Removed: ..\Afrouq\fagi.exe (trojan Zbot)
Malware: C:\sand-box\t.exe Removed: C:\Documents and Settings\Administrator\Application Data\Afrouq\fagi.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: {DD18CE72-CE18-6688-8042-C64BEA9C7850} Author: Ircy Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\AFROUQ\FAGI.EXE (random filename) Type: Registry Run Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.04.30 Gen:Trojan.Heur.Zbot.4 Kaspersky 7.0.0.125 2010.04.30 Trojan-Spy.Win32.Zbot.gen Microsoft 1.5703 2010.04.29 PWS:Win32/Zbot.gen!Y NOD32 5073 [...]
Removal Tool
Removed: Receita5.avi.exe (trojan Banload)
Malware: C:\sand-box\Receita5.avi.exe Removed: C:\sand-box\Receita5.avi.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: iexplorers Author: Unknown Related File: C:\SAND-BOX\RECEITA5.AVI.EXE Type: Registry Run Item Name: Receita5.avi.exe Author: Unknown Related File: C:\SAND-BOX\RECEITA5.AVI.EXE Type: Running Processes After first reboot detected by UnHackMe: Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.04.29 Trojan.Crypt.Delf.B Kaspersky [...]
Removal Tool
Removed: c:\start.bat (EasyTime.exe)
Malware: setup.exe Removed: c:\start.bat(C:\Documents and Settings\Administrator\Application Data\EasyTime\EasyTime.exe) —————————————————————————————————————————- Detected by UnHackMe: Item Name: shell Author: Unknown Related File: Explorer.exe, c:\start.bat Type: System.ini Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.04.30 Suspicious:W32/Malware!Gemini Kaspersky 7.0.0.125 2010.04.30 Trojan.Win32.Inject.apho Microsoft 1.5703 2010.04.30 – NOD32 5073 2010.04.29 – —————————————————————————————————————————- Additional information [...]
Removal Tool
Removed: WinHelp32.exe (trojan SystemHijack)
Malware: C:\sand-box\dk.exe Removed: C:\WINDOWS\system32\WinHelp32.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: WinHelp32 Author: Beijing Rising Information Technology Co., Ltd. Related File: C:\WINDOWS\system32\WinHelp32.exe Type: Auto Services After first reboot detected by UnHackMe: Item Name: PCIDump.SYS Author: Unknown Related File: C:\WINDOWS\SYSTEM32\DRIVERS\PCIDUMP.SYS Type: Drivers Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure [...]
Removal Tool
Removed: apmanager.exe (Fake Alert APManager)
Malware: Download – Fixer-downloader.exe Removed: C:\Documents and Settings\Administrator\Application Data\ARManager\apmanager.exe —————————————————————————————————————————- Detected by RegRun Warrior: Item Name: shell Author: Unknown Related File: C:\Documents and Settings\Administrator\Application Data\ARManager\apmanager.exe Type: User Shell Item Name: apmanager.exe Author: Unknown Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\ARMANAGER\APMANAGER.EXE Type: Registry Run Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update [...]
Removal Tool
Removed: WinHelp32.exe, MFC42.TDM, 360SAFE.EXE, PCIDUMP.SYS (trojan Cosmu)
Malware: baohu.exe Removed: C:\WINDOWS\system32\WinHelp32.exe C:\PROGRAM FILES\INTERNET EXPLORER\MFC42.TDM C:\WINDOWS\SYSTEM32\360SAFE.EXE C:\WINDOWS\system32\drivers\PCIDump.sys —————————————————————————————————————————- Detected by UnHackMe: Item Name: WinHelp32 Author: Beijing Rising Information Technology Co., Ltd. Related File: C:\WINDOWS\system32\WinHelp32.exe Type: Auto Services Item Name: {DD7D4640-4464-48C0-83FD-21338366D2D3} Author: Beijing Rising Information Technology Co., Ltd. Related File: C:\PROGRAM FILES\INTERNET EXPLORER\MFC42.TDM Type: Shell Execute Hooks Item Name: 360safebox Author: Related File: C:\WINDOWS\SYSTEM32\360SAFE.EXE [...]
