Monday, January 19, 2009

Visual.Log Spyware

How To Remove Visual.Log?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Visual.Log is dangerous virus:
Spyware programs can collect various types of personal information,
such as Internet surfing habit, sites that have been visited,
but can also interfere with user control of the computer in other ways,
such as installing additional software, redirecting Web browser activity,
accessing websites blindly that will cause more harmful viruses,
or diverting advertising revenue to a third party.


Visual.Log Symptoms:

Files:
[%DESKTOP%]\visual log.lnk
[%PROFILE%]\administrator\start menu\programs\visual log\uninstall visual log.lnk
[%PROFILE%]\administrator\start menu\programs\visual log\visual log agent.lnk
[%PROFILE%]\administrator\start menu\programs\visual log\visual log controller.lnk
[%PROFILE%]\administrator\start menu\programs\visual log\visual log viewer.lnk
[%PROGRAM_FILES%]\regcleaner\backups\7.6.2004.5.06.29....0.reg
[%PROGRAM_FILES%]\regcleaner\backups\7.6.2004.5.06.31....1.reg
[%PROGRAM_FILES%]\regcleaner\backups\7.6.2004.5.06.32....2.reg
[%DESKTOP%]\visual log.lnk
[%PROFILE%]\administrator\start menu\programs\visual log\uninstall visual log.lnk
[%PROFILE%]\administrator\start menu\programs\visual log\visual log agent.lnk
[%PROFILE%]\administrator\start menu\programs\visual log\visual log controller.lnk
[%PROFILE%]\administrator\start menu\programs\visual log\visual log viewer.lnk
[%PROGRAM_FILES%]\regcleaner\backups\7.6.2004.5.06.29....0.reg
[%PROGRAM_FILES%]\regcleaner\backups\7.6.2004.5.06.31....1.reg
[%PROGRAM_FILES%]\regcleaner\backups\7.6.2004.5.06.32....2.reg

Folders:
[%PROFILE%]\start menu\programs\visual log
[%PROGRAMS%]\visual log
[%PROGRAM_FILES%]\visuallog

Registry Keys:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\visual log
HKEY_LOCAL_MACHINE\software\softgears company\visual log
HKEY_LOCAL_MACHINE\software\softgears\visuallog

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\vlcontrol.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Pigeon.AVUP Trojan Symptoms

EXact.Advertising Adware

How To Remove EXact.Advertising?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
EXact.Advertising is dangerous virus:
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.



EXact.Advertising Symptoms:

Files:
[%PROGRAM_FILES%]\NaviSearch\bin\nls.exe
[%SYSTEM%]\exclean.exe
[%SYSTEM%]\exdl.exe
[%SYSTEM%]\exdl1.exe
[%SYSTEM%]\FYI\uhoetaligi.dll
[%SYSTEM%]\FYI\uhoetaligi.exe
[%SYSTEM%]\mqexdlm.srg
[%SYSTEM%]\msbe.dll
[%SYSTEM%]\exdl0.exe
[%SYSTEM%]\exdl3.exe
[%SYSTEM%]\msxct.exe
[%WINDOWS%]\exdl.exe
[%WINDOWS%]\installer_siac.exe
[%PROGRAM_FILES%]\NaviSearch\bin\nls.exe
[%SYSTEM%]\exclean.exe
[%SYSTEM%]\exdl.exe
[%SYSTEM%]\exdl1.exe
[%SYSTEM%]\FYI\uhoetaligi.dll
[%SYSTEM%]\FYI\uhoetaligi.exe
[%SYSTEM%]\mqexdlm.srg
[%SYSTEM%]\msbe.dll
[%SYSTEM%]\exdl0.exe
[%SYSTEM%]\exdl3.exe
[%SYSTEM%]\msxct.exe
[%WINDOWS%]\exdl.exe
[%WINDOWS%]\installer_siac.exe

Registry Keys:
HKEY_CLASSES_ROOT\adp.urlcatcher
HKEY_CLASSES_ROOT\adp.urlcatcher.1
HKEY_CLASSES_ROOT\CLSID\{F4E04583-354E-4076-BE7D-ED6A80FD66DA}
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\ext\stats\{aeecbfda-12fa-4881-bdce-8c3e1ce4b344}
HKEY_LOCAL_MACHINE\software\exactutil
HKEY_LOCAL_MACHINE\software\classes\clsid\{0a8ce102-fa03-4612-9bee-7fe5452f4cb1}

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Pigeon.EZR Trojan Removal instruction

Rbot.ASW Worm

How To Remove Rbot.ASW?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Rbot.ASW is dangerous virus:
Worms can be classified by installation method, launch method and finally according
to characteristics standard to all malware: polymorphism, stealth etc.

Many of the worms which managed to cause significant outbreaks use more then
one propagation method as well as more than one infection technique.



Rbot.ASW Symptoms:

Files:
[%SYSTEM%]\srshost.exe
[%SYSTEM%]\srshostu.exe
[%SYSTEM%]\unsvchosts.lzma
[%SYSTEM%]\srshost.exe
[%SYSTEM%]\srshostu.exe
[%SYSTEM%]\unsvchosts.lzma

Registry Values:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
SillyDl.AKI Trojan Cleaner
Over Trojan Information
Lineage.ABS Trojan Information
Removing Vxidl.AYC Trojan
Depees!generic Trojan Removal instruction

SearchPack Adware

How To Remove SearchPack?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
SearchPack is dangerous virus:
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.



SearchPack Symptoms:

Files:
[%PROGRAM_FILES%]\SPack\SearchWebUpdater.exe
[%PROGRAM_FILES%]\SPack\SearchWebUpdater.exe

Folders:
[%PROGRAM_FILES%]\SPack

Registry Keys:
HKEY_CLASSES_ROOT\CLSID\{B7DB0D67-19DB-4999-A9B7-70012FB7A573}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B7DB0D67-19DB-4999-A9B7-70012FB7A573}

Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Small.kl Downloader Removal instruction
ShellSpawn Trojan Cleaner
PrtF Trojan Cleaner
Blue.Ice RAT Removal instruction
Removing Bancos.HBH Trojan

Rbot.gen Backdoor

How To Remove Rbot.gen?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Rbot.gen is dangerous virus:
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
Often the backdoor will not be visible in the log of active programs.


Rbot.gen Symptoms:

Files:
[%COMMON_APPDATA%]\iolo\AntiVirus\Quarantined\protector_update[1].exe.INFECTED
[%SYSTEM%]\dailin.exe
[%SYSTEM%]\lsasss.exe
[%SYSTEM%]\microsoftx.exe
[%SYSTEM%]\nav32sp.exe
[%SYSTEM%]\wowpos32.exe
[%SYSTEM%]\wuamgard.exe
[%SYSTEM%]\wuamgrd.exe
[%SYSTEM%]\xvshost.exe
[%COMMON_APPDATA%]\iolo\AntiVirus\Quarantined\protector_update[1].exe.INFECTED
[%SYSTEM%]\dailin.exe
[%SYSTEM%]\lsasss.exe
[%SYSTEM%]\microsoftx.exe
[%SYSTEM%]\nav32sp.exe
[%SYSTEM%]\wowpos32.exe
[%SYSTEM%]\wuamgard.exe
[%SYSTEM%]\wuamgrd.exe
[%SYSTEM%]\xvshost.exe

Registry Values:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Remove eShopee Trojan

Agent.ad Adware

How To Remove Agent.ad?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Agent.ad is dangerous virus:
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits


Agent.ad Symptoms:

Files:
[%SYSTEM%]\usersvc.exe
[%SYSTEM%]\usersvc.exe


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Win95.CIH.remnants Trojan Cleaner

StripPlayer Adware

How To Remove StripPlayer?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
StripPlayer is dangerous virus:
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

The downloader either launches the new malware or registers it to enable autorun
according to the local operating system requirements.


StripPlayer Symptoms:

Files:
[%SYSTEM%]\activestripsetup.dll
[%WINDOWS%]\system\activestripsetup.dll
[%SYSTEM%]\activestripsetup.dll
[%WINDOWS%]\system\activestripsetup.dll

Folders:
[%PROGRAM_FILES%]\strip-player

Registry Keys:
HKEY_CLASSES_ROOT\activestripsetup.egstripdownload
HKEY_CLASSES_ROOT\activestripsetup.egstripdownload.1
HKEY_CLASSES_ROOT\clsid\{357aa41a-b7a8-4632-a27d-5b980b25cf43}
HKEY_CLASSES_ROOT\clsid\{bc23f736-c5be-47fb-b459-1757933e5df3}
HKEY_CLASSES_ROOT\clsid\{e3f7205f-2ae0-4bf0-816b-2d24a5f20ec7}
HKEY_CLASSES_ROOT\interface\{bc23f736-c5be-47fb-b459-1757933e5df3}
HKEY_CLASSES_ROOT\typelib\{357aa41a-b7a8-4632-a27d-5b980b25cf43}


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
PC.Ghost Trojan Information
Remove SkyRat.Show.version RAT
Backdoor.Prorat Backdoor Information
Remove Bancos.INK Trojan

Adultoweb Adware

How To Remove Adultoweb?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Adultoweb is dangerous virus:
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits


Adultoweb Symptoms:

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{23273a1c-c870-43c4-a3e3-67dc98630ac6}


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Pigeon.ALT Trojan Removal
Bancos.HQZ Trojan Removal instruction
WinSoftWare Adware Cleaner

Hotzapx Downloader

How To Remove Hotzapx?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Hotzapx is dangerous virus:
Trojans-downloaders downloads and installs new malware or adware on the computer.



Hotzapx It also known as:

[Kaspersky]Hoax.Win32.Agent.b

Hotzapx Symptoms:

Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Cryptlab Trojan Cleaner
Datalock Trojan Removal
Remove BackDoor.AFF Trojan
Spotcom Trojan Information
Bancos.HMF Trojan Symptoms

HitHopper Adware

How To Remove HitHopper?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
HitHopper is dangerous virus:
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
Toolbar presents itself as a helpful add-on for Internet Explorer but it is a real pest.

