TrojanDownloader:Win32/Pluzoks.A
If your computer is infected with TrojanDownloader:Win32/Pluzoks.A, you may follow the procedure on this page to contain this threat. Remove the Trojan at once before it can further harm the system.
TrojanDownloader:Win32/Pluzoks.A is a harmful computer Trojan that can download and execute more malware from a remote server. This threat can fetch other threats ranging from viruses, Trojans, and fake antivirus product. It can conceal the actions from installed antivirus programs by reducing security state on the affected system.
Once user executes this Trojan, it will create several files on the computer. These are configuration files that will be use to execute tasks on the affected system. It also modifies the registry to make sure that the harmful code will initiate every time Window starts. Please refer to technical details section for a list of files and registry entries related to this threat.
Once TrojanDownloader:Win32/Pluzoks.A is running on the computer, it will communicate with web address at www.ozplus.kr. Once it establishes a connection, this Trojan will perform the following actions:
- Report every instance of infection to Trojan author
- Download additional configuration file
- Download more arbitrary files and execute them on the compromised PC
- Accept commands from a remote attacker
- Upload gathered data from the infected computer
This threat repeatedly attempts to contact specific address to silently download and execute other threats on the infected computer without being barred by antivirus software. It may drop and install rogue security application on the compromised machine. The Trojan may also modify settings of Internet browser to redirect home page to unknown web sites.
Damage Level: Medium
Systems Affected: Windows 9x, 2000, XP, Windows Vista, Windows 7
[cf]regis[/cf] [cf]files[/cf]How to Remove TrojanDownloader:Win32/Pluzoks.A
1. Download Microsoft Safety Scanner from this link and safe it on your desktop. This is a free tool from Microsoft that offer on-demand scanning. It helps remove computer infection such as malware, virus, and Trojan.
Note: If you have previous version of Microsoft Safety Scanner that is more than 10 days old, please disregard it. Download a new from the official web site. Every 10 days, Microsoft will release the latest edition of this tool with updated anti-virus definitions to ensure that it will detect even most recent malware threats.
2. Open your antivirus program and update the virus definition. Refer to your antivirus manual on how to initiate an update. Most antivirus software provides one-click process.
3. Restart Windows in Safe Mode.
– Turn off the computer. Then turn the power on, immediately press F8 on your keyboard right after a text appears on the screen.
– It will display a selection. Please choose Safe Mode and press Enter. Most threats like TrojanDownloader:Win32/Pluzoks.A will not load when you run Windows in this mode.
4. Once Windows starts in Safe Mode, open your antivirus program and run a full system scan and clean/delete all infected files. If it cannot perform clean/delete, better put the infected file into quarantine so that it will remain inaccessible.
5. Locate the file of Microsoft Safety Scanner (msert.exe) that you download earlier. Double-click to run the file.
6. When it shows End user license agreement, please accept and click Next to continue.
7. On Scan Type window, please select Full scan. The tool will scan the entire system. This is ideal to detect and remove all threats that are present on the computer.
8. Click Next to begin the scan. This process will take a while to finish. Please be patient and let MSS complete the scan procedure.
9. Once the scan operation ends, it will provide a report for identified threats. Please remove all the threats.
10. Reboot the computer and run another scan after Windows boots normally to make sure that TrojanDownloader:Win32/Pluzoks.A is gone.
Alternative Removal Method for TrojanDownloader:Win32/Pluzoks.A
Option 1 : Use Windows System Restore to return Windows to previous state
If TrojanDownloader:Win32/Pluzoks.A enters the computer, there is a big chance that Windows files, registry entries and other essential components are also infected. System Restore can reinstate clean system files by restoring the configuration to an earlier date. The method also replaces compromised files with a clean version. If you have a saved restore point before TrojanDownloader:Win32/Pluzoks.A infiltrates the PC, we highly encourage you to execute this procedure if none of the above works. You may proceed with Windows System Restore, click here to see the full procedure.
Option 2 : TrojanDownloader:Win32/Pluzoks.A manual uninstall guide
IMPORTANT! Manual removal of TrojanDownloader:Win32/Pluzoks.A requires technical skills. Deleting system files and registry entries by mistake may result to total disability of Windows system. We advise you to perform a backup of registry before proceeding with this guide.
1. Kill any running process that belongs to TrojanDownloader:Win32/Pluzoks.A.
- Press Ctrl+Alt+Del on your keyboard.
- When Windows Task Manager appears, look for TrojanDownloader:Win32/Pluzoks.A files (refer to Technical Reference) and click End Process.
2. Delete all registry entries that belong to this malware.
- Press [Windows Key]+R on your keyboard.
- In the 'Open' dialog box, type regedit and press Enter. This will open registry editor.
- Find and delete registry entries as mentioned in Technical Reference section below.
- Close registry editor. Changes made will be save automatically.
3. Scan the computer with antivirus program.
- Connect to Internet and open your antivirus software. Please update to obtain the latest database and necessary files.
- Restart the computer in Safe Mode.
- Just before Windows logo begins to load press F8 on your keyboard.
- On Windows Advanced Boot Options, select Safe Mode and press Enter.
4. Delete all files dropped by TrojanDownloader:Win32/Pluzoks.A.
- While still in Safe Mode, search and delete malicious files. Please refer to 'Technical Reference'. Make sure that you execute 'End Task' first before deleting the file. Otherwise, the system will not let you perform this action.
Mark
Jul 22, 2012 @ 21:08:55
Free antivirus does not protect you against malicious code when you are browsing the Internet. For example, you click on some web page, you get infected. I mean Real-time protection is not available. You may not know, wen you click some link your password might get stolen. There are Internet Security Suite provided by Avira, Avast, AVG, Norton, ESET, but they are not FREE. So if you are always connected to Internet. I suggest, you try Panda Cloud antivirus. It is based on the latest Cloud technology, provides Real-time protection, does not require any updates, and is the most light-weight AV yet. The best thing is it comes for FREE! You can go to their official web site for more details.