Removed: C:\WINDOWS\system32\drivers\atualizada.sys C:\WINDOWS\Copa.exe (trojan Banz)

Malware: Network.jpg.exe Removed: C:\WINDOWS\system32\drivers\atualizada.sys C:\WINDOWS\Copa.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: atualizada.sys Author: Unknown Related File: C:\WINDOWS\SYSTEM32\DRIVERS\ATUALIZADA.SYS Type: Drivers Item Name: Author: kl banker Related File: C:\WINDOWS\COPA.EXE Type: Registry Run Item Name: Copa.exe Author: kl banker Related File: C:\WINDOWS\COPA.EXE Type: Running Processes Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware [...]

Removal Tool

Removed: C:\Documents and Settings\Administrator\Application Data\LiveMessenger.exe (trojan IRCBot)

Malware: load(2).exe Removed: C:\Documents and Settings\Administrator\Application Data\LiveMessenger.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: LiveMessenger.exe Author: Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\LIVEMESSENGER.EXE Type: Registry Run Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\LiveMessenger.exe Value: “”C:\Documents and Settings\%USERNAME%\Application Data\LiveMessenger.exe”” Files: C:\Documents and Settings\%USERNAME%\Application Data\LiveMessenger.exe —————————————————————————————————————————- Classification: Antivirus Version Last [...]

Removal Tool

Removed: C:\WINDOWS\mywins\smss.exe, dlldll.vbe, ie.vbe, iecollection.vbe, index.vbe, search.vbe (TrojanClicker.BHO)

Malware: d.exe Removed: C:\WINDOWS\mywins\smss.exe C:\Documents and Settings\All Users\Start Menu\Programs\Startup\dlldll.vbe C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ie.vbe C:\Documents and Settings\All Users\Start Menu\Programs\Startup\iecollection.vbe C:\Documents and Settings\All Users\Start Menu\Programs\Startup\index.vbe C:\Documents and Settings\All Users\Start Menu\Programs\Startup\search.vbe —————————————————————————————————————————- Detected by UnHackMe: Item Name: google Author: ?? Related File: C:\WINDOWS\MYWINS\SMSS.EXE Type: Registry Run Item Name: dlldll.vbe Author: Unknown Related File: C:\DOCUMENTS AND SETTINGS\ALL USERS\START [...]

Removal Tool

Removed: C:\Documents and Settings\Administrator\Application Data\dll\svchost.exe (worm Tawsebot)

Malware: load.exe Removed: C:\Documents and Settings\Administrator\Application Data\dll\svchost.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: UserInit Author: Unknown Related File: C:\WINDOWS\system32\userinit.exe,C:\Documents and Settings\Administrator\Application Data\dll\svchost.exe, Type: UserInit Value Item Name: dll Author: Microsoft Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\DLL\SVCHOST.EXE Type: Registry Run Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: HKLM\Software\Microsoft\Windows [...]

Removal Tool

Removed: Kernel32.exe, Latest_Version.exe, winlogon.exe (trojan Autorun)

Malware: t0theface.Exe Removed: C:\Documents and Settings\Administrator\Application Data\Kernel32.exe C:\Documents and Settings\Administrator\Application Data\sys\Latest_Version.exe C:\Documents and Settings\Administrator\Application Data\winlogon.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: 1AVG Internet Security 8.5 Patch Author: Team Blacklist Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\KERNEL32.EXE Type: Registry Run Item Name: {B9C4FAF8-AEA2-BDCE-07DF-3D09BBEFDFAD} Author: Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\SYS\LATEST_VERSION.EXE Type: ActiveSetup Item Name: Winlogon Author: Related [...]

Removal Tool

Removed: butsecks.exe (trojan MulDrop)

Malware: butsecks.exe Removed: C:\Documents and Settings\Administrator\My Documents\SYS\butsecks.exe C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\butsecks.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: AARC Author:  Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\MY DOCUMENTS\SYS\BUTSECKS.EXE Type: Registry Run Item Name: butsecks.exe Author: xQK
I Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\START MENU\PROGRAMS\STARTUP\BUTSECKS.EXE Type: Startup Folder Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect [...]