HitHopper Symptoms:

Files:
[%SYSTEM%]\hithopper.dll
[%WINDOWS%]\system\hithopper.dll
[%SYSTEM%]\hithopper.dll
[%WINDOWS%]\system\hithopper.dll

Registry Keys:
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\ext\stats\{3717df55-0396-463d-98b7-647c7dc6898a}
HKEY_CLASSES_ROOT\clsid\{3717df55-0396-463d-98b7-647c7dc6898a}
HKEY_CLASSES_ROOT\typelib\{aac591bc-d59e-4649-8965-120012a321fb}
HKEY_CURRENT_USER\software\hithopper
HKEY_LOCAL_MACHINE\software\classes\clsid\{3717df55-0396-463d-98b7-647c7dc6898a}
HKEY_LOCAL_MACHINE\software\classes\typelib\{aac591bc-d59e-4649-8965-120012a321fb}
HKEY_LOCAL_MACHINE\software\webstormmedia

Registry Values:
HKEY_CURRENT_USER\software
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\hithopper
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\hithopper


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Remove Vxidl.AJN Trojan
SillyDl.CKT Trojan Symptoms

Cryppo Trojan

How To Remove Cryppo?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Cryppo is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.


Cryppo Symptoms:

Files:
[%SYSTEM%]\vcmauth.dll
[%SYSTEM%]\vcmauth.dll


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Uncapper Trojan Removal
Butterfly Trojan Symptoms

Troj.Small Trojan

How To Remove Troj.Small?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Troj.Small is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.


Troj.Small Symptoms:

Files:
[%PROFILE_TEMP%]\Rem160F.exe
[%PROFILE_TEMP%]\Rem160F.exe


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
ProcHide Trojan Symptoms

AdMess Adware

How To Remove AdMess?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
AdMess is dangerous virus:
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.



AdMess Symptoms:

Files:
[%SYSTEM%]\tcpservice2.exe
[%SYSTEM%]\wstart.dll
[%SYSTEM%]\tcpservice2.exe
[%SYSTEM%]\wstart.dll

Registry Keys:
HKEY_CLASSES_ROOT\appid\wstart.dll
HKEY_CLASSES_ROOT\AppID\{F6BDB4E5-D6AA-4D1F-8B67-BCB0F2246E21}
HKEY_CLASSES_ROOT\wstart.whttphelper
HKEY_CLASSES_ROOT\wstart.whttphelper.1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9896231A-C487-43A5-8369-6EC9B0A96CC0}
HKEY_LOCAL_MACHINE\software\wsoft
HKEY_CLASSES_ROOT\appid\{f6bdb4e5-d6aa-4d1f-8b67-bcb0f2246e21}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{9896231a-c487-43a5-8369-6ec9b0a96cc0}


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Pingpong Trojan Symptoms
Remove ULWindowsSeek (ULWindowsURL) Hijacker
Restart Trojan Information
VividKeyLogger Spyware Removal instruction
KillSAP Trojan Removal

Personal.Inspector Spyware

How To Remove Personal.Inspector?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Personal.Inspector is dangerous virus:
Spyware can even change computer settings, resulting in slow connection speeds,
different home pages, and loss of Internet or other programs.
In an attempt to increase the understanding of spyware, a more formal classification
of its included software types is captured under the term privacy-invasive software.


Personal.Inspector Symptoms:

Folders:
[%SYSTEM%]\pin
[%PROGRAMS%]\personal inspector

Registry Keys:
HKEY_LOCAL_MACHINE\software\kmint21\personalinspector
HKEY_CLASSES_ROOT\clsid\{85ddd882-701e-401b-8a7d-d51227048214}
HKEY_CLASSES_ROOT\iewatcher.viewsource
HKEY_CLASSES_ROOT\iewatcher.viewsource.1
HKEY_CLASSES_ROOT\interface\{34ec10b9-2b39-4cf5-b1d1-84d1138d0cd5}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{85ddd882-701e-401b-8a7d-d51227048214}
HKEY_CLASSES_ROOT\typelib\{cf9cab33-968a-4227-afeb-a7877c496d8b}
HKEY_LOCAL_MACHINE\software\classes\clsid\{85ddd882-701e-401b-8a7d-d51227048214}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{85ddd882-701e-401b-8a7d-d51227048214}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\personal-inspector

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
FDoS.Flooder.IWD Trojan Removal
Win32.Startpage.FZ.DLL.Tro Trojan Removal
Zelu Trojan Removal
Bancos.GUF Trojan Removal
Bancos.HZU Trojan Removal instruction

SpyAway Ransomware

How To Remove SpyAway?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
SpyAway is dangerous virus:
The term ransomware is commonly used to describe such software,
although the field known as cryptovirology predates the term "ransomware".

This type of ransom attack can be accomplished by (for example) attaching
a specially crafted file/program to an e-mail message and sending this to the victim.


SpyAway Symptoms:

Files:
[%COMMON_DESKTOPDIRECTORY%]\SpyAway.lnk
[%COMMON_DESKTOPDIRECTORY%]\SpyAway.lnk

Folders:
[%COMMON_PROGRAMS%]\SpyAway
[%PROGRAM_FILES%]\SpyAway

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{548e1154-fa99-4b77-9fc5-02c9d8c9d24d}
HKEY_CLASSES_ROOT\interface\{4698d99d-ca8f-438a-ac82-96495a2de714}
HKEY_CLASSES_ROOT\sa_ie_monitor.ie_monitor
HKEY_CLASSES_ROOT\typelib\{4ebd21a2-8ce0-47dd-8eb6-c902333d582c}
HKEY_LOCAL_MACHINE\software\spyaway

Registry Values:
HKEY_LOCAL_MACHINE\software\antispyware
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Win32.Pulpit Trojan Cleaner
SillyDl.DKR Trojan Removal instruction
Lospad Trojan Symptoms
Remove Adult.Explorer Adware
Win32.Botten Trojan Symptoms

New.Net Trojan

How To Remove New.Net?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
New.Net is dangerous virus:
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.


New.Net Symptoms:

Files:
[%PROFILE_TEMP%]\stdrun6.exe
[%PROFILE_TEMP%]\stdrun6.exe


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Removing Bancos.HVP Trojan
Remove Apsend Trojan

Antivirus.Gold Adware

How To Remove Antivirus.Gold?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Antivirus.Gold is dangerous virus:
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.



Antivirus.Gold It also known as:

[Other]Troj/Spyre-C,Trojan Horse

Antivirus.Gold Symptoms:

Files:
[%PROFILE%]\start menu\antivirusgold 2.0.lnk
[%PROGRAMS%]\antivirusgold\antivirusgold 2.0 website.lnk
[%PROGRAMS%]\antivirusgold\antivirusgold 2.0.lnk
[%PROGRAMS%]\antivirusgold\uninstall antivirusgold 2.0.lnk
[%PROFILE%]\start menu\antivirusgold 2.0.lnk
[%PROGRAMS%]\antivirusgold\antivirusgold 2.0 website.lnk
[%PROGRAMS%]\antivirusgold\antivirusgold 2.0.lnk
[%PROGRAMS%]\antivirusgold\uninstall antivirusgold 2.0.lnk


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Remove SillyDl.DFT Trojan
SysProtect Adware Removal instruction
Pigeon.AVIE Trojan Removal
Bancos.BZN Trojan Cleaner

TSADBOT BHO

How To Remove TSADBOT?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
TSADBOT is dangerous virus:
BHO (Browser Helper Object) Trojan.
The BHO waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.
The method of network transport used by the attacker makes this Trojan unique.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.
Instead, this Trojan encodes the data with a simple XOR algorithm before placing it into
the data section of an ICMP ping packet." explained the company.


TSADBOT It also known as:

[McAfee]TSADBOT

TSADBOT Symptoms:

Folders:
[%PROGRAM_FILES%]\kugoo

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{748a5d0a-68d3-11d4-a67e-00e098823a80}
HKEY_CLASSES_ROOT\clsid\{b3eccac9-c7fa-462c-894b-8e9930a70e14}
HKEY_LOCAL_MACHINE\software\classes\clsid\{b3eccac9-c7fa-462c-894b-8e9930a70e14}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{b3eccac9-c7fa-462c-894b-8e9930a70e14}


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Small.kl Downloader Removal
Removing Small.ga Downloader

BazookaBar BHO

How To Remove BazookaBar?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
BazookaBar is dangerous virus:
The BHO (Browser Helper Object) waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.
Toolbar presents itself as a helpful add-on for Internet Explorer but it is a real pest.
It replaces your start page, continuosly open a number of pop up windows and so on.


BazookaBar Symptoms:

Folders:
[%PROGRAM_FILES%]\bazookabar

Registry Keys:
HKEY_CLASSES_ROOT\bazookabar.bazookabarband
HKEY_CLASSES_ROOT\bazookabar.bazookabarband.1
HKEY_CLASSES_ROOT\clsid\{7891da15-428e-11d7-bcc1-00a024831a8c}
HKEY_CLASSES_ROOT\interface\{d4242dc5-1aef-46c1-a09a-9136e5f9871e}
HKEY_LOCAL_MACHINE\software\classes\clsid\{7891da15-428e-11d7-bcc1-00a024831a8c}
HKEY_LOCAL_MACHINE\software\classes\interface\{d4242dc5-1aef-46c1-a09a-9136e5f9871e}
HKEY_LOCAL_MACHINE\software\classes\typelib\{dcb8f6ad-65fd-42bf-b0f8-549fcfe717c0}

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\bazookabar
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\bazookabar


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Honeypot Trojan Information
SillyDl.DBV Trojan Cleaner
War.Machine DoS Information
Removing BannerBank.net Tracking Cookie

PM.Annoyer Trojan

How To Remove PM.Annoyer?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
PM.Annoyer is dangerous virus:
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.


PM.Annoyer Symptoms:

Files:
[%SYSTEM%]\BrAiN.dll
[%SYSTEM%]\Hackpro.dll
[%SYSTEM%]\Phaze.dll
[%SYSTEM%]\YM11.DLL
[%SYSTEM%]\YM11AUTH.DLL
[%SYSTEM%]\BrAiN.dll
[%SYSTEM%]\Hackpro.dll
[%SYSTEM%]\Phaze.dll
[%SYSTEM%]\YM11.DLL
[%SYSTEM%]\YM11AUTH.DLL


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Remove WM.Friday Trojan

SingaRaja Hacker Tool

How To Remove SingaRaja?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
SingaRaja is dangerous virus:
Hacker Tools are designed to penetrate remote computers
in order to use them as zombies or to download other malicious programs to computer.
DoS programs attack web servers by sending numerous requests to the specified server,
often causing it to crash under an excessive volume of requests.




