Removed: nvsmudfm.dll, nvsmudfm.exe (trojan BHO)

Malware: nvsmudfminst.exe Removed: C:\WINDOWS\system32\nvsmudfm.dll C:\WINDOWS\system32\nvsmudfm.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: {1130BE4F-79C8-4B84-8DB8-A275093DF815} Author: Unknown Related File: C:\WINDOWS\SYSTEM32\NVSMUDFM.DLL Type: Browser Helper Objects Item Name: nvsmudfm Author: Unknown Related File: C:\WINDOWS\SYSTEM32\NVSMUDFM.EXE Type: Registry Run Item Name: nvsmudfm.exe Author: Unknown Related File: C:\WINDOWS\SYSTEM32\NVSMUDFM.EXE Type: Running Processes Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect [...]

Removal Tool

Removed: C:\Program Files\FunyMall Auction Works\FunyMall.dll C:\Program Files\FunyMall Auction Works\FunyMallUpdate.exe C:\Program Files\TopGuide\TopGuide.exe (trojan Troxen)

Malware: C:\sand-box\FunyMall_20100208_inst.exe Removed: C:\Program Files\FunyMall Auction Works\FunyMall.dll C:\Program Files\FunyMall Auction Works\FunyMallUpdate.exe C:\Program Files\TopGuide\TopGuide.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: {6C327875-C031-4397-B532-4B82F8F1F1A3} Author: Related File: C:\PROGRAM FILES\FUNYMALL AUCTION WORKS\FUNYMALL.DLL Type: Browser Helper Objects Item Name: FunyMall Author: Unknown Related File: C:\PROGRAM FILES\FUNYMALL AUCTION WORKS\FUNYMALLUPDATE.EXE Type: Registry Run Detected by UnHackMe in “Multi AntiVirus scan” mode: TOPGUIDE.EXE Default [...]

Removal Tool

Removed: C:\Documents and Settings\Administrator\Application Data\hidserv.exe (trojan AutoRun)

Malware: 201897840.exe Removed: C:\Documents and Settings\Administrator\Application Data\hidserv.exe —————————————————————————————————————————- Detected by UnHackMe in “Multi AntiVirus scan” mode: HIDSERV.EXE Default location: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\HIDSERV.EXE MD5: 41B2E52C3079441EFF1F244A58AA804E SHA1: 56B011CB 6E5C1598 FDA869E0 92806C9A 037DD1EB File Size: 32 768 Version Info: OriginalFilename: GuidGen.EXE FileDescription: Microsoft r GUIDGEN Application InternalName: GuidGen CompanyName: Microsoft Corporation FileVersion: 9.00.30729.01 LegalCopyright: c Microsoft Corporation. [...]

Removal Tool

Removed: C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1455\fddg.exe (trojan Lethic)

Malware: usa.exe Removed: C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1455\fddg.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: shell Author: Unknown Related File: explorer.exe,C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1455\fddg.exe Type: User Shell Item Name: taskman Author: Unknown Related File: C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1455\FDDG.EXE Type: Winlogon System Item Name: Tji771 Author: Unknown Related File: C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1455\FDDG.EXE Type: Registry Run Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? [...]

Removal Tool

Removed: winscap.jpg (trojan KillFiles)

Malware: C:\sand-box\winscap.jpg.exe Removed: C:\sand-box\winscap.jpg.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: winscap.jpg Author: . Related File: C:\SAND-BOX\WINSCAP.JPG.EXE Type: Registry Run Item Name: winscap.jpg.exe Author: Related File: C:\SAND-BOX\WINSCAP.JPG.EXE Type: Running Processes Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\winscap.jpg —————————————————————————————————————————- Antivirus Version Last Update Result Kaspersky 7.0.0.125 2010.08.26 – [...]

