Virus Description: Jan 2, 2009

IROffer.2b20 Backdoor

IROffer.2b20 virus description
Technical details:
Categories: Backdoor

IROffer.2b20 indications of infection

This symptoms of IROffer.2b20 detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.

Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
WM.Agent Trojan Cleaner
Ricercadoppia Toolbar Cleaner
SillyDl.CRE Trojan Removal
Bancos.HRB Trojan Removal instruction

KaZaA.Family.Filter.Hacker Trojan

KaZaA.Family.Filter.Hacker virus description
Technical details:
Categories: Trojan,Hacker Tool
KaZaA.Family.Filter.Hacker Aliases:


[Kaspersky]VirTool.Win32.Kazult;
[F-Prot]security risk named W32/HBypass.A;
[Panda]Trojan Horse

KaZaA.Family.Filter.Hacker indications of infection

This symptoms of KaZaA.Family.Filter.Hacker detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.

Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
McqUpdater Adware Removal

PHP.Nawai Trojan

PHP.Nawai virus description
Technical details:
Categories: Trojan,Hacker Tool
PHP.Nawai Aliases:


[Kaspersky]TrojanNotifier.Win32.Nawai.c;
[Panda]Trj/Nawai.C,Trojan Horse,Trojan Horse.LC;
[Computer Associates]PHP/Nawai!PWS!Trojan

PHP.Nawai indications of infection

This symptoms of PHP.Nawai detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.

Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
Vxidl.AIX Trojan Cleaner
Small.atx Downloader Removal
TcomBil Spyware Removal
Pigeon.EGE Trojan Removal instruction
Pigeon.ETC Trojan Symptoms

Pigeon.AWJC Trojan

Pigeon.AWJC virus description
Technical details:
Categories: Trojan

Pigeon.AWJC indications of infection

This symptoms of Pigeon.AWJC detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.

Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
Removing TrojanDropper.Win32.Small.cf Trojan

JS.CodeBase!downloader Trojan

JS.CodeBase!downloader virus description
Technical details:
Categories: Trojan

JS.CodeBase!downloader indications of infection

This symptoms of JS.CodeBase!downloader detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.

Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
Pigeon.AMG Trojan Removal instruction
Pigeon.ATC Trojan Removal instruction
Win32.Dumador Trojan Removal
Small.ath Downloader Cleaner
ExeBinder Trojan Removal

Win32.Singu Trojan

This summary is not available. Please click here to view the post.

ZXSniffer Backdoor

ZXSniffer virus description
Technical details:
Categories: Backdoor,Hacker Tool

ZXSniffer indications of infection

This symptoms of ZXSniffer detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.

Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
Removing LammerBuster Trojan

Phishbank.ADU Trojan

Phishbank.ADU virus description
Technical details:
Categories: Trojan

Phishbank.ADU indications of infection

This symptoms of Phishbank.ADU detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.

Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
Pigeon.EKC Trojan Information
Win32.Mimail Trojan Symptoms
Atobar Trojan Removal

Ruptnogle Trojan

Ruptnogle virus description
Technical details:
Categories: Trojan,Adware
Ruptnogle Aliases:


[Kaspersky]Adware.Win32.Agent.bn,AdWare.Win32.Agent.el;
[McAfee]AdClicker-FC;
[Other]Trojan.Adclicker,Win32/VidCach

Ruptnogle Files: [%WINDOWS%]\domain-access-time.txt [%WINDOWS%]\domain-access-time.txt

Ruptnogle Registry Keys: HKEY_CLASSES_ROOT\interface\{967a494a-6aec-4555-9caf-fa6eb00acf91} HKEY_CLASSES_ROOT\Interface\{9692BE2F-EB8F-49D9-A11C-C24C1EF734D5} HKEY_CLASSES_ROOT\TypeLib\{A8954909-1F0F-41A5-A7FA-3B376D69E226} HKEY_CLASSES_ROOT\clsid\{208d7bcc-9857-4c9e-823b-d04e72490a67} HKEY_CLASSES_ROOT\clsid\{27a7fb75-fb40-4f94-bcf6-4945bcc8baaf} HKEY_CLASSES_ROOT\interface\{9692be2f-eb8f-49d9-a11c-c24c1ef734d5} HKEY_CLASSES_ROOT\msdns.msdnsapp HKEY_CLASSES_ROOT\typelib\{a8954909-1f0f-41a5-a7fa-3b376d69e226} HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{208d7bcc-9857-4c9e-823b-d04e72490a67} HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{27a7fb75-fb40-4f94-bcf6-4945bcc8baaf}

Ruptnogle indications of infection

This symptoms of Ruptnogle detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.

Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
Mentat Trojan Information
Removing eebuy Hijacker

Diego Backdoor

Diego virus description
Technical details:
Categories: Backdoor,RAT
Diego Aliases:


[Kaspersky]Backdoor.Diego;
[McAfee]BackDoor-RM;
[F-Prot]security risk or a "backdoor" program;
[Panda]Bck/Diego;
[Computer Associates]Backdoor/Diego!Server

Diego Files: [%WINDOWS%]\system\microsoftdll.exe [%WINDOWS%]\system\microsoftdll.exe

Diego indications of infection

This symptoms of Diego detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.

Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
W95.Apparition Trojan Information
Removing Aeon Trojan

Leech Trojan

Leech virus description
Technical details:
Categories: Trojan,Backdoor,Downloader,DoS
Leech Aliases:


[Kaspersky]Leech.Insane;
[Eset]Leech.1024 virus;
[Panda]Leech,Leech 2,Leech.1025;
[Computer Associates]Leech

Leech indications of infection

This symptoms of Leech detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.

Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
Removing Vxidl.AXW Trojan
DownloadPlus Adware Cleaner
Removing Vxidl.BGJ Trojan
Remove InLook.Express Spyware

Farsighter RAT

Farsighter virus description
Technical details:
Categories: RAT

Farsighter indications of infection

This symptoms of Farsighter detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.

Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
Remove SatanicDream DoS
Back.Streets Trojan Removal instruction
Prevedl Downloader Removal instruction

Slime Trojan

Slime virus description
Technical details:
Categories: Trojan,RAT,Downloader
Slime Aliases:


[Kaspersky]TrojanDownloader.Win32.Slime.a;
[Panda]Trojan Horse,Trojan Horse.LC;
[Computer Associates]Win32.DlSlime.A,Win32/DlSlime.A!Trojan,Win32/Slime.a!Downloader

Slime indications of infection

This symptoms of Slime detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.

Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
BBot Trojan Removal
rtcode.com Tracking Cookie Symptoms

Ultra.Dial Adware

Ultra.Dial virus description
Technical details:
Categories: Adware

Ultra.Dial indications of infection

This symptoms of Ultra.Dial detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.

Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
Playgame Trojan Cleaner
SearchExplorerBar Adware Removal instruction
Win32.Stealther Trojan Removal instruction

Backdoor.NetDevil Backdoor

Backdoor.NetDevil virus description
Technical details:
Categories: Backdoor
Backdoor.NetDevil Aliases:


[Kaspersky]Backdoor.NetDevil.15;
[McAfee]BackDoor-RP.svr;
[F-Prot]security risk or a "backdoor" program;
[Panda]Bck/Netdevil;
[Computer Associates]Win32.NetDevil.15

Backdoor.NetDevil indications of infection

This symptoms of Backdoor.NetDevil detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.

Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
Freelancer.NOCD.Patch.Funb0y Backdoor Symptoms
Remove Veesbot Trojan
FireKiller Trojan Cleaner

Cryptlab Trojan

Cryptlab virus description
Technical details:
Categories: Trojan,Backdoor,Downloader,DoS
Cryptlab Aliases:


[Kaspersky]MtE.Dedicated.a,MtE.Dedicated.f,MtE.Darkstar,MtE.Dedicated.b,MtE.Encroacher.2910,MtE.Lct,MtE.Questo,Smallest,MtE.Fear,MtE-based,MtE.Mother;
[Eset]MtE:Fear virus;
[Panda]Cryptlab.2868.A#MtE,Cryptlab.2868.C#MtE,DarkStar.2850#MtE,Encroacher.2932#MtE,Liquid.2928#MtE,Questo.2906#Mte,Mte.Mother;
[Computer Associates]Cryptlab.2868.C,MtE Encoded,Intended.Smallest

Cryptlab indications of infection

This symptoms of Cryptlab detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.

Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
TAGOPT Trojan Cleaner
Insecure.Executable Trojan Cleaner
Delf.ap Downloader Information

Cvex3 Trojan

Cvex3 virus description
Technical details:
Categories: Trojan
Cvex3 Aliases:


[Eset]Jerusalem.Cvex.5120.A virus;
[McAfee]Cvex3;
[Panda]Jerusalm.cvex.5120A;
[Computer Associates]Jeru.CVEX3.5120.A

Cvex3 indications of infection

This symptoms of Cvex3 detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.

Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
Rbot.GHJ Worm Removal instruction
Diskkill Trojan Removal instruction
Akosch.Keylogger Spyware Symptoms
Novell.LANs Trojan Removal instruction

NPBH.dll BHO

NPBH.dll virus description
Technical details:
Categories: BHO

NPBH.dll Registry Keys: HKEY_CLASSES_ROOT\CLSID\{79C9FB71-7827-11D3-8DF7-00105A119B7C} HKEY_CLASSES_ROOT\clsid\{79c9fb71-7827-11d3-8df7-00105a119b7c}

NPBH.dll indications of infection

This symptoms of NPBH.dll detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.

Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
AntiLamer.Server.family Backdoor Symptoms
Port.Blocker DoS Cleaner
Pigeon.AVUK Trojan Removal instruction
The.IRC.Warfare.Tutorial DoS Cleaner
Remove QQThief Trojan

Pigeon.AAX Trojan

Pigeon.AAX virus description
Technical details:
Categories: Trojan

Pigeon.AAX indications of infection

This symptoms of Pigeon.AAX detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.

Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
SillyDl.DMO Trojan Removal
Agent.li Downloader Information
Remote.Grab Trojan Cleaner
System Alert Popu Trojan Removal instruction
PluginAccess Adware Symptoms

Pigeon Trojan

Pigeon virus description
Technical details:
Categories: Trojan,Backdoor
Pigeon Aliases:


[Kaspersky]Backdoor.GrayBird.g,Backdoor.Win32.GrayBird.gw,Backdoor.Win32.Hupigon.gs,Backdoor.Win32.Hupigon.bsw,Backdoor.win32.Pigeon.gen,Backdoor.win32.Hupigon.bmq,Backdoor.Win32.Hupigon.akq,Backdoor.Win32.Hupigon.aei,Backdoor.Win32.Hupigon.bca,Backdoor.Win32.Hupigon.ui,Packed.Win32.PePatch.ba,Backdoor.Win32.Hupigon.akm,Backdoor.Win32.Hupigeon.ih,Backdoor.Win32.Hupigon.aj,Backdoor.Win32.Hupigon.cpb,Backdoor.Win32.Hupigon.dfl,Backdoor.Win32.Hupigon.si,Backdoor.Win32.Hupigon.dsj,Backdoor.Win32.Hupigon.cts,Backdoor.Win32.Hupigon.dhs,Backdoor.Win32.Hupigeon.bld,Backdoor.Win32.Hupigon.cwd,Backdoor.Win32.Hupigeon.apx,Backdoor.Win32.Hupigon.cda,Backdoor.Win32.Hupigon.brc,Backdoor.Grayburd,Backdoor.Win32.Hupigon.adt,Backdoor.Win32.Hupigon.dsx,Backdoor.Win32.Hupigon.afx,Trojan-Downloader.Win32.Delf.apy,Backdoor.Win32.Hupigon.dtp,Backdoor.Win32.Hupigon.cir,Trojan-PSW.Win32.OnLineGames.bm,Backdoor.Win32.Hupigeon.ich;
[Eset]Win32/GreyBird.G trojan;
[McAfee]Backdoor-SO,Backdoor-AVW,Backdoor-AWQ.b,Backdoor-AWQ,BackDoor-AWQ.b,BackDoor-AWQ.b.dldr,BackDoor-AWQ.dll,Backdoor-ARR,BackDoor-ALC;
[F-Prot]W32/Hupigon.EG,W32/Trojan-Hupigon-based!Maximus;
[Computer Associates]Backdoor/Pigeon,Win32.Pigeon.2003.b2;
[Other]BKDR_HUPIGON.GP,Troj/Feutel-I,Backdoor.Graybird.Q,Win32/Pigeon.EE,Win32/Pigeon.EK,Backdoor.Win32.Hupigon.brw,Backdoor.Graybird,Win32/Pigeon.EG,Win32/Pigeon.EB,Win32/Pigeon.EC,Backdoor.Hupigeon,Win32/Pigeon.EA,Win32/Pigeon.EM,Win32/Pigeon.EN,Backdoor.Graybird.K,Win32/Pigeon.DZ,Backdoor.Win32.Hupigeon.rf,Backdoor.Greybird,Win32/Malum.EKI,Win32/Pigeon.FJ,Win32/Pigeon.X!plugin,Win32/Pigeon.ED,Win32/Pigeon.GB,Win32/Pigeon.GD,W32/Hupigon.SOW,Win32/Pigeon.GK,Win32/Pigeon.GZ,W32/Hupigon.AUG,Troj/Hupigon-BT,Win32/Pigeon.GV,Backdoor.Trojan,W32/Hupigon.ABUS,Win32/Pigeon.HA,W32/Hupigon.ZDN,Win32/Pigeon.HG,Win32/Pigeon.IK,Win32/Pigeon.KH,Win32/Pigeon.KI,Win32/Pigeon.KY,Trojan.Dropper,Win32/Pigeon.LA,Win32/Pigeon.KV,Win32/Pigeon.KW,Win32/Pigeon.LJ,Win32/Pigeon.LK,Win32/Pigeon.NN,Win32/Pigeon.PP,TrojanDropper:Win32/Hupigon.gen!A,W32/Smalldoor.KXR,Win32/Pigeon.PU,Troj/Agent-FPZ,Win32/Pigeon.RY,Troj/Hupigon-SM,BKDR_HUPIGON.BTZ,Win32/Pigeon.SQ,Win32/Pigeon.SP,Win32/Pigeon.SN,Hupigon.gen110,Trojan.Graybird,Hupigon.gen.101,Backdoor:Win32/Hupigon!2AED,Infostealer.Gampass,Win32/Pigeon.YL,Win32/Pigeon.ZP

