Bakain spyware or virus on your computer and how to remove Bakain or fix it.

Please make sure you know what you are doing before performing any of the instructions on this site. You maybe better off downloading a proven spyware scanner and let the program do the cleaning. You may need anti-virus software as well and please allow up to 10 hours to get your system back on its feet again. Please feel free to ask questions, tell us the problem and we will help for FREE. We also have a great selection of SPYWARE and VIRUS prevention software available to try.

Removal instructions for bakain:

Bakain is a worm that spreads through network shares protected by weak passwords. Once executed, the parasite secretly installs itself to the system, runs a spreading routine and a payload. It changes some system settings and hides special Run and Find tools. The worm also contacts suspicious web sites. It automatically runs on every Windows startup.

Protect yourself from spyware and virus attacks PDF

Notes:


Stop processes:about linda.exe, lexplorer.exe, pcguard.exe, script.exe, service5.exe, systroy.exe, welcome.exe

Remove Registry values:


HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRunhttp
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRunjava
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRunserve user
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRunservice
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRunusbtray
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionRunsystem checker
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonShell=explorer.exe [percentage]System[percentage] kz16fkservice5.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonSystem=[percentage]System[percentage] kz16fkservice5.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonUserinit=[percentage]System[percentage]userinit.exe,[percentage]Windir[percentage]pchealthpcguard.exe
HKEY_CURRENT_USERSoftwareMicrosoftWindows NTCurrentVersionWindowsload=[percentage]System[percentage] kz16fkservice5.exe
HKEY_CURRENT_USERSoftwareMicrosoftCommand ProcessorAutorun=echo off|[percentage]Windir[percentage]pchealthpcguard.exe|cls
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorerNoFind=1
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorerNoRun=1
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionSystemFileProtectionShowPopups=0

Remove files:

about linda.exe, lexplorer.exe, pcguard.exe, script.exe, service5.exe, systroy.exe, welcome.exe

Remove directories:

C:WINDOWSSystem32 kz16fkC:WINNTSystem32 kz16fk
Additional:Exact file location:lexplorer.exe - C:WINDOWS or C:WINNTsystroy.exe - C:WINDOWSinf or C:WINNTinfscript.exe - C:WINDOWSSystem32 or C:WINNTSystem32pcguard.exe - C:WINDOWSpchealth or C:WINNTpchealthservice5.exe - C:WINDOWS or C:WINNT; C:WINDOWSSystem32 kz16fk or C:WINNTSystem32 kz16fkwelcome.exe - C:Documents and SettingsAll UsersStart MenuProgramsStartup Bakain:

Baby_100_a
Baby_100_b
Baca Trojan
Back Attack 1_3
Back Attack 1_4
Back Attack 1_5
Back Attack 1_6
Back Attack 1_7
Back Attack 1_8
Back Attack 1_9
Back Attack 2_0
Back Attack
Back Construction 1_2
Back Construction 1_5
Back Construction 2_1
Back Construction 2_5
Back Construction
Back door in Microsoft FrontPage extensions_authoring components
Back End 5
Back End 6
Back End
Back Find_trojan
Back Find_a_trojan
Back Find_b_trojan
Back Orifice 1_20
Back Orifice 1_3
Back Orifice 1_41
Back Orifice 2000 1_0 International
Back Orifice 2000 1_1
Back Orifice 2000 1_1_1
Back Orifice 2000 1_1_2
Back Orifice 2000 1_3 beta 1
Back Orifice 2000 1_3 beta 1a
Back Orifice 2000 1_3 beta 4_1
Back Orifice 2000 1_3 pre 1
Back Orifice 2000 1_3 pre 10
Back Orifice 2000 1_3 pre 2
Back Orifice 2000 1_3 pre 3
Back Orifice 2000 1_3 pre 4
Back Orifice 2000 1_3 pre 5
Back Orifice 2000 1_3 pre 6
Back Orifice 2000 1_3 pre 7
Back Orifice 2000 1_3 pre 8
Back Orifice 2000 1_3 pre 8a
Back Orifice 2000 1_3 pre 9
Back Orifice 2000 Analyzer
Back Orifice 2000 CVS 000
Back Orifice 2000 CVS 001
Back Orifice 2000 CVS 002
Back Orifice 2000 CVS 003
Back Orifice 2000 CVS 004
Back Orifice 2000 CVS 005
Back Orifice 2000 Password Scanning Plugin
Back Orifice 2000 SDK
Back Orifice 2000
Back Orifice 3 DES
Back Orifice Eliminator
Back Orifice FTP Plugin
Back Orifice Java 1_0
Back Orifice Plugin Source
Back Orifice Scanner
Back Orifice Spy 1_31
Back Orifice Spy 1_61
Back Orifice Unix 1_21
Back Orifice
Back OrifiX 1_1
Back Streets 1_5
Back_color_c
Backage 3_0
Backage 3_0_1
Backage 3_1 New Backdoor Age
Backage 3_2 SE
Backage Server 3_1a
Backage
Backdoor 1_x
Backdoor 2_00
Backdoor 2_01
Backdoor 2_02
Backdoor 2_03
Backdoor 2_1
Backdoor AAG_A
Backdoor Champion
BackDoor Galore
Backdoor
BackDoor_JZ
BackDoor-CR
BackDoor-KF
BackDoor-OG_trojan
Backdoors Trojan
Backdoors
BackFire 1_0
BackFire 1_31
BackFire
BackLash 1_01 A
BackLash
BackSocket 5_0
BackSocket 5_6
BackSocket
Backstabb Lite
BackStealth
Backtime_528
BackTrap
BackWindows 1_0
Backwork 2_01
Backwork 2_12
Backwork
BadBlood
BadBOT
Badboy_1000
Badboy_Riot_1049
Badboys Scanner
Badboyz Bomber 3
BadHeads Mailbomber 0_9
BadLuck 0_3
BadLuck 2
BadLuck 2_7
BadLuck Reloaded
Badtrack_trojan
BagKeys
Bailey
Bailey_334
Bailey_380
Balistix 1_0
Balk
Bancos
Bang Youre Dead_trojan
BankAds_com
Banner_Date_com
Banner_GoldenPalace
BannerBank_net
BannerFarm
Banners_ValueAd_com
BannerSpace_com
Barbare
Barbie
Barely19
Barisot
BarJam_trojan
Barney Trojan
Barok - loveletter (vbe)
Barok - loveletter(vbe)
Barok 1_0
Barok 2_0
Barok 2_1
Barok
Baron Night 1_0
Baron Night 2_0
Baron Night
Barrio 3_05
Barrio 3_10
Barrio 4_0
Barrio
Bash 2_01 _ ncurses 4_1 console takeover feature
Basic CD Tray Opener
Basic Hell 1_0
