_LOCAL_MACHINE\software\sectemp
HKEY_LOCAL_MACHINE\software\sectemp
HKEY_LOCAL_MACHINE\software\sectemp
HKEY_LOCAL_MACHINE\software\sectemp
HKEY_LOCAL_MACHINE\software\sectemp


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Removing Phishbank.AUB Trojan
Removing Formov Trojan
Expext.MetaDirect BHO Cleaner

Delf.5NA Trojan

How To Remove Delf.5NA?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Delf.5NA is dangerous virus:
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.


Delf.5NA It also known as:

[Kaspersky]Trojan.Win32.Delf.nu;
[Other]Win32/Delf.5na!Trojan,W32/Delf.HDD

Delf.5NA Symptoms:

Files:
[%SYSTEM%]\oobe\csrss.exe
[%SYSTEM%]\shlapiw32.dll
[%SYSTEM%]\oobe\csrss.exe
[%SYSTEM%]\shlapiw32.dll

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{459352b2-d4ce-13d4-2d78-03501003ef20}
HKEY_CLASSES_ROOT\clsid\{459fa2b2-e4c2-13d4-ca84-03501f45b839}

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
NB46 Toolbar Information
Pigeon.AZA Trojan Information
Remove Danmec Trojan
Train Trojan Information
Bancos.HDC Trojan Information

Eye.Candy.Monitor Spyware

How To Remove Eye.Candy.Monitor?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Eye.Candy.Monitor is dangerous virus:
Spyware can even change computer settings, resulting in slow connection speeds,
different home pages, and loss of Internet or other programs.
In an attempt to increase the understanding of spyware, a more formal classification
of its included software types is captured under the term privacy-invasive software.


Eye.Candy.Monitor Symptoms:

Folders:
[%PROGRAM_FILES%]\YEKPND

Registry Keys:
HKEY_CURRENT_USER\software\microsoft\installer\features\41e6ba23c8612ef4c87090bb1cb9a21c
HKEY_CURRENT_USER\software\microsoft\installer\upgradecodes\1785d32f84544ba488c2e5429737b44a
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\installer\upgradecodes\1785d32f84544ba488c2e5429737b44a
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{32ab6e14-168c-4fe2-8c07-09bbc19b2ac1}
HKEY_LOCAL_MACHINE\software\yourcompany\youreyecandykeyloggerprogramname

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\installer\folders
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
IDonate BHO Removal

PcLog Trojan

How To Remove PcLog?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
PcLog is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Hacker Tools are designed to penetrate remote computers
in order to use them as zombies or to download other malicious programs to computer.


PcLog It also known as:

[Kaspersky]Trojan.Spy.PcLog.510;
[F-Prot]security risk or a "backdoor" program;
[Panda]Trojan Horse.LC;
[Computer Associates]Win32/PcLog.530!DLL!Trojan,Win32/PCLog.5.1.0!Spy!Trojan

PcLog Symptoms:

Folders:
[%PROGRAM_FILES%]\pclog

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
SillyDl.DDQ Trojan Information
Malware Toolbar Toolbar Information
Removing WurldMedia.MDef Hijacker

combrepl.dll Adware

How To Remove combrepl.dll?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
combrepl.dll is dangerous virus:
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
The BHO (Browser Helper Object) waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.


combrepl.dll Symptoms:

Files:
[%SYSTEM%]\combrepl.dll
[%SYSTEM%]\combrepl.dll

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{3a4abde6-94ad-40bb-a722-3ec89055adc1}
HKEY_LOCAL_MACHINE\software\classes\clsid\{3a4abde6-94ad-40bb-a722-3ec89055adc1}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{3a4abde6-94ad-40bb-a722-3ec89055adc1}


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Pigeon.AVPG Trojan Cleaner
hp Hijacker Cleaner
Removing Italian.Soccer.Wallpaper Adware
Myss Trojan Information
Pigeon.FAC Trojan Symptoms

Web.CPR Adware

How To Remove Web.CPR?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Web.CPR is dangerous virus:
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits


Web.CPR It also known as:

[Panda]Adware/TopRebates

Web.CPR Symptoms:

Folders:
[%PROGRAM_FILES%]\web_cpr

Registry Keys:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\unwcpr2000
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\wcpr

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
BonziBuddy Adware Symptoms

Win32.StartPage.fw Trojan

How To Remove Win32.StartPage.fw?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Win32.StartPage.fw is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
BHO (Browser Helper Object) Trojan.
The BHO waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.
The method of network transport used by the attacker makes this Trojan unique.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.
Instead, this Trojan encodes the data with a simple XOR algorithm before placing it into
the data section of an ICMP ping packet." explained the company.
Hijackers are software programs that modify users' default browser home page,
search settings, error page settings, or desktop wallpaper without adequate notice, disclosure,
or user consent.


Win32.StartPage.fw It also known as:

[Kaspersky]Trojan.Win32.StartPage.gv;
[Eset]Win32/StartPage.GV trojan;
[Panda]Adware/SearchX,Trj/StartPage.EB,Trj/StartPage.HJ;
[Computer Associates]Win32.Startpage.FZ,Win32.Startpage.GL,Win32.Startpage.LN,Win32/StartPage.CoolWeb!BHO!Troj,Win32/StartPage.CZ!DLL!Trojan

Win32.StartPage.fw Symptoms:

Files:
[%SYSTEM%]\mfplay.dll
[%WINDOWS%]\mrhop.dll
[%SYSTEM%]\mfplay.dll
[%WINDOWS%]\mrhop.dll

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{16f163a1-00ed-4186-956d-159cf2de0fad}
HKEY_CLASSES_ROOT\clsid\{7ef588b5-3ac3-4a9f-9c76-21b6547e59f6}
HKEY_CLASSES_ROOT\clsid\{9978b2e8-29f0-4c85-abc6-a322b1cde8f5}
HKEY_LOCAL_MACHINE\software\classes\clsid\{9978b2e8-29f0-4c85-abc6-a322b1cde8f5}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{16f163a1-00ed-4186-956d-159cf2de0fad}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{7ef588b5-3ac3-4a9f-9c76-21b6547e59f6}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{9978b2e8-29f0-4c85-abc6-a322b1cde8f5}


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Ginwui Trojan Removal instruction
Eps Trojan Removal
Yewbdown Trojan Symptoms
Bancos.GQC Trojan Cleaner

NetMetro Trojan

How To Remove NetMetro?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
NetMetro is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
They function in the same way as legal remote administration programs used by system administrators.
This makes them difficult to detect.

