Friday, January 23, 2009

Tubby Adware

How To Remove Tubby?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Tubby is dangerous virus:
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.



Tubby Symptoms:

Files:
[%SYSTEM%]\ADV.ini
[%SYSTEM%]\ADV.dll
[%SYSTEM%]\ADV.ini
[%SYSTEM%]\ADV.dll

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{9eac0102-5e61-2312-bc2d-414456544f4e}
HKEY_CLASSES_ROOT\tubby.toolbandobj
HKEY_CLASSES_ROOT\tubby.toolbandobj.1
HKEY_CLASSES_ROOT\typelib\{9eac0102-5e61-2312-bc2b-414456544f4e}
HKEY_CURRENT_USER\software\adv ton
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{9eac0102-5e61-2312-bc2d-414456544f4e}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\advanced search

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Remove PopupSponsor Tracking Cookie
CyberTrader.Pro.Market Tracking Cookie Cleaner

Clodpuntor Trojan

How To Remove Clodpuntor?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Clodpuntor is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.


Clodpuntor It also known as:

[Kaspersky]Trojan-Proxy.Win32.Agent.ji,Email-Worm.Win32.Zhelatin.hc;
[Other]Win32/Clodpuntor.L,Win32/Clodpuntor.P,Trojan.SpamThru,Win32/Clodpuntor.Q,Win32/Clodpuntor.S

Clodpuntor Symptoms:

Registry Values:
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
FreeWire Worm Symptoms
Remove WST Adware
Remove Enles Trojan
DarkPortal Trojan Symptoms

ScreenSaver.Lightningstorm Adware

How To Remove ScreenSaver.Lightningstorm?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
ScreenSaver.Lightningstorm is dangerous virus:
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.



ScreenSaver.Lightningstorm Symptoms:

Files:
[%PROGRAM_FILES%]\Free Offers from Freeze.com\Ringtones.ico
[%PROGRAM_FILES%]\Free Offers from Freeze.com\Ringtones.ico


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Hacksoff Trojan Symptoms

Stratio.BN Worm

How To Remove Stratio.BN?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Stratio.BN is dangerous virus:
Worms can be classified according to the propagation method they use,
i.e. how they deliver copies of themselves to new victim machines.
Worms can also be classified by installation method, launch method and finally according
to characteristics standard to all malware: polymorphism, stealth etc.

Many of the worms which managed to cause significant outbreaks use more then
one propagation method as well as more than one infection technique.
The methods are listed separately below.


Stratio.BN Symptoms:

Files:
[%SYSTEM%]\wmvconf.exe
[%SYSTEM%]\wmvconf.exe

Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Jakposh Trojan Removal
Dexama Trojan Removal instruction
Yulihubot RAT Cleaner
Removing Click2Net.com Tracking Cookie
Removing Banker.aci Trojan

Bancos.GXV Trojan

How To Remove Bancos.GXV?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Bancos.GXV is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
These utilities are designed to penetrate remote computers
in order to use them as zombies (by using backdoors) or to download other malicious programs to computer.

Exploits use vulnerabilities in operating systems and applications to achieve the same result.


Bancos.GXV It also known as:

[Kaspersky]Trojan-Spy.Win32.Banker.anc;
[McAfee]PWS-Banker.gen.b;
[F-Prot]W32/Banker.AF;
[Other]Win32/Bancos.GXV,Infostealer.Banpaes,TrojanSpy:Win32/Banker.UL,W32/Banker.RK,Troj/Banker-EG,Trojan-Spy.Win32.Banker.eg

Bancos.GXV Symptoms:

Files:
[%SYSTEM%]\dlh9jkd1q2.exe
[%SYSTEM%]\dlh9jkd1q8.exe
[%SYSTEM%]\ma.exe.exe
[%SYSTEM%]\runtime.sys
[%SYSTEM%]\dlh9jkd1q2.exe
[%SYSTEM%]\dlh9jkd1q8.exe
[%SYSTEM%]\ma.exe.exe
[%SYSTEM%]\runtime.sys

Registry Keys:
HKEY_CURRENT_USER\software\adwaredisablekey4
HKEY_LOCAL_MACHINE\software\adwaredisablekey4