Basic ICQ Offences & Defenses
Basic Packet-Sniffer Construction from the Ground Up Part 1
BASTap
Bastard Sword
BAT
BAT_282
BAT_506
BAT_527
BAT_666
BAT_8Fish
BAT_Aduh
BAT_Aduh_b
BAT_Akuma_1935
BAT_Batalia_3_b
BAT_Batalia1_840
BAT_Batalia2_460
BAT_Batalia3
BAT_Batalia4_521
BAT_Batalia5
BAT_Batalia5_491_493
BAT_Batalia5_492
BAT_Batalia5_a
BAT_Batalia5_src
BAT_Batman_a
BAT_Battler
BAT_BFV_475
BAT_Bingo_1963
BAT_Black_b
BAT_BV_Root
BAT_BV_Stupid
BAT_BV_VX_558
BAT_BWG generated
BAT_Cheezy_329
BAT_ClsV_475
BAT_Code
BAT_Code_169
BAT_Code_356
BAT_Code_737
BAT_Cold_a
BAT_Combat_j
BAT_Comp_226
BAT_Confusion Trojan
BAT_CoolHz_703
BAT_Craz_1267
BAT_Craz_1414
BAT_Craz_b
BAT_Damn_1432
BAT_DeAd
BAT_DeAd_a
BAT_DeAd_b
BAT_DebugVir_782
BAT_Delwin
BAT_Delwin_AX
BAT_Descript
BAT_Dolomite_A
BAT_Drop_2645
BAT_Duke
BAT_Dvquest
BAT_Dvquest_a
BAT_Dvquest_d
Bat_Epy
BAT_For_322
BAT_Fret_1023
BAT_Froggy_1476
BAT_Geez_a
BAT_Gomaba
BAT_Goofy
BAT_Gpb
BAT_Gremlin_1189
BAT_Gremlin_1424
BAT_Gremlin_1460
BAT_Haltwin_F
BAT_HelloW
BAT_HexVirus_1840
BAT_Highjaq_1400
BAT_HNY_3350
BAT_Hokum
BAT_Hotka
BAT_IBBM_Pifv
BAT_IBBM_Qlop
BAT_Ich_285
BAT_Infect_406
BAT_Ins
BAT_IRCFlood
BAT_Kefi
BAT_Khorp_289
BAT_Killall_C
BAT_Lame_874
BAT_Life
BAT_Limi_c
BAT_MDMA_990
BAT_Melt
BAT_Melt_1811
BAT_Melt_b
BAT_Metallica
BAT_MF
BAT_MF_102
BAT_MF_116
BAT_MF_227
BAT_MF_249
BAT_MF_278
BAT_MF_282b
BAT_MF_288
BAT_MF_350
BAT_MF_378
BAT_Mirc_3084
BAT_Mobius
BAT_Moral_941
BAT_Mosquito_b
BAT_MouseDisable_B
BAT_NewHost
BAT_Nice_2954
BAT_Nuc_9078
BAT_Obsolete_335
BAT_Orag_1621
BAT_Pamp_928
BAT_Parasite
BAT_Passion_1370
BAT_PenFold_2135
BAT_PG94_703
BAT_PifV
BAT_PolyBat
BAT_Pot
BAT_Pot_b
BAT_Rarme
BAT_Revenge
BAT_Sex
BAT_SG
BAT_Shadow_1232
BAT_Shak_1268
BAT_Silly
BAT_Silly_a
BAT_Silly_aa
BAT_Silly_aq
BAT_Silly_ar
BAT_Silly_n
BAT_Silly_o
BAT_Silly_p
BAT_Silly_q
BAT_Silly_w
BAT_Sit_360
BAT_Skul
BAT_Small_a
BAT_SMF
BAT_SMF_120
BAT_SMF_121
BAT_SMF_137
BAT_SMF_155
BAT_SMF_166
BAT_SMF_266
BAT_SMF_301
BAT_Snake
BAT_Snake_c
BAT_Soliton_a
BAT_SpamAcid
BAT_Spth_Checker
BAT_Spth_Checker_a
BAT_Spth_Checker_b
BAT_Spth_Name
BAT_SS
BAT_SS_156
BAT_SS_b
BAT_Super_561
BAT_Sys_602
BAT_Tally_1028
BAT_Telo_505
BAT_Terror1st
BAT_Tiny
BAT_TNse_1544
BAT_TTT
BAT_VaraXadoR
BAT_VB_Virh
BAT_Vir
BAT_Viru_449
BAT_Viz_530
BAT_Voff_1414
BAT_Vr_a
BAT_Winstart
BAT_Winstart__II_511
BAT_Winstart_296
BAT_Winstart_297
BAT_Wise_2246
BAT_Wnt_666
BAT_Xop_367
BAT_Xop_Winstroy
BAT_Zeke_324
BAT_ZekeZip
BAT_Zep
BAT_ZipBat
BAT_ZipBat_607
BAT_ZipBat_615
BAT_Zop_b
Bat2Exec_1644
Bat2Exec_SillyO_2048
BAT_Bom_53 Constructor
BAT_Bom_55 Constructor
BAT_Bom_58 Constructor
BAT_Bom_59 Constructor
BAT_Bom_60 Constructor
Bat_btg
BAT_BTG_03 Constructor
BAT_BTG_04 Constructor
BAT_BTG_05 Constructor
