Favorite Set as home Contact Us
Google
Home | More Virus Remove Process...
Free antivirus software,Free antivirus,Trojan Removal Instructions,Spyware remove Instructions
      How to remove SpyDevastator
How to remove SpyDevastator
Author:SpyDevastator Hits: UpdateTime:2008-9-10 9:17:33

How to remove SpyDevastator

SpyDevastator remover

SpyDevastator removal process


For remove SpyDevastator virus,please clean/delete all SpyDevastator infected files and Delete/Modify any values SpyDevastator added to the registry as following:
Behavior
The program must be manually installed.

The program reports false or exaggerated system security threats on the computer.








The user is then prompted to pay for a full license of the application in order to remove the threats.








Installation
When the program is executed, it creates the following folders:

  • C:\Documents and Settings\[CURRENT USER]\My Documents\SpyDevastator\Logs
  • %UserProfile%\Start Menu\Programs\SpyDevastator


It also creates the following files:
  • %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\SpyDevastator 1.32.lnk
  • %UserProfile%\Desktop\SpyDevastator.lnk
  • %UserProfile%\Local Settings\Temp\[RANDOM NAME].TMP
  • %UserProfile%\Local Settings\Temp\SDevLanguage.ini
  • C:\Documents and Settings\[CURRENT USER]\My Documents\SpyDevastator\SDBHO.dll
  • C:\Documents and Settings\[CURRENT USER]\My Documents\SpyDevastator\sdcfg.dat
  • %UserProfile%\Start Menu\Programs\SpyDevastator\SpyDevastator 1.32.lnk
  • %UserProfile%\Start Menu\Programs\SpyDevastator\SpyDevastator Website.lnk
  • %UserProfile%\Start Menu\SpyDevastator 1.32.lnk
  • %ProgramFiles%\SpyDevastator\blacklist.txt
  • %ProgramFiles%\SpyDevastator\Lang\English.ini
  • %ProgramFiles%\SpyDevastator\msvcp71.dll
  • %ProgramFiles%\SpyDevastator\msvcr71.dll
  • %ProgramFiles%\SpyDevastator\sdev.sgn
  • %ProgramFiles%\SpyDevastator\sdev.sgn.prv
  • %ProgramFiles%\SpyDevastator\SpyDevastator.exe
  • %ProgramFiles%\SpyDevastator\SpyDevastator.url
  • %ProgramFiles%\SpyDevastator\uninst.exe


Next, the program creates the following registry entry so that it executes whenever Windows starts:
HKEY_USERS\S-1-5-21-1172441840-534431857-1906119351-500\Software\Microsoft\Windows\CurrentVersion\Run\"SpyDevastator" = "C:\Program Files\SpyDevastator\SpyDevastator.exe /h"

