Friday, December 12, 2008

Guardian Trojan

Guardian malware description and removal detail
Categories:Trojan,DoS

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Removing Guardian:

An up-to-date copy of ExterminateIt should detect and prevent infection from Guardian.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove Guardian manually.

To completely manually remove Guardian malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Guardian.

  1. Use Task Manager to terminate the Guardian process.
  2. Delete the original Guardian file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes Guardian from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of Guardian!


Also Be Aware of the Following Threats:
Small.jf Trojan Removal

Optix.Server.family Trojan

Optix.Server.family malware description and removal detail
Categories:Trojan,Backdoor
Also known as:

[Eset]Win32/Optix.Pro.10.B trojan,Win32/Optix.12 trojan;
[Computer Associates]Backdoor/Optix Server family,Backdoor/OptixPro.12.Server,Win32.OptixPro.12

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Removing Optix.Server.family:

An up-to-date copy of ExterminateIt should detect and prevent infection from Optix.Server.family.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove Optix.Server.family manually.

To completely manually remove Optix.Server.family malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Optix.Server.family.

  1. Use Task Manager to terminate the Optix.Server.family process.
  2. Delete the original Optix.Server.family file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes Optix.Server.family from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of Optix.Server.family!


Also Be Aware of the Following Threats:
Pigeon.AVFQ Trojan Symptoms
Removing XCP.Sony.SP2 Trojan
Axload Downloader Cleaner
Diedix Trojan Removal
SillyDl.CLZ Trojan Removal

Pigeon.AAR Trojan

Pigeon.AAR malware description and removal detail
Categories:Trojan

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Removing Pigeon.AAR:

An up-to-date copy of ExterminateIt should detect and prevent infection from Pigeon.AAR.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove Pigeon.AAR manually.

To completely manually remove Pigeon.AAR malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Pigeon.AAR.

  1. Use Task Manager to terminate the Pigeon.AAR process.
  2. Delete the original Pigeon.AAR file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes Pigeon.AAR from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of Pigeon.AAR!


Also Be Aware of the Following Threats:
Win32.CybWar DoS Removal
UltraKeyboard Spyware Symptoms
Removing Fixob Trojan

Tag Trojan

Tag malware description and removal detail
Categories:Trojan
Also known as:

[Kaspersky]Trojan.Tag;
[Panda]Trj/Tag.A;
[Computer Associates]TurboBrain!Trojan

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Removing Tag:

An up-to-date copy of ExterminateIt should detect and prevent infection from Tag.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove Tag manually.

To completely manually remove Tag malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Tag.

  1. Use Task Manager to terminate the Tag process.
  2. Delete the original Tag file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes Tag from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of Tag!


Also Be Aware of the Following Threats:
Downloader.AYQ Trojan Symptoms
Music.Player Spyware Cleaner
Stopit Trojan Removal instruction

Delf.ne Downloader

Delf.ne malware description and removal detail
Categories:Downloader

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Removing Delf.ne:

An up-to-date copy of ExterminateIt should detect and prevent infection from Delf.ne.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove Delf.ne manually.

To completely manually remove Delf.ne malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Delf.ne.

  1. Use Task Manager to terminate the Delf.ne process.
  2. Delete the original Delf.ne file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes Delf.ne from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of Delf.ne!


Also Be Aware of the Following Threats:
Vxidl.AOJ Trojan Removal instruction
Remove TrojanDownloader.Win32.Small.qt Downloader
Spy.SCKeyLog Trojan Cleaner
Delf.md Downloader Removal

Bancos.IEC Trojan

Bancos.IEC malware description and removal detail
Categories:Trojan
Also known as:

[F-Prot]W32/Agent.DMW;
[Other]Win32/Bancos.IEC

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Removing Bancos.IEC:

An up-to-date copy of ExterminateIt should detect and prevent infection from Bancos.IEC.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove Bancos.IEC manually.

To completely manually remove Bancos.IEC malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Bancos.IEC.

  1. Use Task Manager to terminate the Bancos.IEC process.
  2. Delete the original Bancos.IEC file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes Bancos.IEC from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of Bancos.IEC!


Also Be Aware of the Following Threats:
Removing Server Trojan
Remove Frethog.ACQ Trojan
Removing Pigeon.ECL Trojan

DoS.BZ2 Trojan

DoS.BZ2 malware description and removal detail
Categories:Trojan
Also known as:

[McAfee]DoS-BZ2

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Removing DoS.BZ2:

An up-to-date copy of ExterminateIt should detect and prevent infection from DoS.BZ2.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove DoS.BZ2 manually.

To completely manually remove DoS.BZ2 malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with DoS.BZ2.

  1. Use Task Manager to terminate the DoS.BZ2 process.
  2. Delete the original DoS.BZ2 file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes DoS.BZ2 from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of DoS.BZ2!


Also Be Aware of the Following Threats:
homepagecell.com Hijacker Symptoms
Lioten Trojan Information
Pigeon.ADU Trojan Symptoms
PSW.Lmir.fg Trojan Removal instruction
Zlob.Fam.MovieBox Trojan Cleaner

Reni Trojan

Reni malware description and removal detail
Categories:Trojan,Backdoor
Also known as:

[Kaspersky]Backdoor.Reni.b;
[Panda]Backdoor Program;
[Computer Associates]Backdoor/Reni.b!Server,JS.CodeBase!exploit,JScript/CodeBase!Exploit

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Removing Reni:

An up-to-date copy of ExterminateIt should detect and prevent infection from Reni.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove Reni manually.

To completely manually remove Reni malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Reni.

  1. Use Task Manager to terminate the Reni process.
  2. Delete the original Reni file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes Reni from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of Reni!


Also Be Aware of the Following Threats:
Pigeon.AYH Trojan Cleaner
Win32.Netsnake Backdoor Symptoms

MediaCharger\MoviePlace Adware

MediaCharger\MoviePlace malware description and removal detail
Categories:Adware
Visible Symptoms:
Files in system folders:
[%PROGRAMS%]\iopus password recovery xp\help manual.lnk
[%PROGRAMS%]\iopus password recovery xp\iopus password recovery xp.lnk
[%PROGRAMS%]\iopus password recovery xp\license.lnk
[%PROGRAMS%]\iopus password recovery xp\uninstall.lnk
[%PROGRAM_FILES%]\movieplace\movieplace.exe
[%WINDOWS%]\temp\icd3.tmp\activeinstall.dll
[%PROGRAMS%]\iopus password recovery xp\help manual.lnk
[%PROGRAMS%]\iopus password recovery xp\iopus password recovery xp.lnk
[%PROGRAMS%]\iopus password recovery xp\license.lnk
[%PROGRAMS%]\iopus password recovery xp\uninstall.lnk
[%PROGRAM_FILES%]\movieplace\movieplace.exe
[%WINDOWS%]\temp\icd3.tmp\activeinstall.dll

In order to ensure that the MediaCharger\MoviePlace is launched automatically each time the system is booted, the MediaCharger\MoviePlace adds a link to its executable file in the system registry:
HKLM\Microsoft\Windows\CurrentVersion\Run
[%PROGRAM_FILES%]\movieplace\movieplace.exe

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Detecting MediaCharger\MoviePlace:

Files:
[%PROGRAMS%]\iopus password recovery xp\help manual.lnk
[%PROGRAMS%]\iopus password recovery xp\iopus password recovery xp.lnk
[%PROGRAMS%]\iopus password recovery xp\license.lnk
[%PROGRAMS%]\iopus password recovery xp\uninstall.lnk
[%PROGRAM_FILES%]\movieplace\movieplace.exe
[%WINDOWS%]\temp\icd3.tmp\activeinstall.dll
[%PROGRAMS%]\iopus password recovery xp\help manual.lnk
[%PROGRAMS%]\iopus password recovery xp\iopus password recovery xp.lnk
[%PROGRAMS%]\iopus password recovery xp\license.lnk
[%PROGRAMS%]\iopus password recovery xp\uninstall.lnk
[%PROGRAM_FILES%]\movieplace\movieplace.exe
[%WINDOWS%]\temp\icd3.tmp\activeinstall.dll

Folders:
[%DESKTOP%]\iopus password recovery xp.lnk
[%PROFILE%]\start menu\programs\iopus password recovery xp
[%PROGRAM_FILES%]\iopus password recovery xp

Registry Keys:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\iopus password recovery xp

Registry Values:
HKEY_LOCAL_MACHINE\software\iopuspasswordrecovery\info
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\the silicon realms toolworks\armadillo

Removing MediaCharger\MoviePlace:

An up-to-date copy of ExterminateIt should detect and prevent infection from MediaCharger\MoviePlace.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove MediaCharger\MoviePlace manually.

To completely manually remove MediaCharger\MoviePlace malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with MediaCharger\MoviePlace.

  1. Use Task Manager to terminate the MediaCharger\MoviePlace process.
  2. Delete the original MediaCharger\MoviePlace file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes MediaCharger\MoviePlace from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of MediaCharger\MoviePlace!


Also Be Aware of the Following Threats:
Removing FearlessLite Backdoor
Lospad Trojan Removal instruction
Small.chg Downloader Symptoms

Coolgame Trojan

Coolgame malware description and removal detail
Categories:Trojan
Also known as:

[Panda]Trj/CoolGame;
[Computer Associates]Coolgame!Trojan,CoolGame.A

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Removing Coolgame:

An up-to-date copy of ExterminateIt should detect and prevent infection from Coolgame.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove Coolgame manually.

To completely manually remove Coolgame malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Coolgame.

  1. Use Task Manager to terminate the Coolgame process.
  2. Delete the original Coolgame file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes Coolgame from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of Coolgame!


Also Be Aware of the Following Threats:
Removing Math.Test Trojan

Theef.LE.Patch RAT

Theef.LE.Patch malware description and removal detail
Categories:RAT

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Removing Theef.LE.Patch:

An up-to-date copy of ExterminateIt should detect and prevent infection from Theef.LE.Patch.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove Theef.LE.Patch manually.

To completely manually remove Theef.LE.Patch malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Theef.LE.Patch.

  1. Use Task Manager to terminate the Theef.LE.Patch process.
  2. Delete the original Theef.LE.Patch file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes Theef.LE.Patch from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of Theef.LE.Patch!


Also Be Aware of the Following Threats:
MAD.Morose.MiniMad.based RAT Information
IKX Trojan Information
ClubMomLinks Tracking Cookie Cleaner
Train Trojan Removal instruction
Halflifes.little.tcp.dumper.program Trojan Information

SmartMoney.com Tracking Cookie

SmartMoney.com malware description and removal detail
Categories:Tracking Cookie

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Removing SmartMoney.com:

An up-to-date copy of ExterminateIt should detect and prevent infection from SmartMoney.com.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove SmartMoney.com manually.

To completely manually remove SmartMoney.com malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with SmartMoney.com.

  1. Use Task Manager to terminate the SmartMoney.com process.
  2. Delete the original SmartMoney.com file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes SmartMoney.com from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of SmartMoney.com!


Also Be Aware of the Following Threats:
Zetronic RAT Removal
revsci.net Tracking Cookie Symptoms
Bancos.GXO Trojan Information
Adopt.Hotbar.com Tracking Cookie Removal instruction

Performance.Optimizer Ransomware

Performance.Optimizer malware description and removal detail
Categories:Ransomware

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Detecting Performance.Optimizer:

Folders:
[%PROGRAMS%]\Performance Optimizer
[%PROGRAM_FILES%]\Performanceoptimizer (Free)

Registry Keys:
HKEY_CURRENT_USER\software\performanceoptimizer
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\performance optimizer (trial version)
HKEY_LOCAL_MACHINE\software\performanceoptimizer

Removing Performance.Optimizer:

An up-to-date copy of ExterminateIt should detect and prevent infection from Performance.Optimizer.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove Performance.Optimizer manually.

To completely manually remove Performance.Optimizer malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Performance.Optimizer.

  1. Use Task Manager to terminate the Performance.Optimizer process.
  2. Delete the original Performance.Optimizer file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes Performance.Optimizer from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of Performance.Optimizer!


Also Be Aware of the Following Threats:
Taladrator.public Trojan Symptoms

Bancos.HFS Trojan

Bancos.HFS malware description and removal detail
Categories:Trojan

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Removing Bancos.HFS:

An up-to-date copy of ExterminateIt should detect and prevent infection from Bancos.HFS.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove Bancos.HFS manually.

To completely manually remove Bancos.HFS malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Bancos.HFS.

  1. Use Task Manager to terminate the Bancos.HFS process.
  2. Delete the original Bancos.HFS file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes Bancos.HFS from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of Bancos.HFS!


Also Be Aware of the Following Threats:
ErrorDoctor Ransomware Cleaner
AntiLamer.Light Trojan Cleaner
Agent.cu Downloader Symptoms
BAT.Filler Trojan Symptoms

Subclone Trojan

Subclone malware description and removal detail
Categories:Trojan

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Removing Subclone:

An up-to-date copy of ExterminateIt should detect and prevent infection from Subclone.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove Subclone manually.

To completely manually remove Subclone malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Subclone.

  1. Use Task Manager to terminate the Subclone process.
  2. Delete the original Subclone file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes Subclone from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of Subclone!


Also Be Aware of the Following Threats:
Toxic1 Trojan Removal
Hitchcock Trojan Removal
Win32.BO2K.Plugin.Aes Trojan Cleaner
Almanahe Trojan Removal

Xupiter.Xjupiter Hijacker

Xupiter.Xjupiter malware description and removal detail
Categories:Hijacker
Visible Symptoms:
Files in system folders:
[%PROFILE_TEMP%]\winmain.exe
[%PROFILE_TEMP%]\winmain.exe

In order to ensure that the Xupiter.Xjupiter is launched automatically each time the system is booted, the Xupiter.Xjupiter adds a link to its executable file in the system registry:
HKLM\Microsoft\Windows\CurrentVersion\Run
[%PROFILE_TEMP%]\winmain.exe

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Detecting Xupiter.Xjupiter:

Files:
[%PROFILE_TEMP%]\winmain.exe
[%PROFILE_TEMP%]\winmain.exe

Folders:
[%PROGRAM_FILES%]\xjupiter

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{266f948a-3dee-4270-8f55-e79accd569fa}

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing Xupiter.Xjupiter:

An up-to-date copy of ExterminateIt should detect and prevent infection from Xupiter.Xjupiter.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove Xupiter.Xjupiter manually.

To completely manually remove Xupiter.Xjupiter malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Xupiter.Xjupiter.

  1. Use Task Manager to terminate the Xupiter.Xjupiter process.
  2. Delete the original Xupiter.Xjupiter file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes Xupiter.Xjupiter from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of Xupiter.Xjupiter!


Also Be Aware of the Following Threats:
Removing HelpControl!exploit Trojan
Remove Bancos.GYB Trojan

SillyDl.DEO Downloader

SillyDl.DEO malware description and removal detail
Categories:Downloader
Also known as:

[Kaspersky]Trojan-Downlaoder.Win32.Small.eqn;
[McAfee]Downloader-BCF;
[Other]Win32SillyDl.DEO

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Removing SillyDl.DEO:

An up-to-date copy of ExterminateIt should detect and prevent infection from SillyDl.DEO.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove SillyDl.DEO manually.

To completely manually remove SillyDl.DEO malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with SillyDl.DEO.

  1. Use Task Manager to terminate the SillyDl.DEO process.
  2. Delete the original SillyDl.DEO file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes SillyDl.DEO from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of SillyDl.DEO!


