Windows Security Tutorials - Herong's Tutorial Examples - v3.01, by Dr. Herong Yang
Trojan and Malware "Puper" Removal
This section provides tutorial notes on how to remove 'Puper' generated .EXE files.
My only experience with Trojan Puper was again on my friend's computer this summer. While looking at the c:\windows\system32, I noticed 3 strange suspicious files:
>dir C:\WINDOWS\system32 07/21/2006 09:43 PM 17,750 vqfupqnr.exe 07/24/2006 12:22 AM 17,750 opuryycl.exe 07/24/2006 09:51 PM 17,750 uceysmkw.exe
I zipped all 3 suspicious files into a zip file, exe_200607.zip, and delete them from the system directory.
When I tried to open this zip file, my McAfee VirusScan On-Access Scan showed and reported that those files are Puper trojans:
vqfupqnr.exe Puper Trojan Deleted opuryycl.exe Puper Trojan Deleted uceysmkw.exe Puper Trojan Deleted
Okay. This was nice. VirusScan is doing the job to pretect my system. But that VirusScan report seemed wrong. None of the Puper descriptions on the Internet says that Puper Trojan will create an .exe file with a name of 8 random letters.
I need to find another virus detection tool to look those suspicious files.
Conclusion:
Table of Contents
About This Windows Security Book
Windows 8: System Security Review
Windows 8: System Security Protection
Windows 8 Defender for Real-Time Protection
Windows 7: System Security Review
Windows 7: System Security Protection
Windows 7 Forefront Client Security
Norton Power Eraser - Anti-Virus Scan Tool
McAfee Virus and Malware Protection Tools
Spybot - Spyware Blocker, Detection and Removal
Keeping IE (Internet Explorer) Secure
Malware (Adware, Spyware, Trojan, Worm, and Virus)
HijackThis - Browser Hijacker Diagnosis Tool
IE Add-on Program Listing and Removal
"Conduit Search" - Malware Detection and Removal
"Tube Dimmer", "Scorpion Saver" or "Adpeak" Malware
Malware Manual Removal Experience
Vundo (VirtuMonde/VirtuMundo) - vtsts.dll Removal
►Trojan and Malware "Puper" Description and Removal
►Trojan and Malware "Puper" Removal
VSToolbar (VSAdd-in.dll) - Description and Removal
PWS (Password Stealer) Trojan Infection Removal