Removed: C:\Documents and Settings\Administrator\Application Data\cc.exe (trojan Bumat)
Malware: coukou.exe Removed: C:\Documents and Settings\Administrator\Application Data\cc.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: system32 Author: Microsoft Corporation Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\CC.EXE Type: Explorer Run Item Name: {6D68DBCD-BC08-FBDB-EBAA-AD500BDBBA6C} Author: Microsoft Corporation Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\CC.EXE Type: ActiveSetup Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: [...]
Removal Tool
Removed: C:\Program Files\PlusTab\PlusTab.exe (adware PlusTab)
Malware: PlusTab_PT21.exe Removed: C:\Program Files\PlusTab\PlusTab.exe —————————————————————————————————————————- Detected manually: PLUSTAB.EXE Default location: C:\PROGRAM FILES\PLUSTAB\PLUSTAB.EXE MD5: 92ACFA372790684090E634177B2CC2A8 SHA1: FC9B8657 5F928DAA 3283139F 701E93E7 8222F32B File Size: 310 952 Version Info: OriginalFilename: Agent.exe FileDescription: PlusTab InternalName: Updater CompanyName: NBZ FileVersion: 1.0.0.1 LegalCopyright: (c) NBIZ. All rights reserved. ProductName: PlusTab ProductVersion: 1.0.0.1 Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- [...]
Removal Tool
Removed: launcher.exe, SpyCare.exe, SpyCareBlk.dll (FakeAV – SpyCare)
Malware: SpyCareSetupS3.exe Removed: C:\Program Files\SpyCare\launcher.exe C:\Program Files\SpyCare\SpyCare.exe C:\Program Files\SpyCare\SpyCareBlk.dll —————————————————————————————————————————- Detected by UnHackMe: Item Name: {0A133B55-83C4-4e7e-B070-B87EC9BEAF67} Author: Related File: C:\PROGRAM FILES\SPYCARE\SPYCAREBLK.DLL Type: Browser Helper Objects Item Name: SpyCare.exe Author: Unknown Related File: C:\PROGRAM FILES\SPYCARE\SPYCARE.EXE Type: Running Processes Detected by UnHackMe in “Multi AntiVirus scan” mode: LAUNCHER.EXE Default location: C:\PROGRAM FILES\SPYCARE\LAUNCHER.EXE MD5: 4A3AE4BA1BCE27FEA5B1431578BE7B7B SHA1: A63C92FE AC20572C [...]
Removal Tool
Removed: C:\WINDOWS\system32\wow.exe (trojan VB)
Malware: wo.exe Removed: C:\WINDOWS\system32\wow.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: wow.exe Author: Microsoft(R) Windows(R) Operating System Related File: C:\WINDOWS\SYSTEM32\WOW.EXE Type: Registry Run Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\wow.exe Value: “C:\WINDOWS\system32\wow.exe” Files: C:\WINDOWS\system32\wow.exe C:\wow.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.16160.0 2010.11.29 – Kaspersky [...]
Removal Tool
Removed: C:\Program Files\dxsystem\dxsystem.exe (trojan Agent)
Malware: dxsystem.exe Removed: C:\Program Files\dxsystem\dxsystem.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: dxsystem Author: Unknown Related File: C:\PROGRAM FILES\DXSYSTEM\DXSYSTEM.EXE Type: Registry Run Item Name: dxsystem.exe Author: Unknown Related File: C:\PROGRAM FILES\DXSYSTEM\DXSYSTEM.EXE Type: Running Processes Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\dxsystem Value: “C:\Program Files\dxsystem\dxsystem.exe” Folders: C:\Program Files\dxsystem\ [...]
Removal Tool
Removed: c:\program files\microsoft\watermark.exe (backdoor IRCNite)
Malware: cr_ALL.exe Removed: c:\program files\microsoft\watermark.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: UserInit Author: Unknown Related File: c:\windows\system32\userinit.exe,,c:\program files\microsoft\watermark.exe Type: UserInit Value Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit Value: “c:\windows\system32\userinit.exe,,c:\program files\microsoft\watermark.exe” Folders: C:\Program Files\Microsoft\ Files: C:\Program Files\Microsoft\WaterMark.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure [...]