Removal Tool

Removed: c:\windows\java\install\java.exe

Malware: 4.txt Removed: c:\windows\java\install\java.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: Policies Author: Unknown Related File: C:\WINDOWS\JAVA\INSTALL\JAVA.EXE Type: Explorer Run Item Name: {8Q3DBT0T-K3BH-EM25-T1R1-7N7RPYN5ME6K} Author: Unknown Related File: C:\WINDOWS\JAVA\INSTALL\JAVA.EXE Type: ActiveSetup Item Name: HKLM Author: Unknown Related File: C:\WINDOWS\JAVA\INSTALL\JAVA.EXE Type: Registry Run Item Name: java.exe Author: Unknown Related File: C:\WINDOWS\JAVA\INSTALL\JAVA.EXE Type: Running Processes Removal Results: Success Number [...]

Removal Tool

Removed: C:\WINDOWS\ntshrui.dll (trojan Agent)

Malware: C:\sand-box\8888.exe Removed: C:\WINDOWS\ntshrui.dll —————————————————————————————————————————- Detected by UnHackMe: Item Name: ntshrui.dll Author: Unknown Related File: C:\WINDOWS\NTSHRUI.DLL Type: Redirected DLLs Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: HKLM\System\CurrentControlSet\Control\Session Manager\PendingFileRenameOperations Value: 5C 3F 3F 5C 43 3A 5C 44 4F 43 55 4D 45 7E 31 5C 41 44 [...]

Removal Tool

Removed: hrm.sys, hrm.dll (tojan Tinxy)

Malware: p.exe Removed: C:\WINDOWS\system32\drivers\hrm.sys C:\WINDOWS\system32\hrm.dll —————————————————————————————————————————- Detected by UnHackMe: Item Name: hhrm Author: hrm Related File: C:\WINDOWS\SYSTEM32\HRM.DLL Type: Svchost DLLs Item Name: hrm.sys Author: hrm Related File: C:\WINDOWS\SYSTEM32\DRIVERS\HRM.SYS Type: Drivers Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: HKLM\System\CurrentControlSet\Services\hhrm\parameters\servicedll Value: “C:\WINDOWS\system32\hrm.dll” Registry: HKLM\System\CurrentControlSet\Services\hrm\ImagePath Value: “\??\C:\WINDOWS\system32\drivers\hrm.sys” Files: C:\Documents and [...]

Removal Tool

Removed: C:\Documents and Settings\Administrator\Application Data\defender.exe (Fake MSE)

Malware: C:\sand-box\exe(231).exe Removed: C:\Documents and Settings\Administrator\Application Data\defender.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: tmp Author: Unknown Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\DEFENDER.EXE Type: Registry Run Item Name: defender.exe Author: Unknown Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\DEFENDER.EXE Type: Running Processes Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\tmp [...]

Removal Tool

Removed: C:\Documents and Settings\All Users\Application Data\Wireless\RedeWiFi.exe (trojan Banload)

Malware: flash.exe Removed: C:\Documents and Settings\All Users\Application Data\Wireless\RedeWiFi.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: RedeWiFi.exe Nacional Author: RedeWiFi Related File: C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\WIRELESS\REDEWIFI.EXE Type: Registry Run Item Name: RedeWiFi.exe Author: RedeWiFi Related File: C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\WIRELESS\REDEWIFI.EXE Type: Running Processes Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect [...]

Removal Tool

Removed: C:\Program Files\T58KTV\t58.exe (adware T58KTV)

Malware: T58chat_hyt2.exe Removed: C:\Program Files\T58KTV\t58.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: t58 Author: ???????????? Related File: C:\PROGRAM FILES\T58KTV\T58.EXE Type: Registry Run Item Name: t58.exe Author: ???????????? Related File: C:\PROGRAM FILES\T58KTV\T58.EXE Type: Running Processes Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\t58 Value: “C:\Program Files\T58KTV\t58.exe” Folders: C:\Program Files\T58KTV\ [...]

Removal Tool

Restored: C:\WINDOWS\SYSTEM32\WINLOGON.EXE, C:\WINDOWS\EXPLORER.EXE (trojan Drooptroop)

Malware: load.exe Restored: C:\WINDOWS\SYSTEM32\WINLOGON.EXE C:\WINDOWS\EXPLORER.EXE —————————————————————————————————————————- Detected by UnHackMe: Item Name: WINLOGON.EXE Author: Microsoft Corporation Related File: C:\WINDOWS\SYSTEM32\WINLOGON.EXE Type: Infected System Files Detected by UnHackMe in “Multi AntiVirus scan” mode: EXPLORER.EXE Default location: C:\WINDOWS\EXPLORER.EXE MD5: E3FEDF8788A57779E14E96AB651A3272 SHA1: 064BCA0A B2F82646 3B855DD0 52676D72 94CF16DF File Size: 1 033 728 Version Info: OriginalFilename: EXPLORER.EXE FileDescription: Windows Explorer InternalName: [...]