SingaRaja It also known as:

[Kaspersky]Flooder.MailSpam.Singa;
[F-Prot]->sgr.exe

SingaRaja Symptoms:

Files:
[%PROFILE_TEMP%]\pft1e.tmp\redist\wintdist.exe
[%PROGRAMS%]\123 wasp\help.lnk
[%PROGRAMS%]\123 wasp\license.lnk
[%PROGRAM_FILES%]\123wasp\123wasp.exe
[%PROGRAM_FILES%]\123wasp\help.htm
[%PROGRAM_FILES%]\ares lite edition\ares.exe
[%PROGRAM_FILES%]\ares\ares.exe
[%PROFILE_TEMP%]\pft1e.tmp\redist\wintdist.exe
[%PROGRAMS%]\123 wasp\help.lnk
[%PROGRAMS%]\123 wasp\license.lnk
[%PROGRAM_FILES%]\123wasp\123wasp.exe
[%PROGRAM_FILES%]\123wasp\help.htm
[%PROGRAM_FILES%]\ares lite edition\ares.exe
[%PROGRAM_FILES%]\ares\ares.exe

Folders:
[%PROFILE%]\start menu\programs\123 wasp
[%PROGRAM_FILES%]\Ares Galaxy FasterDownload\Ares Galaxy FasterDownload.exe
[%PROGRAM_FILES%]\Ares Galaxy FasterDownload\NNGLZA638.EXE
[%PROGRAM_FILES%]\Ares Galaxy FasterDownload\packet.dll
[%PROGRAM_FILES%]\Ares Galaxy FasterDownload\Skin.bmp
[%PROGRAM_FILES%]\Ares Galaxy FasterDownload\SkinAbout.bmp
[%PROGRAM_FILES%]\Ares Galaxy FasterDownload\unins000.dat
[%PROGRAM_FILES%]\Ares Galaxy FasterDownload\unins000.exe
[%PROGRAM_FILES%]\Ares Lite Edition\data
[%PROGRAM_FILES%]\Ares Lite Edition\lang
[%PROGRAM_FILES%]\Ares\data
[%PROGRAM_FILES%]\Ares\lang
[%SYSTEM%]\sporder.dll
[%WINDOWS%]\NDNuninstall6_38.exe

Registry Keys:
HKEY_CLASSES_ROOT\ares.collectionlist
HKEY_CURRENT_USER\software\ares
HKEY_CURRENT_USER\software\areslite
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\123 write all stored passwords
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\ares
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\areslite

Registry Values:
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Remove AdultLinks Hijacker
Removing Bancos.GZC Trojan

Benuti Trojan

How To Remove Benuti?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Benuti is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
The downloader either launches the new malware or registers it to enable autorun
according to the local operating system requirements.
Hacker Tools are designed to penetrate remote computers
in order to use them as zombies or to download other malicious programs to computer.


Benuti It also known as:

[Panda]Trj/Agent.A,Trj/Downloader.P;
[Computer Associates]Win32.Benuti,Win32/Benuti.B!Trojan,Win32.Benuti.C!downloader,Win32/Mifree!Downloader

Benuti Symptoms:

Files:
[%SYSTEM%]\gszalvf.dll
[%SYSTEM%]\wyqptwdc.exe
[%SYSTEM%]\gszalvf.dll
[%SYSTEM%]\wyqptwdc.exe

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
SMS.Lanmen DoS Symptoms

Keylog.Dafunk Trojan

How To Remove Keylog.Dafunk?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Keylog.Dafunk is dangerous virus:
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Spyware is computer software that is installed surreptitiously on a personal computer
to with the computer, without the user's informed consent.


Keylog.Dafunk It also known as:

[Kaspersky]Trojan.Spy.Ehks.20,TrojanSpy.Win32.Ehks.20,Trojan.Spy.Ehks.21,TrojanSpy.Win32.Ehks.21,Trojan.Spy.Delf.d,TrojanSpy.Win32.Delf.d;
[McAfee]Keylog-Dafunk;
[F-Prot]security risk or a "backdoor" program,destructive program,security risk named W32/Evelution2.A;
[Panda]Trj/Keylog.Ehks,Trj/Ske,Trojan Horse,Trj/Keylog.Ehks.2b;
[Computer Associates]Win32.Evolution,Win32/Wincmd!PWS!Trojan,Win32/Delf.D!PWS!Trojan

Keylog.Dafunk Symptoms:

Files:
[%WINDOWS%]\system\evo_12-11-22_11-20.html
[%WINDOWS%]\system\spooi32.exe
[%WINDOWS%]\system\evo_12-11-22_11-20.html
[%WINDOWS%]\system\spooi32.exe

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Removing Lopdotcom Tracking Cookie
Lithium Trojan Cleaner

MoneyTree Adware

How To Remove MoneyTree?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
MoneyTree is dangerous virus:
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
BHO (Browser Helper Object) Trojan.
The BHO waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.
The method of network transport used by the attacker makes this Trojan unique.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.
Instead, this Trojan encodes the data with a simple XOR algorithm before placing it into
the data section of an ICMP ping packet." explained the company.
Backdoors combine the functionality of most other types of in one package.
Backdoors have one especially dangerous sub-class: variants that can propagate like worms.

Trojans-downloaders downloads and installs new malware or adware on the computer.



MoneyTree It also known as:

[Kaspersky]Backdoor.Blarul.b,TrojanDownloader.Win32.Dyfuca.d,TrojanDownloader.Win32.Dyfuca.j,TrojanDownloader.Win32.Dyfuca.q;
[Eset]Win32/Blarul.B trojan;
[Panda]Bck/Blarul.A,Spyware/Dyfuca,Spyware/SafeSurf

MoneyTree Symptoms:

Files:
[%SYSTEM%]\nsupdate.dll
[%WINDOWS%]\downloaded program files\unidist.inf
[%WINDOWS%]\Downloaded Program Files\UniDist.ocx
[%SYSTEM%]\opti130.dll
[%WINDOWS%]\downloaded program files\muldist.inf
[%WINDOWS%]\downloaded program files\muldist.ocx
[%WINDOWS%]\downloaded program files\nsliteupdatectrl class
[%WINDOWS%]\downloaded program files\nsupdatelitectrl class
[%WINDOWS%]\downloaded program files\unidist.ocx
[%WINDOWS%]\system\opti130.dll
[%WINDOWS%]\system\ssuninstall.exe
[%WINDOWS%]\system\ssupdate.exe
[%WINDOWS%]\temp\msg2090.tmp10730720494655.exe
[%SYSTEM%]\nsupdate.dll
[%WINDOWS%]\downloaded program files\unidist.inf
[%WINDOWS%]\Downloaded Program Files\UniDist.ocx
[%SYSTEM%]\opti130.dll
[%WINDOWS%]\downloaded program files\muldist.inf
[%WINDOWS%]\downloaded program files\muldist.ocx
[%WINDOWS%]\downloaded program files\nsliteupdatectrl class
[%WINDOWS%]\downloaded program files\nsupdatelitectrl class
[%WINDOWS%]\downloaded program files\unidist.ocx
[%WINDOWS%]\system\opti130.dll
[%WINDOWS%]\system\ssuninstall.exe
[%WINDOWS%]\system\ssupdate.exe
[%WINDOWS%]\temp\msg2090.tmp10730720494655.exe

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{c89bb48c-15d9-4f4f-803e-95d90f62be62}
HKEY_CLASSES_ROOT\clsid\{e8edb60c-951e-4130-93dc-faf1ad25f8e7}
HKEY_CLASSES_ROOT\interface\{9f2c17ac-9aa4-4c3a-82c7-ea7bcf00f03d}
HKEY_CLASSES_ROOT\interface\{ca7ccb52-6922-47e5-b784-3a3f82c51863}
HKEY_CLASSES_ROOT\typelib\{96b01a48-1317-4a87-91f7-10116f755705}
HKEY_CLASSES_ROOT\unidist.unidistctrl.1
HKEY_LOCAL_MACHINE\software\classes\clsid\{f7f808f0-6f7d-442c-93e3-4a4827c2e4c8}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E8EDB60C-951E-4130-93DC-FAF1AD25F8E7}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\c:\windows\downloaded program files\muldist.ocx
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\c:\windows\downloaded program files\unidist.ocx
HKEY_CLASSES_ROOT\clsid\{405fd721-04ef-4ef2-ab96-fb31d32d4643}
HKEY_CLASSES_ROOT\clsid\{a0f0d762-d1de-43af-b70e-d87864743eb3}
HKEY_CLASSES_ROOT\clsid\{bf279130-3f58-4e26-8043-cd5688a4d4c9}
HKEY_CLASSES_ROOT\clsid\{fc87a650-207d-4392-a6a1-82adbc56fa64}
HKEY_CLASSES_ROOT\interface\{563e5df0-2c1c-4513-bbf5-d380536bb8fc}
HKEY_CLASSES_ROOT\interface\{f332d106-2ef3-45c4-baf2-0f739d76b26a}
HKEY_CLASSES_ROOT\multidist.multidistctrl.1
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{f7f808f0-6f7d-442c-93e3-4a4827c2e4c8}
HKEY_CLASSES_ROOT\typelib\{11b6f65d-7b8d-43cb-9aae-17234a1db33a}
HKEY_CLASSES_ROOT\typelib\{8f4e5661-f99e-4b3e-8d85-0ea71c0748e4}
HKEY_CLASSES_ROOT\typelib\{d8e25c53-9508-4f5c-9249-d98d438891d5}
HKEY_CLASSES_ROOT\typelib\{f7f808f0-6f7d-442c-93e3-4a4827c2e4c8}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{e8edb60c-951e-4130-93dc-faf1ad25f8e7}
HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{fc87a650-207d-4392-a6a1-82adbc56fa64}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\[%WINDOWS%]\downloaded program files\muldist.ocx
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\[%WINDOWS%]\downloaded program files\unidist.ocx

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shareddlls
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shareddlls


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Win32.Nulnuler Trojan Removal instruction
Jerusalem.Mummy Trojan Removal instruction
Remove Pigeon.ELJ Trojan
Remove LoverSpy Spyware

Dark.Omen Spyware

How To Remove Dark.Omen?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Dark.Omen is dangerous virus:
Spyware can even change computer settings, resulting in slow connection speeds,
different home pages, and loss of Internet or other programs.
In an attempt to increase the understanding of spyware, a more formal classification
of its included software types is captured under the term privacy-invasive software.
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
They function in the same way as legal remote administration programs used by system administrators.
This makes them difficult to detect.