Removal Tool
Removed: smx4pnp.dll, EV3szxc10.dll, EV3szxc20.dll, EV3zxc.exe (trojan Magania)
Malware: C:\sand-box\s_001.exe Removed: C:\Documents and Settings\Administrator\Microsoft\smx4pnp.dll C:\WINDOWS\system32\EV3szxc10.dll C:\WINDOWS\system32\EV3szxc20.dll C:\WINDOWS\system32\EV3zxc.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: smx4pnp Author: Unknown Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\MICROSOFT\SMX4PNP.DLL Type: Registry Run Item Name: {94AC7942-7BE1-4FB9-A7CA-67CD88362758} Author: Related File: C:\WINDOWS\SYSTEM32\EV3SZXC20.DLL Type: Browser Helper Objects Item Name: EV3szxc10.dll Author: Unknown Related File: C:\WINDOWS\SYSTEM32\EV3SZXC10.DLL Type: Detected using Heuristic Algorithm Item Name: EV3zxc.exe Author: Unknown [...]
Removal Tool
Removed: cryptedstealerserver.exe, cybergatecrypted.exe (trojan Meredrop)
Malware: ExploitPack.exe Removed: C:\Documents and Settings\Administrator\Application Data\cryptedstealerserver.exe C:\Documents and Settings\Administrator\Application Data\cybergatecrypted.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: 1WKTqlPRxSXfVBKK Author: Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\CYBERGATECRYPTED.EXE Type: Registry Run Item Name: 1ELbCCSIKCbEigOD Author: Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\CRYPTEDSTEALERSERVER.EXE Type: Registry Run Item Name: cybergatecrypted.exe Author: Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\CYBERGATECRYPTED.EXE Type: Running Processes Item [...]
Removal Tool
Removed: C:\WINDOWS\system32\install\Svchost.exe (trojan VBKrypt)
Malware: Pirates Facebook Hack v 1.2.exe Removed: C:\WINDOWS\system32\install\Svchost.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: Policies Author: Microsoft Related File: C:\WINDOWS\SYSTEM32\INSTALL\SVCHOST.EXE Type: Explorer Run Item Name: {68R70T72-41QB-3TU0-P322-4PCVS437L2Y6} Author: Related File: C:\WINDOWS\SYSTEM32\INSTALL\SVCHOST.EXE Type: ActiveSetup Item Name: HKCU Author: Microsoft Related File: C:\WINDOWS\SYSTEM32\INSTALL\SVCHOST.EXE Type: Registry Run Item Name: HKLM Author: Microsoft Related File: C:\WINDOWS\SYSTEM32\INSTALL\SVCHOST.EXE Type: Registry Run Removal [...]
Removal Tool
Removed: C:\Documents and Settings\All Users\Application Data\Ameba22\Defender.exe (trojan MultiBanker)
Malware: strings.exe Removed: C:\Documents and Settings\All Users\Application Data\Ameba22\Defender.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: Defender.exe Peru Author: Ameba Defender Related File: C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\AMEBA22\DEFENDER.EXE Type: Registry Run Item Name: Defender.exe Author: Ameba Defender Related File: C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\AMEBA22\DEFENDER.EXE Type: Running Processes Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to [...]
Removal Tool
Removed: C:\WINDOWS\hunter.exe, C:\WINDOWS\ieplorer.exe (trojan Banker)
Malware: C:\sand-box\ver.exe Removed: C:\WINDOWS\hunter.exe C:\WINDOWS\ieplorer.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: hunter.exe Author: Unknown Related File: C:\WINDOWS\HUNTER.EXE Type: Registry Run Item Name: ieplorer.exe Author: microsoft Related File: C:\WINDOWS\IEPLORER.EXE Type: Registry Run Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\hunter.exe Value: “C:\WINDOWS\hunter.exe” Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ieplorer.exe Value: “C:\WINDOWS\ieplorer.exe” Files: C:\WINDOWS\system32\inff.txt [...]
Removal Tool
Removed: DCM.exe, mtfsyx32.exe, peq.exe (backdoor Agent)
Malware: U7600-W0402610DCM.exe Removed: C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\DCM.exe C:\Documents and Settings\Administrator\Local Settings\Temp\mtfsyx32.exe C:\Documents and Settings\Administrator\peq.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: {51H3Y8I7-1GRQ-45DK-OOL9-09001D765456} Author: DMmdNDhgCLooa Related File: C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\DCM.EXE Type: ActiveSetup Item Name: Microsoft UneXpected Author: E83yL Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\MTFSYX32.EXE Type: Registry Run Item Name: MSConfig Author: Unknown Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\PEQ.EXE Type: Registry Run Item Name: mtfsyx32.exe Author: E83yL [...]