It also creates the following registry subkeys:
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\App Paths\SpyDevastator.exe
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{528A3CF7-AAF9-42FE-A5D0-2A8EDA9E299E}
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\SpyDevastator
  • HKEY_CURRENT_USER\Software\SpyDevastator
  • HKEY_CLASSES_ROOT\CLSID\{26F094F0-D2BD-5F02-03AE-2232D5E967E0}
  • HKEY_CLASSES_ROOT\CLSID\{4A277263-267B-42dc-8514-7B69E02048B3}
  • HKEY_CLASSES_ROOT\CLSID\{528A3CF7-AAF9-42FE-A5D0-2A8EDA9E299E}
  • HKEY_CLASSES_ROOT\CLSID\{D35BF620-EF22-4062-839C-64C534B4589B}
  • HKEY_CLASSES_ROOT\COMApp.1
  • HKEY_CLASSES_ROOT\COMApp
  • HKEY_CLASSES_ROOT\IEBHO.IEBHO.1
  • HKEY_CLASSES_ROOT\IEBHO.IEBHO
  • HKEY_CLASSES_ROOT\Interface\{0B682116-47F0-4C10-AD55-6161694DD89C}
  • HKEY_CLASSES_ROOT\Interface\{0D473E55-8ADE-4CBE-9505-A9B667D7F2EA}
  • HKEY_CLASSES_ROOT\Interface\{1741D490-88B5-4F58-A652-C74580E3AA49}
  • HKEY_CLASSES_ROOT\Interface\{18E539E7-CCBD-4CBE-BDF8-ED5EFD83D73B}
  • HKEY_CLASSES_ROOT\Interface\{1F351F56-F6BD-4CF0-83D0-7DF734C1F87D}
  • HKEY_CLASSES_ROOT\Interface\{1FADDE65-F172-4389-AFD5-2767F914E570}
  • HKEY_CLASSES_ROOT\Interface\{22668F72-05FE-4948-86B0-433C2E8B9155}
  • HKEY_CLASSES_ROOT\Interface\{2790D1D2-8F0D-4C3B-B50D-B534A7FD55AC}
  • HKEY_CLASSES_ROOT\Interface\{3E46CA64-6162-4379-B753-734F0A29F341}
  • HKEY_CLASSES_ROOT\Interface\{3EEF6634-DCFC-41C7-9369-3449C0158CAB}
  • HKEY_CLASSES_ROOT\Interface\{6C2EEB7A-51DF-4F6C-95C8-E5CFD49BF902}
  • HKEY_CLASSES_ROOT\Interface\{7D50576E-8784-434C-AD31-8067AD7FB168}
  • HKEY_CLASSES_ROOT\Interface\{95930A77-3895-4979-B0B9-25FF937FB584}
  • HKEY_CLASSES_ROOT\Interface\{ABA89A1A-2910-4712-B71C-5F46A23A9343}
  • HKEY_CLASSES_ROOT\Interface\{D6B7A318-3226-46BE-A776-A2D913985E19}
  • HKEY_CLASSES_ROOT\Interface\{DBF00870-1505-4570-8F3F-D3242032A038}
  • HKEY_CLASSES_ROOT\Interface\{F80B6555-44DC-461D-AB70-B06CD50212BB}
  • HKEY_CLASSES_ROOT\SpyDevastator.COMApp.1
  • HKEY_CLASSES_ROOT\SpyDevastator.COMApp
  • HKEY_CLASSES_ROOT\TypeLib\{09935339-92A8-4055-BB35-7247F6D12D6A}
  • HKEY_CLASSES_ROOT\TypeLib\{6FC10398-DF37-4894-88D1-5CC73B66B5AE}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{528A3CF7-AAF9-42FE-A5D0-2A8EDA9E299E}




For successful remove SpyDevastator virus,you may also need do as following:
1. Temporarily Disable System Restore .

2. Update the virus definitions. Reboot computer in SafeMode;

3. Delete the IE temp files,some SpyDevastator temp file exisit there.

4.If you failed to remove SpyDevastator,please go to our remove help forum:http://help.antiviruses123.com

End Of The Article How to remove SpyDevastator remove process
Suspicious.MLApp
Suspicious.IRCBot
Trojan.Hydraq!gen1
W32.Spyrat
Trojan.Hydraq
SillyDl HIX  removal i…
SillyDl HIK  removal i…
SillyDlScript BV  remo…
SillyDlScript IA  remo…
SillyDl HIZ  removal i…
Keygen for Acronis Pro…
SpywareRemover2009  re…
AV Antispyware  remova…
SillyDl HGC  removal i…
Suspicious.S.MH2
SillyDl HFY  removal i…
SillyDl HEL  removal i…
SillyDl HEM  removal i…
SillyDl HFK  removal i…
SillyDl HFE  removal i…
SillyDl HFC  removal i…
SillyDl HEQ  removal i…
SillyDl HEF  removal i…
SillyDl HEU  removal i…
SillyDl HEV  removal i…
SillyDl HDF  removal i…
SillyDl HDK  removal i…
Suspicious.Graybird
W32.Woospi!inf
Suspicious.Tidserv
SillyDl GOB  removal i…
SillyDl GOJ  removal i…
SillyDl GPD  removal i…
SillyDl GSC  removal i…
SillyDl GSE  removal i…
Suspicious.Vundo.2
Suspicious.Skintrim
Suspicious.Lop
Brospy IF  removal ins…
SillyDl HAH  removal i…
Sponsors
Hot Antivirus Article
Elite Antivirus Article
Contact Us
Copyright 2006-2007 Free Antivirus Program