Backdoors are installed and launched without the consent of the user of computer.
Often the backdoor will not be visible in the log of active programs.

Once a backdoor has been successfully launched, the computer is wide open.
Backdoor functions can include:


  • Launching/ deleting files

  • Sending/ receiving files

  • Deleting data

  • Displaying notification

  • Rebooting the machine

  • Executing files




Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.
Backdoors combine the functionality of most other types of in one package.

Backdoors have one especially dangerous sub-class: variants that can propagate like worms.
Many trojans and backdoors now have remote administration capabilities
allowing an individual to control the victim's computer.
Many times a file called the server must be opened on the victim's computer before
the trojan can have access to it.

These are generally sent through email, P2P file sharing software,
and in internet downloads. They are usually disguised as a legitimate program or file.
Many server files will display a fake error message when opened, to make it seem like it didn't open.
Some will also kill antivirus and firewall software.

Some RAT trojans are pranks that are most likely being controlled by a friend or enemy on
April Fool's day or a holiday. Prank RATS are generally not harmful, and won't log keystrokes or hack.
They usually do whimsical things like flip the screen upside-down, open the CD-ROM tray,
and swap mouse buttons. However, they can be quite hard to remove.
Exploits use vulnerabilities in operating systems and applications to achieve the same result.


Dark.Omen It also known as:

[Kaspersky]Backdoor.DarkSky.25,Trojan.Spy.DakrOmen.13,TrojanSpy.Win32.DakrOmen.13;
[McAfee]BackDoor-JA;
[F-Prot]destructive program,security risk named W32/DarkSky.B;
[Panda]Backdoor Program,Bck/DarkSky,Trojan Horse.LC;
[Computer Associates]Backdoor/DarkSky.25,Backdoor/DarkSky.250!Server,Win32.DarkSky.250

Dark.Omen Symptoms:

Folders:
[%WINDOWS%]\directxupd

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Remove Remote.Computer.Control.Center RAT
SillyDl.CDC Trojan Removal instruction
Pigeon.AXB Trojan Symptoms
Xupiter.Xjupiter Hijacker Symptoms
CGI.Wrap Trojan Cleaner

SilentCat Spyware

How To Remove SilentCat?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
SilentCat is dangerous virus:
Spyware can even change computer settings, resulting in slow connection speeds,
different home pages, and loss of Internet or other programs.
In an attempt to increase the understanding of spyware, a more formal classification
of its included software types is captured under the term privacy-invasive software.


SilentCat Symptoms:

Folders:
[%PROGRAM_FILES%]\SilentCat

Registry Keys:
HKEY_CURRENT_USER\software\vb and vba program settings\silentcat
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\silent cat screen server


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Removing GB Downloader
Removing Pigeon.ANY Trojan
Remove Stration!generic Trojan

QQshou Trojan

How To Remove QQshou?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
QQshou is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.


QQshou It also known as:

[Kaspersky]Trojan-PSW.Win32.QQShou.iz,Trojan-PWS.Win32.WOW.jv;
[McAfee]PWS-JB;
[Other]Win32/QQShou.C,W32/QQShou.ARX,Win32/QQShou.D,Troj/QQPass-AIV,TSPY_QQSHOU.CT

QQshou Symptoms:

Files:
[%SYSTEM%]\agetltfes.exe
[%SYSTEM%]\algeleteri.exe
[%SYSTEM%]\algeletrl.exe
[%SYSTEM%]\psapi.lib
[%SYSTEM%]\ravseteyns.exe
[%SYSTEM%]\winsylbtew.dll
[%SYSTEM%]\agetltfes.exe
[%SYSTEM%]\algeleteri.exe
[%SYSTEM%]\algeletrl.exe
[%SYSTEM%]\psapi.lib
[%SYSTEM%]\ravseteyns.exe
[%SYSTEM%]\winsylbtew.dll

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Vxidl.AZP Trojan Removal instruction
Bancos.GPO Trojan Removal instruction
Ssldump Trojan Removal instruction

Keylogger.King.Free Spyware

How To Remove Keylogger.King.Free?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Keylogger.King.Free is dangerous virus:
Spyware programs can collect various types of personal information,
such as Internet surfing habit, sites that have been visited,
but can also interfere with user control of the computer in other ways,
such as installing additional software, redirecting Web browser activity,
accessing websites blindly that will cause more harmful viruses,
or diverting advertising revenue to a third party.
These utilities are designed to penetrate remote computers
in order to use them as zombies (by using backdoors) or to download other malicious programs to computer.

Exploits use vulnerabilities in operating systems and applications to achieve the same result.


Keylogger.King.Free Symptoms:

Files:
[%DESKTOP%]\free keylogger king.lnk
[%DESKTOP%]\free keylogger king.lnk

Folders:
[%PROGRAMS%]\free keylogger king
[%PROGRAM_FILES%]\free keylogger king

Registry Keys:
HKEY_CURRENT_USER\software\free keylogger king
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\free keylogger king


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Remove Pigeon.AVLF Trojan

Swizzor Trojan

How To Remove Swizzor?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Swizzor is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.

This family of Trojans downloads and installs new malware or adware on the computer.
The downloader then either launches the new malware or registers it to enable autorun
according to the local operating system requirements.

The names and locations of malware to be downloaded are either coded into the
Trojan or downloaded from a specified website.


Swizzor It also known as:

[Kaspersky]AdWare.Win32.Lop,AdWare.Win32.Lop.bb,Adware.Win32.Lop.ag,Trojan-Downloader.Win32.Swizzor.dv,AdWare.Win32.Lop.ag,Trojan.Win32.Obfuscated.en;
[McAfee]Swizzor,Swizzor.gen,Downloader-BCM,Swizzor.gen.a;
[Panda]Adware/Lop,Trojan Horse;
[Computer Associates]Win32.Swizzor,Win32/Swizzor.10680!Downloader,Win32/Swizzor.b!Downloader,Win32/Swizzor.D!Downloader;
[Other]Win32/Swizzor,Adware.Lop,TROJ_SWIZZOR,C2.Lop,lopdotcom,TROJ_SWIZZOR.BA,Adware.Lop!dl,Win32/Swizzor.PR,Win32/Swizzor.QG,Trojan:Win32/Anomaly.gen,Win32/Swizzor.QF,Win32/Swizzor.QH,Win32/Swizzor.QI,Win32/Swizzor.QJ,Win32/Swizzor.QV,Troj/Swizic-B,Win32/Swizzor.SJ,Trojan:Win32/C2Lop.C,Mal/Swizzor-B

Swizzor Symptoms:

Files:
[%APPDATA%]\01ACIDSECOND\ctyordzi.exe
[%APPDATA%]\Help Stupid Comp\fptlqgnu.exe
[%APPDATA%]\Hide Amok Joy\dncpxekv.exe
[%APPDATA%]\Hide Amok Joy\dxqdnnbs.exe
[%APPDATA%]\Hide Amok Joy\ikhuzxfh.exe
[%APPDATA%]\Hide Amok Joy\kddczdny.exe
[%APPDATA%]\Hide Amok Joy\xorvputf.exe
[%APPDATA%]\LOGIDOLROAM\troshemh.exe
[%APPDATA%]\UPLOCKS\rlggvcbr.exe
[%COMMON_APPDATA%]\Barb plus chic wait\REGS JUNK.exe
[%PROFILE_TEMP%]\bis508.exe
[%PROFILE_TEMP%]\bis7D2.exe
[%PROFILE_TEMP%]\pft20~tmp\PatchWr.exe
[%PROFILE_TEMP%]\pft22~tmp\PatchWr.exe
[%PROFILE_TEMP%]\pft2A~tmp\PatchWr.exe
[%PROFILE_TEMP%]\pft2C~tmp\PatchWr.exe
[%PROFILE_TEMP%]\pft3~tmp\PatchWr.exe
[%PROFILE_TEMP%]\Temporary Directory 1 for paint brushes Bittorrent downloader.zip\BitDownload fastets Bittorrent downloader.exe
[%APPDATA%]\admindeafacidtrust\browseamen.exe
[%APPDATA%]\idolonceprogrambits\battons.exe
[%APPDATA%]\Manager Window Jump Dent\Data Up.exe
[%APPDATA%]\Manager Window Jump Dent\realfor.exe
[%APPDATA%]\Manager Window Jump Dent\Regs Eggs.exe
[%APPDATA%]\Manager Window Jump Dent\SendDogWma
[%APPDATA%]\software book style vc\bash mags.exe
[%APPDATA%]\thunk plus chin defy\cash multi.exe
[%DESKTOP%]\htmato1857.exe
[%PROFILE%]\Lokala inst%E4llningar\Temp\bis508.exe
[%PROFILE%]\programdata\chinwarnintracool\hidelive.exe
[%PROFILE_TEMP%]\6bd5111a.exe
[%PROFILE_TEMP%]\aade6.exe
[%PROFILE_TEMP%]\afa6d429.exe
[%PROFILE_TEMP%]\atf\{242138dd-69ce-4398-bd64-0d69f431f913}.html
[%PROFILE_TEMP%]\atf\{3130c779-0937-4bb6-b4a6-9d0e811dceb3}.html
[%PROFILE_TEMP%]\atf\{624598b8-6f55-4bec-ab5b-062219915c18}.html
[%PROFILE_TEMP%]\atf\{ad27eb9d-9bac-4c25-96e1-2764303a375e}.html
[%PROFILE_TEMP%]\rem33.exe
[%PROFILE_TEMP%]\sta33.exe
[%PROFILE_TEMP%]\sta36.exe
[%PROFILE_TEMP%]\sta3c.exe
[%PROFILE_TEMP%]\sta3d.exe
[%PROFILE_TEMP%]\sta4d.exe
[%PROFILE_TEMP%]\sta6.exe
[%PROFILE_TEMP%]\sta79.exe
[%PROGRAM_FILES%]\16ford~1\fileteam.exe
[%PROGRAM_FILES%]\1bodyr~1\eqstupid.exe
[%PROGRAM_FILES%]\1bodyr~1\free.exe
[%PROGRAM_FILES%]\1bodyr~1\ggusdvjz.exe
[%PROGRAM_FILES%]\1bodyr~1\hadddwlv.exe
[%PROGRAM_FILES%]\1bodyr~1\jhigxeqo.exe
[%PROGRAM_FILES%]\1bodyr~1\pile name.exe
[%PROGRAM_FILES%]\1bodyr~1\poke else each.exe
[%PROGRAM_FILES%]\1bodyr~1\start rdr extra.exe
[%PROGRAM_FILES%]\1bodyr~1\xajvwrgu.exe
[%PROGRAM_FILES%]\1bodyr~1\zxzxpzpp.exe
[%PROGRAM_FILES%]\active~1\29525.exe
[%PROGRAM_FILES%]\barbba~1\keeppoke.exe
[%PROGRAM_FILES%]\bikeway\build trust.exe
[%PROGRAM_FILES%]\bluebi~1\audio tick.exe
[%PROGRAM_FILES%]\bluebi~1\daadjpqg.exe
[%PROGRAM_FILES%]\bluebi~1\ford bore date.exe
[%PROGRAM_FILES%]\bluebi~1\kbelhpmz.exe
[%PROGRAM_FILES%]\bluebi~1\lsfjwaej.exe
[%PROGRAM_FILES%]\bluebi~1\ndpgfokf.exe
[%PROGRAM_FILES%]\bluebi~1\rdr file glue.exe
[%PROGRAM_FILES%]\bluebi~1\winsaveaboutpoll.exe
[%PROGRAM_FILES%]\bluebi~1\zkumfamz.exe
[%PROGRAM_FILES%]\cakeju~1\iso setup.exe
[%PROGRAM_FILES%]\cityai~1\bookbitsdefault.exe
[%PROGRAM_FILES%]\cityai~1\imwmkspe.exe
[%PROGRAM_FILES%]\cityai~1\ncqlzyym.exe
[%PROGRAM_FILES%]\cityai~1\ooze part hold.exe
[%PROGRAM_FILES%]\cityai~1\yfieiddw.exe
[%PROGRAM_FILES%]\creati~1\jolcbvin.exe
[%PROGRAM_FILES%]\creati~1\kqxpkink.exe
[%PROGRAM_FILES%]\creati~1\mvxyvrzj.exe
[%PROGRAM_FILES%]\creati~1\qopaqzng.exe
[%PROGRAM_FILES%]\creati~1\tfgymvdd.exe
[%PROGRAM_FILES%]\creati~1\vpdbyqfl.exe
[%PROGRAM_FILES%]\debugs~1\fork error default.exe
[%PROGRAM_FILES%]\debugs~1\help safe copy.exe
[%PROGRAM_FILES%]\debugs~1\vdtjkxjx.exe
[%PROGRAM_FILES%]\defaul~1\gfkfexhs.exe
[%PROGRAM_FILES%]\defaul~1\ggmmxtuh.exe
[%PROGRAM_FILES%]\defaul~1\intrastop.exe
[%PROGRAM_FILES%]\defaul~1\kobmaahh.exe
[%PROGRAM_FILES%]\defaul~1\kyqmurlq.exe
[%PROGRAM_FILES%]\defaul~1\lite cake loud.exe
[%PROGRAM_FILES%]\defaul~1\pkajulyt.exe
[%PROGRAM_FILES%]\draw2\corn bold media.exe
[%PROGRAM_FILES%]\driveg~1\exitgreyhtm.exe
[%PROGRAM_FILES%]\driveg~1\mixmfcd.exe
[%PROGRAM_FILES%]\filmfi~1\808.exe
[%PROGRAM_FILES%]\filmfi~1\bows 2 ante.bin
[%PROGRAM_FILES%]\filmfi~1\global cdrom.dll
[%PROGRAM_FILES%]\freein~1\army load aim byte.exe
[%PROGRAM_FILES%]\freein~1\bendaceproc.exe
[%PROGRAM_FILES%]\freein~1\bytemess.exe
[%PROGRAM_FILES%]\freein~1\ford seek okay gram.exe
[%PROGRAM_FILES%]\freein~1\heroxfbu.exe
[%PROGRAM_FILES%]\freein~1\ljkpaigp.exe
[%PROGRAM_FILES%]\freein~1\xyq.exe
[%PROGRAM_FILES%]\funkba~1\cwhmzwhu.exe
[%PROGRAM_FILES%]\funkba~1\drenahjr.exe
[%PROGRAM_FILES%]\funkba~1\exit show.exe
[%PROGRAM_FILES%]\funkba~1\lite eq safe.exe
[%PROGRAM_FILES%]\funkba~1\urixtdvk.exe
[%PROGRAM_FILES%]\global~1\browse glue.exe
[%PROGRAM_FILES%]\global~1\first move rdr.exe
[%PROGRAM_FILES%]\greyreal\idplomza.exe
[%PROGRAM_FILES%]\intert~1\each beep.exe
[%PROGRAM_FILES%]\isochi~1\pile default.exe
[%PROGRAM_FILES%]\jugsse~1\4623.exe
[%PROGRAM_FILES%]\jugsse~1\more roam.dll
[%PROGRAM_FILES%]\junkst~1\ gre sof .bin
[%PROGRAM_FILES%]\junkst~1\ gre sof soft.bin
[%PROGRAM_FILES%]\junkst~1\capi grey soft.bin
[%PROGRAM_FILES%]\junkst~1\cast grey rey.bin
[%PROGRAM_FILES%]\junkst~1\cast grey soft.bin
[%PROGRAM_FILES%]\junkst~1\cast grey.bin
[%PROGRAM_FILES%]\junkst~1\cast soft.bin
[%PROGRAM_FILES%]\junkst~1\cast.bin
[%PROGRAM_FILES%]\junkst~1\castcgre gsof soft.bin
[%PROGRAM_FILES%]\junkst~1\castmapi soft.bin
[%PROGRAM_FILES%]\junkst~1\castmgrey soft.bin
[%PROGRAM_FILES%]\junkst~1\csof .bin
[%PROGRAM_FILES%]\junkst~1\dent soft.bin
[%PROGRAM_FILES%]\junkst~1\dentmapi grey soft.bin
[%PROGRAM_FILES%]\junkst~1\dentmapit.bin
[%PROGRAM_FILES%]\junkst~1\filmpeak.dll
[%PROGRAM_FILES%]\junkst~1\junk stey.bin
[%PROGRAM_FILES%]\junkst~1\mapi.bin
[%PROGRAM_FILES%]\loadroad\11739.exe
[%PROGRAM_FILES%]\loadroad\13793.exe
[%PROGRAM_FILES%]\loadroad\cast idle.dll
[%PROGRAM_FILES%]\mailin~1\bend axis.exe
[%PROGRAM_FILES%]\mediao~1\browse bows.exe
[%PROGRAM_FILES%]\memosi~1\bgbdhyvc.exe
[%PROGRAM_FILES%]\memosi~1\debug platform one.exe
[%PROGRAM_FILES%]\memosi~1\downloadkeepbleh.exe
[%PROGRAM_FILES%]\objcdrom\extra slow dvd.exe
[%PROGRAM_FILES%]\objcdrom\mdhhwkfg.exe
[%PROGRAM_FILES%]\onesoa~1\nxmukvvg.exe
[%PROGRAM_FILES%]\oozejo~1\save real.exe
[%PROGRAM_FILES%]\ownssi~1\city title.exe
[%PROGRAM_FILES%]\play audio dupe\1 jugs default.exe
[%PROGRAM_FILES%]\play audio dupe\about pile stupid.exe
[%PROGRAM_FILES%]\play audio dupe\cwinsemt.exe
[%PROGRAM_FILES%]\pollpopfour\bitsplaygrid.exe
[%PROGRAM_FILES%]\pollpopfour\each cdrom memo.exe
[%PROGRAM_FILES%]\pollpopfour\fwpesprd.exe
[%PROGRAM_FILES%]\progra~1\aim dash noun.exe
[%PROGRAM_FILES%]\progra~1\kvfnegjg.exe
[%PROGRAM_FILES%]\progra~1\mfxfwvrw.exe
[%PROGRAM_FILES%]\progra~1\ohukvvyx.exe
[%PROGRAM_FILES%]\progra~1\sect name.exe
[%PROGRAM_FILES%]\progra~1\suoplcpo.exe
[%PROGRAM_FILES%]\progra~1\weqqtqdv.exe
[%PROGRAM_FILES%]\refpin~1\findphone.exe
[%PROGRAM_FILES%]\saveba~1\setup close.exe
[%PROGRAM_FILES%]\second~1\ace tray.exe
[%PROGRAM_FILES%]\second~1\grid gpl.exe
[%PROGRAM_FILES%]\sectmp~1\aim math heart.exe
[%PROGRAM_FILES%]\sectmp~1\bookslow.exe
[%PROGRAM_FILES%]\sectmp~1\drikyzgm.exe
[%PROGRAM_FILES%]\sectmp~1\gozczace.exe
[%PROGRAM_FILES%]\sectmp~1\mfokxciu.exe
[%PROGRAM_FILES%]\sectmp~1\otyygomn.exe
[%PROGRAM_FILES%]\sectmp~1\pdwwooqk.exe
[%PROGRAM_FILES%]\sectmp~1\wmsvbohb.exe
[%PROGRAM_FILES%]\sectmp~1\wsmtdolv.exe
[%PROGRAM_FILES%]\sectmp~1\xysuncaw.exe
[%PROGRAM_FILES%]\sectmp~1\ybyncovt.exe
[%PROGRAM_FILES%]\shimbo~1\15898.exe
[%PROGRAM_FILES%]\shimbo~1\bike poke.dll
[%PROGRAM_FILES%]\shimbo~1\fileoozegreat.bin
[%PROGRAM_FILES%]\softwa~1\1067.exe
[%PROGRAM_FILES%]\softwa~1\13163.exe
[%PROGRAM_FILES%]\softwa~1\14053.exe
[%PROGRAM_FILES%]\softwa~1\15638.exe
[%PROGRAM_FILES%]\softwa~1\16037.exe
[%PROGRAM_FILES%]\softwa~1\19842.exe
[%PROGRAM_FILES%]\softwa~1\208.exe
[%PROGRAM_FILES%]\softwa~1\24760.exe
[%PROGRAM_FILES%]\softwa~1\26151.exe
[%PROGRAM_FILES%]\softwa~1\30904.exe
[%PROGRAM_FILES%]\softwa~1\4817.exe
[%PROGRAM_FILES%]\softwa~1\9032.exe
[%PROGRAM_FILES%]\softwa~1\city.bin
[%PROGRAM_FILES%]\softwa~1\citycity.bin
[%PROGRAM_FILES%]\softwa~1\cityfordmathcity.bin
[%PROGRAM_FILES%]\softwa~1\citymathcity.bin
[%PROGRAM_FILES%]\softwa~1\fitymathcity.bin
[%PROGRAM_FILES%]\softwa~1\fordmathcity.bin
[%PROGRAM_FILES%]\softwa~1\setup time.dll
[%PROGRAM_FILES%]\softwa~1\softwarecity.bin
[%PROGRAM_FILES%]\softwa~1\wave wait.dll
[%PROGRAM_FILES%]\thirda~1\ahlrfsoy.exe
[%PROGRAM_FILES%]\thirda~1\anntabrs.exe
[%PROGRAM_FILES%]\thirda~1\eyednnkm.exe
[%PROGRAM_FILES%]\thirda~1\lniegfer.exe
[%PROGRAM_FILES%]\thirda~1\lvwvyqst.exe
[%PROGRAM_FILES%]\thirda~1\mqplzhkn.exe
[%PROGRAM_FILES%]\thirda~1\wgjtoczo.exe
[%PROGRAM_FILES%]\thirda~1\yyjsckss.exe
[%PROGRAM_FILES%]\view16\burnsetup.exe