Backdoors are installed and launched without the consent of the user of computer.
Often the backdoor will not be visible in the log of active programs.

Once a backdoor has been successfully launched, the computer is wide open.
Backdoor functions can include:


  • Launching/ deleting files

  • Sending/ receiving files

  • Deleting data

  • Displaying notification

  • Rebooting the machine

  • Executing files




Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.
Backdoors combine the functionality of most other types of in one package.

Backdoors have one especially dangerous sub-class: variants that can propagate like worms.
Many trojans and backdoors now have remote administration capabilities
allowing an individual to control the victim's computer.
Many times a file called the server must be opened on the victim's computer before
the trojan can have access to it.

These are generally sent through email, P2P file sharing software,
and in internet downloads. They are usually disguised as a legitimate program or file.
Many server files will display a fake error message when opened, to make it seem like it didn't open.
Some will also kill antivirus and firewall software.

Some RAT trojans are pranks that are most likely being controlled by a friend or enemy on
April Fool's day or a holiday. Prank RATS are generally not harmful, and won't log keystrokes or hack.
They usually do whimsical things like flip the screen upside-down, open the CD-ROM tray,
and swap mouse buttons. However, they can be quite hard to remove.


NetMetro It also known as:

[Kaspersky]Backdoor.NetMetro.b,Backdoor.NetMetro.a;
[McAfee]BackDoor-DA;
[F-Prot]security risk or a "backdoor" program;
[Panda]Bck/NetMetro.10,Bck/NetMetro.B,Trj/Netmetro.104.Cl,Trj/Netmetro.104.Sr;
[Computer Associates]Backdoor/NetMetro.B,Backdoor/NetMetro.nms,Win32.NetMetro

NetMetro Symptoms:

Files:
[%WINDOWS%]\netsnoop.ini
[%WINDOWS%]\netsnoop.ini


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
pointshop.com Tracking Cookie Removal instruction
IGMP.Lanxue DoS Information
Remove Bossat Backdoor
Remove Shadow.Remote Backdoor

HideWindow Trojan

How To Remove HideWindow?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
HideWindow is dangerous virus:
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Worms can be classified according to the propagation method they use,
i.e. how they deliver copies of themselves to new victim machines.
Worms can also be classified by installation method, launch method and finally according
to characteristics standard to all malware: polymorphism, stealth etc.

Many of the worms which managed to cause significant outbreaks use more then
one propagation method as well as more than one infection technique.
The methods are listed separately below.
Exploits use vulnerabilities in operating systems and applications to achieve the same result.
These programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.

DoS trojans conduct such attacks from a single computer with the consent of the user.

Worms can carry a DoS procedure as part of their payload.


HideWindow It also known as:

[Kaspersky]RiskTool.Win32.HideWindows,RiskTool.Win32.HideRun;
[McAfee]HideWindow,RemoteProcessLaunch;
[F-Prot]security risk named W32/Hidewnd.component;
[Panda]Application/HideWindow.A,Application/Psexec.A,Worm Generic;
[Computer Associates]IRC.Flood;
[Other]Mal/Packer,Win32/ModTool.H,Hacktool.HideWindow,Win32/ModTool.R,VirTool:Win32/Hiderun.A,VirTool:win32/HiddenRun.B,VirTool:Win32/HideRun.B

HideWindow Symptoms:

Files:
[%SYSTEM%]\drivers\etc\h6\winhelper.exe
[%SYSTEM%]\mur.exe
[%WINDOWS%]\system\DRIVER\h.exe
[%WINDOWS%]\win32.exe
[%SYSTEM%]\drivers\etc\h6\winhelper.exe
[%SYSTEM%]\mur.exe
[%WINDOWS%]\system\DRIVER\h.exe
[%WINDOWS%]\win32.exe

Registry Keys:
HKEY_CURRENT_USER\software\adrian lopez\hidewindow


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Chinese_Keywords Adware Removal
Mneah Backdoor Removal instruction
Winfo Adware Information
Pigeon.ERU Trojan Removal instruction

Agent.bg Trojan

How To Remove Agent.bg?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Agent.bg is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.



Agent.bg It also known as:

[Kaspersky]Backdoor.Win32.Agent.bg;
[Eset]Win32/Agent.BG trojan,Win32/Agent.NAD trojan;
[Panda]Bck/Agent.K;
[Computer Associates]Win32.Daqa.A,Win32.Daqa.B,Win32/Agent.167936!Backdoor,Win32/Daqa.B.Trojan

Agent.bg Symptoms:

Files:
[%WINDOWS%]\aqadcup.exe
[%WINDOWS%]\jawa32.exe
[%WINDOWS%]\aqadcup.exe
[%WINDOWS%]\jawa32.exe

Registry Values:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
StartNow.HyperBar Adware Information
Remove TrojanDownloader.Win32.small.fk Trojan
OverPro Adware Symptoms
Bancos.GVM Trojan Removal

MultiDropper Trojan

How To Remove MultiDropper?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
MultiDropper is dangerous virus:
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Worms can be classified according to the propagation method they use,
i.e. how they deliver copies of themselves to new victim machines.
Worms can also be classified by installation method, launch method and finally according
to characteristics standard to all malware: polymorphism, stealth etc.

Many of the worms which managed to cause significant outbreaks use more then
one propagation method as well as more than one infection technique.
The methods are listed separately below.
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
Often the backdoor will not be visible in the log of active programs.
The downloader either launches the new malware or registers it to enable autorun
according to the local operating system requirements.
Hacker Tools are designed to penetrate remote computers
in order to use them as zombies or to download other malicious programs to computer.
DoS programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.




MultiDropper It also known as:

