Sunday, January 25, 2009

Transponder Malware

How To Remove Transponder?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Transponder is dangerous virus:
Malware includes a range of programs that do not threaten computers directly,
but are used to create viruses or Trojans, or used to carry out illegal activities
such as DoS attacks and breaking into other computers. The BHO (Browser Helper Object) waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.

Transponder Symptoms:

Files:
[%WINDOWS%]\abiuninst.htm
[%WINDOWS%]\bi.dll
[%WINDOWS%]\Biprep.exe
[%WINDOWS%]\Buddy.exe
[%WINDOWS%]\ceres.dll
[%WINDOWS%]\Downloaded Program Files\thin.inf
[%WINDOWS%]\DrUninst.exe
[%WINDOWS%]\farmmext.ini
[%WINDOWS%]\inf\biK.inf
[%WINDOWS%]\inf\ceres.inf
[%WINDOWS%]\inf\farmmext.inf
[%WINDOWS%]\inf\morphstb.inf
[%WINDOWS%]\inf\payload.inf
[%WINDOWS%]\inf\payload2.inf
[%WINDOWS%]\inf\Pynix.inf
[%WINDOWS%]\inf\Pynix.PNF
[%WINDOWS%]\inf\sprnopol.inf
[%WINDOWS%]\inf\zserv.inf
[%WINDOWS%]\morphstb.ini
[%WINDOWS%]\mxTarget.dll
[%WINDOWS%]\satmat.exe
[%WINDOWS%]\speeryox.dll
[%WINDOWS%]\voiceip.dll
[%WINDOWS%]\abiuninst.htm
[%WINDOWS%]\bi.dll
[%WINDOWS%]\Biprep.exe
[%WINDOWS%]\Buddy.exe
[%WINDOWS%]\ceres.dll
[%WINDOWS%]\Downloaded Program Files\thin.inf
[%WINDOWS%]\DrUninst.exe
[%WINDOWS%]\farmmext.ini
[%WINDOWS%]\inf\biK.inf
[%WINDOWS%]\inf\ceres.inf
[%WINDOWS%]\inf\farmmext.inf
[%WINDOWS%]\inf\morphstb.inf
[%WINDOWS%]\inf\payload.inf
[%WINDOWS%]\inf\payload2.inf
[%WINDOWS%]\inf\Pynix.inf
[%WINDOWS%]\inf\Pynix.PNF
[%WINDOWS%]\inf\sprnopol.inf
[%WINDOWS%]\inf\zserv.inf
[%WINDOWS%]\morphstb.ini
[%WINDOWS%]\mxTarget.dll
[%WINDOWS%]\satmat.exe
[%WINDOWS%]\speeryox.dll
[%WINDOWS%]\voiceip.dll

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{000006b1-19b5-414a-849f-2a3c64ae6939}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000006B1-19B5-414A-849F-2A3C64AE6939}

Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Bancos.HZC Trojan Removal
Pigeon.EWK Trojan Information

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)