Registry Values:
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\activedesktop
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\activedesktop
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\activedesktop
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\activedesktop
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\activedesktop
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\activedesktop
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\activedesktop
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\desktop\general
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\desktop\general
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\desktop\general
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\desktop\general
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\desktop\general
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\desktop\general
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\desktop\general
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gb
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gb\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gb\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gb\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gb\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gb\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gb\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gb\0000\control
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_runtime
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_runtime\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_runtime\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_runtime\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_runtime\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_runtime\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_runtime\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_runtime\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_runtime\0000\control


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Zomby Backdoor Cleaner
Delf.ia Backdoor Symptoms
Binet Adware Information
Remove TrojanDropper.Win32.Delf.bk Trojan
Rush.Hour.ow Trojan Information

Spyonthis Ransomware

How To Remove Spyonthis?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Spyonthis is dangerous virus:
A cryptovirus, cryptotrojan or cryptoworm is a type of
malware that encrypts the data belonging to an individual on a computer,
demanding a ransom for its restoration.

The term ransomware is commonly used to describe such software,
although the field known as cryptovirology predates the term "ransomware".

This type of ransom attack can be accomplished by (for example) attaching
a specially crafted file/program to an e-mail message and sending this to the victim.

If the victim opens/executes the attachment, the program encrypts
a number of files on the victim's computer. A ransom note is then left behind for the victim.

The victim will be unable to open the encrypted files without the correct decryption key.
Once the ransom demanded in the ransom note is paid, the cracker may (or may not)
send the decryption key, enabling decryption of the "kidnapped" files.


Spyonthis Symptoms:

Files:
[%DESKTOP%]\SpyOnThis Monitor.lnk
[%DESKTOP%]\SpyOnThis Scanner.lnk
[%DESKTOP%]\SpyOnThis Monitor.lnk
[%DESKTOP%]\SpyOnThis Scanner.lnk
[%DESKTOP%]\SpyOnThis Monitor.lnk
[%DESKTOP%]\SpyOnThis Scanner.lnk
[%DESKTOP%]\SpyOnThis Monitor.lnk
[%DESKTOP%]\SpyOnThis Scanner.lnk

Folders:
[%PROGRAM_FILES%]\SpyOnThis v2.0
[%COMMON_PROGRAMS%]\SpyOnThis v2.0

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{2a1e37a4-04f1-5535-0715-f2c7c83eb4ee}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{b72a13a7-cccd-407a-882b-4cfc2add39ef}_is1

Registry Values:
HKEY_LOCAL_MACHINE\software\licenses
HKEY_LOCAL_MACHINE\software\licenses
HKEY_LOCAL_MACHINE\software\licenses
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\licenses
HKEY_LOCAL_MACHINE\software\licenses
HKEY_LOCAL_MACHINE\software\licenses
HKEY_LOCAL_MACHINE\software\licenses


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Remove 2o7.net Tracking Cookie
Removing BackDoor.CTV Trojan
Remove Win32.ARPKiller DoS

Bangsoft Trojan

How To Remove Bangsoft?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Bangsoft is dangerous virus:
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.


Bangsoft It also known as:

[Kaspersky]Trojan.Win32.KillAV.hi,Trojan-Spy.Win32.Sters.af,Trojan-Spy.Win32.Sters.y,Trojan-Spy.Win32.Sters.an;
[Other]Win32/Bangsoft.P,Trojan.KillAV,Win32/Bangsoft.R,Infostealer,Win32/Bangsoft.N,Win32/Bangsoft.Y

Bangsoft Symptoms:

Files:
[%WINDOWS%]\smss.exe
[%WINDOWS%]\smss.exe

Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Pigeon.EOS Trojan Information
Pigeon.EWH Trojan Removal
SillyDl.DKX Trojan Cleaner
ISTbar.MCInstL Hijacker Removal

Funcade Adware

How To Remove Funcade?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Funcade is dangerous virus:
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.



Funcade It also known as:

[Other]eXact.Funcade

Funcade Symptoms:

Files:
[%PROGRAMS%]\Funcade\Funcade.lnk
[%PROGRAMS%]\Funcade\Uninstall.lnk
[%PROGRAMS%]\Funcade\Funcade.lnk
[%PROGRAMS%]\Funcade\Uninstall.lnk

Folders:
[%PROGRAM_FILES%]\Funcade

Registry Keys:
HKEY_LOCAL_MACHINE\software\exactadvertisingfuncade
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\exactadvertisingfuncade


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Easy.exe Trojan Information

Free.Keylogger.Common.Components Spyware

How To Remove Free.Keylogger.Common.Components?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Free.Keylogger.Common.Components is dangerous virus:
Spyware is computer software that is installed surreptitiously on a personal computer
to intercept or take partial control over the user's interaction
with the computer, without the user's informed consent.

