NEWS
PARASITES
SOFTWARE
FORUM
DIRECTORY

 
 
 
 
 
 
  
Title: Waledac
Type: Trojans

Remove Waledac. Removal instructions


 
Also known as: Trojan Waledac, Trojan.Spambot.4202, Trojan.Waledac.B, Trojan:Win32/Waledac.A
Severity scale:Waledac severity is 38  (38 / 100)
 
Waledac is a trojan virus that uses events such as Christmas, Valentine’s day or Independence Day to spread itself and to infect as many computers as possible. The main purpose of this virus is to create a botnet which later can be used to execute even more dangerous attacks. This parasite may also enter the system through fake holiday e-cards and greetings videos. When running, Waledac will scan your computer for targeted email addresses in:

- Hard drives, flash drives
- Remote network drives
- CD and floppy drives, flash card readers

These email addresses will be later used to send spam messages.

Waledac is serious threat to your privacy. It may eventually download additional parasites including adware, spyware and other trojans. Trojan Waledac is also capable of providing PC access to remote cyber-thieves, enabling hackers to access confidential data like account user names and passwords or even credit card details. The virus uses a peer-to-peer (P2P) network to send encrypted information to a web server. Trojan Waledac should be removed as soon as possible if detected, otherwise this parasite may cause even more damage to the system. Please use the remove guide below to completely remove Waledac from your computer.

Related files: loader[1].exe, ~tmpa.exe, Hyves_Browser.exe, Hyves_Browser_Instalation.exe, i386si.sys, winlogin.exe, tem8.tmp.exe, agent.exe, pc.exe, softjopa[1].exe, sp.dll, swapdm.dll, card[1].exe, ert51791.exe, SSEngine.dll, StartApp.exe, 1[1].exe, sysguardn.exe, free_scan.exe, ntos.exe, load[1].exe, test.exe, oqarib.dll, usp10.dll, Omahonafazeq.dll, new23[1].exe, gr[2].exe, adv111[1].exe, new26[1].exe, Card.exe, cardviewer.exe, devkit.exe, download.exe, ecard.exe, install.exe, lovecard.exe, lovekit.exe, loveprogramm.exe, Loveu.exe, Luv.exe, Programm.exe, vcard.exe, viewer.exe

Waledac properties:
• Allows remote user connection
• Changes browser settings
• Hides from the user
• Stays resident in background

Waledac snapshot:
Waledac removal

Automatic Waledac removal:

remover for Waledac
SpyHunter is recommended remover to uninstall Waledac. You should confirm using free trial that it detects current version of parasite.

Note: Manual assistance required means that one or all of removers were unable to remove parasite without some manual intervention, please read manul removal instructions below.

If you failed to remove Waledac using SpyHunter please report this to us.

We might be affiliated with any product we recommend on the site. Full disclosure in our Agreement of Use.
STOPzilla
download | review
We are testing STOPzilla's efficiency at removing Waledac (2009-07-03 04:43:58)
Malwarebytes Anti Malware
download | review
We are testing Malwarebytes Anti Malware's efficiency at removing Waledac (2009-07-03 04:43:58)
Spyware Doctor
download | review | tutorial
We are testing Spyware Doctor's efficiency at removing Waledac (2009-07-03 04:43:58)
XoftSpySE Anti Spyware
download | review

Waledac manual removal:

Kill processes:
new26[1].exe adv111[1].exe gr[2].exe new23[1].exe Test.exe load[1].exe ntos.exe free_scan.exe sysguardn.exe 1[1].exe StartApp.exe ert51791.exe card[1].exe softjopa[1].exe pc.exe agent.exe tem8.tmp.exe winlogin.exe Hyves_Browser_Instalation.exe Hyves_Browser.exe ~tmpa.exe loader[1].exe Card.exe cardviewer.exe devkit.exe download.exe ecard.exe install.exe lovecard.exe lovekit.exe loveprogramm.exe Loveu.exe Luv.exe Programm.exe vcard.exe viewer.exe
HELP:
how to kill malicious processes

Delete registry values:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D032570A-5F63-4812-A094-87D007C23012}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\agent.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Hyves Browser
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Privacy components
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\PromoReg = ""
HKCU\Software\Microsoft\Windows\CurrentVersion\RList = ""
HKCU\Software\Microsoft\Windows\CurrentVersion\MyID = ""
HKCU\Software\Microsoft\Windows\CurrentVersion\FWDone = ""
HKCU\Software\Microsoft\Windows\CurrentVersion\LastCommandId = ""
HELP:
how to remove registry entries

Unregister DLLs:
Omahonafazeq.dll usp10.dll oqarib.dll SSEngine.dll swapdm.dll sp.dll
HELP:
how to unregister malicious DLLs

Delete files:
new26[1].exe adv111[1].exe gr[2].exe new23[1].exe Omahonafazeq.dll usp10.dll oqarib.dll Test.exe load[1].exe ntos.exe Card.exe cardviewer.exe devkit.exe download.exe ecard.exe install.exe lovecard.exe lovekit.exe loveprogramm.exe Loveu.exe Luv.exe Programm.exe vcard.exe viewer.exe free_scan.exe sysguardn.exe 1[1].exe StartApp.exe SSEngine.dll ert51791.exe card[1].exe swapdm.dll sp.dll softjopa[1].exe pc.exe agent.exe tem8.tmp.exe winlogin.exe i386si.sys Hyves_Browser_Instalation.exe Hyves_Browser.exe ~tmpa.exe loader[1].exe
HELP:
how to remove harmful files
Information added: 2009-04-08 03:35:40
Information updated: 2009-07-03 02:06:43

Additional resources related to Waledac:

Attention: If you know or you have a website or page about Waledac removal, feel free to add a link to this list: add url
more resources
0
0
<Guest>
Malewarebytes finds this after several cleanings, the files and locations were not found on an infected XP machine with IE8. None of the processes listed were running when the Trojan was found.perhaps there is a new variant amidst...
2009 05 24

Post Comment:

Attention: Use this form only if you have additional information about Waledac parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.
Home page Name



«


* All field required
Related news:
Similar parasites:
Compare spyware removers
Compare free products

HijackThis Log Analyzer Beta 2 HijackThis Log Analyzer Beta 2

I failed to remove Waledac using SpyHunter.

Email


Close

Spreading the knowledge:

It is very hard to fight Computer parasites alone in internet space. If you have a website we would be more than happy if you would help us to spread the knowledge about latest threats. You can help your visitors to manage their Computer system manually without aditional expences. Knowledge is the power, we just need to spread it.
add text box
rss feed
help other
Latest Spyware Threats: Internet Security 2012 | Win 7 Total security 2012 | System Check | Win 7 Internet Security 2012 | Win 7 Home Security 2012 | Win 7 Antivirus 2012 | Win 7 Antispyware 2012 | Vista Security 2012 | Vista Antivirus 2012 | Vista Antispyware 2012 | XP Antispyware 2012 | XP Antivirus 2012 | XP Security 2012 | XP Home Security 2012 | Security Shield
Agreement of Use | Privacy policy | Webmasters | Contact us | RSS Feeds
© 2001-2011 2-spyware.com All Rights Reserved. Reproduction in part or whole without written permission is prohibited. Powered by: eSolutions.