Friday, December 19, 2008

OICQPassCopy Trojan

OICQPassCopy malware description and removal detail
Categories:Trojan

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Removing OICQPassCopy:

An up-to-date copy of ExterminateIt should detect and prevent infection from OICQPassCopy.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove OICQPassCopy manually.

To completely manually remove OICQPassCopy malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with OICQPassCopy.

  1. Use Task Manager to terminate the OICQPassCopy process.
  2. Delete the original OICQPassCopy file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.

ExterminateIt effectively and automatically removes OICQPassCopy from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of OICQPassCopy!

Also Be Aware of the Following Threats:
Removing Vxidl.ATR Trojan

Posted by at No comments:

System.Pro Spyware

System.Pro malware description and removal detail
Categories:Spyware
Visible Symptoms:
Files in system folders:
[%WINDOWS%]\runprf32.exe
[%WINDOWS%]\spinsavc.exe
[%DESKTOP%]\systemsurveillancepro.htm
[%DESKTOP%]\SystemSurvPro.htm
[%PROFILE%]\Local Settings\Desktop\SystemSurveillancePro.htm
[%PROGRAMS%]\System Surveillance Pro 4.8\Help Manual.lnk
[%PROGRAMS%]\System Surveillance Pro 4.8\SSPro Data Viewer.lnk
[%PROGRAMS%]\System Surveillance Pro 4.8\Uninstall SSPro.lnk
[%WINDOWS%]\ordpix.dll
[%WINDOWS%]\sspro.cnt
[%WINDOWS%]\sspro.hlp
[%WINDOWS%]\sysural.dll
[%WINDOWS%]\sysurbl.dll
[%WINDOWS%]\runprf32.exe
[%WINDOWS%]\spinsavc.exe
[%DESKTOP%]\systemsurveillancepro.htm
[%DESKTOP%]\SystemSurvPro.htm
[%PROFILE%]\Local Settings\Desktop\SystemSurveillancePro.htm
[%PROGRAMS%]\System Surveillance Pro 4.8\Help Manual.lnk
[%PROGRAMS%]\System Surveillance Pro 4.8\SSPro Data Viewer.lnk
[%PROGRAMS%]\System Surveillance Pro 4.8\Uninstall SSPro.lnk
[%WINDOWS%]\ordpix.dll
[%WINDOWS%]\sspro.cnt
[%WINDOWS%]\sspro.hlp
[%WINDOWS%]\sysural.dll
[%WINDOWS%]\sysurbl.dll

In order to ensure that the System.Pro is launched automatically each time the system is booted, the System.Pro adds a link to its executable file in the system registry:
HKLM\Microsoft\Windows\CurrentVersion\Run
[%WINDOWS%]\runprf32.exe
[%WINDOWS%]\spinsavc.exe

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Detecting System.Pro:

Files:
[%WINDOWS%]\runprf32.exe
[%WINDOWS%]\spinsavc.exe
[%DESKTOP%]\systemsurveillancepro.htm
[%DESKTOP%]\SystemSurvPro.htm
[%PROFILE%]\Local Settings\Desktop\SystemSurveillancePro.htm
[%PROGRAMS%]\System Surveillance Pro 4.8\Help Manual.lnk
[%PROGRAMS%]\System Surveillance Pro 4.8\SSPro Data Viewer.lnk
[%PROGRAMS%]\System Surveillance Pro 4.8\Uninstall SSPro.lnk
[%WINDOWS%]\ordpix.dll
[%WINDOWS%]\sspro.cnt
[%WINDOWS%]\sspro.hlp
[%WINDOWS%]\sysural.dll
[%WINDOWS%]\sysurbl.dll
[%WINDOWS%]\runprf32.exe
[%WINDOWS%]\spinsavc.exe
[%DESKTOP%]\systemsurveillancepro.htm
[%DESKTOP%]\SystemSurvPro.htm
[%PROFILE%]\Local Settings\Desktop\SystemSurveillancePro.htm
[%PROGRAMS%]\System Surveillance Pro 4.8\Help Manual.lnk
[%PROGRAMS%]\System Surveillance Pro 4.8\SSPro Data Viewer.lnk
[%PROGRAMS%]\System Surveillance Pro 4.8\Uninstall SSPro.lnk
[%WINDOWS%]\ordpix.dll
[%WINDOWS%]\sspro.cnt
[%WINDOWS%]\sspro.hlp
[%WINDOWS%]\sysural.dll
[%WINDOWS%]\sysurbl.dll