While the term spyware suggests software that secretly monitors the user's behavior,
the functions of spyware extend well beyond simple monitoring.

Spyware programs can collect various types of personal information,
such as Internet surfing habit, sites that have been visited,
but can also interfere with user control of the computer in other ways,
such as installing additional software, redirecting Web browser activity,
accessing websites blindly that will cause more harmful viruses,
or diverting advertising revenue to a third party.

Spyware can even change computer settings, resulting in slow connection speeds,
different home pages, and loss of Internet or other programs.
In an attempt to increase the understanding of spyware, a more formal classification
of its included software types is captured under the term privacy-invasive software.


Free.Keylogger.Common.Components Symptoms:

Folders:
[%COMMON_PROGRAMS%]\Free Keylogger
[%PROGRAM_FILES%]\free keylogger

Registry Keys:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\free keylogger_is1

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Removing SC.KeyLog Spyware
VBS.Pluta Trojan Removal instruction
Bancos.HUJ Trojan Information

CyberPaky Trojan

How To Remove CyberPaky?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
CyberPaky is dangerous virus:
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Backdoors combine the functionality of most other types of in one package.
Backdoors have one especially dangerous sub-class: variants that can propagate like worms.

Some RAT trojans are pranks that are most likely being controlled by a friend or enemy on
April Fool's day or a holiday. Prank RATS are generally not harmful, and won't log keystrokes or hack.



CyberPaky It also known as:

[Kaspersky]Backdoor.CyberPaky.18;
[Eset]Win32/CyberPaky.18.A trojan;
[McAfee]BackDoor-ZU;
[F-Prot]security risk or a "backdoor" program;
[Panda]Backdoor Program.LC

CyberPaky Symptoms:

Files:
[%STARTUP%]\serv4.exe
[%WINDOWS%]\system\cyberpaky.exe
[%STARTUP%]\serv4.exe
[%WINDOWS%]\system\cyberpaky.exe


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
TPE Trojan Information
Pigeon.ASC Trojan Removal instruction
Remove Rip.Utils Trojan
counter.gratis.com Tracking Cookie Cleaner
Removing IRC.Floodz DoS

ISpyNow Trojan

How To Remove ISpyNow?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
ISpyNow is dangerous virus:
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Spyware programs can collect various types of personal information,
such as Internet surfing habit, sites that have been visited,
but can also interfere with user control of the computer in other ways,
such as installing additional software, redirecting Web browser activity,
accessing websites blindly that will cause more harmful viruses,
or diverting advertising revenue to a third party.
Backdoors combine the functionality of most other types of in one package.
Backdoors have one especially dangerous sub-class: variants that can propagate like worms.



ISpyNow It also known as:

[Kaspersky]Trojan.Spy.Justin,TrojanSpy.Win32.Justin;
[Eset]Win32/Spy.Justin.A trojan;
[McAfee]iSpyNOW;
[F-Prot]security risk or a "backdoor" program;
[Panda]Trj/Spy.Justin;
[Computer Associates]Win32/Justin.A!Spy!Trojan

ISpyNow Symptoms:

Files:
[%WINDOWS%]\ISNSYS.dll
[%WINDOWS%]\ISNSYS.dll

Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Fake.Studio.'99 Trojan Removal
Remove WinNT.HackerDefender.Rootkit.Tro Trojan

DlSyfoin Downloader

How To Remove DlSyfoin?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
DlSyfoin is dangerous virus:
Trojans-downloaders downloads and installs new malware or adware on the computer.



DlSyfoin It also known as:

[Kaspersky]Trojan-Downloader.Win32.Cryptic,Trojan-Downloader.Win32.Cryptic.ec,Trojan-Downloader.Win32.Cryptic.f;
[McAfee]Downloader-AZP;
[Other]Win32/DlSyfoin,Downloader.sniper,Win32/DlSyfoin.A,Win32/DlSyfoin.B

DlSyfoin Symptoms:

Files:
[%SYSTEM%]\iishelp.exe
[%SYSTEM%]\wdfmgr32.exe
[%SYSTEM%]\iishelp.exe
[%SYSTEM%]\wdfmgr32.exe

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Cosenza Trojan Information
Corrupted.Otto Trojan Information

Disquickl Adware

How To Remove Disquickl?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Disquickl is dangerous virus:
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer.