[Kaspersky]TrojanDropper.Win32.EliteWrap.104,TrojanDropper.Win32.TopBind,TrojanDropper.Win32.Tophead.c,TrojanDropper.Win32.TopBinder,TrojanDropper.Win32.Joiner.a,TrojanDropper.Win32.Troman.a,TrojanDropper.Win32.Troman.b,TrojanDropper.Win32.Troman.b2,Backdoor.IRC.Flood.a,I-Worm.Goner,I-Worm.Heather,Win32.Cabanas.b,Win95.CIH,TrojanDropper.Win32.RFL,TrojanDropper.Win32.Multibinder.11,TrojanDropper.Win32.Multibinder.121,TrojanDropper.Win32.Smasher.10,TrojanDropper.Win32.Yabinder.b,TrojanDropper.Win32.Juntador.b,TrojanDropper.Win32.Juntador.j,TrojanDropper.Win32.Delf.k,TrojanDropper.Win32.Dotf.10,TrojanDropper.Win32.Dotf.12,TrojanDropper.Win32.InvisJoiner.13,TrojanDropper.Win32.ExeStealth.23,TrojanDropper.Win32.Small.af,TrojanDropper.Win32.Djoiner.11,Trojan-Dropper.Win32.Agent.bv,TrojanDropper.Win32.SennaOneMaker.20,TrojanDropper.Win32.Joiner.i,Trojan-Dropper.Win32.Joiner.i,TrojanDropper.Win32.Joiner.j,Trojan-Dropper.Win32.Joiner.j,TrojanDropper.Win32.Multibinder.12,TrojanDropper.Win32.Yabinder.20,TrojanDropper.Win32.Yabinder.102,TrojanDropper.Win32.Fearless,Trojan-Dropper.Win32.Fearless,TrojanDropper.Win32.Kapart,Trojan-Dropper.Win32.Kapart,Trojan-Dropper.Win32.SennaOneMaker.20,Trojan-Dropper.Win32.Joiner.a,TrojanDropper.Win32.FC.a,Trojan-Dropper.Win32.FC.a,TrojanDropper.Win32.Small.a,TrojanDropper.Win32.SennaOneMaker.21,TrojanDropper.Win32.GR,TrojanDropper.Win32.Joiner.w,TrojanDropper.Win32.Justas,TrojanDropper.Win32.Delf.f,TrojanDropper.Win32.Small.o.gen,TrojanDropper.Win32.Small.e,TrojanDropper.Win32.Juntador.c,Trojan-Dropper.Win32.Agent.axv,Trojan.Win32.BKClient,Trojan-Dropper.Win32.Agent.mu,Trojan-Dropper.Win32.Agent.hr;
[Eset]Win32/TrojanDropper.MultiBinder.11 trojan,Win32/TrojanDropper.Yabinder.B trojan,Win32/TrojanDropper.Dotf.10 trojan,Win32/TrojanDropper.Dotf.12 trojan,Win32/Joiner.G trojan,Win32/TrojanRunner.Joiner.I trojan,Win32/TrojanDropper.Joiner.I trojan,Win32/TrojanDropper.Apploader trojan,Win32/TrojanDropper.Fearless.A trojan,Win32/RSP.A trojan,Win32/TR trojan,Win32/TrojanDropper.FC.A trojan,Win32/RunAuto trojan;
[McAfee]MultiDropper-E,MultiDropper-BU,MultiDropper-EZ,Weird,MultiDropper,MultiDropper-AQ,BackDoor-Sub7,VBS/Generic@MM,W95/CIH,MultiDropper-CQ,MultiDropper-FG,MultiDropper-FG trojan,MultiDropper-AC,MultiDropper-AR,MultiDropper-BN,MultiDropper-BG,MultiDropper-DC,MultiDropper-DF trojan,MultiDropper-EC,MultiDropper-EE,MultiDropper-EW,MultiDropper-FX,MultiDropper-EU,MultiDropper-AF,MultiDropper-Z,MultiDropper-AB,MultiDropper-CL,MultiDropper-M,MultiDropper-U,MultiDropper-CY,MultiDropper-AE,Rsp,W32/Deborm.dr,RingZero.dr,RunAuto,MultiDropper-AV,MultiDropper-CH,MultiDropper-V,MultiDropper-CE,MultiDropper-BQ,MultiDropper-QU,MultiDropper-PO,Generic.MultiDropper.j,Downloader-ACV,MultiDropper-MK,MultiDropper-JD;
[F-Prot]destructive program,W32/Cabanas.3018.A,W32/CIH.1003.unknown?,virus dropper,security risk or a "backdoor" program,W32/Backdoor.TheThing,W32/Trojan.Small.A,virus construction tool,->exefile is a security risk or a "backdoor" program,W32/Trojan.Ybinder.A,->exefile Infection: SubSeven.backdoor.v213,->exefile Infection: SubSeven.backdoor.v2_0,security risk named W32/Yabinder.A,->exefile Infection: W32/SubSeven.backdoor.v22a,->exefile is a destructive program,->exefile is a security risk named W32/Litmus.A,W32/Dropper.ESC,W32/VirTool.BIX;
[Panda]Trj/W32.GR,Trojan Horse,SubSeven.Bck.v19,Trj/Runner.TopBind,Trojan Horse.LC,W32/TrojanRunner,Trj/Runner.Troman.a,Trj/Runner.Troman.b,Trj/W32.Troman,W32/Goner.A@mm,Trj/W32.RFL,Trj/Juntador.A,Trj/Yabinder.B,Trj/Multidrop.Junt,Trj/InvisJoiner.13,HackTool/Yabinder.A,Trj/Yabinder.A,Trj/FC,Trj/W32.Drp.gen,Trj/W32.ExeBundle,Trj/Joiner.a,W32/TrojanRunner.G,Trj/Runner.Joiner.K,Trj/W32.Runner.Small,Trj/W32.Joiner.J,Bck/Sub7.Chiris,Trj/PSW.Ring0.A,Trj/SennaOne,Trj/PSW.Barok.10,Trj/W32.Small.F,Trj/Runner.G,Trj/Runner.Apploader,Trj/Runner.Justas,Backdoor Program.LC;
[Computer Associates]Win32/EliteWrap.104!Dropper,Win32/TopBind!Dropper,Win32/TopHeader.B!Trojan,Win32/TopBind!Trojan,Win32.TheJoiner.15x.A,Win32/Joiner.A!Joiner,Win32.Troman.15,Win32/TrojanMan!Trojan,Win32/TrojanManBind!Trojan,Win32/TrojanRunner.Troman.B2!Tro,IRC.Flood,mIRC/Shaz.A!Worm,Win32.Goner.A,Win32/Goner.A!Worm,Win32.RFL,Win32/Rfl!Dropper,Win32/RFL!Trojan,Win32/Multibinder.12!Dropper,Win32/Multibinder.121!Trojan,Backdoor/BioNet.Pack,Win32/EXESmash!Trojan,Win32.Juntador,Win32/Juntador.C!Joiner,Win32/Juntador.c!Trojan,Win32.Small.E,Win32/Small.E!Joiner,Win32/Juntador.B!Joiner,Win32/Juntador!Trojan,Win32.ExeStealth.23,Win32/ExeStealth.23!Trojan,Win32.PVStealth.A,Win32/PSPV.KStealth.33760!Trojan,Win32.TrojanRunner.Yab.200,Win32/Yab2000!Joiner,Win32/Yab2000!Trojan,Win32/Yabinder.20!Joiner,Win32.TrojanRunner.I,Win32/MultiDropper.AF-0!Dropper,Win32/SennaOneMaker.b!Joiner,Win32.DJoiner.11,Win32/Runner.SE!Trojan,Win32.TheJoiner.15x.B,Win32/Joiner.G!Trojan,Win32.TheJoiner.15x.C,Bat/Deltree.YM!Trojan,Win32.TrojanRunner.Small,Backdoor/Delf.f!Dropper,Win32.DeepThroat.31,Win32/Joiner.I!Joiner,Win32/Xcvbnm!Trojan,Win32.Apploader.A,Win32.TrojanRunner.Yab.102,Win32/Yab.102!Trojan,Win32.Fearless,Win32/FearLess!Trojan,Win32/SubSeven!Backdoor!Dropper,Win32.TrojanRunner.RSP.A,Win32.TrojanRunner.EliteWrap.104,Win32.TrojanRunner.RSP.D/E,Win32.Joiner.W,Win32.TrojanRunner.RSP.C,Win32.SilkRope2K,Win32.Small.O,Win32.Split;
[Other]Win32/Multidropper.AM,Win32/SillyDl.AUB,Trojan.Dropper,Smalldrp.JDU,Adware.TargetSaver,Trojan-Dropper.Win32.MultiJoiner.13.h,W32/Joiner.ZJ,Win32/Testuu.L,Win32/Multidropper.AN,Win32/Multidropper.AQ,Win32/Multidropper.AL,Win32/Multidropper.BV,Win32/Multidropper.BW,W32/DLoader.CNZU,Trojan Horse,Malware.VOZ,Trojan.Popper,W32/BookedSpace.AN.dropper,TROJ_DLOADER.DXD,Troj/Dloadr-AQF,Troj/Mdrop-JP,W32/Agent.CIB