Also Be Aware of the Following Threats:
SillyDl.CCI Trojan Information
VirusBurster Ransomware Symptoms
Windupdates.Media.Pass Adware Cleaner
VB.in Trojan Removal
MSN.Furax Trojan Removal instruction

TIBS Trojan

TIBS malware description and removal detail
Categories:Trojan,Adware,Backdoor,Downloader
Also known as:

[Kaspersky]Trojan-Downloader.Win32.Tibs.im,Trojan-Downloader.Win32.Small.cwj,Email-Worm.Win32.Zhelatin.bw,Packed.Win32.Tibs.w,Trojan-Downloader.Win32.Tibs.pk;
[McAfee]Generic Downloader.q,BraveSentry;
[F-Prot]W32/EmailWorm.IRB;
[Panda]Dialer.DU;
[Other]Win32/Tibs!generic,W32/DLoader.CBPU,W32/DLoader.CBPT,W32/Tibs.VWN,Trojan.Packed.13,Worm:Win32/Nuwar.gen,Mal/EncPk-E,Trojan.Vxgame.z,members area dialer,TrojanDownloader:Win32/Tibs.L,W32/Tibs.gen92,TrojanDownloader:Win32/Tibs

Visible Symptoms:
Files in system folders:
[%PROFILE_TEMP%]\1.dllb
[%PROFILE_TEMP%]\2.dllb
[%PROFILE_TEMP%]\5.dllb
[%PROFILE_TEMP%]\6.dllb
[%PROFILE_TEMP%]\7.dllb
[%PROFILE_TEMP%]\qv3xt3.game
[%PROFILE_TEMP%]\qvxt34.game
[%PROFILE_TEMP%]\qvxt42.game
[%SYSTEM%]\dlh9jkd1q1.exe
[%SYSTEM%]\dlh9jkd1q2.exe
[%SYSTEM%]\dlh9jkd1q5.exe
[%SYSTEM%]\dlh9jkd1q6.exe
[%SYSTEM%]\dlh9jkd1q7.exe
[%SYSTEM%]\dlh9jkd1q8.exe
[%SYSTEM%]\dsuiexq.dll
[%SYSTEM%]\ma.exe.exe
[%PROFILE_TEMP%]\ixqlsxgh.exe
[%PROFILE_TEMP%]\ma1xdd1.game
[%SYSTEM%]\bofhn32.dll
[%SYSTEM%]\cubtzv32.dll
[%SYSTEM%]\hdefvz.sys
[%SYSTEM%]\kfejwmi.dll
[%SYSTEM%]\max1d641.exe
[%SYSTEM%]\qvx5gamet2.exe
[%SYSTEM%]\qvxga6met3.exe
[%SYSTEM%]\ufypth.dll
[%SYSTEM%]\usjbgwl.dll
[%PROFILE_TEMP%]\1.dllb
[%PROFILE_TEMP%]\2.dllb
[%PROFILE_TEMP%]\5.dllb
[%PROFILE_TEMP%]\6.dllb
[%PROFILE_TEMP%]\7.dllb
[%PROFILE_TEMP%]\qv3xt3.game
[%PROFILE_TEMP%]\qvxt34.game
[%PROFILE_TEMP%]\qvxt42.game
[%SYSTEM%]\dlh9jkd1q1.exe
[%SYSTEM%]\dlh9jkd1q2.exe
[%SYSTEM%]\dlh9jkd1q5.exe
[%SYSTEM%]\dlh9jkd1q6.exe
[%SYSTEM%]\dlh9jkd1q7.exe
[%SYSTEM%]\dlh9jkd1q8.exe
[%SYSTEM%]\dsuiexq.dll
[%SYSTEM%]\ma.exe.exe
[%PROFILE_TEMP%]\ixqlsxgh.exe
[%PROFILE_TEMP%]\ma1xdd1.game
[%SYSTEM%]\bofhn32.dll
[%SYSTEM%]\cubtzv32.dll
[%SYSTEM%]\hdefvz.sys
[%SYSTEM%]\kfejwmi.dll
[%SYSTEM%]\max1d641.exe
[%SYSTEM%]\qvx5gamet2.exe
[%SYSTEM%]\qvxga6met3.exe
[%SYSTEM%]\ufypth.dll
[%SYSTEM%]\usjbgwl.dll

In order to ensure that the TIBS is launched automatically each time the system is booted, the TIBS adds a link to its executable file in the system registry:
HKLM\Microsoft\Windows\CurrentVersion\Run
[%SYSTEM%]\dlh9jkd1q1.exe
[%SYSTEM%]\dlh9jkd1q2.exe
[%SYSTEM%]\dlh9jkd1q5.exe
[%SYSTEM%]\dlh9jkd1q6.exe
[%SYSTEM%]\dlh9jkd1q7.exe
[%SYSTEM%]\dlh9jkd1q8.exe
[%SYSTEM%]\ma.exe.exe
[%PROFILE_TEMP%]\ixqlsxgh.exe
[%SYSTEM%]\max1d641.exe
[%SYSTEM%]\qvx5gamet2.exe
[%SYSTEM%]\qvxga6met3.exe

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Detecting TIBS:

Files:
[%PROFILE_TEMP%]\1.dllb
[%PROFILE_TEMP%]\2.dllb
[%PROFILE_TEMP%]\5.dllb
[%PROFILE_TEMP%]\6.dllb
[%PROFILE_TEMP%]\7.dllb
[%PROFILE_TEMP%]\qv3xt3.game
[%PROFILE_TEMP%]\qvxt34.game
[%PROFILE_TEMP%]\qvxt42.game
[%SYSTEM%]\dlh9jkd1q1.exe
[%SYSTEM%]\dlh9jkd1q2.exe
[%SYSTEM%]\dlh9jkd1q5.exe
[%SYSTEM%]\dlh9jkd1q6.exe
[%SYSTEM%]\dlh9jkd1q7.exe
[%SYSTEM%]\dlh9jkd1q8.exe
[%SYSTEM%]\dsuiexq.dll
[%SYSTEM%]\ma.exe.exe
[%PROFILE_TEMP%]\ixqlsxgh.exe
[%PROFILE_TEMP%]\ma1xdd1.game
[%SYSTEM%]\bofhn32.dll
[%SYSTEM%]\cubtzv32.dll
[%SYSTEM%]\hdefvz.sys
[%SYSTEM%]\kfejwmi.dll
[%SYSTEM%]\max1d641.exe
[%SYSTEM%]\qvx5gamet2.exe
[%SYSTEM%]\qvxga6met3.exe
[%SYSTEM%]\ufypth.dll
[%SYSTEM%]\usjbgwl.dll
[%PROFILE_TEMP%]\1.dllb
[%PROFILE_TEMP%]\2.dllb
[%PROFILE_TEMP%]\5.dllb
[%PROFILE_TEMP%]\6.dllb
[%PROFILE_TEMP%]\7.dllb
[%PROFILE_TEMP%]\qv3xt3.game
[%PROFILE_TEMP%]\qvxt34.game
[%PROFILE_TEMP%]\qvxt42.game
[%SYSTEM%]\dlh9jkd1q1.exe
[%SYSTEM%]\dlh9jkd1q2.exe
[%SYSTEM%]\dlh9jkd1q5.exe
[%SYSTEM%]\dlh9jkd1q6.exe
[%SYSTEM%]\dlh9jkd1q7.exe
[%SYSTEM%]\dlh9jkd1q8.exe
[%SYSTEM%]\dsuiexq.dll
[%SYSTEM%]\ma.exe.exe
[%PROFILE_TEMP%]\ixqlsxgh.exe
[%PROFILE_TEMP%]\ma1xdd1.game
[%SYSTEM%]\bofhn32.dll
[%SYSTEM%]\cubtzv32.dll
[%SYSTEM%]\hdefvz.sys
[%SYSTEM%]\kfejwmi.dll
[%SYSTEM%]\max1d641.exe
[%SYSTEM%]\qvx5gamet2.exe
[%SYSTEM%]\qvxga6met3.exe
[%SYSTEM%]\ufypth.dll
[%SYSTEM%]\usjbgwl.dll