Pigeon Folders: [%COMMON_PROGRAMS%]\gain [%PROFILE_TEMP%]\fsg_tmp [%PROGRAM_FILES_COMMON%]\cmeii [%PROGRAM_FILES_COMMON%]\gmt [%PROGRAM_FILES%]\popup blockade [%WINDOWS%]\temp\adware [%PROGRAM_FILES%]\common files\cmeii [%PROGRAM_FILES%]\common files\gmt [%PROGRAM_FILES%]\HllServer

Pigeon Files: [%COMMON_PROGRAMS%]\GAIN Publishing\GAIN Publishing Web Site.URL [%COMMON_PROGRAMS%]\GAIN(2)\GAIN Website.URL [%PROGRAM_FILES%]\Messenger\svchost.exe [%PROGRAM_FILES_COMMON%]\CMEII\CMESys.exe [%PROGRAM_FILES_COMMON%]\CMEII\CMEUpd.exe [%PROGRAM_FILES_COMMON%]\CMEII\GFormCTM.dll [%PROGRAM_FILES_COMMON%]\CMEII\GSvcMgr.dll [%PROGRAM_FILES_COMMON%]\CMEII\GSvcSAP.dll [%PROGRAM_FILES_COMMON%]\GMT\2od6npa984\ga\1151.ga [%PROGRAM_FILES_COMMON%]\GMT\2od6npa984\ga\446.ga [%PROGRAM_FILES_COMMON%]\GMT\2od6npa984\ga\613.ga [%PROGRAM_FILES_COMMON%]\GMT\2od6npa984\ga\779.ga [%PROGRAM_FILES_COMMON%]\GMT\2od6npa984\ga\886.ga [%PROGRAM_FILES_COMMON%]\GMT\EGGCEngine.dll [%PROGRAM_FILES_COMMON%]\GMT\GMT.exe [%PROGRAM_FILES_COMMON%]\GMT\GMT.exe.manifest [%PROGRAM_FILES_COMMON%]\GMT\scripts\msn.com.esp [%SYSTEM%]\icsxml\pcs\License.txt [%SYSTEM%]\pcs\License.txt [%SYSTEM%]\SVKP.sys [%SYSTEM%]\system.exe [%SYSTEM%]\wintems.exe [%WINDOWS%]\gatorgaininstaller.log [%WINDOWS%]\gatorhdplugin.log [%WINDOWS%]\gatorpatch.log [%WINDOWS%]\gatorpdpsetup.log [%WINDOWS%]\G_Server2006.exe [%WINDOWS%]\igator\trickler3103_pic_fs_dmpt_3103.exe [%WINDOWS%]\winhlep.exe [%PROGRAM_FILES%]\intel\svch0st.dll [%PROGRAM_FILES%]\intel\svch0st.exe [%PROGRAM_FILES%]\intel\svch0stkey.dll [%PROGRAM_FILES%]\System\svchost.exe [%SYSTEM%]\G_Server1.23.exe [%SYSTEM%]\Loginc [%SYSTEM%]\lyysys.dat [%SYSTEM%]\rpc.exe [%SYSTEM%]\ssme.txt [%SYSTEM%]\sysligin.exe [%SYSTEM%]\sysliginKey.DLL [%WINDOWS%]\G_Server.dll [%WINDOWS%]\G_Server.exe [%WINDOWS%]\G_Server1.2.exe [%WINDOWS%]\G_Server_Hook.dll [%WINDOWS%]\Hacker.com.cn.exe [%WINDOWS%]\Hacker.com.cn.ini [%WINDOWS%]\system3.exe [%WINDOWS%]\twintemp.exe [%WINDOWS%]\vagaa.exe [%WINDOWS%]\win32.dll [%WINDOWS%]\windos.DLL [%WINDOWS%]\windos.exe [%WINDOWS%]\windos_HOOk.DLL [%WINDOWS%]\windows_system32.exe [%COMMON_PROGRAMS%]\GAIN Publishing\GAIN Publishing Web Site.URL [%COMMON_PROGRAMS%]\GAIN(2)\GAIN Website.URL [%PROGRAM_FILES%]\Messenger\svchost.exe [%PROGRAM_FILES_COMMON%]\CMEII\CMESys.exe [%PROGRAM_FILES_COMMON%]\CMEII\CMEUpd.exe [%PROGRAM_FILES_COMMON%]\CMEII\GFormCTM.dll [%PROGRAM_FILES_COMMON%]\CMEII\GSvcMgr.dll [%PROGRAM_FILES_COMMON%]\CMEII\GSvcSAP.dll [%PROGRAM_FILES_COMMON%]\GMT\2od6npa984\ga\1151.ga [%PROGRAM_FILES_COMMON%]\GMT\2od6npa984\ga\446.ga [%PROGRAM_FILES_COMMON%]\GMT\2od6npa984\ga\613.ga [%PROGRAM_FILES_COMMON%]\GMT\2od6npa984\ga\779.ga [%PROGRAM_FILES_COMMON%]\GMT\2od6npa984\ga\886.ga [%PROGRAM_FILES_COMMON%]\GMT\EGGCEngine.dll [%PROGRAM_FILES_COMMON%]\GMT\GMT.exe [%PROGRAM_FILES_COMMON%]\GMT\GMT.exe.manifest [%PROGRAM_FILES_COMMON%]\GMT\scripts\msn.com.esp [%SYSTEM%]\icsxml\pcs\License.txt [%SYSTEM%]\pcs\License.txt [%SYSTEM%]\SVKP.sys [%SYSTEM%]\system.exe [%SYSTEM%]\wintems.exe [%WINDOWS%]\gatorgaininstaller.log [%WINDOWS%]\gatorhdplugin.log [%WINDOWS%]\gatorpatch.log [%WINDOWS%]\gatorpdpsetup.log [%WINDOWS%]\G_Server2006.exe [%WINDOWS%]\igator\trickler3103_pic_fs_dmpt_3103.exe [%WINDOWS%]\winhlep.exe [%PROGRAM_FILES%]\intel\svch0st.dll [%PROGRAM_FILES%]\intel\svch0st.exe [%PROGRAM_FILES%]\intel\svch0stkey.dll [%PROGRAM_FILES%]\System\svchost.exe [%SYSTEM%]\G_Server1.23.exe [%SYSTEM%]\Loginc [%SYSTEM%]\lyysys.dat [%SYSTEM%]\rpc.exe [%SYSTEM%]\ssme.txt [%SYSTEM%]\sysligin.exe [%SYSTEM%]\sysliginKey.DLL [%WINDOWS%]\G_Server.dll [%WINDOWS%]\G_Server.exe [%WINDOWS%]\G_Server1.2.exe [%WINDOWS%]\G_Server_Hook.dll [%WINDOWS%]\Hacker.com.cn.exe [%WINDOWS%]\Hacker.com.cn.ini [%WINDOWS%]\system3.exe [%WINDOWS%]\twintemp.exe [%WINDOWS%]\vagaa.exe [%WINDOWS%]\win32.dll [%WINDOWS%]\windos.DLL [%WINDOWS%]\windos.exe [%WINDOWS%]\windos_HOOk.DLL [%WINDOWS%]\windows_system32.exe

