Trojan.Waledac | ||||||
| ||||||
|
Livello di pericolo: 
8
8
Tipo: Trojan
Comuni sintomi di infezione:
- Esposizione di annunci pubblicitari
- Rallentamento della connessione internet
- Errori di sistema
- Fastidiose finestre pop-up
- Rallentamento del Computer
Come rimuovere da soli Trojan.Waledac
File relativi all’infezione (Trojan.Waledac):
card[1].exe
ert51791.exe
AdwarePro.exe
AdwarePro_Setup[1].exe
SSEngine.dll
StartApp.exe
1[1].exe
sysguardn.exe
free_scan.exe
ntos.exe
load[1].exe
usp10.dll
Omahonafazeq.dll
new23[1].exe
gr[2].exe
adv111[1].exe
new26[1].exe
SetupAntivirusXP[1].exe
ieupdates.exe
Test.exe
loader[1].exe
~tmpa.exe
Hyves_Browser.exe
Hyves_Browser_Instalation.exe
i386si.sys
oqarib.dll
winlogin.exe
AntivirusXP.exe
vvunbwrhxa.exe
imod3.dll
baracknews[1].exe
svchost.exe
PLAY_MP3[1].exe
tem8.tmp.exe
agent.exe
pc.exe
softjopa[1].exe
sp.dll
swapdm.dll
install[1].exe
yPjX.exe
s[1].exe
print[1].exe
save.exe
run[1].exe
contact[1].exe
main[1].exe
news[1].exe
malware.exe
sever.exe
_ex-68.exe
_ex-08.exe
785.exe
b.exe
wpv351242765100.exe
wpv451242765100.exe
wpv661242765100.exe
wpv841243516707.exe
wpv881243516707.exe
system.exe
wpv311228474072.cpx
msauc.exe
sam.exe.exe
BN19.tmp
wpv011242765100.exe
wpv631242765100.exe
wpv601242765100.exe
wpv291243516707.exe
9782.exe
cftmon.exe
7.tmp
alg.exe
init.exe
ert51791.exe
AdwarePro.exe
AdwarePro_Setup[1].exe
SSEngine.dll
StartApp.exe
1[1].exe
sysguardn.exe
free_scan.exe
ntos.exe
load[1].exe
usp10.dll
Omahonafazeq.dll
new23[1].exe
gr[2].exe
adv111[1].exe
new26[1].exe
SetupAntivirusXP[1].exe
ieupdates.exe
Test.exe
loader[1].exe
~tmpa.exe
Hyves_Browser.exe
Hyves_Browser_Instalation.exe
i386si.sys
oqarib.dll
winlogin.exe
AntivirusXP.exe
vvunbwrhxa.exe
imod3.dll
baracknews[1].exe
svchost.exe
PLAY_MP3[1].exe
tem8.tmp.exe
agent.exe
pc.exe
softjopa[1].exe
sp.dll
swapdm.dll
install[1].exe
yPjX.exe
s[1].exe
print[1].exe
save.exe
run[1].exe
contact[1].exe
main[1].exe
news[1].exe
malware.exe
sever.exe
_ex-68.exe
_ex-08.exe
785.exe
b.exe
wpv351242765100.exe
wpv451242765100.exe
wpv661242765100.exe
wpv841243516707.exe
wpv881243516707.exe
system.exe
wpv311228474072.cpx
msauc.exe
sam.exe.exe
BN19.tmp
wpv011242765100.exe
wpv631242765100.exe
wpv601242765100.exe
wpv291243516707.exe
9782.exe
cftmon.exe
7.tmp
alg.exe
init.exe
Le librerie Dynamic link utilizzano (Trojan.Waledac):
SSEngine.dll
usp10.dll
Omahonafazeq.dll
oqarib.dll
imod3.dll
sp.dll
swapdm.dll
usp10.dll
Omahonafazeq.dll
oqarib.dll
imod3.dll
sp.dll
swapdm.dll
Eseguibili da eliminare (Trojan.Waledac):
card[1].exe
ert51791.exe
AdwarePro.exe
AdwarePro_Setup[1].exe
StartApp.exe
1[1].exe
sysguardn.exe
free_scan.exe
ntos.exe
load[1].exe
new23[1].exe
gr[2].exe
adv111[1].exe
new26[1].exe
SetupAntivirusXP[1].exe
ieupdates.exe
Test.exe
loader[1].exe
~tmpa.exe
Hyves_Browser.exe
Hyves_Browser_Instalation.exe
winlogin.exe
AntivirusXP.exe
vvunbwrhxa.exe
baracknews[1].exe
svchost.exe
PLAY_MP3[1].exe
tem8.tmp.exe
agent.exe
pc.exe
softjopa[1].exe
install[1].exe
yPjX.exe
s[1].exe
print[1].exe
save.exe
run[1].exe
contact[1].exe
main[1].exe
news[1].exe
malware.exe
sever.exe
_ex-68.exe
_ex-08.exe
785.exe
b.exe
wpv351242765100.exe
wpv451242765100.exe
wpv661242765100.exe
wpv841243516707.exe
wpv881243516707.exe
system.exe
msauc.exe
sam.exe.exe
wpv011242765100.exe
wpv631242765100.exe
wpv601242765100.exe
wpv291243516707.exe
9782.exe
cftmon.exe
alg.exe
init.exe
ert51791.exe
AdwarePro.exe
AdwarePro_Setup[1].exe