Registry Keys:
HKEY_CLASSES_ROOT\CLSID\{00009E9F-DDD7-AA59-AA7D-AA4B7D6BE000}
HKEY_CLASSES_ROOT\CLSID\{2C1CD3D7-86AC-4068-93BC-A02304B60787}
HKEY_CURRENT_USER\software\adwaredisablekey4
HKEY_LOCAL_MACHINE\software\adwaredisablekey4
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00009E9F-DDD7-AA59-AA7D-AA4B7D6BE000}
HKEY_CLASSES_ROOT\clsid\{2c1cd3d7-86ac-4068-93bc-a02304b60787}
HKEY_CLASSES_ROOT\clsid\{4f67b44e-7ba5-aef4-828e-074034113a82}
HKEY_CURRENT_USER\clsid\{f862b760-0a21-1033-0729-0529050001}
HKEY_CURRENT_USER\software\classes\clsid\{f862b760-0a21-1033-0729-0529050001}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{4f67b44e-7ba5-aef4-828e-074034113a82}

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\a3dxq
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\a3dxq
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\a3dxq
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\a3dxq
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\a3dxq
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\a3dxq
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winsys2freg
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winsys2freg
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winsys2freg
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winsys2freg
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gb
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gb\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gb\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gb\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gb\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gb\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gb\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gb\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gb\0000\control
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_runtime\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_runtime\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_runtime\0000\control
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\example
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\example
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\example
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\example
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\example
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gb
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gb
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gb
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gb
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gb
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gb\enum
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gb\enum
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gb\enum
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gb\parameters
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gb\parameters
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gb\parameters
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gb\parameters
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gb\security
HKEY_CURRENT_USER\clsid\{1862b760-0a21-1033-0729-0529050001}
HKEY_CURRENT_USER\clsid\{1862b760-0a21-1033-0729-0529050001}
HKEY_CURRENT_USER\clsid\{1862b760-0a21-1033-0729-0529050001}
HKEY_CURRENT_USER\software\classes\clsid\{1862b760-0a21-1033-0729-0529050001}
HKEY_CURRENT_USER\software\classes\clsid\{1862b760-0a21-1033-0729-0529050001}
HKEY_CURRENT_USER\software\classes\clsid\{1862b760-0a21-1033-0729-0529050001}
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\a3dxq
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\a3dxq
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\a3dxq
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\a3dxq
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winsys2freg
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winsys2freg
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winsys2freg
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winsys2freg
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\driver
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\example
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\example
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\example
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\example
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gb
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gb
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gb
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gb
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gb
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gb
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gb\enum
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gb\enum
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gb\enum
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gb\parameters
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gb\security
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gb\security

Removing TIBS:

An up-to-date copy of ExterminateIt should detect and prevent infection from TIBS.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove TIBS manually.

To completely manually remove TIBS malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with TIBS.

  1. Use Task Manager to terminate the TIBS process.
  2. Delete the original TIBS file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes TIBS from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of TIBS!


Also Be Aware of the Following Threats:
SillyDl.CZG Trojan Symptoms
Kubik Trojan Symptoms
Espion Backdoor Removal
Sysex.dr Trojan Cleaner

Phoenix.group Trojan

Phoenix.group malware description and removal detail
Categories:Trojan,Backdoor,Downloader,DoS
Also known as:

[Computer Associates]Phoenix group

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Removing Phoenix.group:

An up-to-date copy of ExterminateIt should detect and prevent infection from Phoenix.group.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove Phoenix.group manually.

To completely manually remove Phoenix.group malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Phoenix.group.

  1. Use Task Manager to terminate the Phoenix.group process.
  2. Delete the original Phoenix.group file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes Phoenix.group from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of Phoenix.group!


Also Be Aware of the Following Threats:
TSC Trojan Symptoms
Bancos.HEI Trojan Cleaner
Removing CobCat Trojan

VRL50388 Trojan

VRL50388 malware description and removal detail
Categories:Trojan,Backdoor,Downloader,DoS

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Removing VRL50388:

An up-to-date copy of ExterminateIt should detect and prevent infection from VRL50388.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove VRL50388 manually.

To completely manually remove VRL50388 malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with VRL50388.

  1. Use Task Manager to terminate the VRL50388 process.
  2. Delete the original VRL50388 file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes VRL50388 from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of VRL50388!


Also Be Aware of the Following Threats:
Remove Yale Trojan
NameLater Adware Removal

TargetSaver Downloader

TargetSaver malware description and removal detail
Categories:Downloader
Also known as:

[Kaspersky]Trojan-Downloader.Win32.TSUpdate.o,Trojan-Downloader.Win32.TSUpdate.e;
[Other]TargetSaver,Adware.TargetSaver

