Bakain spyware or virus on your computer and how to remove Bakain or fix it.
Please make sure you know what you are doing before performing any of the instructions on this site. You maybe better off downloading a proven spyware scanner and let the program do the cleaning. You may need anti-virus software as well and please allow up to 10 hours to get your system back on its feet again. Please feel free to ask questions, tell us the problem and we will help for FREE. We also have a great selection of SPYWARE and VIRUS prevention software available to try.
Removal instructions for bakain:
Bakain is a worm that spreads through network shares protected by weak passwords. Once executed, the parasite secretly installs itself to the system, runs a spreading routine and a payload. It changes some system settings and hides special Run and Find tools. The worm also contacts suspicious web sites. It automatically runs on every Windows startup.
Protect yourself from spyware and virus attacks PDF
Notes:
Stop processes:about linda.exe, lexplorer.exe, pcguard.exe, script.exe, service5.exe, systroy.exe, welcome.exe
Remove Registry values:
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRunhttp
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRunjava
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRunserve user
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRunservice
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRunusbtray
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionRunsystem checker
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonShell=explorer.exe [percentage]System[percentage] kz16fkservice5.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonSystem=[percentage]System[percentage] kz16fkservice5.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonUserinit=[percentage]System[percentage]userinit.exe,[percentage]Windir[percentage]pchealthpcguard.exe
HKEY_CURRENT_USERSoftwareMicrosoftWindows NTCurrentVersionWindowsload=[percentage]System[percentage] kz16fkservice5.exe
HKEY_CURRENT_USERSoftwareMicrosoftCommand ProcessorAutorun=echo off|[percentage]Windir[percentage]pchealthpcguard.exe|cls
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorerNoFind=1
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorerNoRun=1
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionSystemFileProtectionShowPopups=0
Remove files:
about linda.exe, lexplorer.exe, pcguard.exe, script.exe, service5.exe, systroy.exe, welcome.exeRemove directories:
C:WINDOWSSystem32 kz16fkC:WINNTSystem32 kz16fkAdditional:Exact file location:lexplorer.exe - C:WINDOWS or C:WINNTsystroy.exe - C:WINDOWSinf or C:WINNTinfscript.exe - C:WINDOWSSystem32 or C:WINNTSystem32pcguard.exe - C:WINDOWSpchealth or C:WINNTpchealthservice5.exe - C:WINDOWS or C:WINNT; C:WINDOWSSystem32 kz16fk or C:WINNTSystem32 kz16fkwelcome.exe - C:Documents and SettingsAll UsersStart MenuProgramsStartup Bakain:
- Baby_100_a
- Baby_100_b
- Baca Trojan
- Back Attack 1_3
- Back Attack 1_4
- Back Attack 1_5
- Back Attack 1_6
