Virus Names & Locations


Virus Names & Locations: – Below will be a list of Virus Names, and Locations that I have Detected on Clients Computers; and Successfully Removed.

“Virus Names & Locations”: –

Trojan Horse Downloader.Generic13.BLSY
C:/Users/—-/AppData/Local/Temp/gedk.dll

Trojan Horse Downloader.Generic13.BLSY
C:/Users/—-/AppData/Local/Temp/oieaf/oieaf.dll

Trojan Horse Packed_c.KPT
C:/Users/—-/AppData/Local/Jasc/ep0lvr1v.dll

Adware Generic5.AJPA
C:/Users/—-/AppData/Local/TopArcadeHits/Toparcadehits.dll

Adware Generic5.XGK
C:/Users/—-/Downloads/Extreme_Flash_Player_Setup.exe

Click “Continue Reading”, to see more of the list of Viruses, Names; and Locations.

Trojan Horse Downloader.Generic13.BLSY
C:/Users/—–/AppData/Local/Temp/gedk.dll

Trojan Horse Downloader.Generic13.BLSY
C:/Users/—–/AppData/Local/Temp/oieaf/oieaf.dll

Trojan Horse Packed_c.KPT
C:/Users/—–/AppData/Local/Jasc/ep0lvr1v.dll

Adware Generic5.AJPA
C:/Users/—–/AppData/Local/TopArcadeHits/Toparcadehits.dll

Adware Generic5.XGK
C:/Users/—–/Downloads/Extreme_Flash_Player_Setup.exe

Registry Keys Detected: 15
HKCR\CLSID{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} (PUP.DealPly) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} (PUP.DealPly) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} (PUP.DealPly) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} (PUP.DealPly) -> Quarantined and deleted successfully.

HKCR\CLSID{44ed99e2-16a6-4b89-80d6-5b21cf42e78b} (PUP.Optional.SafeMonitor.A) -> Quarantined and deleted successfully.

HKCR\TypeLib{781CA792-9B6E-400B-B36F-15C097D2CA54} (PUP.Optional.SafeMonitor.A) -> Quarantined and deleted successfully.

HKCR\Interface{2830488C-079B-45C2-88B6-AFE4EAA2DF85} (PUP.Optional.SafeMonitor.A) -> Quarantined and deleted successfully.

HKCR\DynConIE.DynConIEObject.1 (PUP.Optional.SafeMonitor.A) -> Quarantined and deleted successfully.

HKCR\DynConIE.DynConIEObject (PUP.Optional.SafeMonitor.A) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{44ED99E2-16A6-4B89-80D6-5B21CF42E78B} (PUP.Optional.SafeMonitor.A) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings{44ED99E2-16A6-4B89-80D6-5B21CF42E78B} (PUP.Optional.SafeMonitor.A) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats{44ED99E2-16A6-4B89-80D6-5B21CF42E78B} (PUP.Optional.SafeMonitor.A) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy{11111111-1111-1111-1111-110211621178} (PUP.Optional.Crossrider) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved{11111111-1111-1111-1111-110211621178} (PUP.Optional.Crossrider) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall{C1C3E833-420E-4D78-9BA7-86AEBB272384} (Adware.GameVance) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 7
C:\Program Files (x86)\DealPly\DealPlyIE.dll (PUP.DealPly) -> Quarantined and deleted successfully.

C:\Program Files (x86)\SearchDonkey\IE\common.dll (PUP.Optional.SafeMonitor.A) -> Quarantined and deleted successfully.

C:\ProgramData\Tarma Installer{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.

C:\Users\—–\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0\mgHelperGCFB.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.

C:\Users\—–\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.2_0\mgHelperGC.dll (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.

C:\Users\—–\AppData\Local\TopArcadeHits\uninstaller.exe (Adware.GameVance) -> Quarantined and deleted successfully.

C:\Users\—–\AppData\Local\TopArcadeHits\updater.exe (Adware.GameVance) -> Quarantined and deleted successfully.

Browser HiJackers/Malware

File Name: “Checker” – Unknown Programmer.
File Location: – C:/Users/Computer Name/AppData/Local/Temp///gedk.dll
Registry Location: – HKCU/SOFTWARE/Microsoft/Windows/Current Version/Run

Browser Hijacker: – “Conduit”
File Location: – C:/Control Panel/Programs/Programs and Features/Search Protect
Registry Location: – HKCU/Software/SearchProtect/ffprotect (ffHomepage/ffKeepAlive/ffSettings)

Files: – Control Panel.
1.) Quick Share.exe
2.) Search Donkey.exe
3.) Unit Layers.exe
4.) GPlayer.exe
5.) TidyNetworks.com
6.) We-Care.com

CrossRider – PUP.Optional.CrossRider.A

“Virus Name & Location”: –

Registry Keys Detected: 1

HKCU\Software\AppDataLow\Software\Crossrider (PUP.Optional.CrossRider.A)

Advertisements

About Eddie O.

Since 1998 I took interest in Computers, learning mostly about Virus removal; and security. Throughout the years I successfully completed A+, & N+ Prep Courses, for Computer Repairs; and Networking. Following the completion of them courses I enrolled into Online College for my Associates in Business Management, and my Bachelor in IT. I am considered a Free Lance Computer Technician, I specialize in Virus Removal, Rebuilding, and recovering Windows Operating Systems.
This entry was posted in Ask a Question (FAQ's), Fake "ROGUE" Anti-virus, Microsoft Windows OS, Trouble-Shooting, Virus Info & Removal Help and tagged , , , . Bookmark the permalink.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s