Disquickl It also known as:

[Kaspersky]AdWare.Win32.Suggestor.o,AdWare.win32.Suggestor.o;
[McAfee]Adware-LinkMaker;
[Other]Adware.LinkMaker,QuickLinks/Forethought,linkmaker,Win32/Ramkeni.A

Disquickl Symptoms:

Files:
[%SYSTEM%]\gbe90qs.exe
[%SYSTEM%]\jiub5f27y.hhy
[%SYSTEM%]\mksawrtal.amf
[%SYSTEM%]\nr1rnqm8.exe
[%SYSTEM%]\pixk5gp2.phy
[%SYSTEM%]\bdpn.exe
[%SYSTEM%]\fhsxc.exe
[%SYSTEM%]\fqgge.sty
[%SYSTEM%]\hvzead7v.exe
[%SYSTEM%]\iqrdy2c1.exe
[%SYSTEM%]\ssn6tuu.exe
[%SYSTEM%]\ubbv.dll
[%SYSTEM%]\v199.dll
[%SYSTEM%]\x3cqp0.dll
[%SYSTEM%]\yrwmhje.aka
[%SYSTEM%]\gbe90qs.exe
[%SYSTEM%]\jiub5f27y.hhy
[%SYSTEM%]\mksawrtal.amf
[%SYSTEM%]\nr1rnqm8.exe
[%SYSTEM%]\pixk5gp2.phy
[%SYSTEM%]\bdpn.exe
[%SYSTEM%]\fhsxc.exe
[%SYSTEM%]\fqgge.sty
[%SYSTEM%]\hvzead7v.exe
[%SYSTEM%]\iqrdy2c1.exe
[%SYSTEM%]\ssn6tuu.exe
[%SYSTEM%]\ubbv.dll
[%SYSTEM%]\v199.dll
[%SYSTEM%]\x3cqp0.dll
[%SYSTEM%]\yrwmhje.aka

Registry Keys:
HKEY_CLASSES_ROOT\CLSID\{AE0ECC2F-0C33-494C-8B22-B57A7763027F}
HKEY_CLASSES_ROOT\clsid\{da28e0db-229c-4003-827e-96ae15ad90fb}
HKEY_CLASSES_ROOT\fseytdc.ariaqudok
HKEY_CLASSES_ROOT\fseytdc.ariaqudok.1
HKEY_CLASSES_ROOT\fseytdc.yvakt
HKEY_CLASSES_ROOT\fseytdc.yvakt.1
HKEY_CLASSES_ROOT\interface\{34e97b51-ab15-419b-96d1-1b2469659004}
HKEY_CLASSES_ROOT\interface\{47f2b86d-82a1-44f5-a78b-136ac5496094}
HKEY_CLASSES_ROOT\interface\{cd929f93-9872-4ec0-87f4-63307447f9f8}
HKEY_CLASSES_ROOT\qhwrydhms.kweaj
HKEY_CLASSES_ROOT\typelib\{034c619c-216c-48d5-920f-a91c42e449fe}
HKEY_CLASSES_ROOT\typelib\{90aff1ef-c901-4991-8d61-5beea455e090}
HKEY_LOCAL_MACHINE\software\alxunhju
HKEY_LOCAL_MACHINE\software\ksr39sj5
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE0ECC2F-0C33-494C-8B22-B57A7763027F}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E5E2A3E7-00FE-4D31-A030-A10799DDCA66}
HKEY_CLASSES_ROOT\clsid\{00172ad1-f4bd-48c0-aeb5-a4cfe4638393}
HKEY_CLASSES_ROOT\clsid\{0f9a5f09-3bfd-40d3-85fe-36227430a374}
HKEY_CLASSES_ROOT\clsid\{5c3e6596-c64f-48e0-ac1e-b9c6eb3a5915}
HKEY_CLASSES_ROOT\clsid\{624a3cdb-8c0a-4902-8480-191582c8498e}
HKEY_CLASSES_ROOT\clsid\{ae0ecc2f-0c33-494c-8b22-b57a7763027f}
HKEY_CLASSES_ROOT\clsid\{b91a8e01-502d-4ef6-b0c4-7139709832ed}
HKEY_CLASSES_ROOT\clsid\{ba3ddc15-3ef1-4dc7-b9b6-ed0403f9422a}
HKEY_CLASSES_ROOT\clsid\{d332110e-3edb-417b-b8e2-297b61c074c6}
HKEY_CLASSES_ROOT\clsid\{d55e80b0-433d-442f-a524-060dea41dee0}
HKEY_CLASSES_ROOT\clsid\{dfe7d27e-c021-4c72-80f3-254b776e0992}
HKEY_CLASSES_ROOT\clsid\{f8d76886-fa88-4df6-8fbd-c02cf8c91c94}
HKEY_CLASSES_ROOT\fseytdc
HKEY_CLASSES_ROOT\interface\{19f34252-ae41-4948-a1fe-e5519ab20595}
HKEY_CLASSES_ROOT\interface\{2a06e07e-c850-4cd9-a488-48accfbece1d}
HKEY_CLASSES_ROOT\qhwrydhms
HKEY_CLASSES_ROOT\qhwrydhms.hrhx
HKEY_CLASSES_ROOT\typelib\{22481ecf-6213-4385-a287-e457b22e3a2e}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{00172ad1-f4bd-48c0-aeb5-a4cfe4638393}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{5c3e6596-c64f-48e0-ac1e-b9c6eb3a5915}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{ae0ecc2f-0c33-494c-8b22-b57a7763027f}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{dfe7d27e-c021-4c72-80f3-254b776e0992}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{e5e2a3e7-00fe-4d31-a030-a10799ddca66}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\ov2utpkh
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\pggia9wp
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\qn0xx
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\uyyb
HKEY_LOCAL_MACHINE\software\qjuwb
HKEY_LOCAL_MACHINE\software\wus7kvitb

