Sunday, January 25, 2009

Grokster Adware

How To Remove Grokster?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Grokster is dangerous virus:
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
Worms can be classified according to the propagation method they use,
i.e. how they deliver copies of themselves to new victim machines.
Worms can also be classified by installation method, launch method and finally according
to characteristics standard to all malware: polymorphism, stealth etc.

Many of the worms which managed to cause significant outbreaks use more then
one propagation method as well as more than one infection technique.
The methods are listed separately below.
Hijackers are software programs that modify users' default browser home page,
search settings, error page settings, or desktop wallpaper without adequate notice, disclosure,
or user consent.
Toolbar presents itself as a helpful add-on for Internet Explorer but it is a real pest.
Grokster It also known as:

[F-Prot]->license.txt;
[Panda]Adware/MoeMoney,Adware/PurityScan,Adware/TopMoxie;
[Other]PurityScan

Grokster Symptoms:

Files:
[%DESKTOP%]\get $10 free now at zodiac casino.url
[%DESKTOP%]\high rollers club casino.url
[%DESKTOP%]\my grokster files.lnk
[%DESKTOP%]\my grokster.lnk
[%DESKTOP%]\spors interaction casino.url
[%DESKTOP%]\sportsbook.url
[%PROFILE%]\administrator\start menu\programs\grokster\check for grokster updates.lnk
[%PROFILE%]\administrator\start menu\programs\grokster\grokster on the web.lnk
[%PROFILE%]\administrator\start menu\programs\grokster\launch grokster.lnk
[%PROFILE%]\administrator\start menu\programs\grokster\my grokster files.lnk
[%PROFILE%]\administrator\start menu\sportsbook.url
[%PROFILE_TEMP%]\cpr_in.exe
[%PROFILE_TEMP%]\ferretbar.exe
[%PROFILE_TEMP%]\grokstersetup.exe
[%PROFILE_TEMP%]\inst_bpc.exe
[%PROFILE_TEMP%]\searchlocate.exe
[%PROFILE_TEMP%]\supportinstall.exe
[%PROFILE_TEMP%]\sysren.exe
[%PROGRAMS%]\grokster\check for grokster updates.lnk
[%PROGRAMS%]\grokster\grokster on the web.lnk
[%PROGRAMS%]\grokster\launch grokster.lnk
[%PROGRAMS%]\grokster\my grokster files.lnk
[%PROGRAMS%]\grokster\uninstall grokster.lnk
[%STARTUP%]\update grokster.lnk
[%SYSTEM%]\gr03.dll
[%SYSTEM%]\gr0ck03.dll
[%WINDOWS%]\cache371\b_371_0_1_503300.htm
[%WINDOWS%]\cache371\b_371_0_1_523000.htm
[%WINDOWS%]\cache371\b_371_0_1_532400.htm
[%WINDOWS%]\cache371\b_371_0_1_534700.htm
[%WINDOWS%]\cache371\b_371_0_1_537300.htm
[%WINDOWS%]\cache371\b_525100.htm
[%WINDOWS%]\cache371\b_561000.htm
[%WINDOWS%]\cache371\t_b_371_2_1_577800.htm
[%WINDOWS%]\cache371\t_b_371_2_1_755100.htm
[%WINDOWS%]\cache371\t_b_371_2_2_568100.htm
[%WINDOWS%]\cache371\t_b_371_2_2_570100.htm
[%WINDOWS%]\cache371\t_b_371_2_2_572300.htm
[%WINDOWS%]\cache371\t_b_371_2_2_573900.htm
[%WINDOWS%]\cache371\t_b_371_2_2_576000.htm
[%WINDOWS%]\cache371\t_b_371_2_2_703900.htm
[%WINDOWS%]\cache371\t_b_371_2_3_778600.htm
[%WINDOWS%]\cache371\t_b_501000.htm
[%WINDOWS%]\cache371\t_b_525100.htm
[%WINDOWS%]\cache371\t_b_561000.htm
[%WINDOWS%]\cache371\t_b_605600.htm
[%WINDOWS%]\cache371\t_b_605800.htm
[%DESKTOP%]\get $10 free now at zodiac casino.url
[%DESKTOP%]\high rollers club casino.url
[%DESKTOP%]\my grokster files.lnk
[%DESKTOP%]\my grokster.lnk
[%DESKTOP%]\spors interaction casino.url
[%DESKTOP%]\sportsbook.url
[%PROFILE%]\administrator\start menu\programs\grokster\check for grokster updates.lnk
[%PROFILE%]\administrator\start menu\programs\grokster\grokster on the web.lnk
[%PROFILE%]\administrator\start menu\programs\grokster\launch grokster.lnk
[%PROFILE%]\administrator\start menu\programs\grokster\my grokster files.lnk
[%PROFILE%]\administrator\start menu\sportsbook.url
[%PROFILE_TEMP%]\cpr_in.exe
[%PROFILE_TEMP%]\ferretbar.exe
[%PROFILE_TEMP%]\grokstersetup.exe
[%PROFILE_TEMP%]\inst_bpc.exe
[%PROFILE_TEMP%]\searchlocate.exe
[%PROFILE_TEMP%]\supportinstall.exe
[%PROFILE_TEMP%]\sysren.exe
[%PROGRAMS%]\grokster\check for grokster updates.lnk
[%PROGRAMS%]\grokster\grokster on the web.lnk
[%PROGRAMS%]\grokster\launch grokster.lnk
[%PROGRAMS%]\grokster\my grokster files.lnk
[%PROGRAMS%]\grokster\uninstall grokster.lnk
[%STARTUP%]\update grokster.lnk
[%SYSTEM%]\gr03.dll
[%SYSTEM%]\gr0ck03.dll
[%WINDOWS%]\cache371\b_371_0_1_503300.htm
[%WINDOWS%]\cache371\b_371_0_1_523000.htm
[%WINDOWS%]\cache371\b_371_0_1_532400.htm
[%WINDOWS%]\cache371\b_371_0_1_534700.htm
[%WINDOWS%]\cache371\b_371_0_1_537300.htm
[%WINDOWS%]\cache371\b_525100.htm
[%WINDOWS%]\cache371\b_561000.htm
[%WINDOWS%]\cache371\t_b_371_2_1_577800.htm
[%WINDOWS%]\cache371\t_b_371_2_1_755100.htm
[%WINDOWS%]\cache371\t_b_371_2_2_568100.htm
[%WINDOWS%]\cache371\t_b_371_2_2_570100.htm
[%WINDOWS%]\cache371\t_b_371_2_2_572300.htm
[%WINDOWS%]\cache371\t_b_371_2_2_573900.htm
[%WINDOWS%]\cache371\t_b_371_2_2_576000.htm
[%WINDOWS%]\cache371\t_b_371_2_2_703900.htm
[%WINDOWS%]\cache371\t_b_371_2_3_778600.htm
[%WINDOWS%]\cache371\t_b_501000.htm
[%WINDOWS%]\cache371\t_b_525100.htm
[%WINDOWS%]\cache371\t_b_561000.htm
[%WINDOWS%]\cache371\t_b_605600.htm
[%WINDOWS%]\cache371\t_b_605800.htm