Removal Tool
Removed: ..\SystemProc\lsass.exe (trojan Dursg)
Malware: C:\sand-box\blacko_DpAnOrOlBEnGo.exe Removed: C:\Documents and Settings\Administrator\Application Data\SystemProc\lsass.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: RTHDBPL Author: QJwQtGUCTFJj Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\SYSTEMPROC\LSASS.EXE Type: Explorer Run Item Name: lsass.exe Author: Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\SYSTEMPROC\LSASS.EXE Type: Running Processes Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.04.26 [...]
Removal Tool
Removed: C:\WINDOWS\system32\Windows.ime (backdoor Popwin)
Malware: 4008.exe Removed: C:\WINDOWS\system32\Windows.ime —————————————————————————————————————————- Detected by RegRun Warrior: Item Name: E0200804 Author: Microsoft Related File: C:\WINDOWS\System32\WINDOWS.IME Type: Keyboard Listeners Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.04.29 – Kaspersky 7.0.0.125 2010.04.29 Backdoor.Win32.Popwin.cwy Microsoft 1.5703 2010.04.29 – NOD32 5071 2010.04.29 – —————————————————————————————————————————- Additional information File size: [...]
Removal Tool
Removed: Mfc42.tdm (trojan Dowque)
Malware: cpa.exe Removed: C:\Program Files\Internet Explorer\Mfc42.tdm —————————————————————————————————————————- Detected by UnHackMe: Item Name: {DD7D4640-4464-48C0-83FD-21338366D2D3} Author: Beijing Rising Information Technology Co., Ltd. Related File: C:\PROGRAM FILES\INTERNET EXPLORER\MFC42.TDM Type: Shell Execute Hooks Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.04.29 Backdoor.Hupigon.176820 Kaspersky 7.0.0.125 2010.04.29 not-a-virus:Porn-Tool.Win32.Agent.uc Microsoft 1.5703 2010.04.29 TrojanDropper:Win32/Dowque.A [...]
Removal Tool
Removed: ollls.exe (trojan Microjoin)
Malware: C:\sand-box\dk.exe Removed: C:\WINDOWS\system32\ollls.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: Description1.6 Author: Related File: C:\WINDOWS\system32\ollls.exe (random filename) Type: Auto Services Item Name: ollls.exe Author: Unknown Related File: C:\WINDOWS\SYSTEM32\OLLLS.EXE (random filename) Type: Running Processes Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.04.26 Trojan.Generic.KD.9047 Kaspersky 7.0.0.125 2010.04.26 Trojan-Dropper.Win32.Microjoin.ua [...]
Removal Tool
Removed: C:\WINDOWS\system32\svchost.exe:ext.exe (trojan Obfuscated)
Malware: C:\sand-box\load.exe Removed: C:\WINDOWS\system32\svchost.exe:ext.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: FCI Author: Related File: C:\WINDOWS\system32\svchost.exe:ext.exe Type: Auto Services Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.04.27 Trojan.Generic.KD.9040 Kaspersky 7.0.0.125 2010.04.27 – Microsoft 1.5703 2010.04.27 – NOD32 5065 2010.04.27 Win32/Obfuscated.NCY —————————————————————————————————————————- Additional information File size: 39936 bytes [...]
Removal Tool
Removed: mnkakob.exe (trojan Bebloh)
Malware: C:\sand-box\win64.exe Removed: C:\WINDOWS\system32\mnkakob.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: userinit.exe Author: Unknown Related File: C:\WINDOWS\system32\MNKAKOB.EXE (random filename) Type: Image Executions Debugger Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.04.28 Gen:Trojan.Heur.GZ.dqW@ba6BeLd Kaspersky 7.0.0.125 2010.04.28 Trojan.Win32.Pincav.ofq Microsoft 1.5703 2010.04.28 TrojanSpy:Win32/Bebloh.A NOD32 5068 2010.04.28 a variant of Win32/Spy.Bebloh.A [...]
