Severity scale  
  (60/100)

Poltergeist. How to Remove? (Uninstall Guide)

removal by - -   | Type: Remote Administration Tools
12
A Remote Administration Tool is a special kind of hacker spyware, used for remote access and control of other people's computers. The attacker infects the PC via the e-mail or File and Print Sharing. A "server" allows him to connect via a "client" on his own machine. The functions of a RAT may vary, depending on the needs of the hacker. Some RATs can't really harm your PC and the only purpose they were made for is hooliganism. But some versions can steal vital information, delete files and even crash your system. You can guess by the name of this pest that its prime function is annoying the victim. Several versions (Poltergeist 1.0, Poltergeist 1.1b) appeared in the internet from July 2003 to February 2004. The author is a hacker called Trainwreck. He wrote this pest in Visual Basic programming language.

From the publisher:

"Poltergeist is a Client/Server side Trojan. It comes with one Client and two Server's, the Server.exe and the server-scr.scr both are the same only the extensions are diffrent. You'll have to use the Client to connect to the remote machine where the Server is running, but you need the IP adress of the remote computer in order to connect. Options ------- -I will explain some options here just to make things clear. One of the options is screen capture when you capture a screen, the screenshot will be saved in a map called "Trainwreck" wich is located in the same folder where your Client.exe is. -An other option is coding if you dont you dont understand what exactly happends then read this on. You'll be able to code your own things in Batch code or VBS scripting the choice is up to you, when your code is done you can compile that script and it will be compiled on the computer where the Server is running, all you have to do next is press on the execute button and your script will get executed. -Keylogger, this option logs the keystrokes of the person wich runs the Server.exe, you can save the log file by pressing on the "Save Log" button, your log will be saved at your C: HardDisk ( C:\KeyLog ) the file is called "KeyLog.txt". -Guess this are the most important things to discuss the other options are most self explanatory. from the doc:
'FAQ's about Poltergeist
-----------------------
-Reconnect doenst work?
When you just pressed on the disconnect button and want to reconnect immdiatly you'll see in the statusbar that your not connected, this is because it can take up to 6 min to clear the ports and set them open again to listen for incoming data. All you have to do is just wait a little bit.
-Why does it gives an error when i press on the "X" to close the Client.exe This isnt really an error, when you press the "X" to close the program and forgot to press on the disconnect button first, then it will first send a string to the server that the client is closing connection otherwise you wouldn't be able te reconnect to the server when the client gets closed with out saying to the Server.exe that your closing the connection, so its just meant for safety.
-For some more FAQ's check out the trojan and you'll see an option that has some more awnsers for your question." Poltergeist properties:
• Allows remote user connection
• Hides from the user
• Stays resident in background

It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use. By downloading any of provided Anti-spyware software you agree with our Privacy Policy and Agreement of Use.
Do it now!
Download
Reimage - remover Happiness
Guarantee
Compatible with Microsoft Windows
What to do if failed?
If you failed to remove infection using Reimage Reimage, submit a question to our support team and provide as much details as possible.
Reimage is recommended to uninstall Poltergeist. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

More information about this program can be found in Reimage review.
Reimage is recommended to uninstall Poltergeist. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

More information about this program can be found in Reimage review.
Not using OS X? Download a remover for Windows.
Press Mentions on Reimage
Alternate Software
Alternate Software
Plumbytes
We are testing Plumbytes's efficiency (2005-04-22 10:36)
Malwarebytes Anti Malware
We are testing Malwarebytes Anti Malware's efficiency (2005-04-22 10:36)
Hitman Pro
Webroot SecureAnywhere AntiVirus

Poltergeist manual removal

Kill processes:
38eeecc4.exe, 94b7c727.exe, client.exe, server.exe, trojandropper.win32.exebundle.27.exe
Unregister DLLs:
cat.dll

Delete files:
38eeecc4.exe, 94b7c727.exe, cat.dll, client.exe, readme.txt, server.exe, trojandropper.win32.exebundle.27.exe

Geolocation of Poltergeist

Map reveals the prevalence of Poltergeist. Countries and regions that have been affected the most are: Brazil, United States, United Kingdom, Chile and Mexico.

Information updated:

Comments on Poltergeist

Post a comment

Attention: Use this form only if you have additional information about a parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.

Home page Name



«

(All fields are required)