MultiDropper Symptoms:

Files:
[%WINDOWS%]\rau001978.exe
[%SYSTEM%]\mscnf.dll
[%SYSTEM%]\RXJH.dll
[%SYSTEM%]\smart-search.exe
[%SYSTEM%]\syst2.exe
[%SYSTEM%]\syst3.exe
[%SYSTEM%]\thn.dll
[%SYSTEM%]\thn32.dll
[%SYSTEM%]\trf32.dll
[%WINDOWS%]\DWINSTALL329.bat
[%WINDOWS%]\system\mcheck.exe
[%WINDOWS%]\rau001978.exe
[%SYSTEM%]\mscnf.dll
[%SYSTEM%]\RXJH.dll
[%SYSTEM%]\smart-search.exe
[%SYSTEM%]\syst2.exe
[%SYSTEM%]\syst3.exe
[%SYSTEM%]\thn.dll
[%SYSTEM%]\thn32.dll
[%SYSTEM%]\trf32.dll
[%WINDOWS%]\DWINSTALL329.bat
[%WINDOWS%]\system\mcheck.exe

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{3495d328-661a-4fb0-ba67-8acdd1704d1e}
HKEY_CURRENT_USER\clsid\{0656a137-b161-cadd-9777-e37a75727e78}
HKEY_CURRENT_USER\clsid\{0bc9bc01-54d4-4cce-2b7d-955164314cd4}
HKEY_CURRENT_USER\software\classes\clsid\{0656a137-b161-cadd-9777-e37a75727e78}
HKEY_CURRENT_USER\software\classes\clsid\{0bc9bc01-54d4-4cce-2b7d-955164314cd4}

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\currentversion\windows\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Remove BearShare Worm
Surfairy Adware Cleaner
IE.Patch Backdoor Information

Alcan.5tn Worm

How To Remove Alcan.5tn?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Alcan.5tn is dangerous virus:
Many of the worms which managed to cause significant outbreaks use more then
one propagation method as well as more than one infection technique.



Alcan.5tn Symptoms:

Files:
[%PROGRAM_FILES%]\outlook\outlook.exe
[%PROGRAM_FILES%]\outlook\outlook.exe

Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Netscreen RAT Symptoms
CleverIEHooker BHO Cleaner
Kpong Trojan Symptoms
Removing SillyDl.DBO Trojan

Win32.SecondThought.ag Trojan

How To Remove Win32.SecondThought.ag?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Win32.SecondThought.ag is dangerous virus:
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
As this information is entered by the user, it is captured by the BHO (Browser Helper Object) and
sent back to the attacker.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.Hijackers are software programs that modify users' default browser home page,
search settings, error page settings, or desktop wallpaper without adequate notice, disclosure,
or user consent.

When the default home page is hijacked, the browser opens to the web page set by the hijacker
instead of the user's designated home page. In some cases, the hijacker may block users from
restoring their desired home page.

A search hijacker redirects search results to other pages and may
transmit search and browsing data to unknown servers. An error page hijacker directs
the browser to another page, usually an advertising page, instead of the usual error
page when the requested URL is not found.

A desktop hijacker replaces the desktop wallpaper with advertising
for products and services on the desktop.

Hijackers take control of various parts of your web browser, including your home page,
search pages, and search bar. They may also redirect you to certain sites should you
mistype an address or prevent you from going to a website they would rather you not,
such as sites that combat malware. Some will even redirect you to their own search engine
when you attempt a search. NB: hijackers almost exclusively target Internet Explorer.


Win32.SecondThought.ag It also known as:

[Kaspersky]Trojan.Win32.SecondThought;
[Other]Adware.SecondThought,Trojan.Win32.SecondThought.c,Win32/SecondThought.G

Win32.SecondThought.ag Symptoms:

Files:
[%WINDOWS%]\system\2ndsrch.dll
[%WINDOWS%]\system\2ndsrch.dll


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
r3 Trojan Removal
Delfile2.Cab Hostile Code Removal instruction
Agent.ea Downloader Cleaner
DlCust Downloader Symptoms

YapBrowser Adware

How To Remove YapBrowser?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
YapBrowser is dangerous virus:
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.



YapBrowser Symptoms:

Files:
[%COMMON_DESKTOPDIRECTORY%]\YapBrowser.lnk
[%COMMON_STARTUP%]\YapBrowser.lnk
[%COMMON_DESKTOPDIRECTORY%]\YapBrowser.lnk
[%COMMON_STARTUP%]\YapBrowser.lnk

Folders:
[%COMMON_PROGRAMS%]\YapBrowser
[%PROGRAM_FILES%]\YapBrowser

Registry Keys:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\yapbrowser


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Watch.Me! Spyware Information
Registry.Defender Adware Removal
Fblack Trojan Removal instruction

BrowserPal BHO

How To Remove BrowserPal?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
BrowserPal is dangerous virus:
As this information is entered by the user, it is captured by the BHO (Browser Helper Object) and
sent back to the attacker.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.