Removal Tool
Removed: sysmon64x.exe (FakeAV – Virus Protection aka Paladin Antivirus)
Malware: setup.txt.exe Removed: C:\Documents and Settings\Administrator\Local Settings\Temp\sysmon64x.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: sysmon64x.exe Author: Microsoft Corporation Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\SYSMON64X.EXE Type: Registry Run Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.04.28 Trojan.Generic.KD.9034 Kaspersky 7.0.0.125 2010.04.28 Trojan-Downloader.Win32.FraudLoad.xazq Microsoft 1.5703 2010.04.28 Trojan:Win32/FakeCog NOD32 5068 2010.04.28 Win32/Adware.CoreguardAntivirus —————————————————————————————————————————- Additional [...]
Removal Tool
Removed: adsnwv.exe (trojan IRCBot)
Malware: exe.exe Removed: C:\WINDOWS\system32\adsnwv.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: WZCSVCMessenger (random name) Author: Related File: C:\WINDOWS\system32\adsnwv.exe srv (random filename) Type: Auto Services Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.04.28 Trojan.Generic.KD.9131 Kaspersky 7.0.0.125 2010.04.28 – Microsoft 1.5703 2010.04.28 Trojan:Win32/Meredrop NOD32 5066 2010.04.27 Win32/IRCBot.NBC —————————————————————————————————————————- Additional [...]
Removal Tool
Removed: PRAGMAD.SYS (variant of TDSS trojan – Olmarik)
Malware: C:\sand-box\install01.txt.exe Removed: C:\WINDOWS\PRAGMAKBFTIVFPJU\PRAGMAD.SYS —————————————————————————————————————————- After first reboot detected by UnHackMe: Item Name: PRAGMAkbftivfpju Author: Related File: C:\WINDOWS\PRAGMAKBFTIVFPJU\PRAGMAD.SYS Type: Services detected by Partizan Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.04.27 Trojan.Generic.KD.9045 Kaspersky 7.0.0.125 2010.04.27 Trojan.Win32.FraudPack.atiq Microsoft 1.5703 2010.04.27 – NOD32 5065 2010.04.27 Win32/Olmarik.YA —————————————————————————————————————————- Additional [...]
Removal Tool
Removed: gvehmd.dll (trojan Drooptroop/Bamital)
Malware: C:\sand-box\load.exe Removed: C:\Documents and Settings\Administrator\Local Settings\Applic ation Data\Windows Server\gvehmd.dll —————————————————————————————————————————- Detected by UnHackMe: Item Name: AppSecDll Author: Unknown Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\WINDOWS SERVER\GVEHMD.DLL Type: Application Security DLLs Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.04.27 Trojan.Dropper.Agent.UYB Kaspersky 7.0.0.125 2010.04.27 Trojan-Dropper.Win32.Drooptroop.alr Microsoft 1.5703 [...]
Removal Tool
Removed: C:\WINDOWS\Microsoft.NET\Framework\mr.exe (trojan Clicker)
Malware: load.exe Removed: C:\WINDOWS\Microsoft.NET\Framework\mr.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: Microsoft update service Author: NASA Related File: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\MR.EXE Type: Registry Run Item Name: mr.exe Author: Related File: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\MR.EXE Type: Running Processes Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.04.27 Trojan:W32/Agent.DJBH Kaspersky 7.0.0.125 2010.04.27 Trojan-Clicker.Win32.Agent.lgr Microsoft 1.5703 [...]
Removal Tool
Removed: svnhist.exe
Malware: C:\sand-box\load.exe Removed: C:\WINDOWS\system32\svnhist.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: UserInit Author: Unknown Related File: userinit.exe,svnhist.exe Type: UserInit Value Item Name: svnhist.exe Author: Unknown Related File: C:\WINDOWS\SYSTEM32\SVNHIST.EXE Type: Detected using Heuristic Algorithm Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.04.27 Trojan.Generic.KD.9029 Kaspersky 7.0.0.125 2010.04.27 Trojan.Win32.Agent.duml Microsoft [...]
