Exterminate It! Antimalware

malpedia

Known threats:10,855,027 Last Update:July 29, 15:41

Testimonials

Dear Exterminate It,
I just wanted to take a moment to say thank you.
Your response and the update has fixed my problem.
I have spent several weeks fiddling around trying to resolve it, and could not and my previous Anti-Virus program could find it but not fix it.

THANK YOU, THANK YOU, THANK YOU!!!

Sincerely yours,
Bountiful, Utah

David S. B.

Pigeon

Aliases of Pigeon (AKA):

[Kaspersky]Backdoor.GrayBird.g, Backdoor.Win32.GrayBird.gw, Backdoor.Win32.Hupigon.gs, Backdoor.Win32.Hupigon.bsw, Backdoor.win32.Pigeon.gen, Backdoor.win32.Hupigon.bmq, Backdoor.Win32.Hupigon.akq, Backdoor.Win32.Hupigon.aei, Backdoor.Win32.Hupigon.bca, Backdoor.Win32.Hupigon.ui, Packed.Win32.PePatch.ba, Backdoor.Win32.Hupigon.akm, Backdoor.Win32.Hupigeon.ih, Backdoor.Win32.Hupigon.aj, Backdoor.Win32.Hupigon.cpb, Backdoor.Win32.Hupigon.dfl, Backdoor.Win32.Hupigon.si, Backdoor.Win32.Hupigon.dsj, Backdoor.Win32.Hupigon.cts, Backdoor.Win32.Hupigon.dhs, Backdoor.Win32.Hupigeon.bld, Backdoor.Win32.Hupigon.cwd, Backdoor.Win32.Hupigeon.apx, Backdoor.Win32.Hupigon.cda, Backdoor.Win32.Hupigon.brc, Backdoor.Grayburd, Backdoor.Win32.Hupigon.adt, Backdoor.Win32.Hupigon.dsx, Backdoor.Win32.Hupigon.afx, Trojan-Downloader.Win32.Delf.apy, Backdoor.Win32.Hupigon.dtp, Backdoor.Win32.Hupigon.cir, Trojan-PSW.Win32.OnLineGames.bm, Backdoor.Win32.Hupigeon.ich
[Eset]Win32/GreyBird.G trojan
[McAfee]Backdoor-SO, Backdoor-AVW, Backdoor-AWQ.b, Backdoor-AWQ, BackDoor-AWQ.b, BackDoor-AWQ.b.dldr, BackDoor-AWQ.dll, Backdoor-ARR, BackDoor-ALC
[F-Prot]W32/Hupigon.EG, W32/Trojan-Hupigon-based!Maximus
[CA]Backdoor/Pigeon, Win32.Pigeon.2003.b2
[Other]BKDR_HUPIGON.GP, Troj/Feutel-I, Backdoor.Graybird.Q, Win32/Pigeon.EE, Win32/Pigeon.EK, Backdoor.Win32.Hupigon.brw, Backdoor.Graybird, Win32/Pigeon.EG, Win32/Pigeon.EB, Win32/Pigeon.EC, Backdoor.Hupigeon, Win32/Pigeon.EA, Win32/Pigeon.EM, Win32/Pigeon.EN, Backdoor.Graybird.K, Win32/Pigeon.DZ, Backdoor.Win32.Hupigeon.rf, Backdoor.Greybird, Win32/Malum.EKI, Win32/Pigeon.FJ, Win32/Pigeon.X!plugin, Win32/Pigeon.ED, Win32/Pigeon.GB, Win32/Pigeon.GD, W32/Hupigon.SOW, Win32/Pigeon.GK, Win32/Pigeon.GZ, W32/Hupigon.AUG, Troj/Hupigon-BT, Win32/Pigeon.GV, Backdoor.Trojan, W32/Hupigon.ABUS, Win32/Pigeon.HA, W32/Hupigon.ZDN, Win32/Pigeon.HG, Win32/Pigeon.IK, Win32/Pigeon.KH, Win32/Pigeon.KI, Win32/Pigeon.KY, Trojan.Dropper, Win32/Pigeon.LA, Win32/Pigeon.KV, Win32/Pigeon.KW, Win32/Pigeon.LJ, Win32/Pigeon.LK, Win32/Pigeon.NN, Win32/Pigeon.PP, TrojanDropper:Win32/Hupigon.gen!A, W32/Smalldoor.KXR, Win32/Pigeon.PU, Troj/Agent-FPZ, Win32/Pigeon.RY, Troj/Hupigon-SM, BKDR_HUPIGON.BTZ, Win32/Pigeon.SQ, Win32/Pigeon.SP, Win32/Pigeon.SN, Hupigon.gen110, Trojan.Graybird, Hupigon.gen.101, Backdoor:Win32/Hupigon!2AED, Infostealer.Gampass, Win32/Pigeon.YL, Win32/Pigeon.ZP

