Home / Parasites / Trojans / Trojan-PSW.Win32.Hooker Pop-up
Click on screenshot to zoom
Danger level 9
Type: Trojans
Common infection symptoms:
  • Connects to the internet without permission
  • Shows commercial adverts
  • Slow internet connection
  • Annoying Pop-up's
  • Slow Computer
Other mutations known as:

Trojan-PSW.Win32.Hooker Pop-up

Trojan-PSW.Win32.Hooker Pop-up is not to be trusted, as it portrays itself as a legitimate security alert message, when in actuality it is merely a tactic employed by the rogue application, Windows PC Defender, to ensure its goal of goading money from unsuspecting PC users.

As soon as Windows PC Defender is installed and activated on a computer system, it continues to harass the computer user with pop-up message alerts, the likes of Trojan-PSW.Win32.Hooker Pop-up. This particular pop-up message looks like this:

“Warning! Your computer is infected
Warning! Trojan Found!

Threat detected: Trojan

File name: kernal32.exe
Threat name: Trojan-PSW.Win32.Hooker
File at risk of infection: C:/Documents and Settings/User/…

Total Vulnerabilities: 9

Description: This is a password-stealing Trojan. When activated
it installs itself to the system, copies itself to the
Windows or Windows system directory and
registers itself in the system registry auto-run
section.

Recommended: Please click “Remove All” to eliminate all possible threats and protect Your PC Remove All”

Should the user click on the “Remove All” button, they will immediately be redirected to the affiliated website, and be prompted to purchase the full version of Windows PC Defender. Do NOT click this button!

As soon as a computer begins to show the following symptoms, chances are the system has been infiltrated by a rogue application, and should be attended to ASAP:

• Annoying Pop-Up Advertisements
• Changes in Internet Settings
• Changes Web Browser Components
• Decrease in System Speeds
• Slow computer performance
• New desktop shortcuts or switched homepage
• Displays of false positives/fake alerts

Although manual removal is sometimes best, this process should be left to the PC user that knows their way around the system’s registry.

It may be more beneficial to simply use an up to date and fully operational antispyware application, to combat the infection and get rid of Trojan-PSW.Win32.Hooker Pop-up and the affiliated rogue application.

Download Spyware Removal Tool to Remove* Trojan-PSW.Win32.Hooker Pop-up
  • Quick & tested solution for Trojan-PSW.Win32.Hooker Pop-up removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove Trojan-PSW.Win32.Hooker Pop-up

Files associated with Trojan-PSW.Win32.Hooker Pop-up infection:

msmxjchn.dll
vshost.exe
nodlogin.exe
wm1dap.dll
yxcsbhlp.dll
tavo1.dll
ltsolvrz.dll
dzmydf.dll
WinSoft3.DLL
533931MM.DLL
WebPaper.exe
csrns.exe
msuqddft.dll
msejfzrl.dll
WINSvr64.exe
ctfmon.exe
sichost.exe
jsdb.dll
10417sys.dll
08223b03.dll
122b901e.dll
2ef0d734.dll
49400W.exe
49400M.exe
533931M.exe
338448L.exe
55551.dll
7F1C46C1BD7F.dll
fgjk4wvb.dll
326xxx.dll
03518usc.dll
kavo.exe
kavo1.dll
msosfmsq00.dll
amvo.exe
winsvr32.exe
4138kou.dll
3272xxx.dll
msosdrop00.dll
mfchlp64.exe
tciocp64.exe
ttFKKFKK1065.dll
msosjtio00.dll
zywmdime.dll
yuiabct.exe
wintunpce.exe
dat5.tmp
svchosts.exe
wyrsdj.dll
fjyjy.dll
iexplorer.exe
kavo0.dll
yebaep.dll
fsrgeb.dll
winlogun.exe
tdfhex.dll
jfdses.dll
sgdewg.dll
dndsaf.dll
zgxfdx.dll
wzcfsw.dll
zAPWgSjGrSpdsE4.fon
liser.dll
pcidisk.sys
RhdwE8NYdbqQ.dll
fmsjhif.dll
yuiabct.dll
iexplore.exe
msasvc.exe
ZCfgSvc.exe
Slave.exe
gina_x86.dll
helper.dll
otrewe1.dll
mkfght0.dll
rttrwq.exe
cvsdfw.exe
z9gNwvuVDpyQqHSu.fon
isadisk.sys
antit.dll
hyrteas0.dll
load[2].exe
1[1].exe
WowInitcode.dll
mf[1].exe

Trojan-PSW.Win32.Hooker Pop-up DLL's to remove:

WinSoft3.DLL
533931MM.DLL
msmxjchn.dll
wm1dap.dll
yxcsbhlp.dll
tavo1.dll
ltsolvrz.dll
dzmydf.dll
msuqddft.dll
msejfzrl.dll
jsdb.dll
10417sys.dll
08223b03.dll
122b901e.dll
2ef0d734.dll
55551.dll
7F1C46C1BD7F.dll
fgjk4wvb.dll
326xxx.dll
03518usc.dll
kavo1.dll
msosfmsq00.dll
4138kou.dll
3272xxx.dll
msosdrop00.dll
ttFKKFKK1065.dll
msosjtio00.dll
zywmdime.dll
wyrsdj.dll
fjyjy.dll
kavo0.dll
yebaep.dll
fsrgeb.dll
tdfhex.dll
jfdses.dll
sgdewg.dll
dndsaf.dll
zgxfdx.dll
wzcfsw.dll
liser.dll
RhdwE8NYdbqQ.dll
fmsjhif.dll
yuiabct.dll
gina_x86.dll
helper.dll
otrewe1.dll
mkfght0.dll
antit.dll
hyrteas0.dll
WowInitcode.dll

Trojan-PSW.Win32.Hooker Pop-up processes to kill:

SearchSettingsProtection.exe
vshost.exe
nodlogin.exe
WebPaper.exe
csrns.exe
WINSvr64.exe
ctfmon.exe
sichost.exe
49400W.exe
49400M.exe
533931M.exe
338448L.exe
kavo.exe
amvo.exe
winsvr32.exe
mfchlp64.exe
tciocp64.exe
yuiabct.exe
wintunpce.exe
svchosts.exe
iexplorer.exe
winlogun.exe
iexplore.exe
msasvc.exe
ZCfgSvc.exe
Slave.exe
rttrwq.exe
cvsdfw.exe
load[2].exe
1[1].exe
mf[1].exe

Remove Trojan-PSW.Win32.Hooker Pop-up registry entries:

HKEY_CURRENT_USERSOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN ttool
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ amva
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ anhtaas
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ ertyuop
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Explorer
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ kava
HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN SysCom
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINDOWS\APPINIT_DLLS\ AppInit_DLLs
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\USERINIT\ userinit
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00D13CE9-1879-41bd-B8A3-EA3CB1BD01BC}
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Explorer
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Fyj
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ HKLM
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ jsg8jfgfdfhfhf
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ mfchlp64
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Subsystem Monitor
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ systeminfors
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ tciocp64
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ WINSvr64
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ WinSysM
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ WinSysW
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ yuiabct
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\isadisk
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Microsoft authenticate service
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\pcidisk
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RA Server
RUNNING PROGRAM\Explorer.EXE
RUNNING PROGRAM\winlogon.exe
RUNNING PROGRAM\wintunpce.exe
Disclaimer

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
 This is a captcha-picture. It is used to prevent mass-access by robots.

 
© 2006-2024 pcthreat.com  |  Terms of use |  Privacy policy |  About us |  Link to US