Folders:
[%WINDOWS%]\fontinfo
[%PROGRAMS%]\system surveillance pro
[%WINDOWS%]\fontview

Registry Keys:
HKEY_CLASSES_ROOT\.zzr
HKEY_CLASSES_ROOT\clsid\{91b066b2-be0d-42bf-bedd-f9dfdbb29236}\implemented categories
HKEY_CLASSES_ROOT\sspro
HKEY_CLASSES_ROOT\sspro.document
HKEY_CLASSES_ROOT\survservices.datablockmanipulation
HKEY_CLASSES_ROOT\survservices.datainterface
HKEY_CLASSES_ROOT\survservices.declarations
HKEY_CLASSES_ROOT\survservices.general
HKEY_CLASSES_ROOT\clsid\{457107e0-4551-11d5-be6f-ae127dee6059}
HKEY_CLASSES_ROOT\clsid\{47643398-a2f7-422b-9fcc-e5540b1eeb05}
HKEY_CLASSES_ROOT\clsid\{95e6c67a-f1e0-48ef-b0cd-3d72b23fb558}
HKEY_CLASSES_ROOT\clsid\{9df88e2d-bc3e-4524-b5d0-1c49557427a4}
HKEY_CLASSES_ROOT\clsid\{b540c664-b279-4702-83b6-813c9552148f}
HKEY_CLASSES_ROOT\interface\{2074d3f5-5d94-4468-b0d4-6388666aa3e3}
HKEY_CLASSES_ROOT\interface\{453706df-465b-11d5-be6f-c0e46d415558}
HKEY_CLASSES_ROOT\interface\{453706e7-465b-11d5-be6f-c0e46d415558}
HKEY_CLASSES_ROOT\interface\{dac453d4-86ad-4dbe-8d44-2b88c376bbe3}
HKEY_CLASSES_ROOT\interface\{dda8b302-e846-4e1f-818d-0b701f969f9b}
HKEY_CLASSES_ROOT\interface\{f127d096-0939-418e-b579-ce7e40eb6a8a}
HKEY_CLASSES_ROOT\picscroll.cpvpicscroll
HKEY_CLASSES_ROOT\typelib\{3b8554df-2818-4d24-bf82-c7ee3f9af3b5}
HKEY_CLASSES_ROOT\typelib\{457107de-4551-11d5-be6f-ae127dee6059}
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\menuorder\start menu\programs\system surveillance pro~
HKEY_CURRENT_USER\software\vb and vba program settings\sspro

Registry Values:
HKEY_CLASSES_ROOT\clsid\{d46bd5cb-2360-4f5f-8793-5f4ae775ec44}\inprocserver32
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing System.Pro:

An up-to-date copy of ExterminateIt should detect and prevent infection from System.Pro.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove System.Pro manually.

To completely manually remove System.Pro malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with System.Pro.

  1. Use Task Manager to terminate the System.Pro process.
  2. Delete the original System.Pro file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.

ExterminateIt effectively and automatically removes System.Pro from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of System.Pro!

Also Be Aware of the Following Threats:
BOTool Trojan Information
Fav Trojan Symptoms
TrojanRunner.EliteWrap Trojan Cleaner
QZap23 Trojan Removal instruction

Posted by at No comments:

Dumador.bi Backdoor

Dumador.bi malware description and removal detail
Categories:Backdoor

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Removing Dumador.bi:

An up-to-date copy of ExterminateIt should detect and prevent infection from Dumador.bi.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove Dumador.bi manually.

To completely manually remove Dumador.bi malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Dumador.bi.

  1. Use Task Manager to terminate the Dumador.bi process.
  2. Delete the original Dumador.bi file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.

ExterminateIt effectively and automatically removes Dumador.bi from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of Dumador.bi!

Also Be Aware of the Following Threats:
MSN.SmartTags BHO Symptoms
Killpar Trojan Cleaner
Macro.Source Trojan Removal instruction
GenVirus Trojan Removal

Posted by at No comments:

ShellDoor Trojan

ShellDoor malware description and removal detail
Categories:Trojan
Visible Symptoms:
Files in system folders:
[%SYSTEM%]\shellexp.exe
[%SYSTEM%]\shellexp.exe

In order to ensure that the ShellDoor is launched automatically each time the system is booted, the ShellDoor adds a link to its executable file in the system registry:
HKLM\Microsoft\Windows\CurrentVersion\Run
[%SYSTEM%]\shellexp.exe

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Detecting ShellDoor:

Files:
[%SYSTEM%]\shellexp.exe
[%SYSTEM%]\shellexp.exe

Registry Values:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Removing ShellDoor:

An up-to-date copy of ExterminateIt should detect and prevent infection from ShellDoor.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove ShellDoor manually.