Removal Tool
Removed: C:\Documents and Settings\Administrator\2509819211\2509819211.exe (trojan HomoBlocker)
Malware: C:\sand-box\xpiofrbtkzhr.exe Removed: C:\Documents and Settings\Administrator\2509819211\2509819211.exe —————————————————————————————————————————- Detected by RegRun Warrior: 1. RegRun Reanimator: Item Name: UserInit Author: Unknown Related File: C:\WINDOWS\system32\userinit.exe,C:\Documents and Settings\Administrator\2509819211\2509819211.exe Type: UserInit Value 2. Multi AntiVirus scan: – none – Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit Value: “C:\WINDOWS\system32\userinit.exe,C:\Documents and Settings\Administrator\2509819211\2509819211.exe” [...]
Removal Tool
Malware: votes.exe (trojan DelFiles – changed Windows HOSTS file)
Malware: votes.exe —————————————————————————————————————————- How to quickly detect malware presence? Files modified: C:\WINDOWS\system32\drivers\etc\hosts —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.16160.0 2010.11.07 Backdoor.Generic.504331 Kaspersky 7.0.0.125 2010.11.07 Trojan.Win32.DelFiles.abs Microsoft 1.6301 2010.11.07 Trojan:Win32/Meredrop NOD32 5598 2010.11.07 – —————————————————————————————————————————- MD5 e3713c940a44d8d59ba31b24f0d3d5f9 SHA1 e76f4ca3f4cb328045fa83d98deaefbd83f1af24 SHA256 8e049061718e441530b9992d372b935e43a52742cabbec724d93e45b327d3f90 —————————————————————————————————————————- Remove it now!
Removal Tool
Removed: C:\WINDOWS\Vcajua.exe (trojan Renos)
Malware: Ilk.exe Removed: C:\WINDOWS\Vcajua.exe —————————————————————————————————————————- Detected by RegRun Warrior: 1. RegRun Reanimator: Item Name: {62C40AA6-4406-467a-A5A5-DFDF1B559B7A} Author: Opera Software Related File: C:\WINDOWS\VCAJUA.EXE Type: Scheduled Tasks 2. Multi AntiVirus scan: – none – Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Files: C:\WINDOWS\Tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job C:\WINDOWS\Vcajua.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result [...]
Removal Tool
Removed: C:\ugsoacgsco.exe\ugsoacgsco.exe (trojan Spy.Eyes)
Malware: C:\sand-box\ugsoacgsco.exe Removed: C:\ugsoacgsco.exe\ugsoacgsco.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: ugsoacgsco.exe Author: Unknown Related File: C:\UGSOACGSCO.EXE\UGSOACGSCO.EXE Type: Registry Run Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ugsoacgsco.exe Value: “C:\ugsoacgsco.exe\ugsoacgsco.exe” Folders: C:\ugsoacgsco.exe\ Files: C:\ugsoacgsco.exe\config.bin C:\ugsoacgsco.exe\ugsoacgsco.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.16160.0 2010.11.20 – Kaspersky 7.0.0.125 [...]
Removal Tool
Removed: C:\WINDOWS\instt\svchos.exe (backdoor IRCBot)
Malware: 55(2).exe Removed: C:\WINDOWS\instt\svchos.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: Xtreme Author: Unknown Related File: C:\WINDOWS\INSTT\SVCHOS.EXE Type: Explorer Run Item Name: {08C9E5JF-4KJB-16CP-AAA5-00401C6FV500} Author: Unknown Related File: C:\WINDOWS\INSTT\SVCHOS.EXE Type: ActiveSetup Item Name: svchos.exe Author: Unknown Related File: C:\WINDOWS\INSTT\SVCHOS.EXE Type: Running Processes Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: [...]
Removal Tool
Removed: C:\WINDOWS\system32\WindowsUpdate\winupdate.exe.exe (trojan Injector)
Malware: exe_2.exe Removed: C:\WINDOWS\system32\WindowsUpdate\winupdate.exe.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: {IJBP402M-25M8-SI3F-RD4K-NC85473BS27U} Author: Departament Related File: C:\WINDOWS\SYSTEM32\WINDOWSUPDATE\WINUPDATE.EXE.EXE Type: ActiveSetup Item Name: Cerberus Author: Related File: C:\WINDOWS\SYSTEM32\WINDOWSUPDATE\WINUPDATE.EXE.EXE Type: Registry Run Item Name: winupdate.exe.exe Author: Related File: C:\WINDOWS\SYSTEM32\WINDOWSUPDATE\WINUPDATE.EXE.EXE Type: Running Processes Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Cerberus Value: [...]