Removal Tool

Removed: C:\Documents and Settings\Administrator\Application Data\Bitrix Security\eghwz0.dll (Fake Silverlight – Bitrix Security)

Malware: file.exe Removed: C:\Documents and Settings\Administrator\Application Data\Bitrix Security\eghwz0.dll —————————————————————————————————————————- Detected by UnHackMe: EGHWZ0.DLL Default location: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\BITRIX SECURITY\EGHWZ0.DLL MD5: 85FFA241C34724D33F927C073E899FB8 SHA1: 97F00579 126B11A7 538C30E7 A9575B37 1F782A5D File Size: 50 688 Version Info: FileDescription: Silverlight InternalName: Silverlight CompanyName: Silverlight LLC FileVersion: 9,4,3,2 LegalCopyright: Silverlight LLC LegalTrademarks: Silverlight LLC ProductName: Silverlight ProductVersion: 9,4,3,2 Removal Results: [...]

Removal Tool

Removed: C:\Documents and Settings\All Users\TempDir\mspro32.scr, start.bat (Locker from Russia)

Malware: exe(193).exe Removed: C:\Documents and Settings\All Users\TempDir\mspro32.scr C:\Documents and Settings\All Users\TempDir\start.bat —————————————————————————————————————————- Detected by UnHackMe: Item Name: AAPatch Author: Unknown Related File: C:\DOCUMENTS AND SETTINGS\ALL USERS\TEMPDIR\START.BAT Type: Registry Run Item Name: mspro32.scr Author: Unknown Related File: C:\DOCUMENTS AND SETTINGS\ALL USERS\TEMPDIR\MSPRO32.SCR Type: Running Processes Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect [...]

Removal Tool

Removed: windll.exe, winscap.exe (trojan VB)

Malware: Documento021293892html.com Removed: C:\WINDOWS\system32\windll.exe C:\WINDOWS\system32\winscap.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: windll Author: . Related File: C:\WINDOWS\SYSTEM32\WINDLL.EXE Type: Registry Run Item Name: windll.exe Author: . Related File: C:\WINDOWS\SYSTEM32\WINDLL.EXE Type: Running Processes Item Name: winscap Author: . Related File: C:\WINDOWS\SYSTEM32\WINSCAP.EXE Type: Registry Run Item Name: winscap.exe Author: Related File: C:\WINDOWS\SYSTEM32\WINSCAP.EXE Type: Running Processes Removal Results: Success [...]

Removal Tool

Removed: imetlws.exe, SVCH0SAT.EXE (trojan Genetik)

Malware: C:\sand-box\tl.exe Removed: C:\WINDOWS\system32\imetlws.exe C:\WINDOWS\system32\SVCH0SAT.EXE —————————————————————————————————————————- Detected by UnHackMe: Item Name: Ps Author: Unknown Related File: C:\WINDOWS\SYSTEM32\IMETLWS.EXE Type: Explorer Run Item Name: SVCH0SAT Author: Unknown Related File: C:\WINDOWS\SYSTEM32\SVCH0SAT.EXE Type: Registry Run Item Name: SVCH0SAT.EXE Author: Unknown Related File: C:\WINDOWS\SYSTEM32\SVCH0SAT.EXE Type: Running Processes Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware [...]