How to Remove Pigeon from Your Computer^

To completely purge Pigeon from your computer, you need to delete the files, folders, Windows registry keys and registry values associated with Pigeon. These files, folders and registry elements are respectively listed in the Files, Folders, Registry Keys and Registry Values sections on this page.

For instructions on deleting the Pigeon registry keys and registry values,
see How to Remove Pigeon from the Windows Registry.

For instructions on deleting the Pigeon files and folders,
see How to Delete Pigeon Files (.exe, .dll, etc.)

How to Delete Pigeon Files (.exe, .dll, etc.)^

The files and folders associated with Pigeon are listed in the Files and Folders sections on this page.

To delete the Pigeon files and folders:

  1. Using your file explorer, browse to each file and folder listed in the Folders and Files sections.
  2. Note: The paths use certain special folders (conventions) such as [%PROGRAM_FILES%]. Please note that these conventions are depending on Windows Version / Language. These conventions are explained here.
  3. Select the file or folder and press SHIFT+Delete on the keyboard.
  4. Click Yes in the confirm deletion dialog box.
  5. IMPORTANT: If a file is locked (in use by some application), its deletion will fail (the Windows will display a corresponding message).You can delete such locked files with the RemoveOnReboot utility. To delete a locked file, right-click on the file, select Send To->Remove on Next Reboot on the menu and restart your computer. You can install the RemoveOnReboot utility from here.
[%SYSTEM%]\SVKP.sys
[%WINDOWS%]\win32.dll
[%SYSTEM%]\serivces.exe
[%WINDOWS%]\windos.exe
[%USER_RECYCLE_BIN%]\Dc22.dll
[%PROGRAM_FILES%]\FlashFXP\FlashFXP.exe
[%USER_RECYCLE_BIN%]\Dc29\FlashFXP.exe
[%WINDOWS%]\http.dll
[%PROGRAM_FILES%]\System\svchost.exe
[%WINDOWS%]\Hacker.com.cn.exe
[%PROFILE_TEMP%]\2A.tmp
[%WINDOWS%]\stnetlib.exe
[%SYSTEM%]\_asp.net
[%PROFILE_TEMP%]\Rar$DR00.879\FlashFXP 3.6.0 (Build 1240)\Crack & Serial\FlashFXP.exe
[%SYSTEM%]\avd32.exe
[%PROFILE_TEMP%]\_avast5_\unp160343055.tmp
[%SYSTEM%]\atwydend.exe
[%APPDATA%]\setup.exe
[%PROFILE_TEMP%]\Dr.Emuler Validation Toolkit v4.0\Data\Windows Validation Toolkit\Validar Office 2007\OGA_2008.exe
[%PROFILE_TEMP%]\ir_ext_temp_1\AutoPlay\Docs\OGA_2008.exe
[%PROFILE_TEMP%]\ir_ext_temp_0\AutoPlay\Docs\CRACKS\patch UltraISO 9\patch UltraISO 9.exe
[%PROFILE_TEMP%]\ir_ext_temp_1\AutoPlay\Docs\CRACKS\patch UltraISO 9\patch UltraISO 9.exe
[%WINDOWS%]\system3.exe
[%APPDATA%]\U3\temp\49e63a930\Tiny Toolkit\Adapter Watch\AdapterWatch.exe
[%WINDOWS%]\winhlep.exe