BrowserPal Symptoms:

Files:
[%SYSTEM%]\blckbho.dll
[%SYSTEM%]\bptlb.dll
[%WINDOWS%]\system\blckbho.dll
[%WINDOWS%]\system\bptlb.dll
[%SYSTEM%]\blckbho.dll
[%SYSTEM%]\bptlb.dll
[%WINDOWS%]\system\blckbho.dll
[%WINDOWS%]\system\bptlb.dll

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{5f5564ac-de7a-4dcd-9296-32e71a35dcb7}
HKEY_CLASSES_ROOT\clsid\{d34f641f-5210-4eb0-8ed5-9179f47e15b7}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{5f5564ac-de7a-4dcd-9296-32e71a35dcb7}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{d34f641f-5210-4eb0-8ed5-9179f47e15b7}
HKEY_CURRENT_USER\software\browser pal
HKEY_LOCAL_MACHINE\software\browser pal
HKEY_LOCAL_MACHINE\software\classes\clsid\{5f5564ac-de7a-4dcd-9296-32e71a35dcb7}
HKEY_LOCAL_MACHINE\software\classes\clsid\{d34f641f-5210-4eb0-8ed5-9179f47e15b7}
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\extensions\{07b7f771-1b8e-4b7b-823e-ffac1732aa9f}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{5f5564ac-de7a-4dcd-9296-32e71a35dcb7}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{d34f641f-5210-4eb0-8ed5-9179f47e15b7}


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
PSW.Lmir.gen Trojan Removal
Remove Activex.Dialer Adware
Removing RBot.GRU Spyware

Hellraider RAT

How To Remove Hellraider?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Hellraider is dangerous virus:
Many trojans and backdoors now have remote administration capabilities
allowing an individual to control the victim's computer.
Many times a file called the server must be opened on the victim's computer before
the trojan can have access to it.

These are generally sent through email, P2P file sharing software,
and in internet downloads. They are usually disguised as a legitimate program or file.
Many server files will display a fake error message when opened, to make it seem like it didn't open.
Some will also kill antivirus and firewall software.


Hellraider Symptoms:

Files:
[%WINDOWS%]\hellraider.exe
[%WINDOWS%]\hellraider.exe

Registry Values:
HKEY_CURRENT_USER\software\mirabilis\icq\agent\apps\cxyfp
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Dumador.cr Backdoor Cleaner

KCGame RAT

How To Remove KCGame?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
KCGame is dangerous virus:
Many trojans and backdoors now have remote administration capabilities
allowing an individual to control the victim's computer.
Many times a file called the server must be opened on the victim's computer before
the trojan can have access to it.

These are generally sent through email, P2P file sharing software,
and in internet downloads. They are usually disguised as a legitimate program or file.
Many server files will display a fake error message when opened, to make it seem like it didn't open.
Some will also kill antivirus and firewall software.


KCGame Symptoms:

Files:
[%WINDOWS%]\system\winsys.exe
[%WINDOWS%]\system\y!.ocx
[%WINDOWS%]\system\winsys.exe
[%WINDOWS%]\system\y!.ocx


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Vxidl.BDD Trojan Symptoms
Taladrator.public Trojan Removal

NowBox Adware

How To Remove NowBox?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
NowBox is dangerous virus:
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
A Search hijacker redirects search results to other pages and may
transmit search and browsing data to unknown servers. An error page hijacker directs
the browser to another page, usually an advertising page, instead of the usual error
page when the requested URL is not found.


NowBox Symptoms:

Files:
[%DESKTOP%]\nowbox.lnk
[%PROGRAMS%]\nowbox\nowbox.lnk
[%STARTUP%]\nowbox.lnk
[%SYSTEM%]\systrayuser.dll
[%WINDOWS%]\system\systrayuser.dll
[%DESKTOP%]\nowbox.lnk
[%PROGRAMS%]\nowbox\nowbox.lnk
[%STARTUP%]\nowbox.lnk
[%SYSTEM%]\systrayuser.dll
[%WINDOWS%]\system\systrayuser.dll

Folders:
[%PROFILE%]\start menu\programs\nowbox
[%PROGRAM_FILES%]\vflash

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{a0bd4ff5-d828-11d3-9eb5-00600837e6ee}
HKEY_CLASSES_ROOT\interface\{a0bd4ff6-d828-11d3-9eb5-00600837e6ee}
HKEY_CLASSES_ROOT\systrayuser.energenicsystrayuser
HKEY_CLASSES_ROOT\systrayuser.energenicsystrayuser.1
HKEY_CLASSES_ROOT\typelib\{a0bd4fe6-d828-11d3-9eb5-00600837e6ee}
HKEY_CURRENT_USER\software\valueflash
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{9dc5d4a4-3f21-40e2-aaa5-000000000004}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\nowbox

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shareddlls


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Pigeon.EPE Trojan Removal

Townews Adware

How To Remove Townews?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Townews is dangerous virus:
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

The BHO (Browser Helper Object) waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.


Townews Symptoms:

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{634efde4-087d-4ce9-952f-63c9eeb2e0bf}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{634efde4-087d-4ce9-952f-63c9eeb2e0bf}
HKEY_LOCAL_MACHINE\software\classes\clsid\{634efde4-087d-4ce9-952f-63c9eeb2e0bf}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{634efde4-087d-4ce9-952f-63c9eeb2e0bf}


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Removing WebDownloader.Illwill Downloader
Little.Witch.FTP Backdoor Removal
AB.System.Spy Spyware Symptoms
TrojanClicker.Win32.VB.bg Trojan Symptoms

Atmaca Downloader

How To Remove Atmaca?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Atmaca is dangerous virus:
The downloader either launches the new malware or registers it to enable autorun
according to the local operating system requirements.


Atmaca Symptoms:

Files:
[%WINDOWS%]\system\sysreq.exe
[%WINDOWS%]\system\sysreq.exe

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Remove UpF.ker Backdoor
Vxidl.AOS Trojan Symptoms
ICQ.GNotify Trojan Information

DlWreck Trojan

How To Remove DlWreck?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
DlWreck is dangerous virus:
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
This family of Trojans downloads and installs new malware or adware on the computer.
The downloader then either launches the new malware or registers it to enable autorun
according to the local operating system requirements.

The names and locations of malware to be downloaded are either coded into the
Trojan or downloaded from a specified website.


