Home Blog

Infostealer.Proxydown – How Can You Remove Infostealer.Proxydown quickly

Posted by in Blog Trojan
on December 23rd, 2012 | Leave a comment

Infostealer.Proxydown is a harmful Trojan virus like Infostealer.Dexter that can collect confidential information and download additional malicious files to the compromised computer. The Trojan has great ability to analysis the system and gains data like running windows services, IP address and network connections, which can be used by hackers to break down the security system. Gradually, Infostealer.Proxydown can conduct more malicious activities without being detected by a security program. The Trojan changes windows registry, system settings and web browser. It connects to the malicious domains and then downloads files according to commands from its server. The infection may disconnect the computer from internet when it finds users attempt to visit a website associated with some famous antivirus software. It is a big threat to both system and personal information. We sum up two ways to remove Infostealer.Proxydown completely from your computer.

How to remove Infostealer.Proxydown manually
How much do you know about the computer? If you are a novice, manual way is not a possible solution for you. Manual way involves modifying windows registry which is a key part for the system. If you make some mistakes, the consequence will be severe. If you are an experienced user, try the following steps to get rid of Infostealer.Proxydown.
1. Kill related processes via task manager
2. Delete files dropped by the trojan

%Temp%\[RANDOM CHARACTERS FILE NAME].dat
%Temp%\[RANDOM CHARACTERS FILE NAME].tmp
%Temp%\[RANDOM CHARACTERS]wg[RANDOM DIGIT].dat
%UserProfile%\Application Data\Microsoft\CommonFiles\wmshlp.dll
%UserProfile%\Application Data\Microsoft\CommonFiles\wmshlp.dll144031u23.tmp

3. Run registry editor and remove Infostealer.Proxydown registry entries

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\”TactXCI” = “rundll32.exe \”%UserProfile%\Application Data\Microsoft\CommonFiles\wmshlp.dll\” TactXCIHlp 137″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\”DefaultConnectionSettings” = “[BINARY DATA]“

4. Restart computer

How to remove Infostealer.Proxydown automatically
Do you know how common users remove the harmful Trojan? Of course, few users will use the manual way. Most victims choose a professional antivirus program to wipe off the infection. This method is safe and effective. A virus removal program can pick up infected files and malicious registry entries and then remove them completely without damaging the system. Even an expert will use a virus removal program when he wants to remove Infostealer.Proxydown or some other kinds of virus.

Infostealer.Proxydown is a latest Trojan horse virus, therefore, some antivirus may not update the database to include the infection. If your antivirus can not remove the Trojan, you can install Spyware Cease on your computer. Spyware Cease is a professional antivirus program which can help you remove Infostealer.Proxydown instantly.

Leave a Reply