lmousedrv.dll - Dangerous
lmousedrv.dll
Manual removal instructions:
Antivirus Report of lmousedrv.dll:
lmousedrv.dll
lmousedrv.dll is a mass-mailing worm W32.Kalel.A@mm.
lmousedrv.dll opens a back door on TCP port 51435.
lmousedrv.dll spreads via open network shares.
lmousedrv.dll monitors user Internet activity and private information.
It sends stolen data to a hacker site.
Related files:
%Windir%\system\csrss.exe
%Windir%\system\services.exe
%Windir%\system\lsass.exe
%Windir%\system\lmousedrv.dll
%Windir%\system\kmousedrv.dll
%Windir%\system32\Kalel
%Windir%\system32\Kalel.gif
%Windir%\system32\irpa_driver.dat
%Windir%\system32\mrundll.uu3
%Windir%\system32\rundll.uu2
%Windir%\system32\rundll64.uu
%Windir%\system32\frundll32.ocx
%Windir%\system32\lrundll16.dat
%Windir%\system32\nrundll.gy
C:\inetpub\wwwroot\password.zip
C:\inetpub\wwwroot\index.html
Adds the value:
"Windows Security Authority Service" = "%Windir%\system\lsass.exe"
"Windows Service" = "%Windir%\system\services.exe"
"Microsoft Windows CSRSS" = "%Windir%\system\csrss.exe"
to the Windows startup registry keys.
Removal:
Remove lmousedrv.dll from Windows startup.
| lmousedrv.dll | Malware |
| lmousedrv.dll | Dangerous |
| lmousedrv.dll | High Risk |
lmousedrv.dll opens a back door on TCP port 51435.
lmousedrv.dll spreads via open network shares.
lmousedrv.dll monitors user Internet activity and private information.
It sends stolen data to a hacker site.
Related files:
%Windir%\system\csrss.exe
%Windir%\system\services.exe
%Windir%\system\lsass.exe
%Windir%\system\lmousedrv.dll
%Windir%\system\kmousedrv.dll
%Windir%\system32\Kalel
%Windir%\system32\Kalel.gif
%Windir%\system32\irpa_driver.dat
%Windir%\system32\mrundll.uu3
%Windir%\system32\rundll.uu2
%Windir%\system32\rundll64.uu
%Windir%\system32\frundll32.ocx
%Windir%\system32\lrundll16.dat
%Windir%\system32\nrundll.gy
C:\inetpub\wwwroot\password.zip
C:\inetpub\wwwroot\index.html
Adds the value:
"Windows Security Authority Service" = "%Windir%\system\lsass.exe"
"Windows Service" = "%Windir%\system\services.exe"
"Microsoft Windows CSRSS" = "%Windir%\system\csrss.exe"
to the Windows startup registry keys.
Removal:
Remove lmousedrv.dll from Windows startup.
Reviewed by:
by
NightWatcher
Jeff's Story:
My PC had gotten a bad rootkit that my ISP antivirus software (powered by McAfee) could not detect, nor could fix.
I sought a solution on the Internet and discovered your product and tried out the trial of UnHackMe.
You quickly found the rootkit and SAVED my PC!
I haven't had any problems since, and I'm extremely grateful.