Folders:
[%PROFILE%]\documents\softwrap\groksterfrtrial1
[%PROFILE%]\start menu\programs\grokster
[%PROGRAM_FILES%]\gatinst
[%PROGRAM_FILES%]\grokster
[%PROGRAM_FILES%]\grokstersupport

Registry Keys:
HKEY_CLASSES_ROOT\bidll.bidllobj.1
HKEY_CLASSES_ROOT\clsid\{952ec978-4920-4f18-8237-91d69b54c580}
HKEY_CLASSES_ROOT\clsid\{d6ca5d91-5ea2-4654-9b75-499267012611}
HKEY_CLASSES_ROOT\interface\{43e7f027-c2d6-41b3-a5de-261e0e42211c}
HKEY_CLASSES_ROOT\interface\{92b1c4ac-39a6-469c-a1e4-bd3ddc6f8425}
HKEY_CLASSES_ROOT\magnet
HKEY_CLASSES_ROOT\signingmodule.signingmodule
HKEY_CLASSES_ROOT\signingmodule.signingmodule.1
HKEY_CLASSES_ROOT\typelib\{5830698f-7fc0-40cd-a453-9a0cafdf3a64}
HKEY_CLASSES_ROOT\typelib\{676f6d1d-c559-42a9-860b-27c1477b7179}
HKEY_CLASSES_ROOT\typelib\{c03ec1bf-654e-4b01-bd4e-0902ad31f8c6}
HKEY_CURRENT_USER\software\grokster
HKEY_LOCAL_MACHINE\software\grokster
HKEY_LOCAL_MACHINE\software\microsoft\mediaplayer\shimexclusionlist\grokster.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\grokster
HKEY_LOCAL_MACHINE\software\wast
HKEY_LOCAL_MACHINE\software\wise solutions\wiseupdate\apps\grokster

Registry Values:
HKEY_CURRENT_USER\software\appconf
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser
HKEY_CURRENT_USER\software\softomate\batoolbar
HKEY_CURRENT_USER\software\softomate\batoolbar
HKEY_CURRENT_USER\software\softomate\batoolbar
HKEY_CURRENT_USER\software\softomate\batoolbar
HKEY_CURRENT_USER\software\softomate\batoolbar
HKEY_CURRENT_USER\software\softomate\batoolbar
HKEY_LOCAL_MACHINE\software\dvx
HKEY_LOCAL_MACHINE\software\dvx
HKEY_LOCAL_MACHINE\software\dvx
HKEY_LOCAL_MACHINE\software\dvx
HKEY_LOCAL_MACHINE\software\dvx
HKEY_LOCAL_MACHINE\software\lnplpp
HKEY_LOCAL_MACHINE\software\lnplpp
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\explorer bars
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\main
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\control panel\cpls
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\products\c8d617f6f8933d11581e000540386890\usage
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\relevantknowledge
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\relevantknowledge
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\toolbarbesttoolbarstoolbar.besttoolbarstoolbarobjectietoolbar
HKEY_LOCAL_MACHINE\software\sys ren
HKEY_LOCAL_MACHINE\software\sys ren
HKEY_LOCAL_MACHINE\software\sys ren
HKEY_LOCAL_MACHINE\software\sys ren
HKEY_LOCAL_MACHINE\software\sys ren
HKEY_LOCAL_MACHINE\software\sys ren
HKEY_LOCAL_MACHINE\software\sys ren
HKEY_LOCAL_MACHINE\software\sys ren
HKEY_LOCAL_MACHINE\software\wise solutions\wiseupdate\apppaths

You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Bonus.joke Trojan Removal instruction
Death.For.All Trojan Symptoms
Remove Bancos.GUF Trojan
BackDoor.AFF Trojan Removal instruction
Remove TrojanDownloader.Win32.VB.cn Downloader

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)