Removal Tool

Removed: C:\WINDOWS\SYSTEM32\DRIVERS\atmapi.sys Restored: C:\WINDOWS\system32\ole32.dll (trojan Pinit)

Malware: av.exe Removed: C:\WINDOWS\SYSTEM32\DRIVERS\atmapi.sys Restored: C:\WINDOWS\system32\ole32.dll —————————————————————————————————————————- Detected by UnHackMe: Item Name: OLE32.DLL Author: Microsoft Corporation Related File: C:\WINDOWS\SYSTEM32\OLE32.DLL Type: Infected System Files Detected by UnHackMe in “Multi Antivirus scan” mode: ATMAPI.SYS Default location: C:\WINDOWS\SYSTEM32\DRIVERS\atmapi.sys MD5: 56611C1067E7D480571423E4A94E3629 SHA1: 44D6C83C 3FCD3297 EED0D1FF 3404C173 5A3FF39F File Size: 246 Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How [...]

Removal Tool

Removed: C:\Program Files\Microsoft\DesktopLayer.exe (virus Ramnit)

Malware: vfind.exe Removed: C:\Program Files\Microsoft\DesktopLayer.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: UserInit Author: Unknown Related File: c:\windows\system32\userinit.exe,,c:\program files\microsoft\desktoplayer.exe Type: UserInit Value Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit Value: “c:\windows\system32\userinit.exe,,c:\program files\microsoft\desktoplayer.exe” Files: C:\Program Files\Internet Explorer\dmlconf.dat C:\Program Files\Microsoft\DesktopLayer.exe C:\sand-box\vfindSrv.exe —————————————————————————————————————————- Antivirus Version Last Update Result F-Secure [...]

Removal Tool

Removed: C:\WINDOWS\Temp\spoolsv\spoolsv.exe, C:\WINDOWS\svchost.exe (trojan Zapchast)

Malware: postcard.scr.exe Removed: C:\WINDOWS\Temp\spoolsv\spoolsv.exe C:\WINDOWS\svchost.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: spoolsv Author: mIRC Co. Ltd. Related File: C:\WINDOWS\TEMP\SPOOLSV\SPOOLSV.EXE Type: Registry Run Item Name: svchost Author: Unknown Related File: C:\WINDOWS\SVCHOST.EXE Type: Registry Run Item Name: spoolsv.exe Author: mIRC Co. Ltd. Related File: C:\WINDOWS\TEMP\SPOOLSV\SPOOLSV.EXE Type: Running Processes Item Name: svchost.exe Author: Unknown Related File: C:\WINDOWS\SVCHOST.EXE Type: [...]

Removal Tool

Removed: dchcp.exe, msoobe32.exe, svchosf.exe (Fake Adobe Flash Player – trojan Genome)

Malware: InstalFlash.1.2.1.exe Removed: C:\Documents and Settings\Administrator\InstallShield Installation Information\{A5BA14E0-7384-5991B8648CBE70A4}\dchcp.exe C:\Documents and Settings\Administrator\InstallShield Installation Information\{A5BA14E0-7384-5991B8648CBE70A4}\msoobe32.exe C:\Documents and Settings\Administrator\InstallShield Installation Information\{A5BA14E0-7384-5991B8648CBE70A4}\svchosf.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: msnmsgrs Author: Microsoft Corporation Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\INSTALLSHIELD INSTALLATION INFORMATION\{A5BA14E0-7384-5991B8648CBE70A4}\MSOOBE32.EXE Type: Registry Run Item Name: msoobe32.exe Author: Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\INSTALLSHIELD INSTALLATION INFORMATION\{A5BA14E0-7384-5991B8648CBE70A4}\MSOOBE32.EXE Type: Running Processes Item Name: SunJavaMdb [...]

Removal Tool

Removed: ..\download2\svcnost.exe (trojan Delf)

Malware: C:\sand-box\svchost(171).exe Removed: C:\Documents and Settings\Administrator\Application Data\download2\svcnost.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: download Author: cryptrew Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\DOWNLOAD2\SVCNOST.EXE Type: Registry Run Item Name: svcnost.exe Author: Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\DOWNLOAD2\SVCNOST.EXE Type: Running Processes Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\download Value: [...]

