 Remove Golden Retriever. Description and removal instructions
From the publisher: "Golden Retreiver v1.1 BETA By Noa What the h%ll is it? Golden Retreiver is a very simple trojan made to do one specific thing. Once GR is run it will ftp to your ftp site and download the file called RunMe.exe. After it succesfully downloads it, it will be spawned. NOTE: For a more detailed description scroll down. Package Description GRcfg.exe- This needs to be run first so you can specify the username, password, ftp server, and binary file to download. GR.exe- This is the Golden Retreiver trojan file that needs to be spawned on a remote computer. This one will not restart with windows. GRreg.exe- This is the Golden Retreiver trojan file that needs to be spawned on a remote computer. This one will restart with windows. GRreg.exe.bak- This is a back-up of the one above because the GD trojan file can only be configured once. Read-Me.bat- Your viewing it dipsh%t. Read-Me.pif- settings for readme file. Detailed description When you run the trojan file it will copy itself to c:\mstask.exe with a different icon and add itself to the reg as "Task Manager" in /CurrentVersion/Run/. Then GR will check and see if it has allready been run and had a successfull download. If it hasn't then it will ftp to your previously specified ftp site and download the exe file named RunMe.exe(It *IS* Case Sensitive). If it can't successfully download the trojan at that time than it will try ever 5 minutes until it's successfull. If it is successfull than it will not start again untill the downloaded trojan is deleted:) !IMPORTANT NOTES!- In the config program make sure that when it asks you for executable that you put RunMe.exe, or it will not work at all. Also, GR.exe will not copy itself to the c:\ dir and add itself to the reg. Getting Started Step#1. Upload your favorite trojan or whatever to your ftp site and rename it RunME.exe(Case Sensitive). Step#2. Run Config.exe and specify the required info. Step#3. Give the GR Trojan file to a victim in some form or another. Step#4. Go to your ftp site and look for The_Trojan_Was_Uploaded. If it's there then trojan was successfully downloaded. iMPORTANT iNFO The trojan file does not require any VB runtime files because it was not coded in VB. BUT, the config.exe program requires VB6 runtimes. Sorry about that. I had probs with making it in c++." Golden Retriever properties: • Allows remote user connection • Hides from the user • Stays resident in background Automatic Golden Retriever removal:remover for Golden Retriever
Golden Retriever manual removal:Kill processes:c:\\mstask.exe, grcfg.exe Delete files: c:\\mstask.exe, grcfg.exe, read-me.bat, read-me.pif Other programs to remove Golden Retriever:• SUPERAntiSpyware - Review - Download• CounterSpy - Review - Download • Windows Defender - Review - Download Information added: 27/03/05 Information updated: 27/03/05 Additional resources related to Golden Retriever:Attention: If you know or you have a website or page about Golden Retriever removal, feel free to add a link to this list: add url
more resources Post Comment:Attention: Use this form only if you have additional information about Golden Retriever parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.
|
Latest spyware news:
 75 percent of online banking websites are insecure Malware rates keep rising up Switzerland is the most spammed country in a world What could happen if you’d replied to every single spam message? Is your web browser safe? Supervisor of the newest Nigerian scam gets punished MySpace spammer sentenced to pay $6 million Security experts are worried about home computers France and Japan combines efforts to fight cyber crimes Why can’t spam say goodbye?Subscribe to news 
Similar parasites:
|
FORUM:
HELP:
