IROffer.2b20 Backdoor

IROffer.2b20 virus description
Technical details:
Categories: Backdoor

IROffer.2b20 indications of infection

This symptoms of IROffer.2b20 detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.
Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
WM.Agent Trojan Cleaner
Ricercadoppia Toolbar Cleaner
SillyDl.CRE Trojan Removal
Bancos.HRB Trojan Removal instruction

KaZaA.Family.Filter.Hacker Trojan

KaZaA.Family.Filter.Hacker virus description
Technical details:
Categories: Trojan,Hacker Tool
KaZaA.Family.Filter.Hacker Aliases:
[Kaspersky]VirTool.Win32.Kazult;
[F-Prot]security risk named W32/HBypass.A;
[Panda]Trojan Horse

KaZaA.Family.Filter.Hacker indications of infection

This symptoms of KaZaA.Family.Filter.Hacker detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.
Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
McqUpdater Adware Removal

PHP.Nawai Trojan

PHP.Nawai virus description
Technical details:
Categories: Trojan,Hacker Tool
PHP.Nawai Aliases:
[Kaspersky]TrojanNotifier.Win32.Nawai.c;
[Panda]Trj/Nawai.C,Trojan Horse,Trojan Horse.LC;
[Computer Associates]PHP/Nawai!PWS!Trojan

PHP.Nawai indications of infection

This symptoms of PHP.Nawai detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.
Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
Vxidl.AIX Trojan Cleaner
Small.atx Downloader Removal
TcomBil Spyware Removal
Pigeon.EGE Trojan Removal instruction
Pigeon.ETC Trojan Symptoms

Pigeon.AWJC Trojan

Pigeon.AWJC virus description
Technical details:
Categories: Trojan

Pigeon.AWJC indications of infection

This symptoms of Pigeon.AWJC detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.
Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
Removing TrojanDropper.Win32.Small.cf Trojan

JS.CodeBase!downloader Trojan

JS.CodeBase!downloader virus description
Technical details:
Categories: Trojan

JS.CodeBase!downloader indications of infection

This symptoms of JS.CodeBase!downloader detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.
Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
Pigeon.AMG Trojan Removal instruction
Pigeon.ATC Trojan Removal instruction
Win32.Dumador Trojan Removal
Small.ath Downloader Cleaner
ExeBinder Trojan Removal

Win32.Singu Trojan

This summary is not available. Please click here to view the post.

ZXSniffer Backdoor

ZXSniffer virus description
Technical details:
Categories: Backdoor,Hacker Tool

ZXSniffer indications of infection

This symptoms of ZXSniffer detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.
Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
Removing LammerBuster Trojan

Phishbank.ADU Trojan

Phishbank.ADU virus description
Technical details:
Categories: Trojan

Phishbank.ADU indications of infection

This symptoms of Phishbank.ADU detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.
Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
Pigeon.EKC Trojan Information
Win32.Mimail Trojan Symptoms
Atobar Trojan Removal

Ruptnogle Trojan

Ruptnogle virus description
Technical details:
Categories: Trojan,Adware
Ruptnogle Aliases:
[Kaspersky]Adware.Win32.Agent.bn,AdWare.Win32.Agent.el;
[McAfee]AdClicker-FC;
[Other]Trojan.Adclicker,Win32/VidCach

Ruptnogle Files:
[%WINDOWS%]\domain-access-time.txt
[%WINDOWS%]\domain-access-time.txt

Ruptnogle Registry Keys:
HKEY_CLASSES_ROOT\interface\{967a494a-6aec-4555-9caf-fa6eb00acf91}
HKEY_CLASSES_ROOT\Interface\{9692BE2F-EB8F-49D9-A11C-C24C1EF734D5}
HKEY_CLASSES_ROOT\TypeLib\{A8954909-1F0F-41A5-A7FA-3B376D69E226}
HKEY_CLASSES_ROOT\clsid\{208d7bcc-9857-4c9e-823b-d04e72490a67}
HKEY_CLASSES_ROOT\clsid\{27a7fb75-fb40-4f94-bcf6-4945bcc8baaf}
HKEY_CLASSES_ROOT\interface\{9692be2f-eb8f-49d9-a11c-c24c1ef734d5}
HKEY_CLASSES_ROOT\msdns.msdnsapp
HKEY_CLASSES_ROOT\typelib\{a8954909-1f0f-41a5-a7fa-3b376d69e226}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{208d7bcc-9857-4c9e-823b-d04e72490a67}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{27a7fb75-fb40-4f94-bcf6-4945bcc8baaf}