Removal Tool

Removed: C:\zoryaxxxxx.exe\zoryaxxxxx.exe (trojan Spy.Eye)

Malware: C:\sand-box\svchost(173).exe Removed: C:\zoryaxxxxx.exe\zoryaxxxxx.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: zoryaxxxxx.exe Author: rnllcd Related File: C:\ZORYAXXXXX.EXE\ZORYAXXXXX.EXE Type: Registry Run Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\zoryaxxxxx.exe Value: “C:\zoryaxxxxx.exe\zoryaxxxxx.exe” Folders: C:\zoryaxxxxx.exe Files: C:\zoryaxxxxx.exe\config.bin C:\zoryaxxxxx.exe\zoryaxxxxx.exe —————————————————————————————————————————- Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.08.18 Trojan.Generic.KD.27142 Kaspersky 7.0.0.125 2010.08.18 [...]

Removal Tool

Removed: svchots.exe, system.vbs (trojan VB)

Malware: amor.exe Removed: C:\WINDOWS\system\svchots.exe C:\WINDOWS\system\system.vbs —————————————————————————————————————————- Detected by UnHackMe: Item Name: svchots.exe Author: Unknown Related File: C:\WINDOWS\SYSTEM\SVCHOTS.EXE Type: Running Processes Item Name: Microsoft Author: Unknown Related File: C:\WINDOWS\SYSTEM\SYSTEM.VBS Type: Registry Run Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Microsoft Value: “C:\WINDOWS\system\system.vbs” Files: C:\WINDOWS\system\svchots.exe C:\WINDOWS\system\system.bat C:\WINDOWS\system\system.vbs —————————————————————————————————————————- Antivirus [...]

Removal Tool

Removed: C:\Program Files\MegaVaccine\MVaccine.exe, C:\Program Files\MegaVaccine\etc\UpdateMgr.exe (FakeAV – MegaVaccine)

Malware: megavaccine_setup.exe Removed: C:\Program Files\MegaVaccine\MVaccine.exe C:\Program Files\MegaVaccine\etc\UpdateMgr.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: MegaVaccineMain Author: Ebiz Networks Related File: C:\PROGRAM FILES\MEGAVACCINE\MVACCINE.EXE Type: Registry Run Item Name: UpdateMgr Author: Ebiz Networks Related File: C:\PROGRAM FILES\MEGAVACCINE\ETC\UPDATEMGR.EXE Type: Registry Run Item Name: MVaccine.exe Author: Ebiz Networks Related File: C:\PROGRAM FILES\MEGAVACCINE\MVACCINE.EXE Type: Running Processes Item Name: UpdateMgr.exe Author: Related [...]

Removal Tool

Removed: C:\Program Files\WebVaccine\WebVaccine.exe, C:\Program Files\WebVaccine\etc\wvReg.exe (FakeAV – WebVaccine)

Malware: webvaccine_setup.exe Removed: C:\Program Files\WebVaccine\WebVaccine.exe C:\Program Files\WebVaccine\etc\wvReg.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: WebVaccineMain Author: Ebiz Networks Related File: C:\PROGRAM FILES\WEBVACCINE\WEBVACCINE.EXE Type: Registry Run Item Name: WebVaccine.exe Author: Ebiz Networks Related File: C:\PROGRAM FILES\WEBVACCINE\WEBVACCINE.EXE Type: Running Processes Item Name: wvreg.exe Author: Related File: C:\PROGRAM FILES\WEBVACCINE\ETC\WVREG.EXE Type: Running Processes Removal Results: Success Number of reboot: 1 [...]

Removal Tool

Removed: setupupdater0002.exe, ohydy.exe, regedit.exe, sdra64.exe, lsass.exe, svc.exe, svw.exe, svx.exe, ope17.exe, opeB.exe, fFollower.exe (multi trojan – TDSS, Zeus, FakeAV – Antimalware Doctor)

Malware: g16b2e.exe Removed: C:\Documents and Settings\Administrator\Application Data\B34B7AF9CB40065433C8C631C37A9A2D\setupupdater0002.exe C:\Documents and Settings\Administrator\Application Data\ohydy.exe C:\WINDOWS\system32\regedit.exe C:\WINDOWS\system32\sdra64.exe C:\WINDOWS\lsass.exe C:\WINDOWS\svc.exe C:\WINDOWS\svw.exe C:\WINDOWS\svx.exe C:\Documents and Settings\Administrator\Local Settings\Temp\ope17.exe C:\Documents and Settings\Administrator\Local Settings\Temp\opeB.exe C:\Documents and Settings\Administrator\Local Settings\Temp\fFollower.exe —————————————————————————————————————————- Detected by RegRun Warrior: 1. RegRun Reanimator: 1.1 Item Name: UserInit Author: Unknown Related File: C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\sdra64.exe, Type: UserInit Value 1.2 Item Name: Follower Author: Related [...]