Removal Tool

Removed: C:\WINDOWS\winfil.exe (trojan Dybalom)

Malware: IMAGE464-facebook.com.JPG.jpg.exe Removed: C:\WINDOWS\winfil.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: UserInit Author: Unknown Related File: C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\winfil.exe Type: UserInit Value Item Name: winfil.exe Author: Related File: C:\WINDOWS\WINFIL.EXE Type: Detected using Heuristic Algorithm Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit Value: “C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\winfil.exe” Files: C:\WINDOWS\winfil.exe —————————————————————————————————————————- Classification: Antivirus [...]

Removal Tool

Removed: ccsmn.exe, ccstr.exe (email-worm Warezov)

Malware: p1.exe Removed: C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\ccsmn.exe C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\ccstr.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: novavapp Author: Unknown Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MICROSOFT\INTERNET EXPLORER\CCSMN.EXE Type: Registry Run Item Name: novavappr Author: Unknown Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MICROSOFT\INTERNET EXPLORER\CCSTR.EXE Type: Registry Run Item Name: ccsmn.exe Author: Unknown Related File: C:\DOCUMENTS [...]

Removal Tool

Removed: autorun.inf, SAFESYS.EXE, dbsna.fon, ~powom.tmp, hvvus.fon, vpnrv.fon, xmxns.fon, xxnbl.fon, nfewp.fon Restored: C:\WINDOWS\SYSTEM32\SPOOLSV.EXE (trojan Bosbot)

Malware: C:\sand-box\SafeSys.exe Removed: C:\autorun.inf C:\PROGRAM FILES\COMMON FILES\SAFESYS.EXE C:\WINDOWS\Fonts\dbsna.fon C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\~powom.tmp C:\WINDOWS\Fonts\hvvus.fon C:\WINDOWS\Fonts\vpnrv.fon C:\WINDOWS\Fonts\xmxns.fon C:\WINDOWS\Fonts\xxnbl.fon C:\WINDOWS\Fonts\nfewp.fon Restored: C:\WINDOWS\SYSTEM32\SPOOLSV.EXE —————————————————————————————————————————- Detected by UnHackMe: Item Name: C:\autorun.inf Author: Unknown Related File: C:\autorun.inf Type: Autorun.inf Item Name: SafeSys Author: Unknown Related File: C:\PROGRAM FILES\COMMON FILES\SAFESYS.EXE Type: Registry Run After first reboot detected by UnHackMe: Item Name: SafeSys Author: Unknown Related [...]

Removal Tool

Removed: avgnt2.exe (trojan Phrovon)

Malware: c:\sand-box\avgnt2.exe Removed: c:\sand-box\avgnt2.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: Avira Author: Related File: “c:\sand-box\avgnt2.exe” Type: Registry Run Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Avira Files: C:\sand-box\atual.txt C:\sand-box\local.txt —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.06.15 Gen:Trojan.Heur.VB.dm0@diZ6kyhi Kaspersky 7.0.0.125 2010.06.15 Trojan-Banker.Win32.Qhost.mg Microsoft 1.5802 2010.06.15 [...]

Removal Tool

Removed: C:\WINDOWS\gbpxp.exe (trojan Banker)

Malware: kl.png Removed: C:\WINDOWS\gbpxp.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: gbpxp Author: Unknown Related File: C:\WINDOWS\GBPXP.EXE Type: Registry Run Item Name: gbpxp.exe Author: Unknown Related File: C:\WINDOWS\GBPXP.EXE Type: Running Processes Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\gbpxp Value: “C:\WINDOWS\gbpxp.exe” Files: C:\WINDOWS\gbpxp.exe C:\WINDOWS\mob125.bin —————————————————————————————————————————- Classification: Antivirus Version [...]

Removal Tool

Removed: C:\Documents and Settings\Administrator\Local Settings\Temp\geurge.exe (trojan VB)

Malware: C:\sand-box\gold.exe Removed: C:\Documents and Settings\Administrator\Local Settings\Temp\geurge.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: ewrgetuj Author: YHyqb Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\GEURGE.EXE Type: Registry Run Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ewrgetuj Value: “C:\DOCUME~1\%USERNAME%\LOCALS~1\Temp\geurge.exe” Files: C:\Documents and Settings\Administrator\Local Settings\Temp\geurge.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.06.15 [...]