[%APPDATA%]\01ACIDSECOND\ctyordzi.exe
[%APPDATA%]\Help Stupid Comp\fptlqgnu.exe
[%APPDATA%]\Hide Amok Joy\dncpxekv.exe
[%APPDATA%]\Hide Amok Joy\dxqdnnbs.exe
[%APPDATA%]\Hide Amok Joy\ikhuzxfh.exe
[%APPDATA%]\Hide Amok Joy\kddczdny.exe
[%APPDATA%]\Hide Amok Joy\xorvputf.exe
[%APPDATA%]\LOGIDOLROAM\troshemh.exe
[%APPDATA%]\UPLOCKS\rlggvcbr.exe
[%COMMON_APPDATA%]\Barb plus chic wait\REGS JUNK.exe
[%PROFILE_TEMP%]\bis508.exe
[%PROFILE_TEMP%]\bis7D2.exe
[%PROFILE_TEMP%]\pft20~tmp\PatchWr.exe
[%PROFILE_TEMP%]\pft22~tmp\PatchWr.exe
[%PROFILE_TEMP%]\pft2A~tmp\PatchWr.exe
[%PROFILE_TEMP%]\pft2C~tmp\PatchWr.exe
[%PROFILE_TEMP%]\pft3~tmp\PatchWr.exe
[%PROFILE_TEMP%]\Temporary Directory 1 for paint brushes Bittorrent downloader.zip\BitDownload fastets Bittorrent downloader.exe
[%APPDATA%]\admindeafacidtrust\browseamen.exe
[%APPDATA%]\idolonceprogrambits\battons.exe
[%APPDATA%]\Manager Window Jump Dent\Data Up.exe
[%APPDATA%]\Manager Window Jump Dent\realfor.exe
[%APPDATA%]\Manager Window Jump Dent\Regs Eggs.exe
[%APPDATA%]\Manager Window Jump Dent\SendDogWma
[%APPDATA%]\software book style vc\bash mags.exe
[%APPDATA%]\thunk plus chin defy\cash multi.exe
[%DESKTOP%]\htmato1857.exe
[%PROFILE%]\Lokala inst%E4llningar\Temp\bis508.exe
[%PROFILE%]\programdata\chinwarnintracool\hidelive.exe
[%PROFILE_TEMP%]\6bd5111a.exe
[%PROFILE_TEMP%]\aade6.exe
[%PROFILE_TEMP%]\afa6d429.exe
[%PROFILE_TEMP%]\atf\{242138dd-69ce-4398-bd64-0d69f431f913}.html
[%PROFILE_TEMP%]\atf\{3130c779-0937-4bb6-b4a6-9d0e811dceb3}.html
[%PROFILE_TEMP%]\atf\{624598b8-6f55-4bec-ab5b-062219915c18}.html
[%PROFILE_TEMP%]\atf\{ad27eb9d-9bac-4c25-96e1-2764303a375e}.html
[%PROFILE_TEMP%]\rem33.exe
[%PROFILE_TEMP%]\sta33.exe
[%PROFILE_TEMP%]\sta36.exe
[%PROFILE_TEMP%]\sta3c.exe
[%PROFILE_TEMP%]\sta3d.exe
[%PROFILE_TEMP%]\sta4d.exe
[%PROFILE_TEMP%]\sta6.exe
[%PROFILE_TEMP%]\sta79.exe
[%PROGRAM_FILES%]\16ford~1\fileteam.exe
[%PROGRAM_FILES%]\1bodyr~1\eqstupid.exe
[%PROGRAM_FILES%]\1bodyr~1\free.exe
[%PROGRAM_FILES%]\1bodyr~1\ggusdvjz.exe
[%PROGRAM_FILES%]\1bodyr~1\hadddwlv.exe
[%PROGRAM_FILES%]\1bodyr~1\jhigxeqo.exe
[%PROGRAM_FILES%]\1bodyr~1\pile name.exe
[%PROGRAM_FILES%]\1bodyr~1\poke else each.exe
[%PROGRAM_FILES%]\1bodyr~1\start rdr extra.exe
[%PROGRAM_FILES%]\1bodyr~1\xajvwrgu.exe
[%PROGRAM_FILES%]\1bodyr~1\zxzxpzpp.exe
[%PROGRAM_FILES%]\active~1\29525.exe
[%PROGRAM_FILES%]\barbba~1\keeppoke.exe
[%PROGRAM_FILES%]\bikeway\build trust.exe
[%PROGRAM_FILES%]\bluebi~1\audio tick.exe
[%PROGRAM_FILES%]\bluebi~1\daadjpqg.exe
[%PROGRAM_FILES%]\bluebi~1\ford bore date.exe
[%PROGRAM_FILES%]\bluebi~1\kbelhpmz.exe
[%PROGRAM_FILES%]\bluebi~1\lsfjwaej.exe
[%PROGRAM_FILES%]\bluebi~1\ndpgfokf.exe
[%PROGRAM_FILES%]\bluebi~1\rdr file glue.exe
[%PROGRAM_FILES%]\bluebi~1\winsaveaboutpoll.exe
[%PROGRAM_FILES%]\bluebi~1\zkumfamz.exe
[%PROGRAM_FILES%]\cakeju~1\iso setup.exe
[%PROGRAM_FILES%]\cityai~1\bookbitsdefault.exe
[%PROGRAM_FILES%]\cityai~1\imwmkspe.exe
[%PROGRAM_FILES%]\cityai~1\ncqlzyym.exe
[%PROGRAM_FILES%]\cityai~1\ooze part hold.exe
[%PROGRAM_FILES%]\cityai~1\yfieiddw.exe
[%PROGRAM_FILES%]\creati~1\jolcbvin.exe
[%PROGRAM_FILES%]\creati~1\kqxpkink.exe
[%PROGRAM_FILES%]\creati~1\mvxyvrzj.exe
[%PROGRAM_FILES%]\creati~1\qopaqzng.exe
[%PROGRAM_FILES%]\creati~1\tfgymvdd.exe
[%PROGRAM_FILES%]\creati~1\vpdbyqfl.exe
[%PROGRAM_FILES%]\debugs~1\fork error default.exe
[%PROGRAM_FILES%]\debugs~1\help safe copy.exe
[%PROGRAM_FILES%]\debugs~1\vdtjkxjx.exe
[%PROGRAM_FILES%]\defaul~1\gfkfexhs.exe
[%PROGRAM_FILES%]\defaul~1\ggmmxtuh.exe
[%PROGRAM_FILES%]\defaul~1\intrastop.exe
[%PROGRAM_FILES%]\defaul~1\kobmaahh.exe
[%PROGRAM_FILES%]\defaul~1\kyqmurlq.exe
[%PROGRAM_FILES%]\defaul~1\lite cake loud.exe
[%PROGRAM_FILES%]\defaul~1\pkajulyt.exe
[%PROGRAM_FILES%]\draw2\corn bold media.exe
[%PROGRAM_FILES%]\driveg~1\exitgreyhtm.exe
[%PROGRAM_FILES%]\driveg~1\mixmfcd.exe
[%PROGRAM_FILES%]\filmfi~1\808.exe
[%PROGRAM_FILES%]\filmfi~1\bows 2 ante.bin
[%PROGRAM_FILES%]\filmfi~1\global cdrom.dll
[%PROGRAM_FILES%]\freein~1\army load aim byte.exe
[%PROGRAM_FILES%]\freein~1\bendaceproc.exe
[%PROGRAM_FILES%]\freein~1\bytemess.exe
[%PROGRAM_FILES%]\freein~1\ford seek okay gram.exe
[%PROGRAM_FILES%]\freein~1\heroxfbu.exe
[%PROGRAM_FILES%]\freein~1\ljkpaigp.exe
[%PROGRAM_FILES%]\freein~1\xyq.exe
[%PROGRAM_FILES%]\funkba~1\cwhmzwhu.exe
[%PROGRAM_FILES%]\funkba~1\drenahjr.exe
[%PROGRAM_FILES%]\funkba~1\exit show.exe
[%PROGRAM_FILES%]\funkba~1\lite eq safe.exe
[%PROGRAM_FILES%]\funkba~1\urixtdvk.exe
[%PROGRAM_FILES%]\global~1\browse glue.exe
[%PROGRAM_FILES%]\global~1\first move rdr.exe
[%PROGRAM_FILES%]\greyreal\idplomza.exe
[%PROGRAM_FILES%]\intert~1\each beep.exe
[%PROGRAM_FILES%]\isochi~1\pile default.exe
[%PROGRAM_FILES%]\jugsse~1\4623.exe
[%PROGRAM_FILES%]\jugsse~1\more roam.dll
[%PROGRAM_FILES%]\junkst~1\ gre sof .bin
[%PROGRAM_FILES%]\junkst~1\ gre sof soft.bin
[%PROGRAM_FILES%]\junkst~1\capi grey soft.bin
[%PROGRAM_FILES%]\junkst~1\cast grey rey.bin
[%PROGRAM_FILES%]\junkst~1\cast grey soft.bin
[%PROGRAM_FILES%]\junkst~1\cast grey.bin
[%PROGRAM_FILES%]\junkst~1\cast soft.bin
[%PROGRAM_FILES%]\junkst~1\cast.bin
[%PROGRAM_FILES%]\junkst~1\castcgre gsof soft.bin
[%PROGRAM_FILES%]\junkst~1\castmapi soft.bin
[%PROGRAM_FILES%]\junkst~1\castmgrey soft.bin
[%PROGRAM_FILES%]\junkst~1\csof .bin
[%PROGRAM_FILES%]\junkst~1\dent soft.bin
[%PROGRAM_FILES%]\junkst~1\dentmapi grey soft.bin
[%PROGRAM_FILES%]\junkst~1\dentmapit.bin
[%PROGRAM_FILES%]\junkst~1\filmpeak.dll
[%PROGRAM_FILES%]\junkst~1\junk stey.bin
[%PROGRAM_FILES%]\junkst~1\mapi.bin
[%PROGRAM_FILES%]\loadroad\11739.exe
[%PROGRAM_FILES%]\loadroad\13793.exe
[%PROGRAM_FILES%]\loadroad\cast idle.dll
[%PROGRAM_FILES%]\mailin~1\bend axis.exe
[%PROGRAM_FILES%]\mediao~1\browse bows.exe
[%PROGRAM_FILES%]\memosi~1\bgbdhyvc.exe
[%PROGRAM_FILES%]\memosi~1\debug platform one.exe
[%PROGRAM_FILES%]\memosi~1\downloadkeepbleh.exe
[%PROGRAM_FILES%]\objcdrom\extra slow dvd.exe
[%PROGRAM_FILES%]\objcdrom\mdhhwkfg.exe
[%PROGRAM_FILES%]\onesoa~1\nxmukvvg.exe
[%PROGRAM_FILES%]\oozejo~1\save real.exe
[%PROGRAM_FILES%]\ownssi~1\city title.exe
[%PROGRAM_FILES%]\play audio dupe\1 jugs default.exe
[%PROGRAM_FILES%]\play audio dupe\about pile stupid.exe
[%PROGRAM_FILES%]\play audio dupe\cwinsemt.exe
[%PROGRAM_FILES%]\pollpopfour\bitsplaygrid.exe
[%PROGRAM_FILES%]\pollpopfour\each cdrom memo.exe
[%PROGRAM_FILES%]\pollpopfour\fwpesprd.exe
[%PROGRAM_FILES%]\progra~1\aim dash noun.exe
[%PROGRAM_FILES%]\progra~1\kvfnegjg.exe
[%PROGRAM_FILES%]\progra~1\mfxfwvrw.exe
[%PROGRAM_FILES%]\progra~1\ohukvvyx.exe
[%PROGRAM_FILES%]\progra~1\sect name.exe
[%PROGRAM_FILES%]\progra~1\suoplcpo.exe
[%PROGRAM_FILES%]\progra~1\weqqtqdv.exe
[%PROGRAM_FILES%]\refpin~1\findphone.exe
[%PROGRAM_FILES%]\saveba~1\setup close.exe
[%PROGRAM_FILES%]\second~1\ace tray.exe
[%PROGRAM_FILES%]\second~1\grid gpl.exe
[%PROGRAM_FILES%]\sectmp~1\aim math heart.exe
[%PROGRAM_FILES%]\sectmp~1\bookslow.exe
[%PROGRAM_FILES%]\sectmp~1\drikyzgm.exe
[%PROGRAM_FILES%]\sectmp~1\gozczace.exe
[%PROGRAM_FILES%]\sectmp~1\mfokxciu.exe
[%PROGRAM_FILES%]\sectmp~1\otyygomn.exe
[%PROGRAM_FILES%]\sectmp~1\pdwwooqk.exe
[%PROGRAM_FILES%]\sectmp~1\wmsvbohb.exe
[%PROGRAM_FILES%]\sectmp~1\wsmtdolv.exe
[%PROGRAM_FILES%]\sectmp~1\xysuncaw.exe
[%PROGRAM_FILES%]\sectmp~1\ybyncovt.exe
[%PROGRAM_FILES%]\shimbo~1\15898.exe
[%PROGRAM_FILES%]\shimbo~1\bike poke.dll
[%PROGRAM_FILES%]\shimbo~1\fileoozegreat.bin
[%PROGRAM_FILES%]\softwa~1\1067.exe
[%PROGRAM_FILES%]\softwa~1\13163.exe
[%PROGRAM_FILES%]\softwa~1\14053.exe
[%PROGRAM_FILES%]\softwa~1\15638.exe
[%PROGRAM_FILES%]\softwa~1\16037.exe
[%PROGRAM_FILES%]\softwa~1\19842.exe
[%PROGRAM_FILES%]\softwa~1\208.exe
[%PROGRAM_FILES%]\softwa~1\24760.exe
[%PROGRAM_FILES%]\softwa~1\26151.exe
[%PROGRAM_FILES%]\softwa~1\30904.exe
[%PROGRAM_FILES%]\softwa~1\4817.exe
[%PROGRAM_FILES%]\softwa~1\9032.exe
[%PROGRAM_FILES%]\softwa~1\city.bin
[%PROGRAM_FILES%]\softwa~1\citycity.bin
[%PROGRAM_FILES%]\softwa~1\cityfordmathcity.bin
[%PROGRAM_FILES%]\softwa~1\citymathcity.bin
[%PROGRAM_FILES%]\softwa~1\fitymathcity.bin
[%PROGRAM_FILES%]\softwa~1\fordmathcity.bin
[%PROGRAM_FILES%]\softwa~1\setup time.dll
[%PROGRAM_FILES%]\softwa~1\softwarecity.bin
[%PROGRAM_FILES%]\softwa~1\wave wait.dll
[%PROGRAM_FILES%]\thirda~1\ahlrfsoy.exe
[%PROGRAM_FILES%]\thirda~1\anntabrs.exe
[%PROGRAM_FILES%]\thirda~1\eyednnkm.exe
[%PROGRAM_FILES%]\thirda~1\lniegfer.exe
[%PROGRAM_FILES%]\thirda~1\lvwvyqst.exe
[%PROGRAM_FILES%]\thirda~1\mqplzhkn.exe
[%PROGRAM_FILES%]\thirda~1\wgjtoczo.exe
[%PROGRAM_FILES%]\thirda~1\yyjsckss.exe
[%PROGRAM_FILES%]\view16\burnsetup.exe