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\s7kqhe
HKEY_CLASSES_ROOT\protocols\filter\text/html
HKEY_CLASSES_ROOT\protocols\filter\text/html
HKEY_CLASSES_ROOT\protocols\filter\text/html
HKEY_CLASSES_ROOT\protocols\filter\text/html
HKEY_LOCAL_MACHINE\software\bvbbvjbi
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\s7kqhe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\s7kqhe


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
ICQ.Toolz.Y2K.Special.Edition Trojan Cleaner
Oprobe Trojan Cleaner
Urname Hostile Code Symptoms
TrojanDownloader.Win32.Wiser Downloader Symptoms
Remove TKHO.com Tracking Cookie

Red.Spider RAT

How To Remove Red.Spider?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Red.Spider is dangerous virus:
Some RAT trojans are pranks that are most likely being controlled by a friend or enemy on
April Fool's day or a holiday. Prank RATS are generally not harmful, and won't log keystrokes or hack.



Red.Spider Symptoms:

Folders:
[%PROGRAM_FILES%]\easy's workshop\red spider

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Removing YazzleBundle Trojan
QScare.Casc.unp Trojan Removal instruction

Agent.AIA Trojan

How To Remove Agent.AIA?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Agent.AIA is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.


Agent.AIA Symptoms:

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Remove Skyfire.Spy Trojan
Removing TDPop Adware
Removing FastKill Trojan
Removing optimost.com Tracking Cookie
Pigeon.BBD Trojan Symptoms

MB.ShellSpy Spyware

How To Remove MB.ShellSpy?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
MB.ShellSpy is dangerous virus:
Spyware is computer software that is installed surreptitiously on a personal computer
to intercept or take partial control over the user's interaction
with the computer, without the user's informed consent.

While the term spyware suggests software that secretly monitors the user's behavior,
the functions of spyware extend well beyond simple monitoring.

Spyware programs can collect various types of personal information,
such as Internet surfing habit, sites that have been visited,
but can also interfere with user control of the computer in other ways,
such as installing additional software, redirecting Web browser activity,
accessing websites blindly that will cause more harmful viruses,
or diverting advertising revenue to a third party.

Spyware can even change computer settings, resulting in slow connection speeds,
different home pages, and loss of Internet or other programs.
In an attempt to increase the understanding of spyware, a more formal classification
of its included software types is captured under the term privacy-invasive software.


