Poltergeist. How to remove? (Uninstall guide)

removal by Lucia Danes - - | Type: Remote Administration Tools
12

A Remote Administration Tool is a special kind of hacker spyware, used for remote access and control of other people’s computers. The attacker infects the PC via the e-mail or File and Print Sharing. A “server” allows him to connect via a “client” on his own machine. The functions of a RAT may vary, depending on the needs of the hacker. Some RATs can’t really harm your PC and the only purpose they were made for is hooliganism. But some versions can steal vital information, delete files and even crash your system. You can guess by the name of this pest that its prime function is annoying the victim. Several versions (Poltergeist 1.0, Poltergeist 1.1b) appeared in the internet from July 2003 to February 2004. The author is a hacker called Trainwreck. He wrote this pest in Visual Basic programming language.

From the publisher:

“Poltergeist is a Client/Server side Trojan. It comes with one Client and two Server’s, the Server.exe and the server-scr.scr both are the same only the extensions are diffrent. You’ll have to use the Client to connect to the remote machine where the Server is running, but you need the IP adress of the remote computer in order to connect. Options ——- -I will explain some options here just to make things clear. One of the options is screen capture when you capture a screen, the screenshot will be saved in a map called “Trainwreck” wich is located in the same folder where your Client.exe is. -An other option is coding if you dont you dont understand what exactly happends then read this on. You’ll be able to code your own things in Batch code or VBS scripting the choice is up to you, when your code is done you can compile that script and it will be compiled on the computer where the Server is running, all you have to do next is press on the execute button and your script will get executed. -Keylogger, this option logs the keystrokes of the person wich runs the Server.exe, you can save the log file by pressing on the “Save Log” button, your log will be saved at your C: HardDisk ( C:\KeyLog ) the file is called “KeyLog.txt”. -Guess this are the most important things to discuss the other options are most self explanatory. from the doc:
‘FAQ’s about Poltergeist
———————–
-Reconnect doenst work?
When you just pressed on the disconnect button and want to reconnect immdiatly you’ll see in the statusbar that your not connected, this is because it can take up to 6 min to clear the ports and set them open again to listen for incoming data. All you have to do is just wait a little bit.
-Why does it gives an error when i press on the “X” to close the Client.exe This isnt really an error, when you press the “X” to close the program and forgot to press on the disconnect button first, then it will first send a string to the server that the client is closing connection otherwise you wouldn’t be able te reconnect to the server when the client gets closed with out saying to the Server.exe that your closing the connection, so its just meant for safety.
-For some more FAQ’s check out the trojan and you’ll see an option that has some more awnsers for your question.”

do it now!
Download
Reimage (remover) Happiness
Guarantee
Download
Reimage (remover) Happiness
Guarantee
Compatible with Microsoft Windows Compatible with OS X
What to do if failed?
If you failed to remove infection using Reimage, submit a question to our support team and provide as much details as possible.
We might be affiliated with any product we recommend on the site. Full disclosure in our Agreement of Use. By Downloading any provided Anti-spyware software to remove Poltergeist you agree to our privacy policy and agreement of use.
Reimage is recommended to uninstall Poltergeist. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

Note: Manual assistance required means that one or all of removers were unable to remove parasite without some manual intervention, please read manual removal instructions below.

More information about this program can be found in Reimage review.

More information about this program can be found in Reimage review.
Alternate Software
Plumbytes Anti-Malware
We have tested Plumbytes Anti-Malware's efficiency in removing Poltergeist (2005-04-22)
Malwarebytes Anti Malware
We have tested Malwarebytes Anti Malware's efficiency in removing Poltergeist (2005-04-22)
Hitman Pro
We have tested Hitman Pro's efficiency in removing Poltergeist (2005-04-22)
Webroot SecureAnywhere AntiVirus
We have tested Webroot SecureAnywhere AntiVirus's efficiency in removing Poltergeist (2005-04-22)

Poltergeist manual removal:

Kill processes:
38eeecc4.exe,94b7c727.exe,client.exe,server.exe,trojandropper.win32.exebundle.27.exe

Unregister DLLs:
cat.dll

Delete files:
38eeecc4.exe,94b7c727.exe,cat.dll,client.exe,readme.txt,server.exe,trojandropper.win32.exebundle.27.exe

About the author

Lucia Danes
Lucia Danes - Virus researcher

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

More information about the author