Ruptnogle indications of infection

This symptoms of Ruptnogle detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.
Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
Mentat Trojan Information
Removing eebuy Hijacker

Diego Backdoor

Diego virus description
Technical details:
Categories: Backdoor,RAT
Diego Aliases:
[Kaspersky]Backdoor.Diego;
[McAfee]BackDoor-RM;
[F-Prot]security risk or a "backdoor" program;
[Panda]Bck/Diego;
[Computer Associates]Backdoor/Diego!Server

Diego Files:
[%WINDOWS%]\system\microsoftdll.exe
[%WINDOWS%]\system\microsoftdll.exe


Diego indications of infection

This symptoms of Diego detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.
Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
W95.Apparition Trojan Information
Removing Aeon Trojan

Leech Trojan

Leech virus description
Technical details:
Categories: Trojan,Backdoor,Downloader,DoS
Leech Aliases:
[Kaspersky]Leech.Insane;
[Eset]Leech.1024 virus;
[Panda]Leech,Leech 2,Leech.1025;
[Computer Associates]Leech

Leech indications of infection

This symptoms of Leech detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.
Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
Removing Vxidl.AXW Trojan
DownloadPlus Adware Cleaner
Removing Vxidl.BGJ Trojan
Remove InLook.Express Spyware

Farsighter RAT

Farsighter virus description
Technical details:
Categories: RAT

Farsighter indications of infection

This symptoms of Farsighter detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.
Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
Remove SatanicDream DoS
Back.Streets Trojan Removal instruction
Prevedl Downloader Removal instruction

Slime Trojan

Slime virus description
Technical details:
Categories: Trojan,RAT,Downloader
Slime Aliases:
[Kaspersky]TrojanDownloader.Win32.Slime.a;
[Panda]Trojan Horse,Trojan Horse.LC;
[Computer Associates]Win32.DlSlime.A,Win32/DlSlime.A!Trojan,Win32/Slime.a!Downloader

Slime indications of infection

This symptoms of Slime detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.
Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
BBot Trojan Removal
rtcode.com Tracking Cookie Symptoms

Ultra.Dial Adware

Ultra.Dial virus description
Technical details:
Categories: Adware

Ultra.Dial indications of infection

This symptoms of Ultra.Dial detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.
Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
Playgame Trojan Cleaner
SearchExplorerBar Adware Removal instruction
Win32.Stealther Trojan Removal instruction

Backdoor.NetDevil Backdoor

Backdoor.NetDevil virus description
Technical details:
Categories: Backdoor
Backdoor.NetDevil Aliases:
[Kaspersky]Backdoor.NetDevil.15;
[McAfee]BackDoor-RP.svr;
[F-Prot]security risk or a "backdoor" program;
[Panda]Bck/Netdevil;
[Computer Associates]Win32.NetDevil.15

Backdoor.NetDevil indications of infection

This symptoms of Backdoor.NetDevil detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.
Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
Freelancer.NOCD.Patch.Funb0y Backdoor Symptoms
Remove Veesbot Trojan
FireKiller Trojan Cleaner

Cryptlab Trojan

Cryptlab virus description
Technical details:
Categories: Trojan,Backdoor,Downloader,DoS
Cryptlab Aliases:
[Kaspersky]MtE.Dedicated.a,MtE.Dedicated.f,MtE.Darkstar,MtE.Dedicated.b,MtE.Encroacher.2910,MtE.Lct,MtE.Questo,Smallest,MtE.Fear,MtE-based,MtE.Mother;
[Eset]MtE:Fear virus;
[Panda]Cryptlab.2868.A#MtE,Cryptlab.2868.C#MtE,DarkStar.2850#MtE,Encroacher.2932#MtE,Liquid.2928#MtE,Questo.2906#Mte,Mte.Mother;
[Computer Associates]Cryptlab.2868.C,MtE Encoded,Intended.Smallest

Cryptlab indications of infection

This symptoms of Cryptlab detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.
Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
TAGOPT Trojan Cleaner
Insecure.Executable Trojan Cleaner
Delf.ap Downloader Information

Cvex3 Trojan

Cvex3 virus description
Technical details:
Categories: Trojan
Cvex3 Aliases:
[Eset]Jerusalem.Cvex.5120.A virus;
[McAfee]Cvex3;
[Panda]Jerusalm.cvex.5120A;
[Computer Associates]Jeru.CVEX3.5120.A

Cvex3 indications of infection

This symptoms of Cvex3 detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.
Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
Rbot.GHJ Worm Removal instruction
Diskkill Trojan Removal instruction
Akosch.Keylogger Spyware Symptoms
Novell.LANs Trojan Removal instruction

NPBH.dll BHO

NPBH.dll virus description
Technical details:
Categories: BHO

NPBH.dll Registry Keys:
HKEY_CLASSES_ROOT\CLSID\{79C9FB71-7827-11D3-8DF7-00105A119B7C}
HKEY_CLASSES_ROOT\clsid\{79c9fb71-7827-11d3-8df7-00105a119b7c}


NPBH.dll indications of infection

This symptoms of NPBH.dll detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.
Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
AntiLamer.Server.family Backdoor Symptoms
Port.Blocker DoS Cleaner
Pigeon.AVUK Trojan Removal instruction
The.IRC.Warfare.Tutorial DoS Cleaner
Remove QQThief Trojan

Pigeon.AAX Trojan

Pigeon.AAX virus description
Technical details:
Categories: Trojan

Pigeon.AAX indications of infection

This symptoms of Pigeon.AAX detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.
Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
SillyDl.DMO Trojan Removal
Agent.li Downloader Information
Remote.Grab Trojan Cleaner
System Alert Popu Trojan Removal instruction
PluginAccess Adware Symptoms

