Home Articles Spyware Research Support Scan Now Purchase F.A.Q.

Top 25 Spyware:

1.	Zlob Trojan
2.	Vundo Trojan
3.	AntiSpyCheck
4.	homesiteurls.com
5.	otherhomepage.com
6.	homepagefile.com
7.	AntiVirus2009
8.	UltimateAntivirus
9.	VirusHeat
10.	MS Antivirus
11.	WinSpyKiller
12.	Win32.Netsky
13.	W32.ExpDwnldr
14.	Virus Burst
15.	ProtectionBar
16.	WinAntiVirus
17.	AntiviralGolden
18.	System Doctor
19.	SpyHeal
20.	DNS Changer
21.	Virus Blast
22.	Trojan.Win32.CP4000
23.	onlinestability.com
24.	Trojan.FakeAlert
25.	Troj.SystemAlert

About Spyware
Glossary

Latest Detections

Trojan/BHO/Backdoor/WbeCheck.a

Alias: Backdoor Program, Floid.dr, security risk or a "backdoor" program, Trojan.Win32.WbeCheck, Backdoor.WbeCheck.a, Win32/WbeCheck!Trojan, ADBreak, Win32/PSW.WbeCheck.A trojan

Description: AdBreak consists of a Browser Helper Object which opens pop-up advertising as you use Internet Explorer, and a task run at startup which highjacks your home page, search and error pages to point to AdBreak's servers. There are many variants of AdBreak. They differ in the filenames used and sometimes the servers they connect to. Adbreak may connect to www.larint.com, adbreak.sylip.com, www.adbreak.com, and possibly other servers.

Threat type:

BHO - A Browser Helper Object (BHO) is a software application that runs automatically whenever you start Internet Explorer. Browser Helper Objects are typically installed by other programs such as toolbar accessories and can track internet usage, create popup windows, display additional information on a viewed page and collect information that is transmitted by you over the internet. Malicious software that exploits this technology can replace banner advertisements with other ads, monitor your actions, change your home page, etc.

Backdoor - A Backdoor is an undocumented or secret means that can be used to obtain unauthorized access to your computer, or a malicious program that uses such a means to penetrate a computer system. Backdoor applications exploit vulnerabilities of installed programs or operating system and allow attackers to gain control over your computer system. Backdoor works in the background and hides from the user. It is always a high security risk.

Hacker Tool - A Hacker Tool is any software application that performs a wide range of hacking related tasks without user's permission. Activities include: disabling a user's anti-virus software or personal firewalls, gaining access to sensitive data, removing copy protection and modifying system settings.

Homepage Hijacker - A Homepage Hijacker is a software application that takes control over your browser's settings. Usually it changes your home page and redirects it to some other site or modifies your search settings. It prevents you to change browser's settings. In such hijacks, your browser may operate normally, but be much slower.

Search Hijacker - A Search Hijacker is a software application that takes control of your browser's default search engine. The search results may not necessarily be the best fit as those usually come from paid advertisements, as issued to you by the Hijacker authors. Search hijackers prevent you from changing your browser's default search engine, and they tend to slow down PC performance.

Trojan - A Trojans or Trojan Horse is any programs that installs itself secretly, quite often with sinister intent. Once installed, the trojan author (hacker) can gain complete control of the infected PC. Trojans are usually designed to steal sensitive information and/or destroy the system. Trojans can be distributed as unsolicited email attachments, or bundled with freeware and shareware programs.

Advice: Remove This is a very high risk threat and should be removed immediately as to prevent harm to your computer or your privacy.

Detection:
SpyNoMore detects Trojan/BHO/Backdoor/WbeCheck.a: Yes

Threat risk: High Risk

Very dangerous malware. Can log user's keyboard activity and take snapshots of the user's screen. Uses stealth installation and removal is very difficult. Category includes spyware programs, adware programs and trojans.

Symptoms:

Trojan/BHO/Backdoor/WbeCheck.a Signature Details: The following information includes some of the standard signatures associated with this spyware threat. Please do not attempt to manually remove these items from your computer; Removing these items incorrectly or partially can cause your computer to experience critical errors, prevent your computer from restarting or cause loss of Internet connectivity. Should you be infected with Trojan/BHO/Backdoor/WbeCheck.a, you can clean your computer by downloading SpyNoMore now.

Running Process Signatures:
N/A

File Signatures:

%WINDOWS%\liqui.dll
%WINDOWS%\kkcomp.old
%WINDOWS%\pbsysie.dll
%WINDOWS%\wbecheck.exe
%WINDOWS%\xadbrk3.tmp
%WINDOWS%\liqui1.tmp
%WINDOWS%\xabrk.dll
%WINDOWS%\liqui.txt
%WINDOWS%\kvnab.old
%WINDOWS%\odidbu.ini
%WINDOWS%\liqui3.tmp
%WINDOWS%\kvnab.exe
%WINDOWS%\system\fhfmm.dll
%WINDOWS%\liqad.ini
%WINDOWS%\kkcomp.exe
%WINDOWS%\liqad.old
%WINDOWS%\kvnab.tmp
%WINDOWS%\liqad.tmp
%WINDOWS%\exrem.ini
%WINDOWS%\cbinst$.exe
%WINDOWS%\liqui2.tmp
%WINDOWS%\odidbu.in
%WINDOWS%\system32\fhfmm.dll
%WINDOWS%\liqad.exe
%WINDOWS%\wbecheck.old
%WINDOWS%\liqui.exe
%WINDOWS%\ltosie.old
%WINDOWS%\kvnab.ini
%WINDOWS%\kvnab$.exe
%WINDOWS%\xadbrk.dll
%WINDOWS%\settn.dll
%WINDOWS%\kvnab.dll
%WINDOWS%\hcwprn.exe
%WINDOWS%\wbecheck.tmp
%WINDOWS%\xadbrk.exe
%WINDOWS%\kkcomp.tmp
%WINDOWS%\xadbrk1.tmp
%WINDOWS%\liqad.dll
%WINDOWS%\kkcomp.dll
%WINDOWS%\plotpp.tmp
%WINDOWS%\xadbrk2.tmp

Registered Dll (Dynamic Link Library) Signatures:
N/A

Folder Signatures:
N/A

Registry Signatures:
HKLM\software\microsoft\windows\currentversion\explorer\browser helper objects\{00000000-d9e3-4bc6-a0bd-3d0ca4be5271}
HKCU\software\opendata
HKCR\clsid\{00000012-890e-4aac-afd9-eff6954a34dd}
HKCR\clsid\{00000000-d9e3-4bc6-a0bd-3d0ca4be5271}
HKCU\software\adbreak
HKCR\software\microsoft\windows\currentversion\explorer\browser helper objects\{00000000-d9e3-4bc6-a0bd-3d0ca4be5271}

SpyNoMore Collected Residual File Signatures:
N/A