- Back Attack 1_7
- Back Attack 1_8
- Back Attack 1_9
- Back Attack 2_0
- Back Attack
- Back Construction 1_2
- Back Construction 1_5
- Back Construction 2_1
- Back Construction 2_5
- Back Construction
- Back door in Microsoft FrontPage extensions_authoring components
- Back End 5
- Back End 6
- Back End
- Back Find_trojan
- Back Find_a_trojan
- Back Find_b_trojan
- Back Orifice 1_20
- Back Orifice 1_3
- Back Orifice 1_41
- Back Orifice 2000 1_0 International
- Back Orifice 2000 1_1
- Back Orifice 2000 1_1_1
- Back Orifice 2000 1_1_2
- Back Orifice 2000 1_3 beta 1
- Back Orifice 2000 1_3 beta 1a
- Back Orifice 2000 1_3 beta 4_1
- Back Orifice 2000 1_3 pre 1
- Back Orifice 2000 1_3 pre 10
- Back Orifice 2000 1_3 pre 2
- Back Orifice 2000 1_3 pre 3
- Back Orifice 2000 1_3 pre 4
- Back Orifice 2000 1_3 pre 5
- Back Orifice 2000 1_3 pre 6
- Back Orifice 2000 1_3 pre 7
- Back Orifice 2000 1_3 pre 8
- Back Orifice 2000 1_3 pre 8a
- Back Orifice 2000 1_3 pre 9
- Back Orifice 2000 Analyzer
- Back Orifice 2000 CVS 000
- Back Orifice 2000 CVS 001
- Back Orifice 2000 CVS 002
- Back Orifice 2000 CVS 003
- Back Orifice 2000 CVS 004
- Back Orifice 2000 CVS 005
- Back Orifice 2000 Password Scanning Plugin
- Back Orifice 2000 SDK
- Back Orifice 2000
- Back Orifice 3 DES
- Back Orifice Eliminator
- Back Orifice FTP Plugin
- Back Orifice Java 1_0
- Back Orifice Plugin Source
- Back Orifice Scanner
- Back Orifice Spy 1_31
- Back Orifice Spy 1_61
- Back Orifice Unix 1_21
- Back Orifice
- Back OrifiX 1_1
- Back Streets 1_5
- Back_color_c
- Backage 3_0
- Backage 3_0_1
- Backage 3_1 New Backdoor Age
- Backage 3_2 SE
- Backage Server 3_1a
- Backage
- Backdoor 1_x
- Backdoor 2_00
- Backdoor 2_01
- Backdoor 2_02
- Backdoor 2_03
- Backdoor 2_1
- Backdoor AAG_A
- Backdoor Champion
- BackDoor Galore
- Backdoor
- BackDoor_JZ
- BackDoor-CR
- BackDoor-KF
- BackDoor-OG_trojan
- Backdoors Trojan
- Backdoors
- BackFire 1_0
- BackFire 1_31
- BackFire
- BackLash 1_01 A
- BackLash
- BackSocket 5_0
- BackSocket 5_6
- BackSocket
- Backstabb Lite
- BackStealth
- Backtime_528
- BackTrap
- BackWindows 1_0
- Backwork 2_01
- Backwork 2_12
- Backwork
- BadBlood
- BadBOT
- Badboy_1000
- Badboy_Riot_1049
- Badboys Scanner
- Badboyz Bomber 3
- BadHeads Mailbomber 0_9
- BadLuck 0_3
- BadLuck 2
- BadLuck 2_7
- BadLuck Reloaded
- Badtrack_trojan
- BagKeys
- Bailey
- Bailey_334
- Bailey_380
- Balistix 1_0
- Balk
- Bancos
- Bang Youre Dead_trojan
- BankAds_com
- Banner_Date_com
- Banner_GoldenPalace
- BannerBank_net
- BannerFarm
- Banners_ValueAd_com
- BannerSpace_com
- Barbare
- Barbie
- Barely19
- Barisot
- BarJam_trojan
- Barney Trojan
- Barok - loveletter (vbe)
- Barok - loveletter(vbe)
- Barok 1_0
- Barok 2_0
- Barok 2_1
- Barok
- Baron Night 1_0
- Baron Night 2_0
- Baron Night
- Barrio 3_05
- Barrio 3_10
- Barrio 4_0
- Barrio
- Bash 2_01 _ ncurses 4_1 console takeover feature
- Basic CD Tray Opener
- Basic Hell 1_0
- Basic ICQ Offences & Defenses
- Basic Packet-Sniffer Construction from the Ground Up Part 1
- BASTap
- Bastard Sword
- BAT
- BAT_282
