Monday, January 5, 2009

Rolepi Trojan

Click here to remove Rolepi malware
Rolepi description:
Rolepi Category:Trojan

Detection Rolepi :

Rolepi Files:
[%PROFILE_TEMP%]\Rav.exe
[%PROFILE_TEMP%]\Ravs0.dll
[%SYSTEM%]\agtz.dll
[%SYSTEM%]\amvo.exe
[%SYSTEM%]\amvo0.dll
[%SYSTEM%]\amvo1.dll
[%SYSTEM%]\help.exe.tmp
[%SYSTEM%]\kavo.exe
[%SYSTEM%]\kavo0.dll
[%SYSTEM%]\LgSyl.dll
[%PROFILE_TEMP%]\Rav.exe
[%PROFILE_TEMP%]\Ravs0.dll
[%SYSTEM%]\agtz.dll
[%SYSTEM%]\amvo.exe
[%SYSTEM%]\amvo0.dll
[%SYSTEM%]\amvo1.dll
[%SYSTEM%]\help.exe.tmp
[%SYSTEM%]\kavo.exe
[%SYSTEM%]\kavo0.dll
[%SYSTEM%]\LgSyl.dll

Rolepi Registry Keys:
HKEY_CLASSES_ROOT\clsid\madown
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_poikjnvb
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_zdfrty

Rolepi Registry Values:
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_dgfcbvj
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_dgfcbvj\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_dgfcbvj\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_dgfcbvj\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_dgfcbvj\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_dgfcbvj\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_dgfcbvj\0000
HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_dgfcbvj\0000\control
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\dgfcbvj
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\dgfcbvj
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\dgfcbvj
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\dgfcbvj
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\dgfcbvj
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\dgfcbvj\enum
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\dgfcbvj\enum
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\dgfcbvj\enum
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\dgfcbvj\security

Removing Rolepi:

you can run trial version of ExterminateIt, or remove Rolepi manually.

To completely manually remove Rolepi malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Rolepi.

Also Be Aware of the Following Threats:
Tweakpan Trojan Removal