DlWreck It also known as:

[Kaspersky]Trojan-Downlaoder.Win32.Agent.aoa,Trojan-Downloader.Win32.Vidlo.y,Trojan.Win32.Pakes,Trojan-Downloader.Win32.Nurech.f,Trojan-Downloader.Win32.Nurech.i,Trojan-Downloader.Win32.Nurech.z,Trojan-Downlaoder.Win32.Nurech.w,Trojan-Downloader.Win32.Agent.ann,Trojan-Downloader.Win32.Agent.bhc,Trojan-Downloader.Win32.Nurech.ar,Trojan-Downloader.Win32.Nurech.az,Trojan-Downloader.Win32.Nurech.bf,Trojan-Downloader.Win32.Nurech.bk,Trojan-Downloader.Win32.Nurech.bt;
[McAfee]Downladoer-AAP,Downloader-AAP,Downloader-AAp,Downlaoder-AAP;
[Other]Win32/DlWreck.AI,Downlaoder,Backdoor.Trojan,Win32/DlWreck.V,Troj/Vidlo-C,Win32/DlWreck.AD,Win32/DlWreck.AV,Trojan.Schoeberl.D,Win32/DlWreck.AX,Downloader,Win32/DlWreck.BE,Win32/DlWreck.BC,Win32/DlWreck.BG,Trojan.Schoebert.E,Win32/DlWreck.BL,Win32/DlWreck.BM,Win32/DlWreck.BP,Win32/DlWreck.BR,Win32/DlWreck.BU,Win32/DlWreck.CI,Troj/DwnLdr-GWQ

DlWreck Symptoms:

Files:
[%SYSTEM%]\drivers\acge.dt
[%SYSTEM%]\drivers\c656.tx
[%SYSTEM%]\drivers\onud.dat
[%SYSTEM%]\drivers\qas.tx
[%SYSTEM%]\drivers\winut.dat
[%SYSTEM%]\iasx.exe
[%SYSTEM%]\ipcbt.exe
[%SYSTEM%]\ipf.exe
[%SYSTEM%]\iptb.exe
[%SYSTEM%]\isca.exe
[%SYSTEM%]\isxa.exe
[%SYSTEM%]\drivers\acge.dt
[%SYSTEM%]\drivers\c656.tx
[%SYSTEM%]\drivers\onud.dat
[%SYSTEM%]\drivers\qas.tx
[%SYSTEM%]\drivers\winut.dat
[%SYSTEM%]\iasx.exe
[%SYSTEM%]\ipcbt.exe
[%SYSTEM%]\ipf.exe
[%SYSTEM%]\iptb.exe
[%SYSTEM%]\isca.exe
[%SYSTEM%]\isxa.exe

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\load
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
ACI Backdoor Information
NeoArk Backdoor Symptoms
STIEBar Adware Removal instruction
FDoS.ICQPager Trojan Information

SillyDl.CIK Trojan

How To Remove SillyDl.CIK?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
SillyDl.CIK is dangerous virus:
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.


SillyDl.CIK Symptoms:

Files:
[%PROFILE_TEMP%]\b131.exe
[%PROFILE_TEMP%]\b131.exe


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
CWS.XPlugin Hijacker Symptoms

MetaStop BHO

How To Remove MetaStop?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
MetaStop is dangerous virus:
As this information is entered by the user, it is captured by the BHO (Browser Helper Object) and
sent back to the attacker.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.When the default home page is hijacked, the browser opens to the web page set by the hijacker
instead of the user's designated home page. In some cases, the hijacker may block users from
restoring their desired home page.
Toolbar presents itself as a helpful add-on for Internet Explorer but it is a real pest.
It replaces your start page, continuosly open a number of pop up windows and so on.


MetaStop Symptoms:

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{4b0485a1-c853-42f0-9018-8acc9a8598b7}
HKEY_CLASSES_ROOT\interface\{6b8628bf-2bf6-4e5b-9658-6b8042732923}
HKEY_CLASSES_ROOT\meta.metaobj
HKEY_CLASSES_ROOT\meta.metaobj.1
HKEY_CLASSES_ROOT\typelib\{3bf53774-cf16-4268-8a20-8f83e1d90543}
HKEY_CURRENT_USER\software\metastop
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\metastopmetastop

Registry Values:
HKEY_CURRENT_USER\software\microsoft\internet explorer\main
HKEY_CURRENT_USER\software\microsoft\internet explorer\main
HKEY_CURRENT_USER\software\microsoft\internet explorer\search
HKEY_CURRENT_USER\software\microsoft\internet explorer\search
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\main
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\main
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Syscerun Adware Removal instruction
Bancos.HMY Trojan Symptoms
Remove TrojanProxy.Win32.Symbad Trojan
CTXPopup Adware Cleaner

VB.rj Backdoor

How To Remove VB.rj?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
VB.rj is dangerous virus:
Backdoors combine the functionality of most other types of in one package.
Backdoors have one especially dangerous sub-class: variants that can propagate like worms.



VB.rj Symptoms:

Registry Keys:
HKEY_LOCAL_MACHINE\software\gedzaclabs

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Spy.CQMA Trojan Cleaner

CHCB Backdoor

How To Remove CHCB?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
CHCB is dangerous virus:
Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.

Many trojans and backdoors now have remote administration capabilities
allowing an individual to control the victim's computer.
Many times a file called the server must be opened on the victim's computer before
the trojan can have access to it.

These are generally sent through email, P2P file sharing software,
and in internet downloads. They are usually disguised as a legitimate program or file.
Many server files will display a fake error message when opened, to make it seem like it didn't open.
Some will also kill antivirus and firewall software.

Some RAT trojans are pranks that are most likely being controlled by a friend or enemy on
April Fool's day or a holiday. Prank RATS are generally not harmful, and won't log keystrokes or hack.
They usually do whimsical things like flip the screen upside-down, open the CD-ROM tray,
and swap mouse buttons. However, they can be quite hard to remove.


CHCB It also known as:

[Kaspersky]Backdoor.Chcb.01,Backdoor.Win32.Chcb.01;
[McAfee]BackDoor-AQX;
[F-Prot]security risk or a "backdoor" program;
[Panda]Backdoor Program,Bck/Chcb;
[Computer Associates]Backdoor/Chcb.01

CHCB Symptoms:

Files:
[%WINDOWS%]\temp\winpad.exe
[%WINDOWS%]\temp\winpad.exe


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Removing BW Trojan
Pigeon.AZZ Trojan Information
stat.su Tracking Cookie Removal instruction

mIRC.IRC.Flood Worm

How To Remove mIRC.IRC.Flood?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
mIRC.IRC.Flood is dangerous virus:
Worms can be classified by installation method, launch method and finally according
to characteristics standard to all malware: polymorphism, stealth etc.