Removal Tool
Removed: C:\WINDOWS\system32\regedit32.exe (backdoor DarkShell)
Malware: C:\sand-box\dk.exe Removed: C:\WINDOWS\system32\regedit32.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: BackGround switch Author: Microsoft Corporation Related File: C:\WINDOWS\system32\regedit32.exe Type: Auto Services Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.04.27 Trojan.Generic.1719904 Kaspersky 7.0.0.125 2010.04.27 Backdoor.Win32.DarkShell.dw Microsoft 1.5703 2010.04.27 Backdoor:Win32/Httpbot.A NOD32 5063 2010.04.26 Win32/Agent.NSU —————————————————————————————————————————- Additional information File [...]
Removal Tool
Removed: sdra64.exe (trojan Zeus/Zbot)
Malware: ldr.exe Removed: C:\WINDOWS\system32\sdra64.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: UserInit Author: Unknown Related File: C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\sdra64.exe, Type: UserInit Value Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.04.27 Trojan.Generic.KD.8732 Kaspersky 7.0.0.125 2010.04.27 Trojan.Win32.VBKrypt.ke Microsoft 1.5703 2010.04.27 – NOD32 5063 2010.04.26 Win32/Spy.Zbot.JF —————————————————————————————————————————- Additional information File size: 147456 [...]
Removal Tool
Removed: LOVE.SCR.EXE (backdoor Poison)
Malware: C:\SAND-BOX\LOVE.SCR.EXE Removed: C:\SAND-BOX\LOVE.SCR.EXE —————————————————————————————————————————- Detected by UnHackMe: Item Name: {F4D301C5-D338-9408-3949-1BB6B5AFDB06} Author: Unknown Related File: C:\SAND-BOX\LOVE.SCR.EXE Type: ActiveSetup Item Name: skype.exe Author: Unknown Related File: C:\SAND-BOX\LOVE.SCR.EXE Type: Registry Run Item Name: love.scr.exe Author: Unknown Related File: C:\SAND-BOX\LOVE.SCR.EXE Type: Running Processes Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure [...]
Removal Tool
Removed: ave.exe (FakeAV XP AntiMalware aka Antivirus XP 2010)
Malware: C:\sand-box\fid.exe Removed: C:\Documents and Settings\Administrator\Local Settings\Application Data\ave.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: .exe Author: Unknown Related File: “C:\Documents and Settings\Administrator\Local Settings\Application Data\ave.exe” /START “%1″ %* Type: Main File Extensions Item Name: ave.exe Author: Unknown Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\AVE.EXE Type: Running Processes Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: [...]
Removal Tool
Removed: ..\Temp\servicio.exe (trojan Scar)
Malware: FOTO5122MGS-PC.jpg.exe Removed: C:\Documents and Settings\Administrator\Local Settings\Temp\servicio.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: Windows Services Author: Related File: servicio.exe Type: Registry Run Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.04.27 – Kaspersky 7.0.0.125 2010.04.27 Trojan.Win32.Scar.bxlb Microsoft 1.5703 2010.04.27 VirTool:Win32/VBInject.gen!AN NOD32 5065 2010.04.27 Win32/Kryptik.FAV.Gen —————————————————————————————————————————- Additional information [...]
Removal Tool
Removed: bradasys.jpg.exe (variant of VB trojan)
Malware: C:\sand-box\bradasys.jpg.exe Removed: C:\sand-box\bradasys.jpg.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: GbpSsv Author: ALS TECNOLOGIA Related File: C:\SAND-BOX\BRADASYS.JPG.EXE Type: Registry Run Item Name: bradasys.jpg.exe Author: Related File: C:\SAND-BOX\BRADASYS.JPG.EXE Type: Running Processes Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.04.27 Generic.Banker.VB.03AA6E18 Kaspersky 7.0.0.125 2010.04.27 Trojan.Win32.VB.aejl Microsoft 1.5703 2010.04.27 [...]
Removal Tool
Removed: C:\WINDOWS\cftmon.exe (variant of VB trojan)
Malware: plugxbr.jpg.exe Removed: C:\WINDOWS\cftmon.exe —————————————————————————————————————————- Detected by UnHackMe in “Multi AV scan” mode: CFTMON.EXE Default location: C:\WINDOWS\CFTMON.EXE MD5: 316345519FBA285DB705E272446BB560 SHA1: 8C8A4C15 12CD38C4 286BBB54 2C3AB4B9 5429270B File Size: 112 640 Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.04.26 GenPack:Trojan.Generic.3655517 Kaspersky 7.0.0.125 2010.04.26 Trojan.Win32.VB.sey Microsoft 1.5703 2010.04.26 – [...]
