Danger level 7
Type: Malware

Sus.Behav

Sus.Behav is causing many headaches for many unsuspecting users, across the World Wide Web.

Sus.Behav exhibits characteristics synonymous and often associated with malware.

Officially categorized as a file, which displays suspicious behavior, Sus.Behav should definitely NOT be trusted, and should be removed from any system, as soon as it has been detected.

A computer system infected with as Sus.Behav may display the following warning signs:

• Corrupt files re-opens after been erased
• Modified browser start page, search page and error page
• Missing registry files
• Unknown programs show up in the process list
• Annoying Pop-Up Advertisement
• Changes in Internet Settings
• Unwanted Web Browser Components
• Decreased System Speeds

Should your system be experiencing any of the above mentioned symptoms, chances are there is malware present.

How does Sus.Behav infiltrate a system?
This particular malware, Sus.Behav is installed under deceptive pretences, infiltrating the user’s PC without their approval or knowledge. As with many of these type malware applications, Sus.Behav makes use of a number of vulnerabilities, for example:

1. P2P (Peer-to-Peer) Networks
2. Freeware and Shareware
3. Malicious Websites

To avoid unnecessary risk of further damaging your computer system, you should make use of a good legitimate and reliable spyware remover, which will come equip with all the necessary tools needed to rid your system of all nefarious activity allowed to enter into the system by Sus.Behav.

Therefore, the best bet, should you feel your system has been infected with Sus.Behav, would be to utilize a trusted anti-spyware application to rid your system of this dubious application, and all its components.

Download Spyware Removal Tool to Remove* Sus.Behav
  • Quick & tested solution for Sus.Behav removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove Sus.Behav

Files associated with Sus.Behav infection:

CarbonitePreinstaller.exe
tbaction.exe
fpfstb.dll
ccleaner.exe
av2009.exe
CarboniteSetupLitePBPreInstaller.exe
__c00135A8.dat
ERCUtil.dll
rqRiiHXQ.dll
FGSHEL~1.DLL
cbXPiFwT.dll
tuvVLcay.dll
opnonkhe.dll
alt.exe.exe
SpySweeperUI.exe
EntriqMediaServer.exe
DWRCS.EXE
xfire.exe

Sus.Behav DLL's to remove:

fpfstb.dll
ERCUtil.dll
rqRiiHXQ.dll
cbXPiFwT.dll
tuvVLcay.dll
opnonkhe.dll

Sus.Behav processes to kill:

CarbonitePreinstaller.exe
tbaction.exe
ccleaner.exe
av2009.exe
CarboniteSetupLitePBPreInstaller.exe
alt.exe.exe
SpySweeperUI.exe
EntriqMediaServer.exe
xfire.exe

Remove Sus.Behav registry entries:

HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ SpySweeper
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ PromoReg
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\NOTIFY\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\opnonkhe
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\NOTIFY\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\tuvVLcay
RUNNING PROGRAM\winlogon.exe
RUNNING PROGRAM\EXPLORER.EXE
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\NOTIFY\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\__c00135A8
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ CarboniteSetupLite
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ 29247207685934936530823877733220
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ ccleaner
RUNNING PROGRAM\xfire.exe
RUNNING PROGRAM\DWRCS.EXE
RUNNING PROGRAM\Entr
Disclaimer

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.