- BAT_506
- BAT_527
- BAT_666
- BAT_8Fish
- BAT_Aduh
- BAT_Aduh_b
- BAT_Akuma_1935
- BAT_Batalia_3_b
- BAT_Batalia1_840
- BAT_Batalia2_460
- BAT_Batalia3
- BAT_Batalia4_521
- BAT_Batalia5
- BAT_Batalia5_491_493
- BAT_Batalia5_492
- BAT_Batalia5_a
- BAT_Batalia5_src
- BAT_Batman_a
- BAT_Battler
- BAT_BFV_475
- BAT_Bingo_1963
- BAT_Black_b
- BAT_BV_Root
- BAT_BV_Stupid
- BAT_BV_VX_558
- BAT_BWG generated
- BAT_Cheezy_329
- BAT_ClsV_475
- BAT_Code
- BAT_Code_169
- BAT_Code_356
- BAT_Code_737
- BAT_Cold_a
- BAT_Combat_j
- BAT_Comp_226
- BAT_Confusion Trojan
- BAT_CoolHz_703
- BAT_Craz_1267
- BAT_Craz_1414
- BAT_Craz_b
- BAT_Damn_1432
- BAT_DeAd
- BAT_DeAd_a
- BAT_DeAd_b
- BAT_DebugVir_782
- BAT_Delwin
- BAT_Delwin_AX
- BAT_Descript
- BAT_Dolomite_A
- BAT_Drop_2645
- BAT_Duke
- BAT_Dvquest
- BAT_Dvquest_a
- BAT_Dvquest_d
- Bat_Epy
- BAT_For_322
- BAT_Fret_1023
- BAT_Froggy_1476
- BAT_Geez_a
- BAT_Gomaba
- BAT_Goofy
- BAT_Gpb
- BAT_Gremlin_1189
- BAT_Gremlin_1424
- BAT_Gremlin_1460
- BAT_Haltwin_F
- BAT_HelloW
- BAT_HexVirus_1840
- BAT_Highjaq_1400
- BAT_HNY_3350
- BAT_Hokum
- BAT_Hotka
- BAT_IBBM_Pifv
- BAT_IBBM_Qlop
- BAT_Ich_285
- BAT_Infect_406
- BAT_Ins
- BAT_IRCFlood
- BAT_Kefi
- BAT_Khorp_289
- BAT_Killall_C
- BAT_Lame_874
- BAT_Life
- BAT_Limi_c
- BAT_MDMA_990
- BAT_Melt
- BAT_Melt_1811
- BAT_Melt_b
- BAT_Metallica
- BAT_MF
- BAT_MF_102
- BAT_MF_116
- BAT_MF_227
- BAT_MF_249
- BAT_MF_278
- BAT_MF_282b
- BAT_MF_288
- BAT_MF_350
- BAT_MF_378
- BAT_Mirc_3084
- BAT_Mobius
- BAT_Moral_941
- BAT_Mosquito_b
- BAT_MouseDisable_B
- BAT_NewHost
- BAT_Nice_2954
- BAT_Nuc_9078
- BAT_Obsolete_335
- BAT_Orag_1621
- BAT_Pamp_928
- BAT_Parasite
- BAT_Passion_1370
- BAT_PenFold_2135
- BAT_PG94_703
- BAT_PifV
- BAT_PolyBat
- BAT_Pot
- BAT_Pot_b
- BAT_Rarme
- BAT_Revenge
- BAT_Sex
- BAT_SG
- BAT_Shadow_1232
- BAT_Shak_1268
- BAT_Silly
- BAT_Silly_a
- BAT_Silly_aa
- BAT_Silly_aq
- BAT_Silly_ar
- BAT_Silly_n
- BAT_Silly_o
- BAT_Silly_p
- BAT_Silly_q
- BAT_Silly_w
- BAT_Sit_360
- BAT_Skul
- BAT_Small_a
- BAT_SMF
- BAT_SMF_120
- BAT_SMF_121
- BAT_SMF_137
- BAT_SMF_155
- BAT_SMF_166
- BAT_SMF_266
- BAT_SMF_301
- BAT_Snake
- BAT_Snake_c
- BAT_Soliton_a
- BAT_SpamAcid
- BAT_Spth_Checker
- BAT_Spth_Checker_a
- BAT_Spth_Checker_b
- BAT_Spth_Name
- BAT_SS
- BAT_SS_156
- BAT_SS_b
- BAT_Super_561
- BAT_Sys_602
- BAT_Tally_1028
- BAT_Telo_505
- BAT_Terror1st
- BAT_Tiny
- BAT_TNse_1544
- BAT_TTT
- BAT_VaraXadoR
- BAT_VB_Virh
- BAT_Vir
- BAT_Viru_449
- BAT_Viz_530
- BAT_Voff_1414
- BAT_Vr_a
- BAT_Winstart
- BAT_Winstart__II_511
- BAT_Winstart_296
- BAT_Winstart_297
- BAT_Wise_2246
- BAT_Wnt_666
- BAT_Xop_367
- BAT_Xop_Winstroy
- BAT_Zeke_324
- BAT_ZekeZip
- BAT_Zep
- BAT_ZipBat
- BAT_ZipBat_607
- BAT_ZipBat_615
- BAT_Zop_b
- Bat2Exec_1644
- Bat2Exec_SillyO_2048
- BAT_Bom_53 Constructor
- BAT_Bom_55 Constructor
- BAT_Bom_58 Constructor
- BAT_Bom_59 Constructor
- BAT_Bom_60 Constructor
- Bat_btg
- BAT_BTG_03 Constructor
- BAT_BTG_04 Constructor
- BAT_BTG_05 Constructor
- BAT_BTG_06 Constructor
- BAT_BTG_07 Constructor
- Bat_Bug