Pigeon Trojan

Pigeon virus description
Technical details:
Categories: Trojan,Backdoor
Pigeon Aliases:
[Kaspersky]Backdoor.GrayBird.g,Backdoor.Win32.GrayBird.gw,Backdoor.Win32.Hupigon.gs,Backdoor.Win32.Hupigon.bsw,Backdoor.win32.Pigeon.gen,Backdoor.win32.Hupigon.bmq,Backdoor.Win32.Hupigon.akq,Backdoor.Win32.Hupigon.aei,Backdoor.Win32.Hupigon.bca,Backdoor.Win32.Hupigon.ui,Packed.Win32.PePatch.ba,Backdoor.Win32.Hupigon.akm,Backdoor.Win32.Hupigeon.ih,Backdoor.Win32.Hupigon.aj,Backdoor.Win32.Hupigon.cpb,Backdoor.Win32.Hupigon.dfl,Backdoor.Win32.Hupigon.si,Backdoor.Win32.Hupigon.dsj,Backdoor.Win32.Hupigon.cts,Backdoor.Win32.Hupigon.dhs,Backdoor.Win32.Hupigeon.bld,Backdoor.Win32.Hupigon.cwd,Backdoor.Win32.Hupigeon.apx,Backdoor.Win32.Hupigon.cda,Backdoor.Win32.Hupigon.brc,Backdoor.Grayburd,Backdoor.Win32.Hupigon.adt,Backdoor.Win32.Hupigon.dsx,Backdoor.Win32.Hupigon.afx,Trojan-Downloader.Win32.Delf.apy,Backdoor.Win32.Hupigon.dtp,Backdoor.Win32.Hupigon.cir,Trojan-PSW.Win32.OnLineGames.bm,Backdoor.Win32.Hupigeon.ich;
[Eset]Win32/GreyBird.G trojan;
[McAfee]Backdoor-SO,Backdoor-AVW,Backdoor-AWQ.b,Backdoor-AWQ,BackDoor-AWQ.b,BackDoor-AWQ.b.dldr,BackDoor-AWQ.dll,Backdoor-ARR,BackDoor-ALC;
[F-Prot]W32/Hupigon.EG,W32/Trojan-Hupigon-based!Maximus;
[Computer Associates]Backdoor/Pigeon,Win32.Pigeon.2003.b2;
[Other]BKDR_HUPIGON.GP,Troj/Feutel-I,Backdoor.Graybird.Q,Win32/Pigeon.EE,Win32/Pigeon.EK,Backdoor.Win32.Hupigon.brw,Backdoor.Graybird,Win32/Pigeon.EG,Win32/Pigeon.EB,Win32/Pigeon.EC,Backdoor.Hupigeon,Win32/Pigeon.EA,Win32/Pigeon.EM,Win32/Pigeon.EN,Backdoor.Graybird.K,Win32/Pigeon.DZ,Backdoor.Win32.Hupigeon.rf,Backdoor.Greybird,Win32/Malum.EKI,Win32/Pigeon.FJ,Win32/Pigeon.X!plugin,Win32/Pigeon.ED,Win32/Pigeon.GB,Win32/Pigeon.GD,W32/Hupigon.SOW,Win32/Pigeon.GK,Win32/Pigeon.GZ,W32/Hupigon.AUG,Troj/Hupigon-BT,Win32/Pigeon.GV,Backdoor.Trojan,W32/Hupigon.ABUS,Win32/Pigeon.HA,W32/Hupigon.ZDN,Win32/Pigeon.HG,Win32/Pigeon.IK,Win32/Pigeon.KH,Win32/Pigeon.KI,Win32/Pigeon.KY,Trojan.Dropper,Win32/Pigeon.LA,Win32/Pigeon.KV,Win32/Pigeon.KW,Win32/Pigeon.LJ,Win32/Pigeon.LK,Win32/Pigeon.NN,Win32/Pigeon.PP,TrojanDropper:Win32/Hupigon.gen!A,W32/Smalldoor.KXR,Win32/Pigeon.PU,Troj/Agent-FPZ,Win32/Pigeon.RY,Troj/Hupigon-SM,BKDR_HUPIGON.BTZ,Win32/Pigeon.SQ,Win32/Pigeon.SP,Win32/Pigeon.SN,Hupigon.gen110,Trojan.Graybird,Hupigon.gen.101,Backdoor:Win32/Hupigon!2AED,Infostealer.Gampass,Win32/Pigeon.YL,Win32/Pigeon.ZP

Pigeon Folders:
[%COMMON_PROGRAMS%]\gain
[%PROFILE_TEMP%]\fsg_tmp
[%PROGRAM_FILES_COMMON%]\cmeii
[%PROGRAM_FILES_COMMON%]\gmt
[%PROGRAM_FILES%]\popup blockade
[%WINDOWS%]\temp\adware
[%PROGRAM_FILES%]\common files\cmeii
[%PROGRAM_FILES%]\common files\gmt
[%PROGRAM_FILES%]\HllServer

