Exterminate It! Antimalware

malpedia

Known threats:698,172 Last Update:April 28, 11:39

Testimonials

I have had major computer issues in the last week. I was infected with the Darksma and Vundo downloader trojans. After researching the net for possible solutions, i found they are extremely difficult to remove. I tried a variety of spyware removal tools to no avail. To do it manually is near on impossible.
The symptoms are, computer runs slow, constant ad pop ups, hijacking of emails, theft of information and locking of a variety of functions.
I then found buried deep in a google search a link to Exterminate It. After reading it, I downloaded to do a free scan and a lot of stuff no other spyware had found showed up. So i went searching the locations and sure enough the files where there on my system. I tried removing them with no luck. So i spent the $25 usa to activate.
http://www.exterminate-it.com/
It removed all but 4. I was disappointed that the Trojans once again reloaded and my problems continued. So, i used the SUBMIT STATE service. I supplied all the info i could gather, pop up addys and what they were for , what others programs had found and Exterminate had missed etc. Within 24 hours i received and email telling me they had updated there system and to download it. I rescanned the system and it deleted all the previous locked files.
Darksma and Vundo downloader trojans have not done their re appearing act since and my comp is running normal again.

It's worth remembering the addy or downloading it to see what it finds. I had no problems doing so in anyway with this program. They done what they said they would on there web site in under the time frame.

Source

Administrator of Horse Racing Forums

File: e653cf25-f107-4cbe-b8d1-5dadaea354f2-6

Location of e653cf25-f107-4cbe-b8d1-5dadaea354f2-6 and Associated Malware

Check whether e653cf25-f107-4cbe-b8d1-5dadaea354f2-6 is present in the following locations:

e653cf25-f107-4cbe-b8d1-5dadaea354f2-6 file locations that are Windows version independent:

  • C:\Windows\System32\Tasks\e653cf25-f107-4cbe-b8d1-5dadaea354f2-6

If you find e653cf25-f107-4cbe-b8d1-5dadaea354f2-6 file in any of these locations, your computer is very likely to be infected with the following malware:

IMPORTANT: Malware files can be camouflaged with the same file names as legitimate files. The e653cf25-f107-4cbe-b8d1-5dadaea354f2-6 file is associated with malware only if found in the locations listed above.

Notes:

Different Variations of e653cf25-f107-4cbe-b8d1-5dadaea354f2-6 File^

File SizeFile Md5Last Seen
8540A8EE63079CCA862B0507C2BDD19588F0Mar 30, 2015
8544763ADC8DC920BE3908FF7EB8622A2C4AApr 18, 2015
85320BC33661FFDB1AD73C040614A5E1A877May 1, 2015
8526894C136B91C8BF67E78E34ED0C6E6E39May 4, 2015
75442ECE483BCD09E402F44B8467002E3924Jun 11, 2015
8528F2AD2D13003176AF7078521860982B48Jul 16, 2015
85261B258DBD5C44DDF8D189D58002F05DF8Jul 23, 2015
85264FAC9A7D3B5999A5B0578578596C46B8Aug 27, 2015
8528325F924942E4C1D72ED20267B897B0F6Sep 3, 2015
8544361E0DE9CBCCE018B329A9AECE90633FDec 28, 2015
8524C66867E0D0755F9260264679BC2D9328Feb 14, 2016
852646540625A4528205BDC2B344A4B39423Mar 5, 2016
85423DDA19EFD2C3BEA524762F21451DDE3CMar 15, 2016
863453D4F9F9651D6374DF858D349F6F1E30May 30, 2016
85264F59A4A5048E46859BA2BA21E2871B77Jun 14, 2016
8528757086E488A9030F947347223CA128D5Nov 12, 2016
85306DD26F3E1EF3DCDAEE4E79976F984ED9Nov 20, 2016
85345B92A03CB94AA15CCD941E2EA75A664FDec 20, 2016
7542209A335CEFBF9E3C1FC879B4296FC330Jan 7, 2017

Why Is It Important to Remove Malware Files?^

It is imperative that you delete malware-associated files as soon as possible because they can be used - or are already being used - to inflict serious damage on your PC, including:

  • Disrupting the normal functioning of the operating system or rendering it completely useless.
  • Hijacking valuable private information (credit card numbers, passwords, PIN codes, etc.)
  • Directing all your Web searches to the same unwanted or malicious sites.
  • Dramatically slowing down your computer.
  • Gaining total control of your PC to spread viruses and trojans and send out spam.

How to Remove e653cf25-f107-4cbe-b8d1-5dadaea354f2-6^

  1. To enable deleting the e653cf25-f107-4cbe-b8d1-5dadaea354f2-6 file, terminate the associated process in the Task Manager as follows:
    • Right-click in the Windows taskbar (a bar that appears along the bottom of the Windows screen) and select Task Manager on the menu.
    • In the Tasks Manager window, click the Processes tab.
    • On the Processes tab, select e653cf25-f107-4cbe-b8d1-5dadaea354f2-6 and click End Process.
  2. Using your file explorer, browse to the file using the paths listed in Location of e653cf25-f107-4cbe-b8d1-5dadaea354f2-6 and Associated Malware.
  3. Select the file and press SHIFT+Delete on the keyboard.
  4. Click Yes in the confirm deletion dialog box.
  5. Repeat steps 2-4 for each location listed in Location of e653cf25-f107-4cbe-b8d1-5dadaea354f2-6 and Associated Malware.
  6. Notes:

    • The deletion of e653cf25-f107-4cbe-b8d1-5dadaea354f2-6 will fail if it is locked; that is, it is in use by some application (Windows will display a corresponding message). For instructions on deleting locked files, see Deleting Locked Files.
    • The deletion of e653cf25-f107-4cbe-b8d1-5dadaea354f2-6 will fail if your Windows uses the NT File System (NTFS) and you have no write rights for the file. Request your system administrator to grant you write rights for the file.

Deleting Locked Files^

You can delete locked files with the RemoveOnReboot utility. You can install the RemoveOnReboot utility from here.

After you delete a locked file, you need to delete all the references to the file in Windows registry.

To delete a locked file:

  1. Right-click on the file and select Send To -> Remove on Next Reboot on the menu.
  2. Restart your computer.

The file will be deleted on restart.

Note: In the case of complex viruses that can replicate themselves, malware files can reappear in the same locations even after you have deleted those files and restarted your computer. Exterminate It! Antimalware can effectively eradicate such viruses from your computer.

To remove all registry references to a e653cf25-f107-4cbe-b8d1-5dadaea354f2-6 malware file:

  1. On the Windows Start menu, click Run.
  2. In the Open box, type regedit and click OK. The Registry Editor window opens.
  3. On the Edit menu, select Find.
  4. In the Find dialog box, type e653cf25-f107-4cbe-b8d1-5dadaea354f2-6. The name of the first found registry value referencing e653cf25-f107-4cbe-b8d1-5dadaea354f2-6 is highlighted in the right pane of the Registry Editor window.
  5. Right-click the registry value name and select Delete on the menu.
  6. Click Yes in the Confirm Value Delete dialog box.
  7. To delete all other references to e653cf25-f107-4cbe-b8d1-5dadaea354f2-6, repeat steps 4-6.
IMPORTANT: Malware files can masquerade as legitimate files by using the same file names. To avoid deleting a harmless file, ensure that the Value column for the registry value displays exactly one of the paths listed in Location of e653cf25-f107-4cbe-b8d1-5dadaea354f2-6 and Associated Malware.