Folders:
[%APPDATA%]\bleh platform drive internet
[%APPDATA%]\JOY FACE MAPI COPY
[%PROGRAM_FILES%]\movefi~1

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{3ac077e2-a87a-3582-08b6-69863ce5bd2c}
HKEY_CLASSES_ROOT\clsid\{66eab452-800a-7bea-d068-c668c39d3ffb}
HKEY_CLASSES_ROOT\clsid\{751fabe0-61cf-96bf-aa53-9a328fbf459b}
HKEY_CLASSES_ROOT\clsid\{94ac8427-47d0-0328-8060-ab65bc1c0479}
HKEY_CLASSES_ROOT\clsid\{97d65e0c-f28c-051a-cec2-299b0094c1f2}
HKEY_CLASSES_ROOT\clsid\{de16043e-fed8-a12d-2409-8cd31b31de21}
HKEY_CURRENT_USER\clsid\{2bd12782-9db1-029b-8d03-2f0596305555}
HKEY_CURRENT_USER\clsid\{8e474554-79aa-115a-66d8-5fedecb66be8}
HKEY_CURRENT_USER\software\classes\clsid\{2bd12782-9db1-029b-8d03-2f0596305555}
HKEY_CURRENT_USER\software\classes\clsid\{8e474554-79aa-115a-66d8-5fedecb66be8}
HKEY_LOCAL_MACHINE\software\classes\clsid\{3ac077e2-a87a-3582-08b6-69863ce5bd2c}
HKEY_LOCAL_MACHINE\software\classes\clsid\{66eab452-800a-7bea-d068-c668c39d3ffb}
HKEY_LOCAL_MACHINE\software\classes\clsid\{751fabe0-61cf-96bf-aa53-9a328fbf459b}
HKEY_LOCAL_MACHINE\software\classes\clsid\{97d65e0c-f28c-051a-cec2-299b0094c1f2}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{751fabe0-61cf-96bf-aa53-9a328fbf459b}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{94ac8427-47d0-0328-8060-ab65bc1c0479}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{97d65e0c-f28c-051a-cec2-299b0094c1f2}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{c2ba8382-9a35-cfbc-3907-c39d72a572ad}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{de16043e-fed8-a12d-2409-8cd31b31de21}

Registry Values:
HKEY_CLASSES_ROOT\clsid\{c2ba8382-9a35-cfbc-3907-c39d72a572ad}
HKEY_CLASSES_ROOT\clsid\{c2ba8382-9a35-cfbc-3907-c39d72a572ad}\inprocserver32
HKEY_CURRENT_USER\software\microsoft\internet explorer\main
HKEY_CURRENT_USER\software\microsoft\internet explorer\main
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser
HKEY_CURRENT_USER\software\microsoft\internet explorer\toolbar\webbrowser
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Frethog.AFG Trojan Removal
Visual.Element Trojan Cleaner
Removing PacificPoker Tracking Cookie
Enles Trojan Removal instruction
Remove Win.Steal Trojan

Turiv Trojan

How To Remove Turiv?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Turiv is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.