Many of the worms which managed to cause significant outbreaks use more then
one propagation method as well as more than one infection technique.

These utilities are designed to penetrate remote computers
in order to use them as zombies (by using backdoors) or to download other malicious programs to computer.

Exploits use vulnerabilities in operating systems and applications to achieve the same result.
These programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.

DoS trojans conduct such attacks from a single computer with the consent of the user.

Worms can carry a DoS procedure as part of their payload.


mIRC.IRC.Flood It also known as:

[Panda]W32/Randon;
[Computer Associates]mIRC/IRC.Flood.D1!Trojan

mIRC.IRC.Flood Symptoms:

Files:
[%PROFILE_TEMP%]\more_names.txt
[%PROFILE_TEMP%]\Password.txt
[%PROFILE_TEMP%]\more_names.txt
[%PROFILE_TEMP%]\Password.txt


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Pigeon.AVDO Trojan Removal
Expir Backdoor Information

PornDialer.PluginAccess Trojan

How To Remove PornDialer.PluginAccess?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
PornDialer.PluginAccess is dangerous virus:
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.



PornDialer.PluginAccess It also known as:

[Kaspersky]Porn-Dialer.Win32.PluginAccess;
[McAfee]Dialer-Generic;
[Other]Dialer.Target,W32/Dialer.YNX,PornDialer.IN

PornDialer.PluginAccess Symptoms:

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{9e1089bc-1ae8-4685-8d77-6721e5c318a8}
HKEY_CLASSES_ROOT\clsid\{ad7fafb0-16d6-40c3-af27-585d6e6453fd}
HKEY_CLASSES_ROOT\comload.loader
HKEY_CLASSES_ROOT\comload.loader.1
HKEY_CLASSES_ROOT\comload.loader2
HKEY_CLASSES_ROOT\comload.loader2.1
HKEY_CLASSES_ROOT\dctl
HKEY_CLASSES_ROOT\interface\{19e91d82-7ad7-419f-866a-58c122db1459}
HKEY_CLASSES_ROOT\interface\{f5f779a9-24e5-4bcd-9ae5-6313d4b5ac24}
HKEY_CLASSES_ROOT\typelib\{266f948a-3dee-4270-8f55-e79accd569fa}

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\c:/windows/downloaded program files/comload.dll
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\hardcore
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\hardcore
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\hardcore
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\[%WINDOWS%]/downloaded program files/comload.dll
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shareddlls
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\hardcore
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\hardcore
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\hardcore


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
PeopleOnPage.Apropos BHO Information
Cool Trojan Cleaner
SillyDl.CAS Trojan Cleaner

System.Pro Spyware

How To Remove System.Pro?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
System.Pro is dangerous virus:
Spyware can even change computer settings, resulting in slow connection speeds,
different home pages, and loss of Internet or other programs.
In an attempt to increase the understanding of spyware, a more formal classification
of its included software types is captured under the term privacy-invasive software.


System.Pro Symptoms:

Files:
[%WINDOWS%]\runprf32.exe
[%WINDOWS%]\spinsavc.exe
[%DESKTOP%]\systemsurveillancepro.htm
[%DESKTOP%]\SystemSurvPro.htm
[%PROFILE%]\Local Settings\Desktop\SystemSurveillancePro.htm
[%PROGRAMS%]\System Surveillance Pro 4.8\Help Manual.lnk
[%PROGRAMS%]\System Surveillance Pro 4.8\SSPro Data Viewer.lnk
[%PROGRAMS%]\System Surveillance Pro 4.8\Uninstall SSPro.lnk
[%WINDOWS%]\ordpix.dll
[%WINDOWS%]\sspro.cnt
[%WINDOWS%]\sspro.hlp
[%WINDOWS%]\sysural.dll
[%WINDOWS%]\sysurbl.dll
[%WINDOWS%]\runprf32.exe
[%WINDOWS%]\spinsavc.exe
[%DESKTOP%]\systemsurveillancepro.htm
[%DESKTOP%]\SystemSurvPro.htm
[%PROFILE%]\Local Settings\Desktop\SystemSurveillancePro.htm
[%PROGRAMS%]\System Surveillance Pro 4.8\Help Manual.lnk
[%PROGRAMS%]\System Surveillance Pro 4.8\SSPro Data Viewer.lnk
[%PROGRAMS%]\System Surveillance Pro 4.8\Uninstall SSPro.lnk
[%WINDOWS%]\ordpix.dll
[%WINDOWS%]\sspro.cnt
[%WINDOWS%]\sspro.hlp
[%WINDOWS%]\sysural.dll
[%WINDOWS%]\sysurbl.dll

Folders:
[%WINDOWS%]\fontinfo
[%PROGRAMS%]\system surveillance pro
[%WINDOWS%]\fontview

Registry Keys:
HKEY_CLASSES_ROOT\.zzr
HKEY_CLASSES_ROOT\clsid\{91b066b2-be0d-42bf-bedd-f9dfdbb29236}\implemented categories
HKEY_CLASSES_ROOT\sspro
HKEY_CLASSES_ROOT\sspro.document
HKEY_CLASSES_ROOT\survservices.datablockmanipulation
HKEY_CLASSES_ROOT\survservices.datainterface
HKEY_CLASSES_ROOT\survservices.declarations
HKEY_CLASSES_ROOT\survservices.general
HKEY_CLASSES_ROOT\clsid\{457107e0-4551-11d5-be6f-ae127dee6059}
HKEY_CLASSES_ROOT\clsid\{47643398-a2f7-422b-9fcc-e5540b1eeb05}
HKEY_CLASSES_ROOT\clsid\{95e6c67a-f1e0-48ef-b0cd-3d72b23fb558}
HKEY_CLASSES_ROOT\clsid\{9df88e2d-bc3e-4524-b5d0-1c49557427a4}
HKEY_CLASSES_ROOT\clsid\{b540c664-b279-4702-83b6-813c9552148f}
HKEY_CLASSES_ROOT\interface\{2074d3f5-5d94-4468-b0d4-6388666aa3e3}
HKEY_CLASSES_ROOT\interface\{453706df-465b-11d5-be6f-c0e46d415558}
HKEY_CLASSES_ROOT\interface\{453706e7-465b-11d5-be6f-c0e46d415558}
HKEY_CLASSES_ROOT\interface\{dac453d4-86ad-4dbe-8d44-2b88c376bbe3}
HKEY_CLASSES_ROOT\interface\{dda8b302-e846-4e1f-818d-0b701f969f9b}
HKEY_CLASSES_ROOT\interface\{f127d096-0939-418e-b579-ce7e40eb6a8a}
HKEY_CLASSES_ROOT\picscroll.cpvpicscroll
HKEY_CLASSES_ROOT\typelib\{3b8554df-2818-4d24-bf82-c7ee3f9af3b5}
HKEY_CLASSES_ROOT\typelib\{457107de-4551-11d5-be6f-ae127dee6059}
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\menuorder\start menu\programs\system surveillance pro~
HKEY_CURRENT_USER\software\vb and vba program settings\sspro