Removal Tool
Removed: C:\WINDOWS\system32\svchost\svchost.exe (trojan Injector)
Malware: client_2.exe Removed: C:\WINDOWS\system32\svchost\svchost.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: Policies Author: Related File: C:\WINDOWS\SYSTEM32\SVCHOST\SVCHOST.EXE Type: Explorer Run Item Name: {3K0AUO52-SM0T-UFIO-F6E5-MF5508TIXO50} Author: Related File: C:\WINDOWS\SYSTEM32\SVCHOST\SVCHOST.EXE Type: ActiveSetup Item Name: HKCU Author: Related File: C:\WINDOWS\SYSTEM32\SVCHOST\SVCHOST.EXE Type: Registry Run Item Name: HKLM Author: Related File: C:\WINDOWS\SYSTEM32\SVCHOST\SVCHOST.EXE Type: Registry Run Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- [...]
Removal Tool
Removed: C:\Documents and Settings\Administrator\27F6471627473796E696D64614\winlogon.exe, C:\Documents and Settings\All Users\Start Menu\Programs\Startup\winlogon.exe, C:\Documents and Settings\NetworkService\winlogon.exe, C:\winlogon.exe (worm AutoTsifiri)
Malware: 76.exe Removed: C:\Documents and Settings\Administrator\27F6471627473796E696D64614\winlogon.exe C:\Documents and Settings\All Users\Start Menu\Programs\Startup\winlogon.exe C:\Documents and Settings\NetworkService\winlogon.exe C:\winlogon.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: 132.96.17.184 drweb.com Author: Unknown Related File: Type: Hosts File Contents Item Name: 88.227.68.221 f-secure.com Author: Unknown Related File: Type: Hosts File Contents Item Name: 40.47.94.210 kaspersky.com Author: Unknown Related File: Type: Hosts File Contents [...]
Removal Tool
Removed: C:\Documents and Settings\Administrator\Application Data\WHelp\juzched.exe (trojan Spy.Banker)
Malware: ADOBEREADER90.exe Removed: C:\Documents and Settings\Administrator\Application Data\WHelp\juzched.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: juzched Author: Unknown Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\WHELP\JUZCHED.EXE Type: Registry Run Item Name: juzched.exe Author: Unknown Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\WHELP\JUZCHED.EXE Type: Running Processes Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\juzched [...]
Removal Tool
Removed: ohydy.exe, roqyxd.exe, skifr.exe, vsbntlo.exe, cfdrive32.exe (p2p-worm Palevo)
Malware: ex1113.exe Removed: C:\Documents and Settings\Administrator\Application Data\ohydy.exe C:\Documents and Settings\Administrator\Local Settings\Temp\roqyxd.exe C:\RECYCLER\S-1-5-21-0060473126-6837249116-403821433-0792\skifr.exe C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe C:\WINDOWS\cfdrive32.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: cfdrive32.exe Author: NVIDIA Related File: C:\WINDOWS\CFDRIVE32.EXE Type: Detected using Heuristic Algorithm Item Name: 12CFG214-K641-12SF-N85P Author: NVIDIA Related File: C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\VSBNTLO.EXE Type: Registry Run Item Name: shell Author: Unknown Related File: explorer.exe,C:\Documents and Settings\Administrator\Application Data\ohydy.exe Type: User [...]
Removal Tool
Removed: C:\WINDOWS\system32\dbbk.lio (trojan Oficla)
Malware: C:\sand-box\HD32632.JPG.exe Removed: C:\WINDOWS\system32\dbbk.lio —————————————————————————————————————————- Detected by UnHackMe: Item Name: shell Author: Unknown Related File: Explorer.exe rundll32.exe dbbk.lio eyyvs Type: System.ini Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell Value: “Explorer.exe rundll32.exe dbbk.lio eyyvs” Files: C:\WINDOWS\system32\dbbk.lio —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.16160.0 2010.11.25 [...]
Removal Tool
Removed: C:\Documents and Settings\Administrator\Local Settings\Temp\mb9a.exe, C:\WINDOWS\Fonts\services.exe (trojan VB)
Malware: kp.jpg.exe Removed: C:\Documents and Settings\Administrator\Local Settings\Temp\mb9a.exe C:\WINDOWS\Fonts\services.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: apps Author: Related File: C:\WINDOWS\FONTS\SERVICES.EXE Type: Explorer Run Item Name: services.exe Author: Related File: C:\WINDOWS\FONTS\SERVICES.EXE Type: Running Processes Item Name: q9jp Author: Unknown Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\MB9A.EXE Type: Explorer Run Item Name: mb9a.exe Author: Unknown Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\MB9A.EXE Type: Running Processes Removal [...]