To completely manually remove ShellDoor malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with ShellDoor.

  1. Use Task Manager to terminate the ShellDoor process.
  2. Delete the original ShellDoor file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.

ExterminateIt effectively and automatically removes ShellDoor from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of ShellDoor!

Also Be Aware of the Following Threats:
Remove SillyDl.CXB Trojan
Multino Trojan Symptoms

Posted by at No comments:

CWS.MSConfig Hijacker

CWS.MSConfig malware description and removal detail
Categories:Hijacker
Visible Symptoms:
Files in system folders:
[%SYSTEM%]\openme.htm
[%SYSTEM%]\openme.htm

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Detecting CWS.MSConfig:

Files:
[%SYSTEM%]\openme.htm
[%SYSTEM%]\openme.htm

Removing CWS.MSConfig:

An up-to-date copy of ExterminateIt should detect and prevent infection from CWS.MSConfig.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove CWS.MSConfig manually.

To completely manually remove CWS.MSConfig malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with CWS.MSConfig.

  1. Use Task Manager to terminate the CWS.MSConfig process.
  2. Delete the original CWS.MSConfig file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.

ExterminateIt effectively and automatically removes CWS.MSConfig from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of CWS.MSConfig!

Also Be Aware of the Following Threats:
Remove Horse Trojan
CWS.SoundMX Hijacker Cleaner
Kaiten Trojan Removal instruction
Kang Trojan Information

Posted by at No comments:

Removal.Wizard Adware

Removal.Wizard malware description and removal detail
Categories:Adware
Visible Symptoms:
Files in system folders:
[%DESKTOP%]\Spywware Removal Wizard.lnk
[%DESKTOP%]\Spywware Removal Wizard.lnk

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Detecting Removal.Wizard:

Files:
[%DESKTOP%]\Spywware Removal Wizard.lnk
[%DESKTOP%]\Spywware Removal Wizard.lnk

Folders:
[%PROGRAM_FILES%]\Spyware Removal Wizard

Registry Keys:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\spyware removal wizard_is1

Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run

Removing Removal.Wizard:

An up-to-date copy of ExterminateIt should detect and prevent infection from Removal.Wizard.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove Removal.Wizard manually.

To completely manually remove Removal.Wizard malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Removal.Wizard.

  1. Use Task Manager to terminate the Removal.Wizard process.
  2. Delete the original Removal.Wizard file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.

ExterminateIt effectively and automatically removes Removal.Wizard from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of Removal.Wizard!

Also Be Aware of the Following Threats:
Removing Cavitate Trojan
APStrojan Trojan Symptoms

Posted by at No comments:

Win32.PSW.Akcom Trojan

Win32.PSW.Akcom malware description and removal detail
Categories:Trojan,Hacker Tool
Also known as:

[Kaspersky]Trojan.PSW.Akcom.f;
[Panda]Trojan Horse

Platforms / OS: Windows 95, Windows 98, Windows 98 SE, Windows NT, Windows ME, Windows 2000, Windows XP, Windows 2003, Windows Vista

Removing Win32.PSW.Akcom:

An up-to-date copy of ExterminateIt should detect and prevent infection from Win32.PSW.Akcom.

If you do not have ExterminateIt and you are worried that you may have infected computer, you could run trial version of ExterminateIt, or remove Win32.PSW.Akcom manually.

To completely manually remove Win32.PSW.Akcom malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Win32.PSW.Akcom.

  1. Use Task Manager to terminate the Win32.PSW.Akcom process.
  2. Delete the original Win32.PSW.Akcom file and folders.
  3. Delete the system registry key parameters
  4. Update your antivirus databases or buy antivirus software and perform a full scan of the computer.

We recommends that all Internet users back up any important information on their computers, enable maximum protection from network attacks and malicious code on their computers, refrain from executing suspicious programs received from untrustworthy sources.

ExterminateIt effectively and automatically removes Win32.PSW.Akcom from you computer and is a good solution for those who are seeking easy and effective protection for their computer from Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware).

Download ExterminateIt! to instantly get rid of Win32.PSW.Akcom!

Also Be Aware of the Following Threats:
Remove Seventh.son Trojan
VBVirul Trojan Symptoms
Headless Trojan Information
SillyDl.CQE Trojan Cleaner
Doom Trojan Removal instruction

Posted by at No comments:
Subscribe to: Posts (Atom)