Trojan.Banker | ||
| ||
|
Farlig nivå: 
9
9
Typ: Trojan
Gemensamma infektionssymtom:
- Kopplar upp mot Internet utan din tillåtelse
- Visa kommersiell annonser
- Normala system program crash direkt
- Långsam Internet uppkoppling
- System crashes
- Kan inte ändra min hemsida
- Trög Dator
Hur tar man bort Trojan.Banker
Filer som hör ihop med infektion (Trojan.Banker):
ExAlien.exe
orkutATupdate.exe
codecpack.v.1.1.18[1].exe
install_en[1].exe
Certificado-4.1.10[1].exe
load[1].exe
ntos.exe
netfx20.exe
gbiesrv.exe
AcroIEHelpe.dll
Explorer.exe
iexplore.exe
WindowsUpdate.scr
ree2.exe
ree1.exe
nl.exe
msbcs.exe
mac.dll
fc.exe
csrss.exe
sunwin32.exe
systm321.exe
ssmss.exe
iexplorer2.exe
gbieh.dll
winnt4.exe
winnt3.exe
winnt6.exe
winnt5.exe
winsex.exe
svchosts.exe
dll.exe
sms.exe
smsni.exe
winnt2.exe
winmsne.exe
WPV501258147400.EXE
Z48B83X1LIB.DLL
svhost.exe
Systema.exe
mydpla.exe
wininit.exe
spoolsv.exe
SerialsWorld[skbhyu].exe
System32.exe
spoolsvr32.exe
svchost.exe
csrrs1.exe
csrrs2.exe
winnt.exe
winnt7.exe
nl6.exe
msmsgs.exe
krn4.exe
orkutATupdate.exe
codecpack.v.1.1.18[1].exe
install_en[1].exe
Certificado-4.1.10[1].exe
load[1].exe
ntos.exe
netfx20.exe
gbiesrv.exe
AcroIEHelpe.dll
Explorer.exe
iexplore.exe
WindowsUpdate.scr
ree2.exe
ree1.exe
nl.exe
msbcs.exe
mac.dll
fc.exe
csrss.exe
sunwin32.exe
systm321.exe
ssmss.exe
iexplorer2.exe
gbieh.dll
winnt4.exe
winnt3.exe
winnt6.exe
winnt5.exe
winsex.exe
svchosts.exe
dll.exe
sms.exe
smsni.exe
winnt2.exe
winmsne.exe
WPV501258147400.EXE
Z48B83X1LIB.DLL
svhost.exe
Systema.exe
mydpla.exe
wininit.exe
spoolsv.exe
SerialsWorld[skbhyu].exe
System32.exe
spoolsvr32.exe
svchost.exe
csrrs1.exe
csrrs2.exe
winnt.exe
winnt7.exe
nl6.exe
msmsgs.exe
krn4.exe
Dynamisk Länk Bibliotek att ta bort (Trojan.Banker):
AcroIEHelpe.dll
mac.dll
gbieh.dll
mac.dll
gbieh.dll
Processer att undgå (Trojan.Banker):
ExAlien
ExAlien.exe
orkutATupdate.exe
codecpack.v.1.1.18[1].exe
install_en[1].exe
Certificado-4.1.10[1].exe
load[1].exe
ntos.exe
netfx20.exe
gbiesrv.exe
Explorer.exe
iexplore.exe
ree2.exe
ree1.exe
nl.exe
msbcs.exe
fc.exe
csrss.exe
sunwin32.exe
systm321.exe
ssmss.exe
iexplorer2.exe
winnt4.exe
winnt3.exe
winnt6.exe
winnt5.exe
winsex.exe
svchosts.exe
dll.exe
sms.exe
smsni.exe
winnt2.exe
winmsne.exe
svhost.exe
Systema.exe
mydpla.exe
wininit.exe
spoolsv.exe
SerialsWorld[skbhyu].exe
System32.exe
spoolsvr32.exe
svchost.exe
csrrs1.exe
csrrs2.exe
winnt.exe
winnt7.exe
nl6.exe
msmsgs.exe
krn4.exe
ExAlien.exe
orkutATupdate.exe
codecpack.v.1.1.18[1].exe
install_en[1].exe
Certificado-4.1.10[1].exe
load[1].exe
ntos.exe
netfx20.exe
gbiesrv.exe
Explorer.exe
iexplore.exe
ree2.exe
ree1.exe
nl.exe
msbcs.exe
fc.exe
csrss.exe
sunwin32.exe
systm321.exe
ssmss.exe
iexplorer2.exe
winnt4.exe
winnt3.exe
winnt6.exe
winnt5.exe
winsex.exe
svchosts.exe
dll.exe
sms.exe
smsni.exe
winnt2.exe
winmsne.exe
svhost.exe
Systema.exe
mydpla.exe
wininit.exe
spoolsv.exe
SerialsWorld[skbhyu].exe
System32.exe
spoolsvr32.exe
svchost.exe
csrrs1.exe
csrrs2.exe
winnt.exe
winnt7.exe
nl6.exe
msmsgs.exe
krn4.exe
Ta bort register inlägg (Trojan.Banker):
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\USERINIT\ userinit
Microsoft\Windows\CurrentVersion\Run\Imparck[1].exe
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ netfx20
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ gbiesrv
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser HelperObjects\{B42BF63C-5354-4c5c-A789-66EFEEC5E1B0}
RUNNING PROGRAM\Explorer.exe
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Explorer
RUNNING PROGRAM\WindowsUpdate.scr
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ 3krn
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ 2krn
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ krn
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ msbcs
Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33161E98-0A6C-4d3c-BD62-3A7D56137F52}
{33161E98-0A6C-4d3c-BD62-3A7D56137F52}
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ ddos
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Javs
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ csrss
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Systm32
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ GlobalFlagimglog2
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Internet Explorer
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ winnt4
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ winnt3
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ winnt6
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ winnt5
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ winsex
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ svchosts
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ svchosts.exe
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ System More Service
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ smsnisys
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ winnt2
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ winmsne
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ msav
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ MSMSGS
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Messenger
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ System Update
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ krn99
RUNNING PROGRAM\winnt6.exe
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ winnt7
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ PreInstall
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Technology NT
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ 1260323839
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ drivevideo
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ SerialsWorld
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ System32
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Avast ! Antivirus
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Microsoft security control
Microsoft\Windows\CurrentVersion\Run\Imparck[1].exe
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ netfx20
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ gbiesrv
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser HelperObjects\{B42BF63C-5354-4c5c-A789-66EFEEC5E1B0}
RUNNING PROGRAM\Explorer.exe
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Explorer
RUNNING PROGRAM\WindowsUpdate.scr
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ 3krn
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ 2krn
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ krn
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ msbcs
Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33161E98-0A6C-4d3c-BD62-3A7D56137F52}
{33161E98-0A6C-4d3c-BD62-3A7D56137F52}
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ ddos
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Javs
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ csrss
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Systm32
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ GlobalFlagimglog2
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Internet Explorer
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ winnt4
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ winnt3
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ winnt6
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ winnt5
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ winsex
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ svchosts
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ svchosts.exe
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ System More Service
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ smsnisys
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ winnt2
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ winmsne
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ msav
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ MSMSGS
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Messenger
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ System Update
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ krn99
RUNNING PROGRAM\winnt6.exe
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ winnt7
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ PreInstall
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Technology NT
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ 1260323839
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ drivevideo
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ SerialsWorld
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ System32
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Avast ! Antivirus
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Microsoft security control
Skicka kommentar — VI BEHÖVER DIN ÅSIKT!