MB.ShellSpy Symptoms:

Files:
[%SYSTEM%]\MBShSpy.ocx
[%SYSTEM%]\MBShSpy.ocx


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Removing Kapart Trojan
Pigeon.AXH Trojan Removal instruction
Remove thegeoguide.com Tracking Cookie

Tedon Trojan

How To Remove Tedon?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Tedon is dangerous virus:
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.


Tedon It also known as:

[Other]Win32/Tedon,Win32/Tedon.A

Tedon Symptoms:

Files:
[%PROGRAM_FILES%]\Windows NT\LSASS.EXE
[%PROGRAM_FILES%]\Windows NT\SVCHOST.EXE
[%PROGRAM_FILES%]\Windows NT\LSASS.EXE
[%PROGRAM_FILES%]\Windows NT\SVCHOST.EXE


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Remove KPass DoS

Bancos.INN Trojan

How To Remove Bancos.INN?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Bancos.INN is dangerous virus:
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.


Bancos.INN It also known as:

[Kaspersky]Trojan-Downloader.Win32.Banload.eta;
[McAfee]PWS-Banker

Bancos.INN Symptoms:

Files:
[%WINDOWS%]\svc\downcompleto.txt
[%WINDOWS%]\svc\eraumavez.bat
[%WINDOWS%]\svc\downcompleto.txt
[%WINDOWS%]\svc\eraumavez.bat

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Small.ab Trojan Removal
Youth Trojan Symptoms
Tiffy Trojan Removal instruction
Bancos.CVD Trojan Removal

SearchCentrix Trojan

How To Remove SearchCentrix?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
SearchCentrix is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
BHO (Browser Helper Object) Trojan.
The BHO waits for the user to post personal information to a monitored website.
As this information is entered by the user, it is captured by the BHO and sent back to the attacker.
The method of network transport used by the attacker makes this Trojan unique.
Typically, keyloggers of this type will send the stolen information back to the attacker via email
or HTTP POST, which can appear suspicious.
Instead, this Trojan encodes the data with a simple XOR algorithm before placing it into
the data section of an ICMP ping packet." explained the company.
A desktop hijacker replaces the desktop wallpaper with advertising
for products and services on the desktop.
Toolbar presents itself as a helpful add-on for Internet Explorer but it is a real pest.
It replaces your start page, continuosly open a number of pop up windows and so on.


SearchCentrix It also known as:

[Kaspersky]Trojan.Win32.Revop.c,Trojan-Downloader.Win32.Stubby.d;
[Eset]Win32/Revop.C trojan;
[Panda]Spyware/Searchcentrix,Trj/Revop.F;
[Computer Associates]Win32.BettInet.D,Win32.SillyDl.DB,Win32/SillyDL.DB!Trojan

SearchCentrix Symptoms:

Files:
[%PROFILE_TEMP%]\satmat.inf
[%SYSTEM%]\ifhelper.dll
[%WINDOWS%]\satmat.exe
[%SYSTEM%]\
[%SYSTEM%]\spoolsvv.exe
[%PROGRAM_FILES%]\ieshnv.ini
[%SYSTEM%]\gssomatic.dll
[%SYSTEM%]\ifsomatic.dll
[%SYSTEM%]\pqhelper.dll
[%SYSTEM%]\s4helper.dll
[%SYSTEM%]\seantb.dll
[%WINDOWS%]\system\barbho.dll
[%WINDOWS%]\system\ifsomatic.dll
[%WINDOWS%]\system\wzhelper.dll
[%PROFILE_TEMP%]\satmat.inf
[%SYSTEM%]\ifhelper.dll
[%WINDOWS%]\satmat.exe
[%SYSTEM%]\
[%SYSTEM%]\spoolsvv.exe
[%PROGRAM_FILES%]\ieshnv.ini
[%SYSTEM%]\gssomatic.dll
[%SYSTEM%]\ifsomatic.dll
[%SYSTEM%]\pqhelper.dll
[%SYSTEM%]\s4helper.dll
[%SYSTEM%]\seantb.dll
[%WINDOWS%]\system\barbho.dll
[%WINDOWS%]\system\ifsomatic.dll
[%WINDOWS%]\system\wzhelper.dll

