Hi prodigals,
Good this trojan downloader is cleansed by spywaredoctor, but SAS also does a perfect job on this malware.
Trojan-PWS.Tanspy is a malicious Trojan application that is designed to get secretly into your computer
and open a conduit for infecting your machine with different spyware.
Usually Trojan-PWS.Tanspy comes bundled with other parasites or via browser security holes.
Once it is installed, Trojan-PWS.Tanspy will download additional adware and spyware onto your system.
Trojan-PWS.Tanspy also monitors and records your keystrokes and scans your computer for stored passwords.
Trojan-PWS.Tanspy is a very dangerous threat to the security of your personal and
financial data and should be removed without delay.
Manual removal:
Remove the following Trojan-PWS.Tanspy registry keys:
DABCE839-3831-3818-AF3A-3837BCD324D2
Unregister the following Trojan-PWS.Tanspy DLL files:
mskvtns.dll
Locate and delete the following Trojan-PWS.Tanspy files:
mskvtns.dll
=======================
Trojan-PWS.Tanspy may use one or more of the following methods to infect your computer. Trojan-PWS.Tanspy is spyware that may take control of your entire system. Trojan-PWS.Tanspy may infect your computer…
* Through unexpected email attachments. One of the most popular ways of becoming infected with spyware is by opening an attachment sent via e-mail. You should never open unexpected email attachments. Confirm with the sender first that they did in fact send the email.
* Through browser security loopholes while you're surfing the Web. Some spyware can even bypass firewalls by disguising itself as part of legitimate software.
* Through instant messenger programs. If you're not secured by a good firewall, spyware can attach itself when you're sharing files with your instant messenger.
* Trojan-PWS.Tanspy recreates, repairs and updates itself. Trojan-PWS.Tanspy and other complex spyware applications may recreate, repair and update themselves to evade deletion. When Trojan-PWS.Tanspy alters, restores and updates its files, DLLs, registry keys and process, a scanner may only remove part of the program allowing the other remaining files to execute procedures to repair and update. In these cases, it can make the Trojan-PWS.Tanspy manual removal process very difficult.
Trojan-PWS.Tanspy Prevention Rules
Follow these Trojan-PWS.Tanspy prevention rules and protect your computer from Trojan-PWS.Tanspy and other spyware:
Rule #1: Ensure that your Windows Security is up-to-date.
Every week Microsoft provides their new updates that can always be downloaded manually from the Microsoft website. To get Microsoft Update, you should do the following steps:
-
Go to IE > Tools > Windows Update > Product Updates,
-
Select “ALL High-Priority Security Updates” from the list,
-
Open IE and go to Internet Options > Security > Internet,
-
Press “Default Level” and then OK,
-
Press “Custom Level.”
Rule #2: Download and scan with SUPERAntiSpyware Free for Home Users from here: http://www.superantispyware.com/
* Double-click SUPERAntiSpyware.exe and use the default settings for installation.
* An icon will be created on your desktop. Double-click that icon to launch the program.
* If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
* Under "Configuration and Preferences", click the Preferences button.
* Click the Scanning Control tab.
* Under Scanner Options make sure the following are checked (leave all others unchecked):
o Close browsers before scanning.
o Scan for tracking cookies.
o Terminate memory threats before quarantining.
* Click the "Close" button to leave the control center screen.
* Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
* On the left, make sure you check C:\Fixed Drive.
* On the right, under "Complete Scan", choose Perform Complete Scan.
* Click "Next" to start the scan. Please be patient while it scans your computer.
* After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
* Make sure everything has a checkmark next to it and click "Next".
* A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
* If asked if you want to reboot, click "Yes".
* To retrieve the removal information after reboot, launch SUPERAntispyware again.
o Click Preferences, then click the Statistics/Logs tab.
o Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
o If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
o Please copy and paste the Scan Log results in your next reply.
* Click Close to exit the program,
polonus