Pigeon Registry Keys: HKEY_CLASSES_ROOT\clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c} HKEY_LOCAL_MACHINE\software\classes\clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c} HKEY_LOCAL_MACHINE\software\gator.com HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_svkp HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_windows HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_winhelp HKEY_LOCAL_MACHINE\system\currentcontrolset\services\svkp HKEY_LOCAL_MACHINE\system\currentcontrolset\services\windows HKEY_LOCAL_MACHINE\system\currentcontrolset\services\winhelp HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_computer_browsercn HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_dbifsi HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_distributd_link_traking_cie HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_graypigeonserver1.23 HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_graypigeon_hacker.com.cn HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_rising_auto_updating HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_system_ipsec_services HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_vista_xp___ HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_windows*00c6*00f4*00b6*00af*00b7*00fe*00ce*00f1 HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_windows_xp_vagaa____ HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_windows_xp_vista________ HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_winsysloginservise HKEY_LOCAL_MACHINE\system\currentcontrolset\services\computer browsercn HKEY_LOCAL_MACHINE\system\currentcontrolset\services\dbifsi HKEY_LOCAL_MACHINE\system\currentcontrolset\services\distributd link traking cie HKEY_LOCAL_MACHINE\system\currentcontrolset\services\graypigeonserver1.23 HKEY_LOCAL_MACHINE\system\currentcontrolset\services\graypigeon_hacker.com.cn HKEY_LOCAL_MACHINE\system\currentcontrolset\services\portable media serial. HKEY_LOCAL_MACHINE\system\currentcontrolset\services\rapg HKEY_LOCAL_MACHINE\system\currentcontrolset\services\remote (rpc) HKEY_LOCAL_MACHINE\system\currentcontrolset\services\rising auto updating HKEY_LOCAL_MACHINE\system\currentcontrolset\services\system ipsec services HKEY_LOCAL_MACHINE\system\currentcontrolset\services\windows xp vagaa HKEY_LOCAL_MACHINE\system\currentcontrolset\services\windows xp vista HKEY_LOCAL_MACHINE\system\currentcontrolset\services\windowsÆô¶¯·þÎñ HKEY_LOCAL_MACHINE\system\currentcontrolset\services\winsysloginservise

Pigeon Registry Values: HKEY_CLASSES_ROOT\mime\database\content type\application/aquatica HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\fileexts\.te\openwithlist HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\popup blockade HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\popup blockade HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\popup blockade HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gbserver HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gbserver\0000 HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gbserver\0000 HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gbserver\0000 HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gbserver\0000 HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gbserver\0000 HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gbserver\0000\control HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gbserver\0000\control HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gbserver HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gbserver HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gbserver HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gbserver HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gbserver HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gbserver HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gbserver\enum HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gbserver\enum HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gbserver\enum

Pigeon indications of infection

This symptoms of Pigeon detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.

Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
Starr Spyware Removal instruction
INF.Slogod Trojan Symptoms
Bancos.FWW Trojan Cleaner
Win32.PSW.Barrio Trojan Removal instruction

IPSysDrv32 BHO

IPSysDrv32 virus description
Technical details:
Categories: BHO

IPSysDrv32 indications of infection

This symptoms of IPSysDrv32 detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.

Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
Remove Vursime Trojan
TrojanSpy.Win32.VB.am Trojan Removal

HostControl Trojan

HostControl virus description
Technical details:
Categories: Trojan,Backdoor

HostControl indications of infection

This symptoms of HostControl detection are the files, registry, and network communication referenced in the technical details section.
Method of Infection
Trojans do not self-replicate. They are spread manually, often under the premise that the executable is something beneficial.Distribution channels include IRC, peer-to-peer networks, newsgroup postings, e-mail, etc.

Buy Exterminate-It antivirus software and perform a full scan of the computer.
You can also Download Free Trial Version of ExterminateIt! to check your your computer just NOW.

Also Be Aware of the Following Threats:
PhaseOne Trojan Symptoms

IROffer.2b20 indications of infection

KaZaA.Family.Filter.Hacker indications of infection

PHP.Nawai indications of infection

Pigeon.AWJC indications of infection

JS.CodeBase!downloader indications of infection

ZXSniffer indications of infection

Phishbank.ADU indications of infection

Ruptnogle indications of infection

Diego indications of infection

Leech indications of infection

Farsighter indications of infection

Slime indications of infection

Ultra.Dial indications of infection

Backdoor.NetDevil indications of infection

Cryptlab indications of infection

Cvex3 indications of infection

NPBH.dll indications of infection

Pigeon.AAX indications of infection

Pigeon indications of infection

IPSysDrv32 indications of infection

HostControl indications of infection

Subscribe To

Blog Archive