W32.Troj.365soft Trojan removal

XBlock By Actiance - Home

Someone Spying on You? Fight Back!
Currently Notice: Undefined variable: incprefix in /data/www/xblock/product_show.php on line 123 25,860,543 Spy Software Busted!

Products

X-RayPC

Full Name:	W32.Troj.365soft
Type:	Trojan
Danger Level:	8
Category Description:	Trojans are malicious applications that pose themselves as legitimate software in order to trick users to install them. Once on the victim's machine, it may run any number of malicious process to steal vital information or inflict damage to other software.
Comment:	W32.Troj.365soft connects to a domain which drops more binaries on user's machine.It uses maximum virtual memory which cause to crash the system.

Properties:	Driveby ActiveX Installation Adds other software Allows remote connect Autostarts/Stays Resident Connects to the internet High Bandwidth No EULA present No standard Uninstaller Opens ports Sends mail Stealth Tactics
Manual Removal:	0) Boot the system in Safe Mode by pressing F8 1) Goto Start -> Run 2) Type regedit.exe 3) Goto HKEY_CURRENT_USER/software/microsoft/windowsNT/CurrentVersion/windows/ Double click on Key "load" and delete the value part if value = ",c:/windows/system/svchctrl.exe" 5) Goto HKEY_LOCAL_MACHINE/software/microsoft/windowsNT/CurrentVersion/winlogon Double click on Key "shell" and delete the value "Explorer.exe c:\windows\system32\ieupdate.exe" and type "Explorer.exe" Press OK button 6) Goto HKEY_LOCAL_MACHINE/software/microsoft/windowsNT/CurrentVersion/winlogon Double Click on Key "Userinit" and delete the value "userinit.exe ,c:\windows\system32\ieupdate.exe" and type "C:\WINDOWS\system32\userinit.exe," Press OK button

Back to the list of products removed by X-Cleaner

© Copyright 2003-2011, Actiance, Inc. All rights reserved. Privacy Policy