Removal Tool

Removed: C:\Documents and Settings\Administrator\Local Settings\Temp\Mscomm.exe (trojan BeeInject)

Malware: nova.exe Removed: C:\Documents and Settings\Administrator\Local Settings\Temp\Mscomm.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: {7F9JCY4F-YZYR-CO1J-ZTCQ-QVKN1E2MM7C3} Author: Wd4OPbko3QTESnSO Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\MSCOMM.EXE Type: ActiveSetup Item Name: Mscomm Author: Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\MSCOMM.EXE Type: Registry Run Item Name: Mscom Author: Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\MSCOMM.EXE Type: Registry Run Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? [...]

Removal Tool

Removed: C:\WINDOWS\system32\csbdll.dll (trojan Meredrop)

Malware: tn.exe Removed: C:\WINDOWS\system32\csbdll.dll —————————————————————————————————————————- Detected by UnHackMe: Item Name: csbdll Author: Related File: C:\WINDOWS\system32\CSBDLL.DLL Type: Winlogon Notification Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\csbdll\DLLName Value: “csbdll.dll” Registry: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\csbdll\StartShell Value: “WinlogonStartShellEvent” Registry: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\csbdll\Logon Value: “WinlogonLogonEvent” Registry: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\csbdll\Logoff Value: “WinlogonLogoffEvent” Files: C:\WINDOWS\system32\csbdll.dll —————————————————————————————————————————- [...]

Removal Tool

How to resolve “msls52.dll not found” problem

How to resolve “msls52.dll not found” problem? “This application has been failed to start because msls52.dll was not found. Re-installing the application may fix this problem“. Your computer could not boot even after click on the OK. After that you will get the same error again and your computer will hang. What’s happened? Your computer [...]

Removal Tool

Removed: C:\WINDOWS\redfil.exe (trojan Palevo)

Malware: photos.exe Removed: C:\WINDOWS\redfil.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: UserInit Author: Unknown Related File: C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\redfil.exe Type: UserInit Value Item Name: redfil.exe Author: Related File: C:\WINDOWS\REDFIL.EXE Type: Detected using Heuristic Algorithm Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit Value: “C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\redfil.exe” Files: C:\WINDOWS\redfil.exe —————————————————————————————————————————- Classification: Antivirus [...]

Removal Tool

Removed: C:\Documents and Settings\Administrator\Local Settings\Temp\lsass.exe (trojan Injector)

Malware: DSC73467465JPG.exe Removed: C:\Documents and Settings\Administrator\Local Settings\Temp\lsass.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: Local Security Authority Process Author: bthgzegy1425gsdbsdgzeg Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\LSASS.EXE Type: Registry Run Item Name: lsass.exe Author: Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\LSASS.EXE Type: Running Processes Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Local Security Authority Process Value: [...]

Removal Tool

Removed: C:\Documents and Settings\Administrator\Local Settings\Temp\24828.dll (trojan OnLineGames)

Malware: C:\sand-box\1.exe Removed: C:\Documents and Settings\Administrator\Local Settings\Temp\24828.dll —————————————————————————————————————————- Detected manualy by UnHackMe in detailed mode: 24828.DLL – random filename Default location: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\24828.DLL MD5: 75ED9C7F3236A1956D0FCD0B16FAB195 SHA1: 888C3AD6 50010C6C 5209547E 04368883 0CE766D0 File Size: 22 669 Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\office Value: “”C:\WINDOWS\system32\rundll32.exe” C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\24828.dll,S” Files: C:\WINDOWS\system32\kabaker.dll [...]

Removal Tool

Removed: C:\WINDOWS\NoExe.exe (Locker)

Malware: bot.exe Removed: C:\WINDOWS\NoExe.exe —————————————————————————————————————————- Detected by RegRun Warrior: 1. RegRun Reanimator: Item Name: .exe Author: Unknown Related File: C:\WINDOWS\NoExe.exe Type: Main File Extensions 2. Multi AntiVirus scan: – none – Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\explorer.exe Value: “C:\WINDOWS\explorer.exe” Registry: HKLM\Software\Classes\exefile\shell\open\command\ Value: “C:\WINDOWS\NoExe.exe” Registry: HKLM\Software\Classes\exefile\shell\runas\command\ [...]

