DrummerBoy Description:
DrummerBoy's is an UPX compressed executable
with unknown purpose. DrummerBoy is also known as
Downloader-EV and Mendware. It is trying to hide
from the user inside %AppData% using random
filenames and registry keys making it look much
like the Peper trojan. DrummerBoy is extremely
hard to detect, Bazooka will try, but will most
likely fail.
Files: ttuh.exe, dpep.exe, BNSH.EXE, iebs.exe,
ssuu.exe, ESCN.EXE, iroo.exe, rlnr.exe, tpoa.exe,
iuea.exe, urod.exe, asri.exe, brmn.exe, ewra.exe,
uppe.exe, rcea.exe,
ctsc.exe, demu.exe, ttwc.exe,
ohco.exe,
aods.exe, SNOA.EXE, aean.exe,
aatu.exe,
dwtn.exe, oahs.exe, esma.exe, rtrr.exe,
aort.exe
Also known as: Downloader-EV, Mendware
DrummerBoy Automatic Removal:
Using Spyware Doctor
to remove DrummerBoy AUTOMATICALLY!
Sponsored Links:
DrummerBoy Manual Removal:
Please follow the
instructions below if you would like to remove DrummerBoy
manually. Please notice that you must
follow the instructions very carefully and delete
everything that is mentioned. In most cases the
removal will fail if one single item is not
deleted.
- Start your computer in safe mode.
- Start the registry editor. This is done by
clicking Start then Run. (The Run dialog will
appear.) Type regedit and click OK. (The
registry editor will open.)
- Browse to the key:
'HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \
Windows \ CurrentVersion \ Run'
- In the right pane, look for a value with
four characters, beginning with an upper-case
letter and then three lower-case letters.
Remember the file (*) it is pointing to.
Delete the value.
- Exit the registry editor.
- Start Windows Explorer and delete:
the file (*) mentioned above
More
Removal Instructions for Adware/Spyware Programs - 'D'
| 