StartApp.exe
1[1].exe
sysguardn.exe
free_scan.exe
ntos.exe
load[1].exe
new23[1].exe
gr[2].exe
adv111[1].exe
new26[1].exe
SetupAntivirusXP[1].exe
ieupdates.exe
Test.exe
loader[1].exe
~tmpa.exe
Hyves_Browser.exe
Hyves_Browser_Instalation.exe
winlogin.exe
AntivirusXP.exe
vvunbwrhxa.exe
baracknews[1].exe
svchost.exe
PLAY_MP3[1].exe
tem8.tmp.exe
agent.exe
pc.exe
softjopa[1].exe
install[1].exe
yPjX.exe
s[1].exe
print[1].exe
save.exe
run[1].exe
contact[1].exe
main[1].exe
news[1].exe
malware.exe
sever.exe
_ex-68.exe
_ex-08.exe
785.exe
b.exe
wpv351242765100.exe
wpv451242765100.exe
wpv661242765100.exe
wpv841243516707.exe
wpv881243516707.exe
system.exe
msauc.exe
sam.exe.exe
wpv011242765100.exe
wpv631242765100.exe
wpv601242765100.exe
wpv291243516707.exe
9782.exe
cftmon.exe
alg.exe
init.exe
Rimozione delle entrate del registro (Trojan.Waledac):
Microsoft\Windows\CurrentVersion\Uninstall\AdwarePro
Microsoft\Windows\CurrentVersion\Run\AdwareProMFCT
Adware Pro
Microsoft\Windows\CurrentVersion\App Paths\AdwarePro.exe
Microsoft\Windows\CurrentVersion\Run\sysguardn
Microsoft\Windows\CurrentVersion\Run\Mmexofumutokara
AntivirusXP
Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\AntivirusXP
Microsoft\Windows\CurrentVersion\Uninstall\Hyves Browser
MICROSOFT\WINDOWS\CURRENTVERSION\RUN\AntivirusXP.exe
Microsoft\Windows\CurrentVersion\Uninstall\PlayMP3
PlayMP3
Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D032570A-5F63-4812-A094-87D007C23012}
Microsoft\Windows\CurrentVersion\Uninstall\Privacy components
Microsoft\Windows\CurrentVersion\Run\agent.exe
Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Privacy components
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ PromoReg
RUNNING PROGRAM\_ex-08.exe
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ lsass driver
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ PromoReg
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ autoload
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ CTFMON
RUNNING PROGRAM\7.tmp
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ System Restore
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\USERINIT\ userinit
Microsoft\Windows\CurrentVersion\Run\AdwareProMFCT
Adware Pro
Microsoft\Windows\CurrentVersion\App Paths\AdwarePro.exe
Microsoft\Windows\CurrentVersion\Run\sysguardn
Microsoft\Windows\CurrentVersion\Run\Mmexofumutokara
AntivirusXP
Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\AntivirusXP
Microsoft\Windows\CurrentVersion\Uninstall\Hyves Browser
MICROSOFT\WINDOWS\CURRENTVERSION\RUN\AntivirusXP.exe
Microsoft\Windows\CurrentVersion\Uninstall\PlayMP3
PlayMP3
Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D032570A-5F63-4812-A094-87D007C23012}
Microsoft\Windows\CurrentVersion\Uninstall\Privacy components
Microsoft\Windows\CurrentVersion\Run\agent.exe
Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Privacy components
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ PromoReg
RUNNING PROGRAM\_ex-08.exe
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ lsass driver
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ PromoReg
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ autoload
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ CTFMON
RUNNING PROGRAM\7.tmp
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ System Restore
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\USERINIT\ userinit
Inserisci commento — CI SERVE LA TUA OPINIONE!