Removal Tool
Removed: bbpfsys.jpg.exe, ccrpTmr6.dll, COMCTL32.OCA (variant of VB trojan)
Malware: C:\sand-box\bbpfsys.jpg.exe Removed: C:\sand-box\bbpfsys.jpg.exe C:\WINDOWS\system32\ccrpTmr6.dll C:\WINDOWS\system32\COMCTL32.OCA —————————————————————————————————————————- Detected by UnHackMe: Item Name: GbpSbb Author: ALS TECNOLOGIA Related File: C:\SAND-BOX\BBPFSYS.JPG.EXE Type: Registry Run Item Name: bbpfsys.jpg.exe Author: Related File: C:\SAND-BOX\BBPFSYS.JPG.EXE Type: Running Processes Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.04.26 Trojan.Generic.KD.8711 Kaspersky 7.0.0.125 2010.04.26 Trojan.Win32.VB.aeid Microsoft [...]
Removal Tool
Removed: odbnsy.exe, svc.exe, svx.exe, wdmon.exe, svw.exe, ope6.exe, svchosty.exe (trojan Microjoin)
Malware: 123!aaaaaaaa.exe Removed: C:\WINDOWS\odbnsy.exe C:\WINDOWS\svc.exe C:\WINDOWS\svx.exe C:\WINDOWS\wdmon.exe C:\WINDOWS\svw.exe C:\Documents and Settings\Administrator\Local Settings\Temp\ope6.exe C:\Documents and Settings\Administrator\Local Settings\Temp\svchosty.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: odnexy Author: Unknown Related File: C:\WINDOWS\ODBNSY.EXE Type: Registry Run Item Name: netc Author: Unknown Related File: C:\WINDOWS\SVC.EXE Type: Registry Run Item Name: netx Author: Unknown Related File: C:\WINDOWS\SVX.EXE Type: Registry Run Item Name: [...]
Removal Tool
Removed: apmanager.exe (Fake Alert APManager)
Malware: install-809.exe Removed: C:\Documents and Settings\Administrator\Application Data\APManager\apmanager.exe —————————————————————————————————————————- Detected by RegRun Warrior: Item Name: shell Author: Unknown Related File: C:\Documents and Settings\Administrator\Application Data\APManager\apmanager.exe Type: User Shell Item Name: apmanager.exe Author: Unknown Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\APMANAGER\APMANAGER.EXE Type: Registry Run Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure [...]
Removal Tool
Removed: One.sys, zydxc0209.dll (trojan Dogrobot / AntiAV)
Malware: C:\sand-box\down.exe Removed: C:\WINDOWS\system32\drivers\One.sys C:\WINDOWS\system32\zydxc0209.dll —————————————————————————————————————————- Detected by UnHackMe: Item Name: zydxc0209.dll Author: Unknown Related File: C:\WINDOWS\SYSTEM32\ZYDXC0209.DLL Type: WinSock2 Components After first reboot detected by UnHackMe: Item Name: One Author: Lenovo (Beijing) Limited Related File: C:\WINDOWS\SYSTEM32\DRIVERS\ONE.SYS Type: Services detected by Partizan Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result [...]
Removal Tool
Removed: PROGRAMS\STARTUP\lsass.exe (trojan Clicker)
Malware: C:\sand-box\lsass.exe Removed: C:\sand-box\lsass.exe C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\lsass.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: lsass.exe Author: ahhaa Related File: C:\SAND-BOX\LSASS.EXE Type: Registry Run Item Name: lsass.exe Author: ahhaa Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\START MENU\PROGRAMS\STARTUP\LSASS.EXE Type: Startup Folder Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.04.26 Trojan.Generic.KD.8225 [...]
Removal Tool
- Remember: the best way to remove rootkits is from the outside!
