Win32.HLLW.Texmer.49 file name :New Folder.exe
Win32.HLLW.Texmer.49 description as following
PE32 executable for MS Windows (GUI) Intel 80386 32-bit
MD5 : f30cd03b0a49ee132756a6e8b13e7222
SHA1 : eba6dde1169657725a73fd3155f27400733d58b6
other names for Win32.HLLW.Texmer.49
IM-Worm.Win32.Sohanad.as
Worm/Sohanad.AS
Win32:Sohanad-T [Wrm]
rootkit.win32.tdss.a,how to remove rootkit.win32.tdss.a:
try the code as following:
begin
SetAVZGuardStatus(True);
SearchRootkit(true, true);
ExecuteRepair(13);
DelBHO(’{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F}’);
DelBHO(’{92780B25-18CC-41C8-B9BE-3C9C571A8263}’);
DelBHO(’{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F}’);
DelBHO(’{BA52B914-B692-46c4-B683-905236F6F655}’);
DelBHO(’{7E853D72-626A-48EC-A868-BA8D5E23E045}’);
QuarantineFile(’\\?\globalroot\systemroot\system32\UACvdoywcuwkipxbfa.dll’,”);
DeleteFile(’\\?\globalroot\systemroot\system32\UACvdoywcuwkipxbfa.dll’);
BC_ImportDeletedList;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.
Troj/Agent-JWN is not a threat in itself, it is a fake threat displayed by rogue anti-spyware programs. These programs use this and other scare tactics to get the user to buy the full version of the fake spyware removal programs.
Win32:Allaple-AAB is also known as: BackDoor-CYR (McAfee), Trojan Horse (Symantec), Trojan.Starman (Doctor Web), WORM_RAHACK.V (Trend Micro), TR/Agent.PY.17 (H+BEDV), W32/Trojan.HCS (FRISK), Win32:Allaple (ALWIL), Generic.RTW (Grisoft), Trojan.Agent.PY (SOFTWIN), Win32/Agent.NAL (Eset)
Win32:Allaple-AAB virus file :
e994bc32-2bab-42b8-bba7-4dae42a2429e.exe
htxcjlxl.exe
knkbrnbn.exe
Trojan-Downloader.Win32.FraudLoad.ecz virus files knowen %CommonAppData%\Microsoft\Network\Downloader\qmgr0.dat
%CommonAppData%\Microsoft\Network\Downloader\qmgr1.dat
%AppData%\asd.bat
%Windir%\ieocx.dll
cback.exe
gaelicum.exe
Trojan-Downloader.Win32.FraudLoad.ecz attempts to download and install other malware onto the affected system