[%WINDOWS%]\windos.DLL
[%WINDOWS%]\G_Server2007.DLL
[%WINDOWS%]\2007.DLL
[%WINDOWS%]\mangerr.DLL
[%SYSTEM%]\JEPCBI.DAT
[%COMMON_PROGRAMS%]\GAIN Publishing\GAIN Publishing Web Site.URL
[%COMMON_PROGRAMS%]\GAIN(2)\GAIN Website.URL
[%PROGRAM_FILES%]\Messenger\svchost.exe
[%PROGRAM_FILES_COMMON%]\CMEII\CMESys.exe
[%PROGRAM_FILES_COMMON%]\CMEII\CMEUpd.exe
[%PROGRAM_FILES_COMMON%]\CMEII\GFormCTM.dll
[%PROGRAM_FILES_COMMON%]\CMEII\GSvcMgr.dll
[%PROGRAM_FILES_COMMON%]\CMEII\GSvcSAP.dll
[%PROGRAM_FILES_COMMON%]\GMT\2od6npa984\ga\1151.ga
[%PROGRAM_FILES_COMMON%]\GMT\2od6npa984\ga\446.ga
[%PROGRAM_FILES_COMMON%]\GMT\2od6npa984\ga\613.ga
[%PROGRAM_FILES_COMMON%]\GMT\2od6npa984\ga\779.ga
[%PROGRAM_FILES_COMMON%]\GMT\2od6npa984\ga\886.ga
[%PROGRAM_FILES_COMMON%]\GMT\EGGCEngine.dll
[%PROGRAM_FILES_COMMON%]\GMT\GMT.exe
[%PROGRAM_FILES_COMMON%]\GMT\GMT.exe.manifest
[%PROGRAM_FILES_COMMON%]\GMT\scripts\msn.com.esp
[%SYSTEM%]\icsxml\pcs\License.txt
[%SYSTEM%]\pcs\License.txt
[%SYSTEM%]\system.exe
[%SYSTEM%]\wintems.exe
[%WINDOWS%]\gatorgaininstaller.log
[%WINDOWS%]\gatorhdplugin.log
[%WINDOWS%]\gatorpatch.log
[%WINDOWS%]\gatorpdpsetup.log
[%WINDOWS%]\G_Server2006.exe
[%WINDOWS%]\igator\trickler3103_pic_fs_dmpt_3103.exe
[%PROGRAM_FILES%]\intel\svch0st.dll
[%PROGRAM_FILES%]\intel\svch0st.exe
[%PROGRAM_FILES%]\intel\svch0stkey.dll
[%SYSTEM%]\G_Server1.23.exe
[%SYSTEM%]\Loginc
[%SYSTEM%]\lyysys.dat
[%SYSTEM%]\rpc.exe
[%SYSTEM%]\ssme.txt
[%SYSTEM%]\sysligin.exe
[%SYSTEM%]\sysliginKey.DLL
[%WINDOWS%]\G_Server.dll
[%WINDOWS%]\G_Server.exe
[%WINDOWS%]\G_Server1.2.exe
[%WINDOWS%]\G_Server_Hook.dll
[%WINDOWS%]\Hacker.com.cn.ini
[%WINDOWS%]\twintemp.exe
[%WINDOWS%]\vagaa.exe
[%WINDOWS%]\windos_HOOk.DLL
[%WINDOWS%]\windows_system32.exe
[%SYSTEM%]\SoftwareDistribution32
[%COMMON_PROGRAMS%]\gain
[%PROFILE_TEMP%]\fsg_tmp
[%PROGRAM_FILES_COMMON%]\cmeii
[%PROGRAM_FILES_COMMON%]\gmt
[%PROGRAM_FILES%]\popup blockade
[%WINDOWS%]\temp\adware
[%PROGRAM_FILES%]\HllServer

How to Remove Pigeon from the Windows Registry^

The Windows registry stores important system information such as system preferences, user settings and installed programs details as well as the information about the applications that are automatically run at start-up. Because of this, spyware, malware and adware often store references to their own files in your Windows registry so that they can automatically launch every time you start up your computer.

To effectively remove Pigeon from your Windows registry, you must delete all the registry keys and values associated with Pigeon, which are listed in the Registry Keys and Registry Values sections on this page.