Removal Tool

How to resolve “themed32.dll not found” problem

If you got “themed32.dll not found” message during Windows startup – you was infected by “Themed32″ trojan. Your computer could not boot because after clicking OK you will get the same error from Wininit.exe and your computer will hang. What’s happened? Recently your antivirus detected and remove %SysDir%\themed32.dll. VirusTotal Report: themed32.dll Result: 17/40 (42.50%) Antivirus [...]

Removal Tool

Removed: C:\WINDOWS\SYSTEM32\NMKLO.DLL Restored: C:\WINDOWS\SYSTEM32\USER32.DLL (trojan Meredrop)

Malware: file1.exe Removed: C:\WINDOWS\SYSTEM32\NMKLO.DLL Restored: C:\WINDOWS\SYSTEM32\USER32.DLL —————————————————————————————————————————- Detected by UnHackMe: Item Name: USER32.DLL Author: Microsoft Corporation Related File: C:\WINDOWS\SYSTEM32\USER32.DLL Type: Infected System Files Detected by RegRun Warrior: 1. Examiner: NMKLO.DLL Default location: C:\WINDOWS\SYSTEM32\NMKLO.DLL MD5: 0B7EFAD1243388CE1A3CFFD7FFD0BAA6 SHA1: 15D199A2 C1B1218A A8F6ED35 F94F4CA1 7B6994F2 File Size: 212 992 2. RegRun Reanimator: – none – 3. Multi AntiVirus scan: [...]

Removal Tool

Removed: C:\Documents and Settings\%USERNAME%\Application Data\mixr.exe (trojan Palevo)

Malware: zz.exe Removed: C:\Documents and Settings\Administrator\Application Data\mixr.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: Windows System Guard Author: AceSoft Corp all rights reserved Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MIXR.EXE Type: Registry Run Item Name: mixr.exe Author: Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MIXR.EXE Type: Running Processes MIXR.EXE Default location: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MIXR.EXE MD5: E0DB810C0319A6F5FC8A6F5BE3382B89 SHA1: AA3952CB [...]

Removal Tool

Removed: C:\Documents and Settings\%USERNAME%\Application Data\winvsrnc.exe (trojan Injector)

Malware: o.exe Removed: C:\Documents and Settings\Administrator\Application Data\winvsrnc.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: Windows System Updates Author: Unknown Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\WINVSRNC.EXE Type: Registry Run Item Name: winvsrnc.exe Author: Unknown Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\WINVSRNC.EXE Type: Running Processes WINVSRNC.EXE Default location: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\WINVSRNC.EXE MD5: 94BFB07326F7BDC9E4FEB27F561DDDBC SHA1: B70FB4BD BD8B7560 42DFEF6F C8C43E53 [...]

Removal Tool

Removed: C:\WINDOWS\strncmi.dll (trojan Mufanom)

Malware: seo.exe Removed: C:\WINDOWS\strncmi.dll —————————————————————————————————————————- Detected by UnHackMe: Item Name: Pvesodurexur Author: CyberLink Corp. Related File: C:\WINDOWS\STRNCMI.DLL Type: Registry Run STRNCMI.DLL – random filename Default location: C:\WINDOWS\STRNCMI.DLL MD5: 8FA1409F22560471320E908955EEF0FF SHA1: 30D510AD 51DA15B8 131CBFAA F421D3EF 158E7F2A File Size: 61 952 Version Info: OriginalFilename: libTzan.dll FileDescription: CyberLink Tzan Library InternalName: CLTzan CompanyName: CyberLink Corp. FileVersion: 3.5.2704 LegalCopyright: [...]

Removal Tool

Removed: C:\WINDOWS\system32\oxlxpqlw.dll (trojan Amber)

Malware: C:\sand-box\load_ru.exe Removed: C:\WINDOWS\system32\oxlxpqlw.dll —————————————————————————————————————————- Detected by UnHackMe: Item Name: {75E2E808-C6AC-4219-9CD5-4907A4DBD136} Author: Microsoft Corporation Related File: C:\WINDOWS\system32\OXLXPQLW.DLL Type: Browser Helper Objects OXLXPQLW.DLL Default location: C:\WINDOWS\SYSTEM32\OXLXPQLW.DLL MD5: B227DBABBCB04D735624F9100A118525 SHA1: 5C34509D 615DE9FE EE3FFABD 17D1EB1A 1972E693 File Size: 41 984 Version Info: OriginalFilename: kl.dll FileDescription: Microsoft Bookmarks Manager CompanyName: Microsoft Corporation FileVersion: 9.3 LegalCopyright: Microsoft Corporation LegalTrademarks: Microsoft [...]

