Danger level 8
Type: Spyware

Trojan.Scar.hej

Trojan.Scar.hej is related to Spyware. Your computer\'s security and privacy may be at risk.

Trojan.Scar.hej is further classified by many experts as the following:
* System Back Door
* Cloaked Malware
* Malicious Software

The following are symptoms associated with this type of malicious application:

* Allows parasites associated with the file to operate invisibly in the background.
* May record your credit cards, bank passwords and other personal information. * Parasites operate on your PC while malicious file is present on the system.

Trojan.Scar.hej has been seen to perform the following behavior:

* Found on infected systems and resists interrogation by security products
* The Process is packed and/or encrypted using a software packing process
* Can communicate with other computer systems using HTTP protocols
* Writes to another Process\'s Virtual Memory (Process Hijacking)
* Looks at the contents of the autoexec.bat file
* Reads email address and phone book details
* Opens browser pop-up messages
* Visits web sites on your PC without you knowing
* Creates a hidden window which can be used to run other programs without your knowledge
* Adds products to the system registry
* Uses DNS to retrieve the IP address for web sites

Below is a list of features that will help define whether a file the likes of Trojan.Scar.hej and any of its affiliated components are legitimate or not:

* First examine the description, the product or the company signing – if signing is absent, misspelled or modified there is a high risk that the file is illegitimate.
* At initial activation illegitimate file opens a small window and immediately closes under the cursor. This process is called dummywin.exe and proves illegitimacy of the file.
* A file can get injected when cursor moves on the window and in this way activates the process. Usually certain files will display a notification.
* On a powerful PC the window will display and close instantly before you can even react.
* You can check information on the file online; this will reduce the risk of removing a legitimate program.

We recommend running a scan of the infected computer in order to detect any additional spyware threats. One should make use of a legitimate antispyware tool, to ensure this PC threat, Trojan.Scar.hej, is totally eradicated from the infected system.

Download Spyware Removal Tool to Remove* Trojan.Scar.hej
  • Quick & tested solution for Trojan.Scar.hej removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove Trojan.Scar.hej

Files associated with Trojan.Scar.hej infection:

svchost64.exe
xpy5ts0159.exe
VRT13.tmp
dllhoster.exe
m1hk6zy3qw.exe
exHelper.exe
u21703v62h.exe
bgz0ueitgy.exe
winup.exe
KO_HeavenFireII3.3.22.exe
gwmcwgak.exe
cfmmon.exe
bjpxlyi696.exe
88fc9a89-1aa4-4b17-96d4-b51c4301935d_42.avi
6e475d59-0b00-4fa1-b45e-180e931205f2_47.avi
512f71e0-83e5-4a74-8c22-0a698a9b060b_45.avi
4485b8e9-c0b4-4aff-b703-46b02cabde04_47.avi
017d5c05-454a-4d1f-b2ec-f16968f25100_42.avi
2283880F-EF87-4aac-8EBD-C9BCC8494AF5_47.avi
SearchSettingsProtection.exe
svchosts.exe
mKktGSz.exe
regedit.exe
pV3lLnr.exe
ppx1.exe
kernel32.exe
winservice.exe
svvchost.exe
msvmcls64.exe
msupdt.exe
1[1].exe
sbrv.exe
svchost64.exe

Trojan.Scar.hej processes to kill:

svchost64.exe
xpy5ts0159.exe
dllhoster.exe
m1hk6zy3qw.exe
exHelper.exe
u21703v62h.exe
bgz0ueitgy.exe
winup.exe
KO_HeavenFireII3.3.22.exe
gwmcwgak.exe
cfmmon.exe
bjpxlyi696.exe
SearchSettingsProtection.exe
svchosts.exe
mKktGSz.exe
regedit.exe
pV3lLnr.exe
ppx1.exe
kernel32.exe
winservice.exe
svvchost.exe
msvmcls64.exe
msupdt.exe
1[1].exe
sbrv.exe
svchost64.exe

Remove Trojan.Scar.hej registry entries:

HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN svchost64.exe
HKEY_LOCAL_MACHINESOFTWAREMICROSOFTWINDOWSCURRENTVERSIONRUN sbrv
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ svchost64.exe
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ sbrv
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ MS Virtual CLS
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ svvchost.exe
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ winservice.exe
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ InternalSystray
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ ppx
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\SHELL\ userinit
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\ Regedit32
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWSNT\CURRENTVERSION\WINLOGON\USERINIT\ userinit
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURR
Disclaimer

Comments

  1. jhonny Feb 28, 2011

    Thank you so much, you’ve saved me a whole lot of trouble. Very easily explained and it’s totally gone from my computer as well as tons of other stuff my former anti-virus program couldn’t

  2. Pcthreat Feb 28, 2011

    jhonny,

    glad we could help out with Trojan.Scar.hej removal

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.