IMPORTANT: Because the registry is a core component of your Windows system, it is strongly recommended that you back up the registry before you begin deleting keys and values. For information about backing up the Windows registry, refer to the Registry Editor online help.

To remove the Pigeon registry keys and values:

  1. On the Windows Start menu, click Run.
  2. In the Open box, type regedit and click OK.
    The Registry Editor window opens. This window consists of two panes. The left pane displays folders that represent the registry keys arranged in hierarchical order. The right one lists the registry values of the currently selected registry key.
  3. To delete each registry key listed in the Registry Keys section, do the following:
    • Locate the key in the left pane of the Registry Editor window by sequentially expanding the folders according to the path indicated in the Registry Keys section. For example, if the path of a registry key is
      HKEY_LOCAL_MACHINE\software\FolderA\FolderB\KeyName1
      sequentially expand the HKEY_LOCAL_MACHINE, software, FolderA and FolderB folders.
    • Select the key name indicated at the end of the path (KeyName1 in the example above).
    • Right-click the key name and select Delete on the menu.
    • Click Yes in the Confirm Key Delete dialog box.
  4. To delete each registry value listed in the Registry Values section, do the following:
    • Display the value in the right pane of the Registry Editor window by sequentially expanding the folders in the left pane according to the path indicated in the Registry Values section and selecting the specified key name. For example, if the path of a registry value is
      HKEY_LOCAL_MACHINE\software\FolderA\FolderB\KeyName2,valueC=
      sequentially expand the HKEY_LOCAL_MACHINE, software, FolderA and FolderB folders and select the KeyName2 key to display the valueC value in the right pane.
    • In the right pane, select the value name indicated after a comma at the end of the path (valueC in the example above).
    • Right-click the value name and select Delete on the menu.
    • Click Yes in the Confirm Value Delete dialog box.
Registry Keys
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_svkp
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\svkp
HKEY_CLASSES_ROOT\clsid\{b294aec2-b294-aec2-b294-aec2b294aec2}\inprocserver32
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_windows_service
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_winhelp
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\winhelp
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_srat_service
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\srat_service
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\svchost.exe
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\windows
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_360tray.exe
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_microsoft_windows_tcp_protocol
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\microsoft windows tcp protocol
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_360safe
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\360safe
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_graypigeon_hacker.com.cn
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_windows
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\iserver
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_management
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\windows xp vista
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_sda
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sda
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\dcomex
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_dcomex
HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\intel physical address aventis 1.3
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\graypigeon_hacker.com.cn
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_windows_xp_vista________
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_winsysloginservise
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_svkp
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\svkp
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\rapg
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_winhelp
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\winhelp
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_windows_xp_vista________
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_windows
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\windows
HKEY_CLASSES_ROOT\clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
HKEY_LOCAL_MACHINE\software\classes\clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
HKEY_LOCAL_MACHINE\software\gator.com
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_computer_browsercn
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_dbifsi
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_distributd_link_traking_cie
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_graypigeonserver1.23
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_rising_auto_updating
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_system_ipsec_services
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_vista_xp___
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_windows*00c6*00f4*00b6*00af*00b7*00fe*00ce*00f1
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_windows_xp_vagaa____
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\computer browsercn
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\dbifsi
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\distributd link traking cie
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\graypigeonserver1.23
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\portable media serial.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\rapg
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\remote (rpc)
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\rising auto updating
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\system ipsec services
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\windows xp vagaa
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\windowsÆô¶¯·þÎñ
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\winsysloginservise
Registry Values
[HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_svchost.exe]nextinstance=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_svchost.exe\0000]class=LegacyDriver
[HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_svchost.exe\0000]classguid={8ECC055D-047F-11D1-A537-0000F8753ED1}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_svchost.exe\0000]configflags=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_svchost.exe\0000]devicedesc=SVCHOST.EXE
[HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_svchost.exe\0000]legacy=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_svchost.exe\0000]service=SVCHOST.EXE
[HKEY_CLASSES_ROOT\mime\database\content type\application/aquatica] extension=.aq3
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\fileexts\.te\openwithlist] a=pluginmaker.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] CmeSYS=[%PROGRAM_FILES_COMMON%]\CMEII\CMESys.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\popup blockade] contact=support@popupblockade.com
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\popup blockade] displayversion=1.93
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\popup blockade] urlinfoabout=http://www.popupblockade.com
[HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gbserver]nextinstance=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gbserver\0000]class=legacydriver
[HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gbserver\0000]configflags=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gbserver\0000]devicedesc=gbserver
[HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gbserver\0000]legacy=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gbserver\0000]service=gbserver
[HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gbserver\0000\control]*newlycreated*=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_gbserver\0000\control]activeservice=gbserver
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gbserver]displayname=gbserver
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gbserver]errorcontrol=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gbserver]imagepath=[%SYSTEM%]\gb.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gbserver]objectname=localsystem
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gbserver]start=2
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gbserver]type=272
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gbserver\enum]0=root\legacy_gbserver\0000
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gbserver\enum]count=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gbserver\enum]nextinstance=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\gbserver\security]security=01 00 14 80 90 00 00 00 9c 00 00 00 14 00 00 00 30 00 00 00 02 00 1c 00 01 00 00 00 02 80 14 00 ff 01 0f 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 60 00 04 00 00 00 00 00 14 00 fd 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 ff 01 0f 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8d 01 02 00 01 01 00 00 00 00 00 05 0b 00 00 00 00 00 18 00 fd 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 23 02 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00