Visible Symptoms:
Files in system folders:
[%PROFILE_TEMP%]\GLF10GLF10.EXE
[%PROFILE_TEMP%]\GLF123GLF123.EXE
[%PROFILE_TEMP%]\GLF12EGLF12E.EXE
[%PROFILE_TEMP%]\GLF25GLF25.EXE
[%PROFILE_TEMP%]\GLF266GLF266.EXE
[%PROFILE_TEMP%]\GLF26GLF26.EXE
[%PROFILE_TEMP%]\GLF2AGLF2A.EXE
[%PROFILE_TEMP%]\GLF35GLF35.EXE
[%PROFILE_TEMP%]\GLF3E3GLF3E3.EXE
[%PROFILE_TEMP%]\GLF42GLF42.EXE
[%PROFILE_TEMP%]\GLF6AGLF6A.EXE
[%PROFILE_TEMP%]\GLF7FGLF7F.EXE
[%PROFILE_TEMP%]\GLF82GLF82.EXE
[%PROFILE_TEMP%]\tsinstall_4_0_3_7.exe
[%PROFILE_TEMP%]\tsinstall_4_0_4_0_b4.exe
[%PROFILE_TEMP%]\tsupdate_4_0_4_1_b3.exe
[%PROGRAM_FILES_COMMON%]\imzk\imzkm.exe
[%PROGRAM_FILES_COMMON%]\kirw\kirwm.exe
[%PROGRAM_FILES_COMMON%]\kkom\kkoma.exe
[%PROGRAM_FILES_COMMON%]\kkom\kkomd\kkomc.dll
[%PROGRAM_FILES_COMMON%]\kkom\kkomm.exe
[%PROGRAM_FILES_COMMON%]\kowu\kowua.exe
[%PROGRAM_FILES_COMMON%]\kowu\kowud\kowuc.dll
[%PROGRAM_FILES_COMMON%]\kowu\kowum.exe
[%PROGRAM_FILES_COMMON%]\krrk\krrkd\class-barrel
[%PROGRAM_FILES_COMMON%]\krrk\krrkd\vocabulary
[%PROGRAM_FILES_COMMON%]\kurq\kurqa.exe
[%PROGRAM_FILES_COMMON%]\kurq\kurqd\kurqc.dll
[%PROGRAM_FILES_COMMON%]\kurq\kurqm.exe
[%PROGRAM_FILES_COMMON%]\misc002\141.exe
[%PROGRAM_FILES_COMMON%]\ommi\ommid\class-barrel
[%PROGRAM_FILES_COMMON%]\ommi\ommid\vocabulary
[%PROGRAM_FILES_COMMON%]\oqqr\oqqra.exe
[%PROGRAM_FILES_COMMON%]\oqqr\oqqrd\oqqrc.dll
[%PROGRAM_FILES_COMMON%]\oqqr\oqqrm.exe
[%PROGRAM_FILES_COMMON%]\qmwf\qmwfm.exe
[%PROGRAM_FILES_COMMON%]\rifq\rifqd\class-barrel
[%PROGRAM_FILES_COMMON%]\rifq\rifqd\vocabulary
[%PROGRAM_FILES_COMMON%]\riwz\riwza.exe
[%PROGRAM_FILES_COMMON%]\riwz\riwzm.exe
[%PROGRAM_FILES_COMMON%]\rmwk\rmwkd\class-barrel
[%PROGRAM_FILES_COMMON%]\rmwk\rmwkd\vocabulary
[%PROGRAM_FILES_COMMON%]\rwof\rwofa.exe
[%PROGRAM_FILES_COMMON%]\rwof\rwofd\rwofc.dll
[%PROGRAM_FILES_COMMON%]\rwof\rwofm.exe
[%PROGRAM_FILES_COMMON%]\ukir\ukira.exe
[%PROGRAM_FILES_COMMON%]\ukir\ukird\class-barrel
[%PROGRAM_FILES_COMMON%]\ukir\ukird\ukirc.dll
[%PROGRAM_FILES_COMMON%]\ukir\ukird\vocabulary
[%PROGRAM_FILES_COMMON%]\ukir\ukirl.exe
[%PROGRAM_FILES_COMMON%]\ukir\ukirp.exe
[%PROGRAM_FILES_COMMON%]\umkk\umkkd\class-barrel
[%PROGRAM_FILES_COMMON%]\umkk\umkkd\vocabulary
[%PROGRAM_FILES_COMMON%]\uuuo\uuuoa.exe
[%PROGRAM_FILES_COMMON%]\uuuo\uuuod\uuuoc.dll
[%PROGRAM_FILES_COMMON%]\uuuo\uuuom.exe
[%PROGRAM_FILES_COMMON%]\wizk\wizkd\class-barrel
[%PROGRAM_FILES_COMMON%]\wizk\wizkd\vocabulary
[%PROGRAM_FILES_COMMON%]\wkqm\wkqma.exe
[%PROGRAM_FILES_COMMON%]\wkqm\wkqmd\wkqmc.dll
[%PROGRAM_FILES_COMMON%]\wkqm\wkqmm.exe
[%PROGRAM_FILES_COMMON%]\wufu\wufud\class-barrel
[%PROGRAM_FILES_COMMON%]\wufu\wufud\vocabulary
[%PROGRAM_FILES_COMMON%]\wuru\wurud\class-barrel
[%PROGRAM_FILES_COMMON%]\wuru\wurud\vocabulary
[%PROGRAM_FILES_COMMON%]\wuru\wurud\wuruc.dll
[%PROGRAM_FILES_COMMON%]\wuru\wurup.exe
[%PROGRAM_FILES_COMMON%]\wwro\wwroa.exe
[%PROGRAM_FILES_COMMON%]\wwro\wwrod\wwroc.dll
[%PROGRAM_FILES_COMMON%]\wwro\wwrom.exe
[%PROGRAM_FILES_COMMON%]\zqkk\zqkka.exe
[%PROGRAM_FILES_COMMON%]\zqkk\zqkkm.exe
[%SYSTEM%]\tsuninst.exe
[%SYSTEM%]\tsuninst.exe.ren
[%WINDOWS%]\stub_113_4_0_4_0.exe
[%WINDOWS%]\Temp\tsinstall_4_0_4_0_b4.exe
[%WINDOWS%]\Temp\tsupdate_4_0_4_1_b3.exe
[%PROFILE_TEMP%]\tsinstall_4_0_3_8_b17.exe
[%PROFILE_TEMP%]\tsupdate_4_0_3_9_b2.exe
[%WINDOWS%]\stub_110_4_0_4_0.exe
[%PROFILE_TEMP%]\GLF10GLF10.EXE
[%PROFILE_TEMP%]\GLF123GLF123.EXE
[%PROFILE_TEMP%]\GLF12EGLF12E.EXE
[%PROFILE_TEMP%]\GLF25GLF25.EXE
[%PROFILE_TEMP%]\GLF266GLF266.EXE
[%PROFILE_TEMP%]\GLF26GLF26.EXE
[%PROFILE_TEMP%]\GLF2AGLF2A.EXE
[%PROFILE_TEMP%]\GLF35GLF35.EXE
[%PROFILE_TEMP%]\GLF3E3GLF3E3.EXE
[%PROFILE_TEMP%]\GLF42GLF42.EXE
[%PROFILE_TEMP%]\GLF6AGLF6A.EXE
[%PROFILE_TEMP%]\GLF7FGLF7F.EXE
[%PROFILE_TEMP%]\GLF82GLF82.EXE
[%PROFILE_TEMP%]\tsinstall_4_0_3_7.exe
[%PROFILE_TEMP%]\tsinstall_4_0_4_0_b4.exe
[%PROFILE_TEMP%]\tsupdate_4_0_4_1_b3.exe
[%PROGRAM_FILES_COMMON%]\imzk\imzkm.exe
[%PROGRAM_FILES_COMMON%]\kirw\kirwm.exe
[%PROGRAM_FILES_COMMON%]\kkom\kkoma.exe
[%PROGRAM_FILES_COMMON%]\kkom\kkomd\kkomc.dll
[%PROGRAM_FILES_COMMON%]\kkom\kkomm.exe
[%PROGRAM_FILES_COMMON%]\kowu\kowua.exe
[%PROGRAM_FILES_COMMON%]\kowu\kowud\kowuc.dll
[%PROGRAM_FILES_COMMON%]\kowu\kowum.exe
[%PROGRAM_FILES_COMMON%]\krrk\krrkd\class-barrel
[%PROGRAM_FILES_COMMON%]\krrk\krrkd\vocabulary
[%PROGRAM_FILES_COMMON%]\kurq\kurqa.exe
[%PROGRAM_FILES_COMMON%]\kurq\kurqd\kurqc.dll
[%PROGRAM_FILES_COMMON%]\kurq\kurqm.exe
[%PROGRAM_FILES_COMMON%]\misc002\141.exe
[%PROGRAM_FILES_COMMON%]\ommi\ommid\class-barrel
[%PROGRAM_FILES_COMMON%]\ommi\ommid\vocabulary
[%PROGRAM_FILES_COMMON%]\oqqr\oqqra.exe
[%PROGRAM_FILES_COMMON%]\oqqr\oqqrd\oqqrc.dll
[%PROGRAM_FILES_COMMON%]\oqqr\oqqrm.exe
[%PROGRAM_FILES_COMMON%]\qmwf\qmwfm.exe
[%PROGRAM_FILES_COMMON%]\rifq\rifqd\class-barrel
[%PROGRAM_FILES_COMMON%]\rifq\rifqd\vocabulary
[%PROGRAM_FILES_COMMON%]\riwz\riwza.exe
[%PROGRAM_FILES_COMMON%]\riwz\riwzm.exe
[%PROGRAM_FILES_COMMON%]\rmwk\rmwkd\class-barrel
[%PROGRAM_FILES_COMMON%]\rmwk\rmwkd\vocabulary
[%PROGRAM_FILES_COMMON%]\rwof\rwofa.exe
[%PROGRAM_FILES_COMMON%]\rwof\rwofd\rwofc.dll
[%PROGRAM_FILES_COMMON%]\rwof\rwofm.exe
[%PROGRAM_FILES_COMMON%]\ukir\ukira.exe
[%PROGRAM_FILES_COMMON%]\ukir\ukird\class-barrel
[%PROGRAM_FILES_COMMON%]\ukir\ukird\ukirc.dll
[%PROGRAM_FILES_COMMON%]\ukir\ukird\vocabulary
[%PROGRAM_FILES_COMMON%]\ukir\ukirl.exe
[%PROGRAM_FILES_COMMON%]\ukir\ukirp.exe
[%PROGRAM_FILES_COMMON%]\umkk\umkkd\class-barrel
[%PROGRAM_FILES_COMMON%]\umkk\umkkd\vocabulary
[%PROGRAM_FILES_COMMON%]\uuuo\uuuoa.exe
[%PROGRAM_FILES_COMMON%]\uuuo\uuuod\uuuoc.dll
[%PROGRAM_FILES_COMMON%]\uuuo\uuuom.exe
[%PROGRAM_FILES_COMMON%]\wizk\wizkd\class-barrel
[%PROGRAM_FILES_COMMON%]\wizk\wizkd\vocabulary
[%PROGRAM_FILES_COMMON%]\wkqm\wkqma.exe
[%PROGRAM_FILES_COMMON%]\wkqm\wkqmd\wkqmc.dll
[%PROGRAM_FILES_COMMON%]\wkqm\wkqmm.exe
[%PROGRAM_FILES_COMMON%]\wufu\wufud\class-barrel
[%PROGRAM_FILES_COMMON%]\wufu\wufud\vocabulary
[%PROGRAM_FILES_COMMON%]\wuru\wurud\class-barrel
[%PROGRAM_FILES_COMMON%]\wuru\wurud\vocabulary
[%PROGRAM_FILES_COMMON%]\wuru\wurud\wuruc.dll
[%PROGRAM_FILES_COMMON%]\wuru\wurup.exe
[%PROGRAM_FILES_COMMON%]\wwro\wwroa.exe
[%PROGRAM_FILES_COMMON%]\wwro\wwrod\wwroc.dll
[%PROGRAM_FILES_COMMON%]\wwro\wwrom.exe
[%PROGRAM_FILES_COMMON%]\zqkk\zqkka.exe
[%PROGRAM_FILES_COMMON%]\zqkk\zqkkm.exe
[%SYSTEM%]\tsuninst.exe
[%SYSTEM%]\tsuninst.exe.ren
[%WINDOWS%]\stub_113_4_0_4_0.exe
[%WINDOWS%]\Temp\tsinstall_4_0_4_0_b4.exe
[%WINDOWS%]\Temp\tsupdate_4_0_4_1_b3.exe
[%PROFILE_TEMP%]\tsinstall_4_0_3_8_b17.exe
[%PROFILE_TEMP%]\tsupdate_4_0_3_9_b2.exe
[%WINDOWS%]\stub_110_4_0_4_0.exe

