Sunday, February 1, 2009

SpyDldr.J Trojan

Click here to remove SpyDldr.J malware
SpyDldr.J description:
SpyDldr.J Category:Trojan
This loose category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.

Multi-purpose Trojans are also included in this group, as some virus writers
create multi-functional Trojans rather than Trojan packs.

Detection SpyDldr.J :

SpyDldr.J Files:
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\Antispyware Soldier.lnk
[%DESKTOP%]\Antispyware Soldier.lnk
[%PROFILE%]\cmd.exe
[%PROFILE%]\start
[%PROGRAM_FILES%]\Antispyware Soldier\antispysoldier.url
[%PROGRAM_FILES%]\Antispyware Soldier\unins000.dat
[%STARTUP%]\antispysoldier.lnk
[%SYSTEM%]\a.exe
[%SYSTEM%]\alxres.dll
[%SYSTEM%]\bridge.dll
[%SYSTEM%]\dailytoolbar.dll
[%SYSTEM%]\jao.dll
[%SYSTEM%]\lfd.dat
[%SYSTEM%]\oiso.bin
[%SYSTEM%]\questmod.dll
[%SYSTEM%]\runsrv32.dll
[%SYSTEM%]\runsrv32.exe
[%SYSTEM%]\sumsw32.exe
[%SYSTEM%]\SUSP.exe
[%SYSTEM%]\tcpservice2.exe
[%SYSTEM%]\txfdb32.dll
[%SYSTEM%]\udpmod.dll
[%SYSTEM%]\wstart.dll
[%WINDOWS%]\alexaie.dll
[%WINDOWS%]\alxie328.dll
[%WINDOWS%]\alxtb1.dll
[%WINDOWS%]\bg_bg.gif
[%WINDOWS%]\big_red_x.gif
[%WINDOWS%]\BTGrab.dll
[%WINDOWS%]\buy_now.gif
[%WINDOWS%]\click_for_free_scan.gif
[%WINDOWS%]\close_ico.gif
[%WINDOWS%]\dlmax.dll
[%WINDOWS%]\download.gif
[%WINDOWS%]\download_product.gif
[%WINDOWS%]\free_scan_red_btn.gif
[%WINDOWS%]\icon_warning_big.gif
[%WINDOWS%]\infected_top_bg.gif
[%WINDOWS%]\logo.gif
[%WINDOWS%]\navibar_bg.gif
[%WINDOWS%]\navibar_corner_left.gif
[%WINDOWS%]\navibar_corner_right.gif
[%WINDOWS%]\product_box.gif
[%WINDOWS%]\Pynix.dll
[%WINDOWS%]\red_warning_ico.gif
[%WINDOWS%]\remove_spyware_header.gif
[%WINDOWS%]\safe_and_trusted.gif
[%WINDOWS%]\spyware_detected.gif
[%WINDOWS%]\susp.exe
[%WINDOWS%]\yellow_warning_ico.gif
[%WINDOWS%]\yod.htm
[%WINDOWS%]\ZServ.dll
[%APPDATA%]\Microsoft\Internet Explorer\Quick Launch\Antispyware Soldier.lnk
[%DESKTOP%]\Antispyware Soldier.lnk
[%PROFILE%]\cmd.exe
[%PROFILE%]\start
[%PROGRAM_FILES%]\Antispyware Soldier\antispysoldier.url
[%PROGRAM_FILES%]\Antispyware Soldier\unins000.dat
[%STARTUP%]\antispysoldier.lnk
[%SYSTEM%]\a.exe
[%SYSTEM%]\alxres.dll
[%SYSTEM%]\bridge.dll
[%SYSTEM%]\dailytoolbar.dll
[%SYSTEM%]\jao.dll
[%SYSTEM%]\lfd.dat
[%SYSTEM%]\oiso.bin
[%SYSTEM%]\questmod.dll
[%SYSTEM%]\runsrv32.dll
[%SYSTEM%]\runsrv32.exe
[%SYSTEM%]\sumsw32.exe
[%SYSTEM%]\SUSP.exe
[%SYSTEM%]\tcpservice2.exe
[%SYSTEM%]\txfdb32.dll
[%SYSTEM%]\udpmod.dll
[%SYSTEM%]\wstart.dll
[%WINDOWS%]\alexaie.dll
[%WINDOWS%]\alxie328.dll
[%WINDOWS%]\alxtb1.dll
[%WINDOWS%]\bg_bg.gif
[%WINDOWS%]\big_red_x.gif
[%WINDOWS%]\BTGrab.dll
[%WINDOWS%]\buy_now.gif
[%WINDOWS%]\click_for_free_scan.gif
[%WINDOWS%]\close_ico.gif
[%WINDOWS%]\dlmax.dll
[%WINDOWS%]\download.gif
[%WINDOWS%]\download_product.gif
[%WINDOWS%]\free_scan_red_btn.gif
[%WINDOWS%]\icon_warning_big.gif
[%WINDOWS%]\infected_top_bg.gif
[%WINDOWS%]\logo.gif
[%WINDOWS%]\navibar_bg.gif
[%WINDOWS%]\navibar_corner_left.gif
[%WINDOWS%]\navibar_corner_right.gif
[%WINDOWS%]\product_box.gif
[%WINDOWS%]\Pynix.dll
[%WINDOWS%]\red_warning_ico.gif
[%WINDOWS%]\remove_spyware_header.gif
[%WINDOWS%]\safe_and_trusted.gif
[%WINDOWS%]\spyware_detected.gif
[%WINDOWS%]\susp.exe
[%WINDOWS%]\yellow_warning_ico.gif
[%WINDOWS%]\yod.htm
[%WINDOWS%]\ZServ.dll