Removal Tool

Removed: sdra64.exe aecq.sys 917ded.exe fFollower.exe lsass.exe (combination trojans: Zbot + Harnig)

Malware: g6064a.exe Removed: C:\WINDOWS\system32\sdra64.exe C:\WINDOWS\system32\drivers\aecq.sys C:\Documents and Settings\Administrator\Local Settings\Temp\917ded.exe C:\Documents and Settings\Administrator\Local Settings\Temp\fFollower.exe C:\lsass.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: UserInit Author: Unknown Related File: C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\sdra64.exe, Type: UserInit Value Item Name: aecq.sys Author: Microsoft Corporation Related File: C:\WINDOWS\SYSTEM32\DRIVERS\AECQ.SYS Type: Drivers Item Name: h612wm Author: Unknown Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\917DED.EXE Type: Explorer Run Item Name: Follower Author: [...]

Removal Tool

Removed: C:\WINDOWS\system32\ccuwco.exe (QQ Music – trojan ServStart)

Malware: C:\sand-box\4.exe Removed: C:\WINDOWS\system32\ccuwco.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: QQ MUSCIC Author: Related File: C:\WINDOWS\system32\ccuwco.exe Type: Auto Services Item Name: ccuwco.exe Author: Unknown Related File: C:\WINDOWS\SYSTEM32\CCUWCO.EXE Type: Running Processes CCUWCO.EXE – random filename Default location: C:\WINDOWS\SYSTEM32\CCUWCO.EXE MD5: 05DFE8215C1B33F031BB168F8A90D08E SHA1: 46DF122D EFE26055 EB8A1AE4 241B5442 C5B2A197 File Size: 45 056 Removal Results: Success Number of reboot: [...]

Removal Tool

Removed: C:\WINDOWS\system32\chjco.exe (QQ Music – trojan ServStart / Krafcot)

Malware: C:\sand-box\5.exe Removed: C:\WINDOWS\system32\chjco.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: sxx Author: Related File: C:\WINDOWS\system32\chjco.exe Type: Auto Services CHJCO.EXE – random filename Default location: C:\WINDOWS\SYSTEM32\CHJCO.EXE MD5: A73059A09C0B2D9336A4D1102FA51448 SHA1: A56DAF23 2B4120B4 48D7E450 B2120247 F98F913F File Size: 29 696 Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: HKLM\System\CurrentControlSet\Enum\Root\LEGACY_SXX\0000\Service Value: “sxx” [...]

Removal Tool

Removed: C:\WINDOWS\system32\mmqcmg.exe (QQ Music – trojan ServStart)

Malware: C:\sand-box\3.exe Removed: C:\WINDOWS\system32\mmqcmg.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: QQ Music update3 Author: Related File: C:\WINDOWS\system32\mmqcmg.exe Type: Auto Services Item Name: mmqcmg.exe Author: Unknown Related File: C:\WINDOWS\SYSTEM32\MMQCMG.EXE Type: Running Processes Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: HKLM\System\CurrentControlSet\Enum\Root\LEGACY_QQ_MUSIC_UPDATE3\0000\Service Value: “QQ Music update3″ Registry: HKLM\System\CurrentControlSet\Enum\Root\LEGACY_QQ_MUSIC_UPDATE3\0000\DeviceDesc Value: “QQ [...]

Removal Tool

Removed: C:\WINDOWS\system32\iickie.exe (QQ Music – trojan ServStart)

Malware: C:\sand-box\2.exe Removed: C:\WINDOWS\system32\iickie.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: QQ Music update2 Author: Related File: C:\WINDOWS\system32\iickie.exe Type: Auto Services Item Name: iickie.exe Author: Unknown Related File: C:\WINDOWS\SYSTEM32\IICKIE.EXE Type: Running Processes IICKIE.EXE – random filename Default location: C:\WINDOWS\SYSTEM32\IICKIE.EXE MD5: 8E118ED5F074457F731624104D78F491 SHA1: 87314726 349EBCDF 6C314693 4A82FBC5 0C0C5A61 File Size: 45 568 Removal Results: Success Number of [...]