Trojan

A trojan is a program that is disguised as legitimate software but is designed to carry out some harmful actions on the infected computer.

Unlike viruses and worms, trojans don’t replicate but they can be just as destructive.

These days trojans are very common. Trojans are divided into a number different categories based on their function or type of damage.

Be Aware of the Following Trojan Threats:

FakeDelReg, PSW, Crushpy, Onecooked, Ultimate.Spy.Personal.Edition.

Backdoor

Of all trojans, backdoor trojans pose the greatest danger to users’ PCs because they give their authors remote control over infected computers. They are downloaded, installed, and run silently, without the user’s consent or knowledge. Upon installation, backdoor trojans can be instructed to send, receive, execute and delete files, gather and transfer confidential data from the computer, log all activity on the computer, and perform other harmful activities.

Be Aware of the Following Backdoor Threats:

LmBO, Subseven.Server.Unpacked, Bubble, Win32.PCClient, Delf.kz.

How Did My PC Get Infected with Pigeon?^

The following are the most likely reasons why your computer got infected with Pigeon:

  • Your operating system and Web browser's security settings are too lax.
  • You are not following safe Internet surfing and PC practices.

Downloading and Installing Freeware or Shareware

Small-charge or free software applications may come bundled with spyware, adware, or programs like Pigeon. Sometimes adware is attached to free software to enable the developers to cover the overhead involved in created the software. Spyware frequently piggybacks on free software into your computer to damage it and steal valuable private information.

Using Peer-to-Peer Software

The use of peer-to-peer (P2P) programs or other applications using a shared network exposes your system to the risk of unwittingly downloading infected files, including malicious programs like Pigeon.

Visiting Questionable Web Sites

When you visit sites with dubious or objectionable content, trojans-including Pigeon, spyware and adware, may well be automatically downloaded and installed onto your computer.

Detecting Pigeon^

The following symptoms signal that your computer is very likely to be infected with Pigeon:

PC is working very slowly

Pigeon can seriously slow down your computer. If your PC takes a lot longer than normal to restart or your Internet connection is extremely slow, your computer may well be infected with Pigeon.

New desktop shortcuts have appeared or the home page has changed

Pigeon can tamper with your Internet settings or redirect your default home page to unwanted web sites. Pigeon may even add new shortcuts to your PC desktop.

Annoying popups keep appearing on your PC

Pigeon may swamp your computer with pestering popup ads, even when you're not connected to the Internet, while secretly tracking your browsing habits and gathering your personal information.

E-mails that you didn't write are being sent from your mailbox

Pigeon may gain complete control of your mailbox to generate and send e-mail with virus attachments, e-mail hoaxes, spam and other types of unsolicited e-mail to other people.