SpyDldr.J Folders:
[%COMMON_PROGRAMS%]\Antispyware Soldier
[%PROGRAM_FILES%]\Antispyware Soldier

SpyDldr.J Registry Keys:
HKEY_CLASSES_ROOT\CLSID\{00000000-59D4-4008-9058-080011001200}
HKEY_CLASSES_ROOT\CLSID\{00000000-C1EC-0345-6EC2-4D0300000000}
HKEY_CLASSES_ROOT\CLSID\{00000000-F09C-02B4-6EC2-AD0300000000}
HKEY_CLASSES_ROOT\CLSID\{3ceff6cd-6f08-4e4d-bccd-ff7415288c3b}
HKEY_CLASSES_ROOT\CLSID\{7b55bb05-0b4d-44fd-81a6-b136188f5deb}
HKEY_CLASSES_ROOT\CLSID\{8333C319-0669-4893-A418-F56D9249FCA6}
HKEY_CLASSES_ROOT\CLSID\{E52DEDBB-D168-4BDB-B229-C48160800E81}
HKEY_CURRENT_USER\Software\ADV
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00000000-59D4-4008-9058-080011001200}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00000000-C1EC-0345-6EC2-4D0300000000}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00000000-F09C-02B4-6EC2-AD0300000000}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3ceff6cd-6f08-4e4d-bccd-ff7415288c3b}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7b55bb05-0b4d-44fd-81a6-b136188f5deb}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8333c319-0669-4893-a418-f56d9249fca6}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9c691a33-7dda-4c2f-be4c-c176083f35cf}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e52dedbb-d168-4bdb-b229-c48160800e81}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ffd2825e-0785-40c5-9a41-518f53a8261f}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Antispyware Soldier_is1

SpyDldr.J Registry Values:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run

Removing SpyDldr.J:

you can run trial version of ExterminateIt, or remove SpyDldr.J manually.

To completely manually remove SpyDldr.J malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with SpyDldr.J.

Read also:
Pigeon.AVEZ Trojan Symptoms

Posted by ylekybuhulaf at 4:56 PM

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)