Category:Trojan,Backdoor,Downloader,DoS
[Panda]Madjid.2930.mbr;
[Computer Associates]Madjid.2930Madjid Detection :
Files:
[%PROFILE_TEMP%]\iadhide3.dll
[%PROFILE_TEMP%]\msview.inf
[%PROFILE_TEMP%]\setup_wm.exe
[%PROFILE_TEMP%]\px.dll
[%PROGRAM_FILES%]\BearShare\RunMSC.dll
[%PROGRAM_FILES%]\BearShare\Webstats.bat
[%PROGRAM_FILES%]\BearShare\Webstats.exe
[%PROGRAM_FILES%]\BearShare\Webstats.ini
[%PROGRAM_FILES%]\WhenUSearch\Search.exe
[%SYSTEM%]\WinDmy.dll
[%WINDOWS%]\lastgood\system32\msvcp50.dll
[%WINDOWS%]\RegisteredPackages\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}$BACKUP$\System\setup_wm.exe
[%PROFILE_TEMP%]\iadhide3.dll
[%PROFILE_TEMP%]\msview.inf
[%PROFILE_TEMP%]\setup_wm.exe
[%PROFILE_TEMP%]\px.dll
[%PROGRAM_FILES%]\BearShare\RunMSC.dll
[%PROGRAM_FILES%]\BearShare\Webstats.bat
[%PROGRAM_FILES%]\BearShare\Webstats.exe
[%PROGRAM_FILES%]\BearShare\Webstats.ini
[%PROGRAM_FILES%]\WhenUSearch\Search.exe
[%SYSTEM%]\WinDmy.dll
[%WINDOWS%]\lastgood\system32\msvcp50.dll
[%WINDOWS%]\RegisteredPackages\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}$BACKUP$\System\setup_wm.exe
Folders:
[%STARTMENU%]\programs\whenusearch
Registry Keys:
HKEY_CLASSES_ROOT\acm.acmfactory
HKEY_CLASSES_ROOT\acm.acmfactory.1
HKEY_CLASSES_ROOT\appid\acm.dll
HKEY_CLASSES_ROOT\appid\{127df9b4-d75d-44a6-af78-8c3a8ceb03db}
HKEY_CLASSES_ROOT\clsid\{a9aae1ab-9688-42c5-86f5-c12f6b9015ad}
HKEY_CLASSES_ROOT\interface\{43382522-a846-46f4-ac57-1f71ae6e1086}
HKEY_CLASSES_ROOT\interface\{572fb162-c0ba-4edf-8cff-e3846153b9b0}
HKEY_CLASSES_ROOT\interface\{72a836d1-bc00-43c0-a941-17960e4fb842}
HKEY_LOCAL_MACHINE\software\classes\clsid\{9f95f736-0f62-4214-a4b4-caa6738d4c07}
HKEY_LOCAL_MACHINE\software\classes\interface\{c285d18d-43a2-4aef-83fb-bf280e660a97}
HKEY_LOCAL_MACHINE\software\classes\runmsc.loader.1\clsid
HKEY_LOCAL_MACHINE\software\classes\runmsc.loader\clsid
HKEY_LOCAL_MACHINE\software\classes\runmsc.loader\curver
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9A9C9B69-F908-4AAB-8D0C-10EA8997F37E}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\savenow
HKEY_LOCAL_MACHINE\software\whenu
Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app management\arpcache\savenow
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app management\arpcache\savenow
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app management\arpcache\savenow
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app management\arpcache\savenow
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app management\arpcache\savenow
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app management\arpcache\savenow
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app management\arpcache\savenow
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app management\arpcache\savenow
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app management\arpcache\savenow
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app management\arpcache\savenow
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app management\arpcache\savenow
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app management\arpcache\whenusearch
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app management\arpcache\whenusearch
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app management\arpcache\whenusearch
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app management\arpcache\whenusearch
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app management\arpcache\whenusearch
Removing Madjid:
you can run trial version of ExterminateIt, or remove Madjid manually..ExterminateIt effectively and automatically removes Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware) from you computer.
Download ExterminateIt! to instantly get rid of Madjid!
Also Be Aware of the Following Threats:
W95.Segax Trojan Removal instruction
HippyNotify Trojan Removal instruction
BDirect Trojan Cleaner
Dekodolo Trojan Removal instruction
Divint Hacker Tool Cleaner
Posts