- Bat_Bulbas_A
- Bat_BWG
- BAT_BWG_404 Constructor
- BAT_BWG_408 Constructor
- BAT_BWG_502 Constructor
- Bat_BWG_gen
- Bat_BWG_Kit
- Batch Trojan Generator
- Batch Worm Generator
- Batch_Bomb
- Batcompi Trojan
- Batcrack 1_0
- Bat_Darky_A
- Bat_Flood_C!Trojan
- Bat_HotToTrot
- Bat_IRC_Flood_Ntlm_Trojan
- Bat_IRC_Flood_RmtCfg_Trojan
- Bat_IRC_Zcrew_Worm
- Bat_IRCFlood!Component!Trojan
- Bat_iRCFlood_Secedit!Trojan
- Bat_IRCFlood_Sheh32!Trojan
- Bat_Laff_Component_Trojan
- Batman Trojan
- Bat_Msvccupd_426!Trojan
- Bat_PWS_Myss_A_Trojan
- Bat_Secure!Trojan
- Bat_ServU_A!Trojan
- Battle Pong Pro Trojan
- BattlePong
- Bat_Univ!Trojan
- Bazalba
- Bachdoor_Coldfuson_11
- Bachdoor_Coldfuson_11_a
- Bachdoor_Coldfuson_11_b
- Backdoor Program
- Backdoor Program_LC
- backdoor_sdbot_gen
- backdoor_vb_pt
- Backdoor-AFN
- BackDoor-AMA
- Backage_301_Server
- Backage_31
- BackAttack
- BackAttack_14
- BackAttack_19
- BackAttack_20
- BackCGI
- BackConstructor_2_0
- BackConstructor_15
- BackOrifice
- BackOrifice2K
- Badbot
- Bancodor
- Bancodor_a
- Bancodor_b
- Bancodor_f
- Bancodor_i
- Bancodor_j
- Bancodor_k
- Bancodor_n
- Bancodor_o
- Bandor
- Banito
- Banito_a
- Banito_b
- Banito_g
- BaronNight_10
- BAT_Comlabat
- BAT_Comlabat_03
- BAT_Comlabat_04
- BAT_Passer_a
- Backdoor-JZ_trojan
- Balistix
- BandObjects_eStart
- Barbarie
- Basic ICQ Pager
- Bat_IRC_Flood_F!Trojan
- Bat_NTRootKit!Trojan
- Bat_Passer_c!Worm
- Bat_Randon_i!Worm
- Bat_ServU!Trojan
- Bat_WebDir!Trojan
- BazookaBar
- BaciamiStupido
- Baby_100
- Babcia-fingerd_c
- BAT_Arhiworm_547
- BAT_Bombas
- BAT_Boohoo_Worm
- BAT_AntiDN
- BAT_Arhiworm_555
- BAT_Arhiworm_590
- BAT_Arica
- BAT_Autoexec
- BAT_Baclan
- BAT_Badjok
- BAT_Baster
- BAT_Beat
- BAT_Beware
- BAT_Billy
- BAT_Black
- BAT_BlackDay
- BAT_Bolt
- BAT_Bomb
- BAT_Boru
- BAT_Butcher
- BAT_Butt
- BAT_Bvone
- BAT_BWG_a
- BAT_Bylys
- BAT_Cat
- BAT_Caya
- BAT_Chode
- BAT_Cigar
- BAT_Clouner
- BAT_Copier
- BAT_CopyToAll
- BAT_CopyToAutoexec
- BAT_CopyToStart
- BAT_Corea
- BAT_Craz
- BAT_Darkomen
- BAT_Darky
- BAT_DebugVir
- BAT_DelAutoexec
- BAT_Delirium
- BAT_Dohman
- BAT_Energy
- BAT_England
- BAT_Eris
- BAT_Erro
- BAT_Explore
- BAT_Falken
- BAT_FineKill
- BAT_Follar
- BAT_Formats
- BAT_Genesis
- BAT_GoodCom
- BAT_Gqecho
- BAT_Gray
- BAT_Grozny
- BAT_Haha
- BAT_Hamlet
- BAT_HBBG
- Baigoo_a
- Bat_IRCFlood_42!Trojan
- Bat_IRCFlood_Component_Trojan
- Bancodor_m
- BAT_Batalia6
- BAT_Silly_m
- Back Orifice Spy
- Backfont
- Backfont_765
- Backfont_896
- Backfont_905
- Backformat_1860
- Bad Boys 3
- Bad Taste
- BadSectors_3428
- Bad_Boy_1000_H
- Bad_Taste
- BammPC-01
- Baobab_1635
- Barrotes
- Barrotes_1194
- Barrotes_1303
- Barrotes_1310_A
- BAT_Delwin_AP
- BAT_FF23_A
- Bat_Combat-2
- Bat_Ff23!Trojan
- Bat_HDKiller
- Bat_Nuc-a
- Bat_Zor
- BackWebLite
- BackConstruction
- BackdoorTrojan
- BargainBuddy
- Back Web
- BadTrans_B
- BackWeb Client
- Bargain Buddy
- Banleed
- Banger
- BadLuck
- Bactera
- Banwarum
- Barjie
- Banleed_b
- BAT_IBBM_generic
- Bacalid
- Bankem_b
- Bacalid_b
- Banigo
- Baiso
- Bakain
