Services    Trojan info    Chat    Downloads      About Us      Contact  Us     Help Forum     Support Us    Search

Anti-spam trojan
Some one thought it would be funny to make a fake email from Microsoft and attach a nasty little trojan to it .
The letter claims that the attached file is a spam filter . Microsoft do not email files to customers so do not be tricked .

Trojan removal :
1. Click Here  to download a .reg file
2. Once the file has finished being downloaded, double click on the file to run it. This file will reset the registry entry so that the trojan will not be loaded when you next reboot your computer.
3. Once the .reg file has been run, close any applications that are open and reboot your computer.
4. Check that you have the latest anti-virus update, and if it is not the latest, download and install the latest update.

Bugs
I have no idea what this trojan is about , it isn't in English and I am unsure what language it is in . But I have worked out how to remove the server so if you do become infected then you'll be able to remove it
Also the server once executed will open the following port on the victims machine : 2115 tcp

Removal instructions
Go to start then to run and type regedit , when regedit comes up remove the SysTray key located in the registry at: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\run. Then  reboot the computer, or close it.
Delete the trojan files Systemtr.exe in the Windows System directory.

bobo
This trojan is basically another back orifice interface but with limited features , the removal process is as follows :
Removal instructions :
Next Click Start, and go to Run. In the box, type regedit and click OK.
When regedit starts, you will see a file-like tree on the left hand panel. Open the folders to follow the path:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
Click on 'Run' and the right-hand panel will change. Look for the item titled: DirrectLibrarySupport ="C:\WINDOWS\SYSTEM\Dllclient.exe"
Right click on 'DirrectLibrarySupport' and choose Delete.
Close regedit
Next t your computer.
When windows restarts, open Windows explorer, and in the directory C:\Windows\System\ find and delete the file rmaapp.exe.
DO NOT delete the file Dllclient.exe
Removal v2.0
Next Click Start, and go to Run. In the box, type regedit and click Run.
When regedit starts, you will see a file-like tree on the left hand panel. Open the folders (by clicking the + ) to follow the path below:
HKEY_USER/.Default/Software/Mirabilis/ICQ/Agent/Apps/ICQ Accel/
ICQ Accel is the 'fake' component, and you should right click on that folder (being careful not to click on any folders before it) and choose delete.
Close regedit
Next reboot your computer. Now your computer is clean