Pigeon Files:
[%COMMON_PROGRAMS%]\GAIN Publishing\GAIN Publishing Web Site.URL
[%COMMON_PROGRAMS%]\GAIN(2)\GAIN Website.URL
[%PROGRAM_FILES%]\Messenger\svchost.exe
[%PROGRAM_FILES_COMMON%]\CMEII\CMESys.exe
[%PROGRAM_FILES_COMMON%]\CMEII\CMEUpd.exe
[%PROGRAM_FILES_COMMON%]\CMEII\GFormCTM.dll
[%PROGRAM_FILES_COMMON%]\CMEII\GSvcMgr.dll
[%PROGRAM_FILES_COMMON%]\CMEII\GSvcSAP.dll
[%PROGRAM_FILES_COMMON%]\GMT\2od6npa984\ga\1151.ga
[%PROGRAM_FILES_COMMON%]\GMT\2od6npa984\ga\446.ga
[%PROGRAM_FILES_COMMON%]\GMT\2od6npa984\ga\613.ga
[%PROGRAM_FILES_COMMON%]\GMT\2od6npa984\ga\779.ga
[%PROGRAM_FILES_COMMON%]\GMT\2od6npa984\ga\886.ga
[%PROGRAM_FILES_COMMON%]\GMT\EGGCEngine.dll
[%PROGRAM_FILES_COMMON%]\GMT\GMT.exe
[%PROGRAM_FILES_COMMON%]\GMT\GMT.exe.manifest
[%PROGRAM_FILES_COMMON%]\GMT\scripts\msn.com.esp
[%SYSTEM%]\icsxml\pcs\License.txt
[%SYSTEM%]\pcs\License.txt
[%SYSTEM%]\SVKP.sys
[%SYSTEM%]\system.exe
[%SYSTEM%]\wintems.exe
[%WINDOWS%]\gatorgaininstaller.log
[%WINDOWS%]\gatorhdplugin.log
[%WINDOWS%]\gatorpatch.log
[%WINDOWS%]\gatorpdpsetup.log
[%WINDOWS%]\G_Server2006.exe
[%WINDOWS%]\igator\trickler3103_pic_fs_dmpt_3103.exe
[%WINDOWS%]\winhlep.exe
[%PROGRAM_FILES%]\intel\svch0st.dll
[%PROGRAM_FILES%]\intel\svch0st.exe
[%PROGRAM_FILES%]\intel\svch0stkey.dll
[%PROGRAM_FILES%]\System\svchost.exe
[%SYSTEM%]\G_Server1.23.exe
[%SYSTEM%]\Loginc
[%SYSTEM%]\lyysys.dat
[%SYSTEM%]\rpc.exe
[%SYSTEM%]\ssme.txt
[%SYSTEM%]\sysligin.exe
[%SYSTEM%]\sysliginKey.DLL
[%WINDOWS%]\G_Server.dll
[%WINDOWS%]\G_Server.exe
[%WINDOWS%]\G_Server1.2.exe
[%WINDOWS%]\G_Server_Hook.dll
[%WINDOWS%]\Hacker.com.cn.exe
[%WINDOWS%]\Hacker.com.cn.ini
[%WINDOWS%]\system3.exe
[%WINDOWS%]\twintemp.exe
[%WINDOWS%]\vagaa.exe
[%WINDOWS%]\win32.dll
[%WINDOWS%]\windos.DLL
[%WINDOWS%]\windos.exe
[%WINDOWS%]\windos_HOOk.DLL
[%WINDOWS%]\windows_system32.exe
[%COMMON_PROGRAMS%]\GAIN Publishing\GAIN Publishing Web Site.URL
[%COMMON_PROGRAMS%]\GAIN(2)\GAIN Website.URL
[%PROGRAM_FILES%]\Messenger\svchost.exe
[%PROGRAM_FILES_COMMON%]\CMEII\CMESys.exe
[%PROGRAM_FILES_COMMON%]\CMEII\CMEUpd.exe
[%PROGRAM_FILES_COMMON%]\CMEII\GFormCTM.dll
[%PROGRAM_FILES_COMMON%]\CMEII\GSvcMgr.dll
[%PROGRAM_FILES_COMMON%]\CMEII\GSvcSAP.dll
[%PROGRAM_FILES_COMMON%]\GMT\2od6npa984\ga\1151.ga
[%PROGRAM_FILES_COMMON%]\GMT\2od6npa984\ga\446.ga
[%PROGRAM_FILES_COMMON%]\GMT\2od6npa984\ga\613.ga
[%PROGRAM_FILES_COMMON%]\GMT\2od6npa984\ga\779.ga
[%PROGRAM_FILES_COMMON%]\GMT\2od6npa984\ga\886.ga
[%PROGRAM_FILES_COMMON%]\GMT\EGGCEngine.dll
[%PROGRAM_FILES_COMMON%]\GMT\GMT.exe
[%PROGRAM_FILES_COMMON%]\GMT\GMT.exe.manifest
[%PROGRAM_FILES_COMMON%]\GMT\scripts\msn.com.esp
[%SYSTEM%]\icsxml\pcs\License.txt
[%SYSTEM%]\pcs\License.txt
[%SYSTEM%]\SVKP.sys
[%SYSTEM%]\system.exe
[%SYSTEM%]\wintems.exe
[%WINDOWS%]\gatorgaininstaller.log
[%WINDOWS%]\gatorhdplugin.log
[%WINDOWS%]\gatorpatch.log
[%WINDOWS%]\gatorpdpsetup.log
[%WINDOWS%]\G_Server2006.exe
[%WINDOWS%]\igator\trickler3103_pic_fs_dmpt_3103.exe
[%WINDOWS%]\winhlep.exe
[%PROGRAM_FILES%]\intel\svch0st.dll
[%PROGRAM_FILES%]\intel\svch0st.exe
[%PROGRAM_FILES%]\intel\svch0stkey.dll
[%PROGRAM_FILES%]\System\svchost.exe
[%SYSTEM%]\G_Server1.23.exe
[%SYSTEM%]\Loginc
[%SYSTEM%]\lyysys.dat
[%SYSTEM%]\rpc.exe
[%SYSTEM%]\ssme.txt
[%SYSTEM%]\sysligin.exe
[%SYSTEM%]\sysliginKey.DLL
[%WINDOWS%]\G_Server.dll
[%WINDOWS%]\G_Server.exe
[%WINDOWS%]\G_Server1.2.exe
[%WINDOWS%]\G_Server_Hook.dll
[%WINDOWS%]\Hacker.com.cn.exe
[%WINDOWS%]\Hacker.com.cn.ini
[%WINDOWS%]\system3.exe
[%WINDOWS%]\twintemp.exe
[%WINDOWS%]\vagaa.exe
[%WINDOWS%]\win32.dll
[%WINDOWS%]\windos.DLL
[%WINDOWS%]\windos.exe
[%WINDOWS%]\windos_HOOk.DLL
[%WINDOWS%]\windows_system32.exe