Removal Tool

Next Page »

• Greatis Software

  • Free Download
  • Send a file

• AverScanner

  AverScaner- EveryDay Malware Scan

• Testimonials

  People say

  Greg

  I spent over 10 hours trying to manually hunt down and remove a rootkit and browser hijacker from my computer. That was a mistake!

  This virus/malware could not be removed by Norton, ZoneLabs, MS Essentials; etc.

  In about 1 hour, I was able to download your software, create the CD-ROM, watch the instruction video and kill 3 ROOKITS from my PC. (Your software hunted down the rootkits and killed them like Spetsnaz going after the enemy!) Get it!

  Joseph

  Your product is the only one on the market that has found and removed rootkits from my system, three rootkits to be precise. I have used other products but they don't measure up to UnHackMe.

  Bob

  The UnHackMe is a real program, no spyware or phish and works great and is easy to use. Enjoy!

  Click Here to Update All your PC's Outdated drivers

• Categories

  • Adware
  • Backdoor
  • Fake Driver-Codec
  • Fake System Tool
  • FakeAV
  • Locker
  • Malware
  • Malware Domain
  • Not-a-Virus
  • Rootkit
  • unknown
  • Virus
  • Worm

• Recent Posts

  • STKSCAN.DLL is Trojan Sirefef.BP
  • %Local Appdata%\3308c706\X is Rootkit ZeroAccess
  • PCDRNT.DLL is Rootkit ZeroAccess
  • MAYA70DOCSERVER.DLL is Rootkit ZeroAccess
  • INETACCELERATOR.EXE is Trojan Foreign
  • _EX-68.EXE is Trojan Banload
  • OTYTKF.EXE is Worm Palevo
  • FUNSHIONINSTALL.EXE is Trojan Delf
  • MAXTUDOXDB.EXE is Trojan CFI
  • MSDSCSC.EXE is Backdoor Finlosky

• 
• Remember: the best way to remove rootkits is from the outside!

  

• Blogroll

  • RegRun Security Suite. Detects and removes rootkits/malware/adware that your antivirus could not.
  • RegRun Warrior – Removing rootkits is best done from the outside!
  • UnHackMe – rootkit & malware killer

• Popular

  1. 3%QKM.EXE is Trojan Kryptik
  2. 2%BETTERINSTALLER.EXE is Adware Somoto
  3. 1%U997.EXE is not a virus UltraSurf
  4. 1%MSLOOP.DLL is Rootkit Zero Access
  5. 1%TEMP:WINUPD.EXE is BackDoor TDSS
  6. 1%GREP.3XE is Trojan Tool-NirCmd
  7. 1%MVSCAVAP.EXE is Trojan Banker6
  8. 1%PCOTP.EXE is Trojan Offend
  9. 1%HPDSKFLT.DLL is Rootkit ZeroAccess
  10. 1%XUAT.EXE is Trojan Rimecud
  11. 1%CHINDE.EXE is Trojan Jorik
  12. 1%RADCLOCK.DLL is Rootkit ZeroAccess
  13. 1%SYSTEMINSTALLATION.EXE is Trojan Llac
  14. 1%F16.EXE is Trojan FakeAV
  15. 1%MRTSTUB.EXE is Trojan Banker
  16. 1%DLLHSTS.EXE is Trojan LockScreen
  17. 1%HKAVGLRJ.EXE is Trojan Banker
  18. 1%PROCEXP111.DLL is Rootkit ZeroAccess
  19. 1%TOSCOSRV.DLL is Rootkit ZeroAccess
  20. 1%ACADPROC.DLL is Trojan VbCrypt

• Tags

  3308c706 Adware Agent Ainslot ATAPI.SYS AutoRun autorun.inf Backdoor Bancos Banker Banload BHO Bifrose Buzus Delf Fake AntiVirus FakeAV Injector IRCBot Jorik KeyLogger Koobface Kraddare Kryptik lsass.exe Malware Domain Oficla OnLineGames Palevo Rebhip Rootkit Scar services.exe SpyEye svchost.exe Taterf TDSS Trojan VB VBInject VBKrypt Virus winlogon.exe Worm ZeroAccess