Removal Tool

Removed: RankSupporter.dll, SPAnalysis.dll, SupporterLinkUp.exe, WindowSpUd.exe (trojan SupporterLink)

Malware: SupporterLink13.exe Removed: C:\WINDOWS\SupporterLink\RankSupporter.dll C:\WINDOWS\SupporterLink\SPAnalysis.dll C:\WINDOWS\SupporterLink\SupporterLinkUp.exe C:\WINDOWS\WindowSpUd.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: WindowSpUd Author: WindowSp Related File: C:\WINDOWS\WINDOWSPUD.EXE Type: Registry Run Item Name: {70927A78-9E7D-4FAE-9BD9-5EDA3A21E58D} Author: Windows SupporterLink Related File: C:\WINDOWS\SUPPORTERLINK\SPANALYSIS.DLL Type: Browser Helper Objects Item Name: {796140BA-B7C8-4AB2-844B-1A2CE38E2A73} Author: TODO: Related File: C:\WINDOWS\SUPPORTERLINK\RANKSUPPORTER.DLL Type: Browser Helper Objects Item Name: SupporterLink Author: SearchSupporterLInkUp Related File: C:\WINDOWS\SUPPORTERLINK\SUPPORTERLINKUP.EXE [...]

Removal Tool

Removed: atualizada.sys, ashDip.exe, Atualizada.exe (trojan Spy.Banker)

Malware: explore.exe Removed: C:\WINDOWS\system32\drivers\atualizada.sys C:\WINDOWS\system32\ashDip.exe C:\WINDOWS\Atualizada.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: atualizada.sys Author: Unknown Related File: C:\WINDOWS\SYSTEM32\DRIVERS\ATUALIZADA.SYS Type: Drivers Item Name: ashDip.exe Author: Unknown Related File: C:\WINDOWS\SYSTEM32\ASHDIP.EXE Type: Registry Run Item Name: Author: Unknown Related File: C:\WINDOWS\ATUALIZADA.EXE Type: Registry Run Item Name: Atualizada.exe Author: Unknown Related File: C:\WINDOWS\ATUALIZADA.EXE Type: Running Processes Removal Results: Success [...]

Removal Tool

Removed: Schost.exe, v1.exe, v2.exe, v3.exe (trojan Spy.Banker)

Malware: schosts.sfx.exe Removed: C:\WINDOWS\Schost.exe C:\WINDOWS\v1.exe C:\WINDOWS\v2.exe C:\WINDOWS\v3.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: Author: Unknown Related File: C:\WINDOWS\SCHOST.EXE Type: Registry Run Item Name: Schost.exe Author: Unknown Related File: C:\WINDOWS\SCHOST.EXE Type: Running Processes Item Name: DESKC Author: Unknown Related File: C:\WINDOWS\V3.EXE Type: Explorer Run Item Name: v1.exe Author: Unknown Related File: C:\WINDOWS\V1.EXE Type: Running Processes Item [...]

Removal Tool

Removed: C:\WINDOWS\system\hchos.exe (trojan Banker)

Malware: PostalParaTi.wma.exe Removed: C:\WINDOWS\system\hchos.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: PostalParaTi.wma Author: sdasdas Related File: C:\WINDOWS\SYSTEM\HCHOS.EXE Type: Registry Run Item Name: hchos Author: Related File: C:\WINDOWS\SYSTEM\HCHOS.EXE Type: Registry Run Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\PostalParaTi.wma Value: “C:\WINDOWS\system\hchos.exe” Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\hchos Value: “C:\WINDOWS\system\hchos.exe” Files: C:\WINDOWS\system\hchos.exe —————————————————————————————————————————- Antivirus [...]

