Pigeon AZOD
Pigeon AZOD is both a backdoor Trojan and Trojan dropper, and simultaneously allows remote criminals to access your PC as well as installing additional PC threats besides itself. Pigeon AZOD is associated with the installation of spyware that may steal private information via keylogging attacks, the presence of inaccurate system warnings that promote rogue security programs and browser hijacks that promote the same while also blocking your ability to visit unrelated sites. SpywareRemove.com malware researchers discourage attempts to find or remove Pigeon AZOD without assistance from anti-malware software since Pigeon AZOD will attempt to conceal its files and is likely to be accompanied by other PC threats that are equivalently-difficult to detect or remove.
Pigeon AZOD: Flying in a Flock with Spies and Shysters
Pigeon AZOD is known for its partnership with both spyware-based PC threats and rogue security products that imitate the appearances, but not the features of anti-virus and file-cleaning programs. Major dangers that SpywareRemove.com malware researchers note whenever Pigeon AZOD or programs from its payload are present include (but aren't limited to):
- Loss of private information such as Social Security numbers, online banking data or account passwords. Pigeon AZOD may install keyloggers that record keyboard input to harvest this information, redirect you to phishing sites or install PC threats that scan specific files for saved information.
- The appearance of fake system alerts and warning messages that recommend the installation, usage or purchase of fraudulent security programs. Error messages can include fake warnings about high-level threats like spyware, as well as fake scanner results; SpywareRemove.com malware experts, as a result, recommend that you distrust error messages from unrecognized applications if Pigeon AZOD could be on your PC.
- Browser redirects that force your web browser to load websites that promote the aforementioned scamware or other types of PC threats. The majority of browser hijackers and Pigeon AZOD itself cannot be removed merely by deleting your web browser.
Shooting This Bad Bird Out of Your PC
If you see symptoms of a possible Pigeon AZOD infection on your computer, you should work under the assumption that Pigeon AZOD is active whenever you start your PC normally, since Pigeon AZOD will launch itself automatically and hide itself as a background memory process. Along with all of its other tricks, Pigeon AZOD will also create a backdoor security vulnerability on your PC that allows criminals to access and potentially-control the system. Due to this risk especially, SpywareRemove.com malware experts suggest that you remove Pigeon AZOD the very moment you see signs of Pigeon AZOD's presence on your PC.
Although competent anti-malware scanners can remove Pigeon AZOD, you should be careful to use a trustworthy brand and not rely on a rogue anti-malware product that Pigeon AZOD promotes or installs without your consent. You may also need to take additional steps to disable Pigeon AZOD before you can delete Pigeon AZOD and its payload – at a minimum, rebooting into Safe Mode is recommended before you launch your scan.
File System Modifications
- The following files were created in the system:
# File Name 1 3.exe 2 pvtfcx6n.dll
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{RegistryKeys}HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_dhcp_clientsHKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_dhcp_clients nextinstanceHKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_dhcp_clients\0000HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_dhcp_clients\0000 classHKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_dhcp_clients\0000 classguidHKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_dhcp_clients\0000 configflagsHKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_dhcp_clients\0000 devicedescHKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_dhcp_clients\0000 legacyHKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_dhcp_clients\0000 serviceHKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_dhcp_clients\0000\controlHKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\legacy_dhcp_clients\0000\control activeserviceHKEY_LOCAL_MACHINE\system\currentcontrolset\services\dhcp clientsHKEY_LOCAL_MACHINE\system\currentcontrolset\services\dhcp clients descriptionHKEY_LOCAL_MACHINE\system\currentcontrolset\services\dhcp clients displaynameHKEY_LOCAL_MACHINE\system\currentcontrolset\services\dhcp clients errorcontrolHKEY_LOCAL_MACHINE\system\currentcontrolset\services\dhcp clients imagepathHKEY_LOCAL_MACHINE\system\currentcontrolset\services\dhcp clients objectnameHKEY_LOCAL_MACHINE\system\currentcontrolset\services\dhcp clients startHKEY_LOCAL_MACHINE\system\currentcontrolset\services\dhcp clients typeHKEY_LOCAL_MACHINE\system\currentcontrolset\services\dhcp clients\enumHKEY_LOCAL_MACHINE\system\currentcontrolset\services\dhcp clients\enum 0HKEY_LOCAL_MACHINE\system\currentcontrolset\services\dhcp clients\enum countHKEY_LOCAL_MACHINE\system\currentcontrolset\services\dhcp clients\enum nextinstanceHKEY_LOCAL_MACHINE\system\currentcontrolset\services\dhcp clients\parametersHKEY_LOCAL_MACHINE\system\currentcontrolset\services\dhcp clients\parameters servicedllHKEY_LOCAL_MACHINE\system\currentcontrolset\services\dhcp clients\securityHKEY_LOCAL_MACHINE\system\currentcontrolset\services\dhcp clients\security security
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.