Pigeon Registry Keys:
HKEY_CLASSES_ROOT\clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
HKEY_LOCAL_MACHINE\software\classes\clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
HKEY_LOCAL_MACHINE\software\gator.com
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_svkp
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_windows
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_winhelp
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\svkp
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\windows
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\winhelp
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_computer_browsercn
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_dbifsi
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_distributd_link_traking_cie
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_graypigeonserver1.23
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_graypigeon_hacker.com.cn
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_rising_auto_updating
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_system_ipsec_services
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_vista_xp___
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_windows*00c6*00f4*00b6*00af*00b7*00fe*00ce*00f1
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_windows_xp_vagaa____
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_windows_xp_vista________
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_winsysloginservise
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\computer browsercn
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\dbifsi
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\distributd link traking cie
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\graypigeonserver1.23
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\graypigeon_hacker.com.cn
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\portable media serial.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\rapg
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\remote (rpc)
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\rising auto updating
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\system ipsec services
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\windows xp vagaa
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\windows xp vista
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\windowsÆô¶¯·þÎñ
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\winsysloginservise

Pigeon Registry Values:
HKEY_CLASSES_ROOT\mime\database\content type\application/aquatica
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\fileexts\.te\openwithlist
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\popup blockade
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\popup blockade
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\popup blockade
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gbserver
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gbserver\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gbserver\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gbserver\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gbserver\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gbserver\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gbserver\0000\control
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gbserver\0000\control
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gbserver
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gbserver
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gbserver
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gbserver
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gbserver
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gbserver
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gbserver\enum
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gbserver\enum
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gbserver\enum


Pigeon indications of infection

This symptoms of Pigeon detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.
Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
Starr Spyware Removal instruction
INF.Slogod Trojan Symptoms
Bancos.FWW Trojan Cleaner
Win32.PSW.Barrio Trojan Removal instruction

IPSysDrv32 BHO

IPSysDrv32 virus description
Technical details:
Categories: BHO

IPSysDrv32 indications of infection

This symptoms of IPSysDrv32 detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.
Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
Remove Vursime Trojan
TrojanSpy.Win32.VB.am Trojan Removal

HostControl Trojan

HostControl virus description
Technical details:
Categories: Trojan,Backdoor

HostControl indications of infection

This symptoms of HostControl detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.
Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
PhaseOne Trojan Symptoms