Removal Tool

Next Page »

• Greatis Software

  • Free Download
  • Send a file

• AverScanner

  AverScaner- EveryDay Malware Scan

• Testimonials

  People say

  Greg

  I spent over 10 hours trying to manually hunt down and remove a rootkit and browser hijacker from my computer. That was a mistake!

  This virus/malware could not be removed by Norton, ZoneLabs, MS Essentials; etc.

  In about 1 hour, I was able to download your software, create the CD-ROM, watch the instruction video and kill 3 ROOKITS from my PC. (Your software hunted down the rootkits and killed them like Spetsnaz going after the enemy!) Get it!

  Joseph

  Your product is the only one on the market that has found and removed rootkits from my system, three rootkits to be precise. I have used other products but they don't measure up to UnHackMe.

  Bob

  The UnHackMe is a real program, no spyware or phish and works great and is easy to use. Enjoy!

  Click Here to Update All your PC's Outdated drivers

• Categories

  • Adware
  • Backdoor
  • Fake Driver-Codec
  • Fake System Tool
  • FakeAV
  • Locker
  • Malware
  • Malware Domain
  • Not-a-Virus
  • Rootkit
  • unknown
  • Virus
  • Worm

• Recent Posts

  • STKSCAN.DLL is Trojan Sirefef.BP
  • %Local Appdata%\3308c706\X is Rootkit ZeroAccess
  • PCDRNT.DLL is Rootkit ZeroAccess
  • MAYA70DOCSERVER.DLL is Rootkit ZeroAccess
  • INETACCELERATOR.EXE is Trojan Foreign
  • _EX-68.EXE is Trojan Banload
  • OTYTKF.EXE is Worm Palevo
  • FUNSHIONINSTALL.EXE is Trojan Delf
  • MAXTUDOXDB.EXE is Trojan CFI
  • MSDSCSC.EXE is Backdoor Finlosky

• 
• Remember: the best way to remove rootkits is from the outside!

  

• Blogroll

  • RegRun Security Suite. Detects and removes rootkits/malware/adware that your antivirus could not.
  • RegRun Warrior – Removing rootkits is best done from the outside!
  • UnHackMe – rootkit & malware killer

• Popular

  1. 3%QKM.EXE is Trojan Kryptik
  2. 2%BETTERINSTALLER.EXE is Adware Somoto
  3. 1%U997.EXE is not a virus UltraSurf
  4. 1%MSLOOP.DLL is Rootkit Zero Access
  5. 1%TEMP:WINUPD.EXE is BackDoor TDSS
  6. 1%GREP.3XE is Trojan Tool-NirCmd
  7. 1%MVSCAVAP.EXE is Trojan Banker6
  8. 1%PCOTP.EXE is Trojan Offend
  9. 1%HPDSKFLT.DLL is Rootkit ZeroAccess
  10. 1%XUAT.EXE is Trojan Rimecud
  11. 1%CHINDE.EXE is Trojan Jorik
  12. 1%RADCLOCK.DLL is Rootkit ZeroAccess
  13. 1%SYSTEMINSTALLATION.EXE is Trojan Llac
  14. 1%F16.EXE is Trojan FakeAV
  15. 1%MRTSTUB.EXE is Trojan Banker
  16. 1%DLLHSTS.EXE is Trojan LockScreen
  17. 1%HKAVGLRJ.EXE is Trojan Banker
  18. 1%PROCEXP111.DLL is Rootkit ZeroAccess
  19. 1%TOSCOSRV.DLL is Rootkit ZeroAccess
  20. 1%ACADPROC.DLL is Trojan VbCrypt

• Tags

  3308c706 Adware Agent Ainslot ATAPI.SYS AutoRun autorun.inf Backdoor Bancos Banker Banload BHO Bifrose Buzus Delf Fake AntiVirus FakeAV Injector IRCBot Jorik KeyLogger Koobface Kraddare Kryptik lsass.exe Malware Domain Oficla OnLineGames Palevo Rebhip Rootkit Scar services.exe SpyEye svchost.exe Taterf TDSS Trojan VB VBInject VBKrypt Virus winlogon.exe Worm ZeroAccess