NEWS
PARASITES
SOFTWARE
FORUM
DIRECTORY

 
 
 
 
 
 
  

Remove Stranget.b. Description and removal instructions

 
Title: Stranget.b
Type: Trojans
Severity scale:Stranget.b severity is 73  (73 / 100)
 
Stranget.b is a dangerous trojan that records user keystrokes and steals various passwords. It also collects information about the infected system and its network configuration, terminates running processes of most more or less popular antivirus programs, firewalls and other security-related software. Stranget.b sends gathered data to a predefined e-mail address or uploads it to a predetermined FTP server. The parasite can download and execute arbitrary harmful files. It is also able to regularly update itself via the Internet. Stranget.b runs on every Windows startup.

Stranget.b is usually installed by another trojan, which exploits certain Microsoft Internet Explorer vulnerabilities.

FORUM:
Discuss Stranget.b in
spyware removal forum

Stranget.b properties:
• Sends out logs by FTP or email
• Logs keystrokes
• Connects itself to the internet
• Hides from the user
• Stays resident in background

Automatic Stranget.b removal:

remover for Stranget.b

Stranget.b manual removal:

Kill processes:
nm32.exe, ~url.exe
HELP:
how to kill malicious processes

Delete registry values:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\ujm
HKEY_CLASSES_ROOT\FG.FGHelper
HKEY_CLASSES_ROOT\FG.FGHelper.1
HKEY_CLASSES_ROOT\FG.SubHelper
HKEY_CLASSES_ROOT\FG.SubHelper.1
HKEY_CLASSES_ROOT\AppID\FG.DLL
HKEY_CLASSES_ROOT\AppID\{85B17391-3706-4454-B73F-38D6E74B0480}
HKEY_CLASSES_ROOT\CLSID\{B4B1D862-DD79-47E6-B29B-2AD5A9A5D885}
HKEY_CLASSES_ROOT\CLSID\{FBFD2ED1-14EA-4D3A-B88E-DADF7C058766}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\InstallDate
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\InstallPath
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Update2
HELP:
how to remove registry entries

Unregister DLLs:
mn32.dll
HELP:
how to unregister malicious DLLs

Delete files:
nm32.exe, ~url.exe, mn32.dll
HELP:
how to remove harmful files

Delete directories:
C:\Windows\fyt
C:\Winnt\fyt

Other programs to remove Stranget.b:

• SUPERAntiSpyware - Review - Download
• CounterSpy - Review - Download
• Windows Defender - Review - Download

Information added: 27/03/06
Information updated: 27/03/06

Additional resources related to Stranget.b:

Attention: If you know or you have a website or page about Stranget.b removal, feel free to add a link to this list: add url



more resources

Post Comment:

Attention: Use this form only if you have additional information about Stranget.b parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.



Enter security code:

Latest spyware news:
Similar parasites:
Latest Spyware Threats: VirusProtect Pro | VirusLocker | SpyCrush | ContraVirus | SpyLocked | SpyDawn | AntiVerminser | SpywareQuake | VirusBurst | AntiVermins | AntiVermeans | Zlob | PopCorn.net | MovieLand | TagASaurus | BraveSentry | VirusBurster | SystemDoctor | VirusRescue | MalwareWipe | SpySheriff | CmdService | Smitfraud | SpywareStrike | WinFixer | WinHound | PestTrap | UnSpyPC
Agreement of Use | Privacy policy | Webmasters | Contact us | RSS Feeds
© 2001-2008 2-spyware.com All Rights Reserved. Reproduction in part or whole without written permission is prohibited. Powered by: eSolutions.