In order to ensure that the TargetSaver is launched automatically each time the system is booted, the TargetSaver adds a link to its executable file in the system registry:
HKLM\Microsoft\Windows\CurrentVersion\Run
[%PROFILE_TEMP%]\tsinstall_4_0_3_7.exe
[%PROFILE_TEMP%]\tsinstall_4_0_4_0_b4.exe
[%PROFILE_TEMP%]\tsupdate_4_0_4_1_b3.exe
[%PROGRAM_FILES_COMMON%]\imzk\imzkm.exe
[%PROGRAM_FILES_COMMON%]\kirw\kirwm.exe
[%PROGRAM_FILES_COMMON%]\kkom\kkoma.exe
[%PROGRAM_FILES_COMMON%]\kkom\kkomm.exe
[%PROGRAM_FILES_COMMON%]\kowu\kowua.exe
[%PROGRAM_FILES_COMMON%]\kowu\kowum.exe
[%PROGRAM_FILES_COMMON%]\kurq\kurqa.exe
[%PROGRAM_FILES_COMMON%]\kurq\kurqm.exe
[%PROGRAM_FILES_COMMON%]\misc002\141.exe
[%PROGRAM_FILES_COMMON%]\oqqr\oqqra.exe
[%PROGRAM_FILES_COMMON%]\oqqr\oqqrm.exe
[%PROGRAM_FILES_COMMON%]\qmwf\qmwfm.exe
[%PROGRAM_FILES_COMMON%]\riwz\riwza.exe
[%PROGRAM_FILES_COMMON%]\riwz\riwzm.exe
[%PROGRAM_FILES_COMMON%]\rwof\rwofa.exe
[%PROGRAM_FILES_COMMON%]\rwof\rwofm.exe
[%PROGRAM_FILES_COMMON%]\ukir\ukira.exe
[%PROGRAM_FILES_COMMON%]\ukir\ukirl.exe
[%PROGRAM_FILES_COMMON%]\ukir\ukirp.exe
[%PROGRAM_FILES_COMMON%]\uuuo\uuuoa.exe
[%PROGRAM_FILES_COMMON%]\uuuo\uuuom.exe
[%PROGRAM_FILES_COMMON%]\wkqm\wkqma.exe
[%PROGRAM_FILES_COMMON%]\wkqm\wkqmm.exe
[%PROGRAM_FILES_COMMON%]\wuru\wurup.exe
[%PROGRAM_FILES_COMMON%]\wwro\wwroa.exe
[%PROGRAM_FILES_COMMON%]\wwro\wwrom.exe
[%PROGRAM_FILES_COMMON%]\zqkk\zqkka.exe
[%PROGRAM_FILES_COMMON%]\zqkk\zqkkm.exe
[%SYSTEM%]\tsuninst.exe
[%SYSTEM%]\tsuninst.exe.ren
[%WINDOWS%]\stub_113_4_0_4_0.exe
[%WINDOWS%]\Temp\tsinstall_4_0_4_0_b4.exe
[%WINDOWS%]\Temp\tsupdate_4_0_4_1_b3.exe
[%PROFILE_TEMP%]\tsinstall_4_0_3_8_b17.exe
[%PROFILE_TEMP%]\tsupdate_4_0_3_9_b2.exe
[%WINDOWS%]\stub_110_4_0_4_0.exe

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Detecting TargetSaver:

Files:
[%PROFILE_TEMP%]\GLF10GLF10.EXE
[%PROFILE_TEMP%]\GLF123GLF123.EXE
[%PROFILE_TEMP%]\GLF12EGLF12E.EXE
[%PROFILE_TEMP%]\GLF25GLF25.EXE
[%PROFILE_TEMP%]\GLF266GLF266.EXE
[%PROFILE_TEMP%]\GLF26GLF26.EXE
[%PROFILE_TEMP%]\GLF2AGLF2A.EXE
[%PROFILE_TEMP%]\GLF35GLF35.EXE
[%PROFILE_TEMP%]\GLF3E3GLF3E3.EXE
[%PROFILE_TEMP%]\GLF42GLF42.EXE
[%PROFILE_TEMP%]\GLF6AGLF6A.EXE
[%PROFILE_TEMP%]\GLF7FGLF7F.EXE
[%PROFILE_TEMP%]\GLF82GLF82.EXE
[%PROFILE_TEMP%]\tsinstall_4_0_3_7.exe
[%PROFILE_TEMP%]\tsinstall_4_0_4_0_b4.exe
[%PROFILE_TEMP%]\tsupdate_4_0_4_1_b3.exe
[%PROGRAM_FILES_COMMON%]\imzk\imzkm.exe
[%PROGRAM_FILES_COMMON%]\kirw\kirwm.exe
[%PROGRAM_FILES_COMMON%]\kkom\kkoma.exe
[%PROGRAM_FILES_COMMON%]\kkom\kkomd\kkomc.dll
[%PROGRAM_FILES_COMMON%]\kkom\kkomm.exe
[%PROGRAM_FILES_COMMON%]\kowu\kowua.exe
[%PROGRAM_FILES_COMMON%]\kowu\kowud\kowuc.dll
[%PROGRAM_FILES_COMMON%]\kowu\kowum.exe
[%PROGRAM_FILES_COMMON%]\krrk\krrkd\class-barrel
[%PROGRAM_FILES_COMMON%]\krrk\krrkd\vocabulary
[%PROGRAM_FILES_COMMON%]\kurq\kurqa.exe
[%PROGRAM_FILES_COMMON%]\kurq\kurqd\kurqc.dll
[%PROGRAM_FILES_COMMON%]\kurq\kurqm.exe
[%PROGRAM_FILES_COMMON%]\misc002\141.exe
[%PROGRAM_FILES_COMMON%]\ommi\ommid\class-barrel
[%PROGRAM_FILES_COMMON%]\ommi\ommid\vocabulary
[%PROGRAM_FILES_COMMON%]\oqqr\oqqra.exe
[%PROGRAM_FILES_COMMON%]\oqqr\oqqrd\oqqrc.dll
[%PROGRAM_FILES_COMMON%]\oqqr\oqqrm.exe
[%PROGRAM_FILES_COMMON%]\qmwf\qmwfm.exe
[%PROGRAM_FILES_COMMON%]\rifq\rifqd\class-barrel
[%PROGRAM_FILES_COMMON%]\rifq\rifqd\vocabulary
[%PROGRAM_FILES_COMMON%]\riwz\riwza.exe
[%PROGRAM_FILES_COMMON%]\riwz\riwzm.exe
[%PROGRAM_FILES_COMMON%]\rmwk\rmwkd\class-barrel
[%PROGRAM_FILES_COMMON%]\rmwk\rmwkd\vocabulary
[%PROGRAM_FILES_COMMON%]\rwof\rwofa.exe
[%PROGRAM_FILES_COMMON%]\rwof\rwofd\rwofc.dll
[%PROGRAM_FILES_COMMON%]\rwof\rwofm.exe
[%PROGRAM_FILES_COMMON%]\ukir\ukira.exe
[%PROGRAM_FILES_COMMON%]\ukir\ukird\class-barrel
[%PROGRAM_FILES_COMMON%]\ukir\ukird\ukirc.dll
[%PROGRAM_FILES_COMMON%]\ukir\ukird\vocabulary
[%PROGRAM_FILES_COMMON%]\ukir\ukirl.exe
[%PROGRAM_FILES_COMMON%]\ukir\ukirp.exe
[%PROGRAM_FILES_COMMON%]\umkk\umkkd\class-barrel
[%PROGRAM_FILES_COMMON%]\umkk\umkkd\vocabulary
[%PROGRAM_FILES_COMMON%]\uuuo\uuuoa.exe
[%PROGRAM_FILES_COMMON%]\uuuo\uuuod\uuuoc.dll
[%PROGRAM_FILES_COMMON%]\uuuo\uuuom.exe
[%PROGRAM_FILES_COMMON%]\wizk\wizkd\class-barrel
[%PROGRAM_FILES_COMMON%]\wizk\wizkd\vocabulary
[%PROGRAM_FILES_COMMON%]\wkqm\wkqma.exe
[%PROGRAM_FILES_COMMON%]\wkqm\wkqmd\wkqmc.dll
[%PROGRAM_FILES_COMMON%]\wkqm\wkqmm.exe
[%PROGRAM_FILES_COMMON%]\wufu\wufud\class-barrel
[%PROGRAM_FILES_COMMON%]\wufu\wufud\vocabulary
[%PROGRAM_FILES_COMMON%]\wuru\wurud\class-barrel
[%PROGRAM_FILES_COMMON%]\wuru\wurud\vocabulary
[%PROGRAM_FILES_COMMON%]\wuru\wurud\wuruc.dll
[%PROGRAM_FILES_COMMON%]\wuru\wurup.exe
[%PROGRAM_FILES_COMMON%]\wwro\wwroa.exe
[%PROGRAM_FILES_COMMON%]\wwro\wwrod\wwroc.dll
[%PROGRAM_FILES_COMMON%]\wwro\wwrom.exe
[%PROGRAM_FILES_COMMON%]\zqkk\zqkka.exe
[%PROGRAM_FILES_COMMON%]\zqkk\zqkkm.exe
[%SYSTEM%]\tsuninst.exe
[%SYSTEM%]\tsuninst.exe.ren
[%WINDOWS%]\stub_113_4_0_4_0.exe
[%WINDOWS%]\Temp\tsinstall_4_0_4_0_b4.exe
[%WINDOWS%]\Temp\tsupdate_4_0_4_1_b3.exe
[%PROFILE_TEMP%]\tsinstall_4_0_3_8_b17.exe
[%PROFILE_TEMP%]\tsupdate_4_0_3_9_b2.exe
[%WINDOWS%]\stub_110_4_0_4_0.exe
[%PROFILE_TEMP%]\GLF10GLF10.EXE
[%PROFILE_TEMP%]\GLF123GLF123.EXE
[%PROFILE_TEMP%]\GLF12EGLF12E.EXE
[%PROFILE_TEMP%]\GLF25GLF25.EXE
[%PROFILE_TEMP%]\GLF266GLF266.EXE
[%PROFILE_TEMP%]\GLF26GLF26.EXE
[%PROFILE_TEMP%]\GLF2AGLF2A.EXE
[%PROFILE_TEMP%]\GLF35GLF35.EXE
[%PROFILE_TEMP%]\GLF3E3GLF3E3.EXE
[%PROFILE_TEMP%]\GLF42GLF42.EXE
[%PROFILE_TEMP%]\GLF6AGLF6A.EXE
[%PROFILE_TEMP%]\GLF7FGLF7F.EXE
[%PROFILE_TEMP%]\GLF82GLF82.EXE
[%PROFILE_TEMP%]\tsinstall_4_0_3_7.exe
[%PROFILE_TEMP%]\tsinstall_4_0_4_0_b4.exe
[%PROFILE_TEMP%]\tsupdate_4_0_4_1_b3.exe
[%PROGRAM_FILES_COMMON%]\imzk\imzkm.exe
[%PROGRAM_FILES_COMMON%]\kirw\kirwm.exe
[%PROGRAM_FILES_COMMON%]\kkom\kkoma.exe
[%PROGRAM_FILES_COMMON%]\kkom\kkomd\kkomc.dll
[%PROGRAM_FILES_COMMON%]\kkom\kkomm.exe
[%PROGRAM_FILES_COMMON%]\kowu\kowua.exe
[%PROGRAM_FILES_COMMON%]\kowu\kowud\kowuc.dll
[%PROGRAM_FILES_COMMON%]\kowu\kowum.exe
[%PROGRAM_FILES_COMMON%]\krrk\krrkd\class-barrel
[%PROGRAM_FILES_COMMON%]\krrk\krrkd\vocabulary
[%PROGRAM_FILES_COMMON%]\kurq\kurqa.exe
[%PROGRAM_FILES_COMMON%]\kurq\kurqd\kurqc.dll
[%PROGRAM_FILES_COMMON%]\kurq\kurqm.exe
[%PROGRAM_FILES_COMMON%]\misc002\141.exe
[%PROGRAM_FILES_COMMON%]\ommi\ommid\class-barrel
[%PROGRAM_FILES_COMMON%]\ommi\ommid\vocabulary
[%PROGRAM_FILES_COMMON%]\oqqr\oqqra.exe
[%PROGRAM_FILES_COMMON%]\oqqr\oqqrd\oqqrc.dll
[%PROGRAM_FILES_COMMON%]\oqqr\oqqrm.exe
[%PROGRAM_FILES_COMMON%]\qmwf\qmwfm.exe
[%PROGRAM_FILES_COMMON%]\rifq\rifqd\class-barrel
[%PROGRAM_FILES_COMMON%]\rifq\rifqd\vocabulary
[%PROGRAM_FILES_COMMON%]\riwz\riwza.exe
[%PROGRAM_FILES_COMMON%]\riwz\riwzm.exe
[%PROGRAM_FILES_COMMON%]\rmwk\rmwkd\class-barrel
[%PROGRAM_FILES_COMMON%]\rmwk\rmwkd\vocabulary
[%PROGRAM_FILES_COMMON%]\rwof\rwofa.exe
[%PROGRAM_FILES_COMMON%]\rwof\rwofd\rwofc.dll
[%PROGRAM_FILES_COMMON%]\rwof\rwofm.exe
[%PROGRAM_FILES_COMMON%]\ukir\ukira.exe
[%PROGRAM_FILES_COMMON%]\ukir\ukird\class-barrel
[%PROGRAM_FILES_COMMON%]\ukir\ukird\ukirc.dll
[%PROGRAM_FILES_COMMON%]\ukir\ukird\vocabulary
[%PROGRAM_FILES_COMMON%]\ukir\ukirl.exe
[%PROGRAM_FILES_COMMON%]\ukir\ukirp.exe
[%PROGRAM_FILES_COMMON%]\umkk\umkkd\class-barrel
[%PROGRAM_FILES_COMMON%]\umkk\umkkd\vocabulary
[%PROGRAM_FILES_COMMON%]\uuuo\uuuoa.exe
[%PROGRAM_FILES_COMMON%]\uuuo\uuuod\uuuoc.dll
[%PROGRAM_FILES_COMMON%]\uuuo\uuuom.exe
[%PROGRAM_FILES_COMMON%]\wizk\wizkd\class-barrel
[%PROGRAM_FILES_COMMON%]\wizk\wizkd\vocabulary
[%PROGRAM_FILES_COMMON%]\wkqm\wkqma.exe
[%PROGRAM_FILES_COMMON%]\wkqm\wkqmd\wkqmc.dll
[%PROGRAM_FILES_COMMON%]\wkqm\wkqmm.exe
[%PROGRAM_FILES_COMMON%]\wufu\wufud\class-barrel
[%PROGRAM_FILES_COMMON%]\wufu\wufud\vocabulary
[%PROGRAM_FILES_COMMON%]\wuru\wurud\class-barrel
[%PROGRAM_FILES_COMMON%]\wuru\wurud\vocabulary
[%PROGRAM_FILES_COMMON%]\wuru\wurud\wuruc.dll
[%PROGRAM_FILES_COMMON%]\wuru\wurup.exe
[%PROGRAM_FILES_COMMON%]\wwro\wwroa.exe
[%PROGRAM_FILES_COMMON%]\wwro\wwrod\wwroc.dll
[%PROGRAM_FILES_COMMON%]\wwro\wwrom.exe
[%PROGRAM_FILES_COMMON%]\zqkk\zqkka.exe
[%PROGRAM_FILES_COMMON%]\zqkk\zqkkm.exe
[%SYSTEM%]\tsuninst.exe
[%SYSTEM%]\tsuninst.exe.ren
[%WINDOWS%]\stub_113_4_0_4_0.exe
[%WINDOWS%]\Temp\tsinstall_4_0_4_0_b4.exe
[%WINDOWS%]\Temp\tsupdate_4_0_4_1_b3.exe
[%PROFILE_TEMP%]\tsinstall_4_0_3_8_b17.exe
[%PROFILE_TEMP%]\tsupdate_4_0_3_9_b2.exe
[%WINDOWS%]\stub_110_4_0_4_0.exe