Registry Values:
HKEY_CLASSES_ROOT\clsid\{d46bd5cb-2360-4f5f-8793-5f4ae775ec44}\inprocserver32
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Vxidl.BAN Trojan Symptoms
Remove Cmapp Adware
Anthena Trojan Symptoms
Vxidl.AHT Trojan Removal

SinCity Adware

How To Remove SinCity?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
SinCity is dangerous virus:
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits


SinCity Symptoms:

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{4e15d681-1d20-11d4-8b72-000021da1956}


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Network.Crack.Wizard Spyware Removal instruction
Win32.Nuker.NuKe Trojan Symptoms
Removing Bancos.GIB Trojan
Strange.packet Trojan Cleaner
Capital Trojan Removal

Ayuckoo Trojan

How To Remove Ayuckoo?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Ayuckoo is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Hacker Tools are designed to penetrate remote computers
in order to use them as zombies or to download other malicious programs to computer.


Ayuckoo It also known as:

[Kaspersky]Trojan-Proxy.Win32.Agent.mf,Trojan-Proxy.Win32.Ranky.gn,Trojan-Proxy.Win32.Ranky.gen;
[McAfee]Proxy-Piky,BackDoor-AWI,Generic PWS.ag;
[Other]Win32/SillyProxy.BG,Win32/Ayuckoo.U,Win32/Ayuckoo.Z,Win32/Ayuckoo.AR,Win32/Ayuckoo.AT,Backdoor.Ranky,Win32/Ayuckoo.BI,TrojanProxy:Win32/Agent!C814,Hacktool.Proxy,Troj/Ranck-Gen,W32/Rank.ASY,TrojanProxy:Win32/Agent

Ayuckoo Symptoms:

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Voimeda Trojan Cleaner
Win32.DlFeer Downloader Information
Win32.CWS Downloader Information
HLL.ow.Ondra Trojan Symptoms

SpywareSheriff.com::SpywareSheriff Adware

How To Remove SpywareSheriff.com::SpywareSheriff?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
SpywareSheriff.com::SpywareSheriff is dangerous virus:
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits


SpywareSheriff.com::SpywareSheriff Symptoms:

Files:
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\SpywareSheriff.lnk
[%DESKTOP%]\SpywareSheriff.lnk
[%DESKTOP%]\SpywareSheriffSetup.exe
[%STARTUP%]\spywaresheriff.lnk
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\SpywareSheriff.lnk
[%DESKTOP%]\SpywareSheriff.lnk
[%DESKTOP%]\SpywareSheriffSetup.exe
[%STARTUP%]\spywaresheriff.lnk

Folders:
[%LOCAL_APPDATA%]\SpywareSheriff
[%COMMON_PROGRAMS%]\SpywareSheriff
[%PROGRAM_FILES%]\SpywareSheriff

Registry Keys:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpywareSheriff_is1
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\spywaresheriff_is1


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
DVDAccess.net.Codec Trojan Information
Foont Trojan Symptoms
BigTrafficNet Adware Cleaner

Grunt Trojan

How To Remove Grunt?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Grunt is dangerous virus:
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
Often the backdoor will not be visible in the log of active programs.
The downloader either launches the new malware or registers it to enable autorun
according to the local operating system requirements.
Hacker Tools are designed to penetrate remote computers
in order to use them as zombies or to download other malicious programs to computer.
DoS trojans conduct attacks from a single computer with the consent of the user.


Grunt It also known as:

[Kaspersky]Search.203,Grunt.473,Grunt.529;
[Panda]Direct.gen,Grunt.473,Iron Umbrella,Grunt-4;
[Computer Associates]Grunt 203,Grunt.473

Grunt Symptoms:

Files:
[%PROFILE_TEMP%]\asmfiles.cab
[%PROGRAM_FILES%]\Altnet\Download Manager\asmps.dll
[%PROGRAM_FILES%]\Morpheus\Schemas\audio.xsd
[%PROGRAM_FILES%]\Morpheus\Schemas\document.xml
[%PROGRAM_FILES%]\Morpheus\Schemas\image.xml
[%PROGRAM_FILES%]\Morpheus\Schemas\image.xsd
[%PROGRAM_FILES%]\Morpheus\Schemas\rom.xml
[%PROGRAM_FILES%]\Morpheus\Schemas\rom.xsd
[%PROGRAM_FILES%]\Morpheus\Schemas\video.xml
[%PROGRAM_FILES%]\Morpheus\Schemas\video.xsd
[%PROFILE_TEMP%]\asmfiles.cab
[%PROGRAM_FILES%]\Altnet\Download Manager\asmps.dll
[%PROGRAM_FILES%]\Morpheus\Schemas\audio.xsd
[%PROGRAM_FILES%]\Morpheus\Schemas\document.xml
[%PROGRAM_FILES%]\Morpheus\Schemas\image.xml
[%PROGRAM_FILES%]\Morpheus\Schemas\image.xsd
[%PROGRAM_FILES%]\Morpheus\Schemas\rom.xml
[%PROGRAM_FILES%]\Morpheus\Schemas\rom.xsd
[%PROGRAM_FILES%]\Morpheus\Schemas\video.xml
[%PROGRAM_FILES%]\Morpheus\Schemas\video.xsd

Folders:
[%PROGRAM_FILES%]\altnet
[%WINDOWS%]\temp\altnet

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{b7156514-a76c-4545-9d5b-a4e1d02c7aec}
HKEY_CLASSES_ROOT\interface\{582ab125-1403-42fb-9efb-198690ba1496}
HKEY_CLASSES_ROOT\topsearch.tslink
HKEY_CLASSES_ROOT\topsearch.tslink.1
HKEY_CLASSES_ROOT\typelib\{bff4f684-677e-44f4-8c74-1d575c950e10}
HKEY_CLASSES_ROOT\typelib\{edd3b3e9-3ffd-4836-a6de-d4a9c473a971}


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
CRAT.Pro RAT Cleaner
Crushpy Trojan Removal instruction