Folders:
[%PROGRAM_FILES%]\dynamic toolbar\wzhelper\cache

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{3646c2bd-3554-49ca-8125-44deefb881de}
HKEY_CLASSES_ROOT\clsid\{3f4d4f88-0198-4921-b630-957f3eb814e0}
HKEY_LOCAL_MACHINE\software\classes\clsid\{3646c2bd-3554-49ca-8125-44deefb881de}
HKEY_LOCAL_MACHINE\software\classes\clsid\{3f4d4f88-0198-4921-b630-957f3eb814e0}
HKEY_CLASSES_ROOT\barbho.class1
HKEY_CLASSES_ROOT\clsid\{4e7bd74f-2b8d-469e-96f7-eb6db99aa92e}
HKEY_CLASSES_ROOT\clsid\{4e7bd74f-2b8d-469e-98f7-eb6db99aa93b}
HKEY_CLASSES_ROOT\clsid\{4e7bd74f-2b8d-469e-c0fb-ef60b19da02a}
HKEY_CLASSES_ROOT\clsid\{4e7bd74f-2b8d-469e-c0fb-ef60b19dab2d}
HKEY_CLASSES_ROOT\clsid\{4e7bd74f-2b8d-469e-c0fb-ef60b19dbc34}
HKEY_CLASSES_ROOT\clsid\{4e7bd74f-2b8d-469e-c0fb-ef60b19dce2e}
HKEY_CLASSES_ROOT\clsid\{4e7bd74f-2b8d-469e-d0ea-f16db186fa7d}
HKEY_CLASSES_ROOT\clsid\{c258eaa1-f9fe-491e-b8ff-ce9af7a7aff5}
HKEY_CLASSES_ROOT\clsid\{c431bf1e-9e71-4bb6-9c4e-8496d158db1f}
HKEY_CLASSES_ROOT\clsid\{cd2a865b-6c0f-44f9-baa1-7cdb31e04bc8}
HKEY_CLASSES_ROOT\interface\{7bd45240-7166-4768-a845-8ce375c5e096}
HKEY_CLASSES_ROOT\interface\{831975b3-13a0-4da4-aa6f-6c427175c30e}
HKEY_CLASSES_ROOT\interface\{9f9d3d1f-e697-4a86-90c7-58cecf6a2634}
HKEY_CLASSES_ROOT\interface\{c}
HKEY_CLASSES_ROOT\mygeek.com
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{4e7bd74f-2b8d-469e-98f7-eb6db99aa93b}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{4e7bd74f-2b8d-469e-c0fb-ef60b19da02a}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{4e7bd74f-2b8d-469e-c0fb-ef60b19dbc34}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{cd2a865b-6c0f-44f9-baa1-7cdb31e04bc8}
HKEY_CLASSES_ROOT\typelib\{47d616a1-b588-45d1-ad71-33ac15fb6940}
HKEY_CLASSES_ROOT\typelib\{48977f6e-4120-4f88-8c4b-a6399bd0dd08}
HKEY_CLASSES_ROOT\typelib\{d1020ad1-3754-4c54-bf4d-ea01652ec4be}
HKEY_CURRENT_USER\software\microsoft\internet explorer\explorer bars\{c431bf1e-9e71-4bb6-9c4e-8496d158db1f}
HKEY_LOCAL_MACHINE\software\classes\clsid\{4e7bd74f-2b8d-469e-96f7-eb6db99aa92e}
HKEY_LOCAL_MACHINE\software\classes\clsid\{4e7bd74f-2b8d-469e-98f7-eb6db99aa93b}
HKEY_LOCAL_MACHINE\software\classes\clsid\{4e7bd74f-2b8d-469e-c0fb-ef60b19dab2d}
HKEY_LOCAL_MACHINE\software\classes\clsid\{4e7bd74f-2b8d-469e-c0fb-ef60b19dbc34}
HKEY_LOCAL_MACHINE\software\classes\clsid\{4e7bd74f-2b8d-469e-c0fb-ef60b19dce2e}
HKEY_LOCAL_MACHINE\software\classes\clsid\{4e7bd74f-2b8d-469e-d0ea-f16db186fa7d}
HKEY_LOCAL_MACHINE\software\classes\clsid\{c258eaa1-f9fe-491e-b8ff-ce9af7a7aff5}
HKEY_LOCAL_MACHINE\software\classes\gssomatic.gssomatic
HKEY_LOCAL_MACHINE\software\classes\interface\{831975b3-13a0-4da4-aa6f-6c427175c30e}
HKEY_LOCAL_MACHINE\software\classes\pqhelper.pqhelper
HKEY_LOCAL_MACHINE\software\classes\s4helper.s4helper
HKEY_LOCAL_MACHINE\software\classes\seantb.seantb
HKEY_LOCAL_MACHINE\software\classes\somatic.somatic
HKEY_LOCAL_MACHINE\software\classes\spoolsvv.class1
HKEY_LOCAL_MACHINE\software\classes\typelib\{d1020ad1-3754-4c54-bf4d-ea01652ec4be}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{4e7bd74f-2b8d-469e-98f7-eb6db99aa93b}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{4e7bd74f-2b8d-469e-c0fb-ef60b19da02a}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{4e7bd74f-2b8d-469e-c0fb-ef60b19dbc34}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{cd2a865b-6c0f-44f9-baa1-7cdb31e04bc8}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\expand search_is1

