‹ How To Remove Virus "TR/Drop.Lollipop.A" ›
|Virus Name :
|Named By :
|Known Aliases :
||Trojan.Packed.541 (Dr.Web), Trojan.Win32.Delf.oaq (Kaspersky), TR/Agent.sja (Avira), TROJ_UFRAIE.F (Trend Micro), Generic.dx!rv (McAfee), Worm:Win32/Rimecud.B (Microsoft), P2P-Worm.Win32.Palevo.itq (VirusBlokAda), Trojan.Proxy.Agent.BBQ (BitDefender)
(based on aliases)
- Trojan horses may allow a hacker remote access to a target computer system, and perform various operations. The types of operations are limited by user privileges on target computer, which normally includes data theft, modification or deletion of files, keystroke logging, and use of machine as part of a botnet to perform mass spamming or to distribute Denial-of-service attacks.
- Trojan horses can be installed through software bundling (included as part of a software application available downloaded from file sharing network), email attachments, instant-messaging network, websites containing executable content (such as ActiveX control), etc. It can also be self-replicated by spreading itself through the use of application exploits.
- This type of Trojan allows unauthorized parties to use the infected computer as a proxy server to access the Internet anonymously. Infected machines may then be involved in criminal activities.
Viruses written for specific platforms
- Unlike viruses, computer worms do not integrate itself into a legitimate host file, and do not rely on host file execution in order to replicate themselves. A worm can replicates itself by sending copies from infected system to other systems via different types of connection, such as local network, peer-to-peer networks, IRC channels, email, Bluetooth, SMS, etc.
- Worms usually contains no payload in the past. But nowadays, worms are increasingly designed to include malicious payloads, and can be as destructive as Trojans and viruses.
Compressed "packed" files which contains malware
- The virus is designed to infect Windows 32-bit executable programs, and works in different Win32-environments.
Malware spreads via peer-to-peer network
- Being in a packed state reduces the size of the file, and also acts as a form of protection for the malware because its binary data will be altered. A packed file must be decompressed to its original state before it can be executed. Virus writers also commonly use a variety of packing techniques to prevent security programs from analyzing the file, including using multiple packers to compress the file.
- Malware, particularly worms, can take advantage of the mechanics of a P2P network to distribute itself to un-suspecting users. To do so, malware will typically place the worms in the shared folder. The malware is commonly named with names of popular movies, music, applications, etc, in order to catch user's attention.
- Download Dr.Web CureIt! and save it in desktop.
- Download Security Space Pro 7.0 (32/64-bit), save it in desktop.
- Reboot computer to Safe Mode (press F8 before any Microsoft logo appears).
- Double click "cureit.exe" on desktop, follow on screen instructions to scan hard disk.
(Wait patiently, it may take 20-60 minutes to perform an express scan.)
- After scanning is done, select all viruses found and choose "Cure".
(If some files are not suitable to be cured, choose "Quarantine" or "Delete".)
- When all viruses found are cured, quarantined, or deleted, reboot to Normal Mode.
- Uninstall existing anti-virus software which cannot kill the viruses, and then reboot again.
- Locate the setup file of Security Space Pro on desktop, double click to run it.
(For step-by-step procedures, please refer to installation video guide.)
- During setup, choose to obtain a demo key.
- After first time update, the scanner will be launched again, quit the scanner at this point.
- Complete the setup by rebooting computer.
- When time is allowed (may need several hours), perform a full scan in Dr.Web Scanner.
- If it is unable to start Windows due to virus infection, try Dr.Web LiveCD or Dr.Web LiveUSB instead of Dr.Web CureIt!
- Time needed for express scan or full scan relies on many factors, such as system performance, available memory, running processes, number of drives and files, etc.