Turiv It also known as:

[Other]Win32/Turiv.A

Turiv Symptoms:

Files:
[%SYSTEM%]\VT100.exe
[%SYSTEM%]\VT100.exe


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Hucsyn DoS Removal
Excel95Macro.Laroux Trojan Cleaner
E2Give Adware Symptoms
Win32.Inteter.ad Trojan Removal

Glacier Trojan

How To Remove Glacier?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Glacier is dangerous virus:
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Backdoors are used by virus writers to detect and download confidential information,
execute malicious code, destroy data, include the machine in bot networks and so forth.

Many trojans and backdoors now have remote administration capabilities
allowing an individual to control the victim's computer.
Many times a file called the server must be opened on the victim's computer before
the trojan can have access to it.

These are generally sent through email, P2P file sharing software,
and in internet downloads. They are usually disguised as a legitimate program or file.
Many server files will display a fake error message when opened, to make it seem like it didn't open.
Some will also kill antivirus and firewall software.

Some RAT trojans are pranks that are most likely being controlled by a friend or enemy on
April Fool's day or a holiday. Prank RATS are generally not harmful, and won't log keystrokes or hack.
They usually do whimsical things like flip the screen upside-down, open the CD-ROM tray,
and swap mouse buttons. However, they can be quite hard to remove.
Exploits use vulnerabilities in operating systems and applications to achieve the same result.


Glacier It also known as:

[Kaspersky]Backdoor.G_Door.b,Backdoor.G_Door.d,Backdoor.Win32.G_Door.b,Backdoor.G_Door.20,Backdoor.G_Door.asp,Backdoor.G_Door.client,Backdoor.G_Door.c,Backdoor.G_Door.e,Backdoor.Delf.au,packed: UPX,packed: PECompact,Trojan.PSW.Glacier,Backdoor.G_Door.g,Backdoor.G_Door.l;
[Eset]Win32/G_Door.B trojan;
[McAfee]BackDoor-FR,Generic BackDoor.d;
[F-Prot]security risk or a "backdoor" program,security risk named W32/Glacier.A;
[Panda]Backdoor Program,Trj/Binghe.Cli,Trj/Darksun.Cl,Trj/Darksun.Sr,Bck/G_Door.B,Bck/GDoor.asp,Bck/Binghe.1.2,Backdoor Program.LC,Bck/Gdoor.C,Bck/Delf,Bck/G_Door.K,Trj/PSW.Glacier,Bck/Hyne.Cl,Bck/Hyne.Sr,Bck/G_Door.G,Bck/G_Door.L;
[Computer Associates]Backdoor/G!Server,Win32.Glace.B,Win32/G_Door.b!Backdoor,Backdoor/G.Server,Win32/G_Door.asp!Backdoor,Win32/Baf178!Trojan,Win32/G_Door.C!Backdoor,Backdoor/Delf.AU!Server,Win32/G_Door.b!Backdoor!Server,Backdoor/G_Door,Win32.GDoor.F,Win32.GDoor.D,Win32/Mincer,Win32.GDoor.G

Glacier Symptoms:

Files:
[%WINDOWS%]\system\ .exe
[%WINDOWS%]\system\lfp.exe
[%WINDOWS%]\system\rnudll32.exe
[%WINDOWS%]\system\shellscrap.exe
[%WINDOWS%]\system\sysdll32.exe
[%WINDOWS%]\system\sysexecr.exe
[%WINDOWS%]\system\sysexplr.exe
[%WINDOWS%]\system\sysrun32.exe
[%WINDOWS%]\system\system32.exe
[%WINDOWS%]\system\tel.dll
[%WINDOWS%]\system\winabc.exe
[%WINDOWS%]\temp\psw.tmp
[%WINDOWS%]\system\ .exe
[%WINDOWS%]\system\lfp.exe
[%WINDOWS%]\system\rnudll32.exe
[%WINDOWS%]\system\shellscrap.exe
[%WINDOWS%]\system\sysdll32.exe
[%WINDOWS%]\system\sysexecr.exe
[%WINDOWS%]\system\sysexplr.exe
[%WINDOWS%]\system\sysrun32.exe
[%WINDOWS%]\system\system32.exe
[%WINDOWS%]\system\tel.dll
[%WINDOWS%]\system\winabc.exe
[%WINDOWS%]\temp\psw.tmp

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
AutoAccept Trojan Removal
VBS.Edibara Trojan Symptoms
WordMacro.Horn Trojan Cleaner
Removing Give.Me.Too Spyware

GB Downloader

How To Remove GB?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
GB is dangerous virus:
This family of Trojans downloads and installs new malware or adware on the computer.
The downloader then either launches the new malware or registers it to enable autorun
according to the local operating system requirements.

The names and locations of malware to be downloaded are either coded into the
Trojan or downloaded from a specified website.


GB Symptoms:

Files:
[%SYSTEM%]\GoogleBot.exe
[%SYSTEM%]\GoogleBot.exe

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
TrustyHound Spyware Removal instruction
Remove Preview.Unlocked RAT
xiti.com Tracking Cookie Removal instruction
Trail.Of.Destruction Spyware Information
NetMama Spyware Symptoms

TheRat Trojan

How To Remove TheRat?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
TheRat is dangerous virus:
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.


TheRat Symptoms:

Files:
[%SYSTEM%]\32syslib.dll
[%SYSTEM%]\socketme.exe
[%SYSTEM%]\32syslib.dll
[%SYSTEM%]\socketme.exe

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
SillyDl.DDG Trojan Symptoms
Removing Small.CZL Trojan

IPInsight BHO

How To Remove IPInsight?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
IPInsight is dangerous virus:
BHO (Browser Helper Object) Trojan.
The BHO waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.
The method of network transport used by the attacker makes this Trojan unique.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.
Instead, this Trojan encodes the data with a simple XOR algorithm before placing it into
the data section of an ICMP ping packet." explained the company.


IPInsight Symptoms:

Files:
[%PROFILE_TEMP%]\alchem.exe
[%WINDOWS%]\sentry.ini
[%PROFILE%]\locals~1\temp\alchem.exe
[%PROFILE%]\saly umber\local settings\temp\sentry.exe
[%PROFILE_TEMP%]\sentry.exe
[%SYSTEM%]\ipinsigt.dll
[%SYSTEM%]\ipinsigt.inf
[%WINDOWS%]\inf\ipinsigt.inf
[%WINDOWS%]\ipinsigt.dll
[%WINDOWS%]\lastgood\inf\ipinsigt.inf
[%WINDOWS%]\lastgood\inf\ipinsigt.pnf
[%WINDOWS%]\sentry.exe
[%WINDOWS%]\system\ipinsigt.dll
[%PROFILE_TEMP%]\alchem.exe
[%WINDOWS%]\sentry.ini
[%PROFILE%]\locals~1\temp\alchem.exe
[%PROFILE%]\saly umber\local settings\temp\sentry.exe
[%PROFILE_TEMP%]\sentry.exe
[%SYSTEM%]\ipinsigt.dll
[%SYSTEM%]\ipinsigt.inf
[%WINDOWS%]\inf\ipinsigt.inf
[%WINDOWS%]\ipinsigt.dll
[%WINDOWS%]\lastgood\inf\ipinsigt.inf
[%WINDOWS%]\lastgood\inf\ipinsigt.pnf
[%WINDOWS%]\sentry.exe
[%WINDOWS%]\system\ipinsigt.dll

Registry Keys:
HKEY_CLASSES_ROOT\interface\{297afc77-2039-4d3c-bef9-598819eb2c8a}
HKEY_CLASSES_ROOT\interface\{3cb6def9-1db2-4b5d-9a70-9bf8345ed73c}
HKEY_CLASSES_ROOT\typelib\{4769dd43-4045-405c-945f-752516445e89}
HKEY_CLASSES_ROOT\typelib\{be35582c-9796-4cf1-aed9-556ada120b38}
HKEY_LOCAL_MACHINE\software\classes\babeie.agentie
HKEY_LOCAL_MACHINE\software\classes\babeie.agentie.1
HKEY_LOCAL_MACHINE\software\classes\clsid\{2eb3eff2-f707-4ea8-81aa-4b65d2799f31}
HKEY_LOCAL_MACHINE\software\classes\clsid\{6656b666-992f-4d74-8588-8ca69e97d90c}
HKEY_LOCAL_MACHINE\software\classes\clsid\{9346a6bb-1ed0-4174-afb4-13cd4ec0aa40}
HKEY_LOCAL_MACHINE\software\classes\interface\{99908473-1135-4009-be4f-32b921f86ed9}
HKEY_LOCAL_MACHINE\software\classes\typelib\{cc364a32-d59b-4e9c-9156-f0050c45005b}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app management\arpcache\ipinsight
HKEY_CLASSES_ROOT\clsid\{000004cc-e4ff-4f2c-bc30-dbef0b983bc9}
HKEY_CLASSES_ROOT\clsid\{11cc62b9-65f8-4a8b-b33f-5de4e838442d}
HKEY_CLASSES_ROOT\clsid\{297afc77-2039-4d3c-bef9-598819eb2c8a}
HKEY_CLASSES_ROOT\clsid\{2d0f5208-3198-49a4-86a7-d65e9e582751}
HKEY_CLASSES_ROOT\clsid\{6e83ae1c-f69c-4aed-af98-d23c24c6fa4b}
HKEY_CLASSES_ROOT\clsid\{99908473-1135-4009-be4f-32b921f86ed9}
HKEY_CLASSES_ROOT\clsid\{cc364a32-d59b-4e9c-9156-f0050c45005b}
HKEY_CLASSES_ROOT\ipinsigt.ipinsigtobj.1
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{000004cc-e4ff-4f2c-bc30-dbef0b983bc9}
HKEY_CLASSES_ROOT\typelib\{11cc62b9-65f8-4a8b-b33f-5de4e838442d}
HKEY_LOCAL_MACHINE\software\classes\clsid\{000004cc-e4ff-4f2c-bc30-dbef0b983bc9}
HKEY_LOCAL_MACHINE\software\ipinsight
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{000004cc-e4ff-4f2c-bc30-dbef0b983bc9}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\ipinsight

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shareddlls


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Frethog.ACT Trojan Removal instruction
Bat.Black Trojan Removal instruction
Pigeon.AVV Trojan Cleaner
Removing Pigeon.ADY Trojan