Registry Values:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\software\dynamic toolbar\gssomatic
HKEY_CURRENT_USER\software\dynamic toolbar\pqhelper\reports\38209
HKEY_CURRENT_USER\software\dynamic toolbar\pqhelper\reports\38209
HKEY_CURRENT_USER\software\dynamic toolbar\wzhelper
HKEY_CURRENT_USER\software\dynamic toolbar\wzhelper
HKEY_CURRENT_USER\software\dynamic toolbar\wzhelper\reports\38209
HKEY_CURRENT_USER\software\dynamic toolbar\wzhelper\reports\38209
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\streams\145
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_CURRENT_USER\software\vb and vba program settings\mygeek\engines
HKEY_CURRENT_USER\software\vb and vba program settings\mygeek\engines
HKEY_CURRENT_USER\software\vb and vba program settings\mygeek\engines
HKEY_CURRENT_USER\software\vb and vba program settings\mygeek\engines
HKEY_CURRENT_USER\software\vb and vba program settings\mygeek\engines
HKEY_CURRENT_USER\software\vb and vba program settings\mygeek\engines
HKEY_CURRENT_USER\software\vb and vba program settings\mygeek\engines
HKEY_CURRENT_USER\software\vb and vba program settings\mygeek\engines
HKEY_CURRENT_USER\software\vb and vba program settings\mygeek\engines
HKEY_CURRENT_USER\software\vb and vba program settings\mygeek\settings
HKEY_CURRENT_USER\software\vb and vba program settings\mygeek\settings
HKEY_CURRENT_USER\software\vb and vba program settings\mygeek\settings
HKEY_CURRENT_USER\software\vb and vba program settings\mygeek\settings
HKEY_CURRENT_USER\software\vb and vba program settings\s_girl\thread
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\shnv
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\st6unst #2
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\st6unst #3


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
No.Hope Trojan Removal instruction
Corzor Downloader Symptoms
Attackthread Hostile Code Symptoms
Chinese_Keywords Adware Removal instruction

Joiner Trojan

How To Remove Joiner?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
Joiner is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.
Hacker Tools are designed to penetrate remote computers
in order to use them as zombies or to download other malicious programs to computer.


Joiner It also known as:

[Kaspersky]TrojanDropper.Win32.FC.a;
[F-Prot]security risk or a "backdoor" program;
[Panda]Trojan Horse.LC,Trj/Joiner.P;
[Computer Associates]Win32.Joiner.AA,Win32/MultiDropper.AF-0!Dropper,Win32.Joiner.Z,Win32/Joiner.Z!Joiner,Win32.Joiner.P,Win32/Joiner.P!Trojan,Win32.Joiner.R,Win32/Joiner.R!Dropper

Joiner Symptoms:

Files:
[%SYSTEM%]\Shex.exe
[%SYSTEM%]\Shex.exe


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Removing OpenSite Adware
Removing Mexhetm Downloader
Remove Covert.Sys.Exec Trojan
PECarlin Adware Information
Naras Trojan Removal instruction

H04x3r.Telnet.Server Trojan

How To Remove H04x3r.Telnet.Server?
You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
H04x3r.Telnet.Server is dangerous virus:
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.


H04x3r.Telnet.Server Symptoms:

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run


You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.

Also Be Aware of the Following Threats:
Remove WatchPorn Trojan