BAT_BTG_06 Constructor
BAT_BTG_07 Constructor
Bat_Bug
Bat_Bulbas_A
Bat_BWG
BAT_BWG_404 Constructor
BAT_BWG_408 Constructor
BAT_BWG_502 Constructor
Bat_BWG_gen
Bat_BWG_Kit
Batch Trojan Generator
Batch Worm Generator
Batch_Bomb
Batcompi Trojan
Batcrack 1_0
Bat_Darky_A
Bat_Flood_C!Trojan
Bat_HotToTrot
Bat_IRC_Flood_Ntlm_Trojan
Bat_IRC_Flood_RmtCfg_Trojan
Bat_IRC_Zcrew_Worm
Bat_IRCFlood!Component!Trojan
Bat_iRCFlood_Secedit!Trojan
Bat_IRCFlood_Sheh32!Trojan
Bat_Laff_Component_Trojan
Batman Trojan
Bat_Msvccupd_426!Trojan
Bat_PWS_Myss_A_Trojan
Bat_Secure!Trojan
Bat_ServU_A!Trojan
Battle Pong Pro Trojan
BattlePong
Bat_Univ!Trojan
Bazalba
Bachdoor_Coldfuson_11
Bachdoor_Coldfuson_11_a
Bachdoor_Coldfuson_11_b
Backdoor Program
Backdoor Program_LC
backdoor_sdbot_gen
backdoor_vb_pt
Backdoor-AFN
BackDoor-AMA
Backage_301_Server
Backage_31
BackAttack
BackAttack_14
BackAttack_19
BackAttack_20
BackCGI
BackConstructor_2_0
BackConstructor_15
BackOrifice
BackOrifice2K
Badbot
Bancodor
Bancodor_a
Bancodor_b
Bancodor_f
Bancodor_i
Bancodor_j
Bancodor_k
Bancodor_n
Bancodor_o
Bandor
Banito
Banito_a
Banito_b
Banito_g
BaronNight_10
BAT_Comlabat
BAT_Comlabat_03
BAT_Comlabat_04
BAT_Passer_a
Backdoor-JZ_trojan
Balistix
BandObjects_eStart
Barbarie
Basic ICQ Pager
Bat_IRC_Flood_F!Trojan
Bat_NTRootKit!Trojan
Bat_Passer_c!Worm
Bat_Randon_i!Worm
Bat_ServU!Trojan
Bat_WebDir!Trojan
BazookaBar
BaciamiStupido
Baby_100
Babcia-fingerd_c
BAT_Arhiworm_547
BAT_Bombas
BAT_Boohoo_Worm
BAT_AntiDN
BAT_Arhiworm_555
BAT_Arhiworm_590
BAT_Arica
BAT_Autoexec
BAT_Baclan
BAT_Badjok
BAT_Baster
BAT_Beat
BAT_Beware
BAT_Billy
BAT_Black
BAT_BlackDay
BAT_Bolt
BAT_Bomb
BAT_Boru
BAT_Butcher
BAT_Butt
BAT_Bvone
BAT_BWG_a
BAT_Bylys
BAT_Cat
BAT_Caya
BAT_Chode
BAT_Cigar
BAT_Clouner
BAT_Copier
BAT_CopyToAll
BAT_CopyToAutoexec
BAT_CopyToStart
BAT_Corea
BAT_Craz
BAT_Darkomen
BAT_Darky
BAT_DebugVir
BAT_DelAutoexec
BAT_Delirium
BAT_Dohman
BAT_Energy
BAT_England
BAT_Eris
BAT_Erro
BAT_Explore
BAT_Falken
BAT_FineKill
BAT_Follar
BAT_Formats
BAT_Genesis
BAT_GoodCom
BAT_Gqecho
BAT_Gray
BAT_Grozny
BAT_Haha
BAT_Hamlet
BAT_HBBG
Baigoo_a
Bat_IRCFlood_42!Trojan
Bat_IRCFlood_Component_Trojan
Bancodor_m
BAT_Batalia6
BAT_Silly_m
Back Orifice Spy
Backfont
Backfont_765
Backfont_896
Backfont_905
Backformat_1860
Bad Boys 3
Bad Taste
BadSectors_3428
Bad_Boy_1000_H
Bad_Taste
BammPC-01
Baobab_1635
Barrotes
Barrotes_1194
Barrotes_1303
Barrotes_1310_A
BAT_Delwin_AP
BAT_FF23_A
Bat_Combat-2
Bat_Ff23!Trojan
Bat_HDKiller
Bat_Nuc-a
Bat_Zor
BackWebLite
BackConstruction
BackdoorTrojan
BargainBuddy
Back Web
BadTrans_B
BackWeb Client
Bargain Buddy
Banleed
Banger
BadLuck
Bactera
Banwarum
Barjie
Banleed_b
BAT_IBBM_generic
Bacalid
Bankem_b
Bacalid_b
Banigo
Baiso
Bakain
Share on Facebook