Folders:
[%PROGRAM_FILES_COMMON%]\tsa
[%PROGRAM_FILES_COMMON%]\kmwo
[%PROGRAM_FILES_COMMON%]\roii
[%PROGRAM_FILES_COMMON%]\ruku
[%WINDOWS%]\ruku

Registry Keys:
HKEY_CURRENT_USER\software\tsl2
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\tsa
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\tsl installer
HKEY_LOCAL_MACHINE\software\tsa
HKEY_CURRENT_USER\software\kmwo
HKEY_CURRENT_USER\software\roii
HKEY_CURRENT_USER\software\ruku
HKEY_LOCAL_MACHINE\software\roii
HKEY_LOCAL_MACHINE\software\ruku
HKEY_LOCAL_MACHINE\software\wmkz

Registry Values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_CURRENT_USER\software\tsa
HKEY_CURRENT_USER\software\tsa
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing TargetSaver:

An up-to-date copy of ExterminateIt should detect and prevent infection from TargetSaver.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove TargetSaver manually.

To completely manually remove TargetSaver malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with TargetSaver.

  1. Use Task Manager to terminate the TargetSaver process.
  2. Delete the original TargetSaver file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes TargetSaver from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of TargetSaver!


Also Be Aware of the Following Threats:
Remove Dialer Trojan
Pigeon.AIF Trojan Removal instruction
Remove Removal.Wizard Adware
Locators BHO Information

Igin Trojan

Igin malware description and removal detail
Categories:Trojan
Also known as:

[Panda]Trj/Igin

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Removing Igin:

An up-to-date copy of ExterminateIt should detect and prevent infection from Igin.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove Igin manually.

To completely manually remove Igin malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Igin.

  1. Use Task Manager to terminate the Igin process.
  2. Delete the original Igin file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes Igin from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of Igin!


Also Be Aware of the Following Threats:
TopRebates Adware Removal
Iseekumona Backdoor Cleaner
WebTrends Tracking Cookie Removal

Pigeon.EWR Trojan

Pigeon.EWR malware description and removal detail
Categories:Trojan

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Removing Pigeon.EWR:

An up-to-date copy of ExterminateIt should detect and prevent infection from Pigeon.EWR.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove Pigeon.EWR manually.

To completely manually remove Pigeon.EWR malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Pigeon.EWR.

  1. Use Task Manager to terminate the Pigeon.EWR process.
  2. Delete the original Pigeon.EWR file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes Pigeon.EWR from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of Pigeon.EWR!


Also Be Aware of the Following Threats:
SFX RAT Removal instruction
Enmasse.exe Trojan Information

TrojanDownloader.Win32.Agent.nj Downloader

TrojanDownloader.Win32.Agent.nj malware description and removal detail
Categories:Downloader
Also known as:

[F-Prot]W32/Istbar.BO@dl;
[Other]Win32/TrojanDownloader.Delf.EB

Visible Symptoms:
Files in system folders:
[%SYSTEM%]\poker.exe
[%SYSTEM%]\poker.exe

In order to ensure that the TrojanDownloader.Win32.Agent.nj is launched automatically each time the system is booted, the TrojanDownloader.Win32.Agent.nj adds a link to its executable file in the system registry:
HKLM\Microsoft\Windows\CurrentVersion\Run
[%SYSTEM%]\poker.exe

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Detecting TrojanDownloader.Win32.Agent.nj:

Files:
[%SYSTEM%]\poker.exe
[%SYSTEM%]\poker.exe

Removing TrojanDownloader.Win32.Agent.nj:

An up-to-date copy of ExterminateIt should detect and prevent infection from TrojanDownloader.Win32.Agent.nj.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove TrojanDownloader.Win32.Agent.nj manually.

To completely manually remove TrojanDownloader.Win32.Agent.nj malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with TrojanDownloader.Win32.Agent.nj.

  1. Use Task Manager to terminate the TrojanDownloader.Win32.Agent.nj process.
  2. Delete the original TrojanDownloader.Win32.Agent.nj file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes TrojanDownloader.Win32.Agent.nj from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of TrojanDownloader.Win32.Agent.nj!


Also Be Aware of the Following Threats:
Pigeon.AVQM Trojan Removal
QDel81 Trojan Information

Batdelmc Trojan

Batdelmc malware description and removal detail
Categories:Trojan
Also known as:

[Kaspersky]Trojan-Downloader.Win32.Vb.aik

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Removing Batdelmc:

An up-to-date copy of ExterminateIt should detect and prevent infection from Batdelmc.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove Batdelmc manually.

To completely manually remove Batdelmc malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Batdelmc.

  1. Use Task Manager to terminate the Batdelmc process.
  2. Delete the original Batdelmc file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes Batdelmc from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of Batdelmc!


Also Be Aware of the Following Threats:
Remove ESDIexplorr Adware
Removing CRAT.Pro RAT
Remove Ping.Alpha DoS
BAT.Batalia5 Trojan Removal instruction

SmallFun Trojan

SmallFun malware description and removal detail
Categories:Trojan,Backdoor,RAT
Also known as:

[Kaspersky]Backdoor.SmallFun.11;
[McAfee]BackDoor-GC;
[F-Prot]security risk or a "backdoor" program;
[Panda]Bck/SmallFun.11

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Removing SmallFun:

An up-to-date copy of ExterminateIt should detect and prevent infection from SmallFun.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove SmallFun manually.

To completely manually remove SmallFun malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with SmallFun.

  1. Use Task Manager to terminate the SmallFun process.
  2. Delete the original SmallFun file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.


ExterminateIt effectively and automatically removes SmallFun from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of SmallFun!


Also Be Aware of the Following Threats:
Starware BHO Removal instruction
Veygolk Trojan Symptoms
StartPage.6481!Trojan Trojan Symptoms