Removal Tool
Removed: lucro.exe (trojan Bancos)
Malware: C:\sand-box\lucro.exe Removed: C:\sand-box\lucro.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: FirstRunn Author: Unknown Related File: C:\SAND-BOX\LUCRO.EXE Type: Registry Run Item Name: lucro.exe Author: Unknown Related File: C:\SAND-BOX\LUCRO.EXE Type: Running Processes Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\FirstRunn Files: C:\ZQ561401.rar —————————————————————————————————————————- Classification: Antivirus Version Last Update Result [...]
Removal Tool
Removed: C:\WINDOWS\system32\appconf32.exe (trojan MultiBanker)
Malware: C:\sand-box\gqgwetbvjrewxux2.exe Removed: C:\WINDOWS\system32\appconf32.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: UserInit Author: Unknown Related File: C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\appconf32.exe, Type: UserInit Value Item Name: appconf32.exe Author: Unknown Related File: C:\WINDOWS\SYSTEM32\APPCONF32.EXE Type: Detected using Heuristic Algorithm Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit Value: “C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\appconf32.exe,” Folders: C:\WINDOWS\system32\cock C:\WINDOWS\system32\xmldm Files: [...]
Removal Tool
Removed: C:\WINDOWS\jspbbplugin.dll (trojan VB)
Malware: amor_estranho_amor.mpg.exe Removed: C:\WINDOWS\jspbbplugin.dll —————————————————————————————————————————- Detected by UnHackMe: Item Name: {331B2978-88FF-11D2-8D96-E7ACAC95951F} Author: Unknown Related File: C:\WINDOWS\JSPBBPLUGIN.DLL Type: Browser Helper Objects Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: HKLM\Software\Classes\CLSID\{331B2978-88FF-11D2-8D96-E7ACAC95951F}\InprocServer32\ Value: “c:\WINDOWS\jspbbplugin.dll” Files: C:\WINDOWS\jspbbplugin.dll —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.16160.0 2010.11.07 Gen:Trojan.Heur.VP.bm0@aye7Npni Kaspersky 7.0.0.125 2010.11.07 Trojan-Downloader.Win32.VB.abka [...]
Removal Tool
Removed: C:\Documents and Settings\Administrator\Application Data\C-76947-8457-2745\winmsnliv.exe (trojan Hamweq)
Malware: zib.exe Removed: C:\Documents and Settings\Administrator\Application Data\C-76947-8457-2745\winmsnliv.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: WindowsDriverControl Author: UW0wAtGNWAMa4vJQm Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\C-76947-8457-2745\WINMSNLIV.EXE Type: Registry Run Item Name: winmsnliv.exe Author: UW0wAtGNWAMa4vJQm Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\C-76947-8457-2745\WINMSNLIV.EXE Type: Running Processes Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\WindowsDriverControl [...]
Removal Tool
Removed: FV3szxc10.dll, FV3szxc20.dll, FV3zxc.exe (trojan Taterf)
Malware: C:\sand-box\mtlat.exe Removed: C:\WINDOWS\system32\FV3szxc10.dll C:\WINDOWS\system32\FV3szxc20.dll C:\WINDOWS\system32\FV3zxc.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: FV3szxc10.dll Author: Unknown Related File: C:\WINDOWS\SYSTEM32\FV3SZXC10.DLL Type: Detected using Heuristic Algorithm Item Name: FV3zxc.exe Author: Unknown Related File: C:\WINDOWS\SYSTEM32\FV3ZXC.EXE Type: Detected using Heuristic Algorithm Item Name: FV3sos Author: Unknown Related File: C:\WINDOWS\SYSTEM32\FV3ZXC.EXE Type: Registry Run Item Name: {94AC7942-7BE1-4FB9-A7CA-67CD88362758} Author: Related File: C:\WINDOWS\SYSTEM32\FV3SZXC20.DLL Type: [...]
Removal Tool
Removed: C:\Hellomotoo.exe\Hellomotoo.exe (trojan Jorik.SpyEyes)
Malware: C:\sand-box\crypted.exe Removed: C:\Hellomotoo.exe\Hellomotoo.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: Hellomotoo.exe Author: Related File: C:\HELLOMOTOO.EXE\HELLOMOTOO.EXE Type: Registry Run Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Hellomotoo.exe Value: “C:\Hellomotoo.exe\Hellomotoo.exe” Folders: C:\Hellomotoo.exe\ Files: C:\Documents and Settings\Administrator\Local Settings\Temp\upd1.tmp C:\Hellomotoo.exe\config.bin C:\Hellomotoo.exe\Hellomotoo.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.16160.0 2010.11.24 [...]
Removal Tool
- Remember: the best way to remove rootkits is from the outside!
