Solved! Fix WindowsMangerProtect problem

Be careful! Full path on computer: WindowsMangerProtect WindowsMangerProtect software is Win32:PUP-gen related. WindowsMangerProtect (potentially unwanted program) is a program that may be unwanted for users. WindowsMangerProtect may have one or more of unwanted features: spying user, adwertising, search redirecting, or browser hijacking. WindowsMangerProtect is often downloaded in a bundle with useful program. Suggest to uninstall…

Continue reading

Remove ROBOOT.EXE immediately

We suggest you to remove ROBOOT.EXE from your computer as soon as possible. ROBOOT.EXE is known as: Win32:Toolbar-M [PUP] MD5 of ROBOOT.EXE = 5a72817181f065c82b252e5663b73f40 ROBOOT.EXE size is 18096 bytes. Full path on a computer: %SYSDIR%\ROBOOT.EXE Related Files: %WinDir%\Installer\39976.msi %WinDir%\Installer\{EE24665C-844A-4489-9F11-70E41F4EE476}\baricon.ico %SysDir%\roboot.exe %WinDir%\Tasks\PC Performer_DEFAULT.job %WinDir%\Tasks\PC Performer_UPDATES.job Fix it immediately! UnHackMe removes malware invisible for your antivirus!

OCBEJ8PBYR.XHXX is Trojan Downloader

Is the file OCBEJ8PBYR.XHXX located on your computer? Then your computer is infected. We do suggest you should remove OCBEJ8PBYR.XHXX from your computer as soon as possible. OCBEJ8PBYR.XHXX is Trojan/Backdoor. Kill the process OCBEJ8PBYR.XHXX and remove OCBEJ8PBYR.XHXX from the Windows startup. Malware Analysis of OCBEJ8PBYR.XHXX Full path on a computer: %APPDATA%\PRYR6HEAB\OCBEJ8PBYR.XHXX Detected by UnHackMe: OCBEJ8PBYR.XHXX…

Continue reading

WINSPEED.DLL is Adware SProtector

  How to remove WindApp Adware using UnHackMe We received the file WINSPEED.DLL and detected that WINSPEED.DLL is not good. WINSPEED.DLL is Adware. You should remove the file WINSPEED.DLL. Kill the process WINSPEED.DLL and remove WINSPEED.DLL from Windows. Malware Analysis of WINSPEED.DLL Full path on a computer: %Common Appdata%\WinSpeed\WinSpeed.dll Detected by UnHackMe: WINSPEED.DLL Default location:…

Continue reading

W32/Agent.AQP!tr.dldr

W32/Agent.AQP!tr.dldr also known as W32/Dadobra.A.gen!Eldorado, TR/ATRAPS.A.1685, Downloader.Generic13.CLMG. Malware Analysis of W32/Agent.AQP!tr.dldr – PMROJECT1.EXE Created files: %Local Appdata%\Google\Chrome\User Data\Default\Web Data-journal %Local Appdata%\Google\Chrome\User Data\lockfile %Program Files%\FlashSockv01\Pmroject1.exe Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ChromeUpdatedv01: “%Program Files%\FlashSockv01\Pmroject1.exe” Detected by UnHackMe: PMROJECT1.EXE Default location: %PROGRAM FILES%\FLASHSOCKV01\PMROJECT1.EXE Dropper hash(md5): a60009592c4e6f2f5e7ca6dbb12a2c22 Fix it immediately! UnHackMe removes malware invisible for your antivirus!

Trojan.Generic.11511509 (B)

Trojan.Generic.11511509 (B) also known as Trojan.Generic.11511509, W32/Dadobra.A.gen!Eldorado, TR/ATRAPS.A.1685. Malware Analysis of Trojan.Generic.11511509 (B) – PMROJECT1.EXE Created files: %Local Appdata%\Google\Chrome\User Data\Default\Web Data-journal %Local Appdata%\Google\Chrome\User Data\lockfile %Program Files%\FlashSockv01\Pmroject1.exe Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ChromeUpdatedv01: “%Program Files%\FlashSockv01\Pmroject1.exe” Detected by UnHackMe: PMROJECT1.EXE Default location: %PROGRAM FILES%\FLASHSOCKV01\PMROJECT1.EXE Dropper hash(md5): a60009592c4e6f2f5e7ca6dbb12a2c22 Fix it immediately! UnHackMe removes malware invisible for your antivirus!

Downloader.Generic13.CLMG

Downloader.Generic13.CLMG also known as PE:Trojan.Win32.Generic.16F8BCB2!385399986, TROJ_SPNR.09GH14, Win32.Trojan-downloader.Agent.Pdmh. Malware Analysis of Downloader.Generic13.CLMG – PMROJECT1.EXE Created files: %Local Appdata%\Google\Chrome\User Data\Default\Web Data-journal %Local Appdata%\Google\Chrome\User Data\lockfile %Program Files%\FlashSockv01\Pmroject1.exe Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ChromeUpdatedv01: “%Program Files%\FlashSockv01\Pmroject1.exe” Detected by UnHackMe: PMROJECT1.EXE Default location: %PROGRAM FILES%\FLASHSOCKV01\PMROJECT1.EXE Dropper hash(md5): a60009592c4e6f2f5e7ca6dbb12a2c22 Fix it immediately! UnHackMe removes malware invisible for your antivirus!

Trojan.Win32.Downloader.BAQP

Trojan.Win32.Downloader.BAQP also known as Trojan[Downloader]/Win32.Banload, W32/Dadobra.A.gen!Eldorado, PE:Trojan.Win32.Generic.16F8BCB2!385399986. Malware Analysis of Trojan.Win32.Downloader.BAQP – PMROJECT1.EXE Created files: %Local Appdata%\Google\Chrome\User Data\Default\Web Data-journal %Local Appdata%\Google\Chrome\User Data\lockfile %Program Files%\FlashSockv01\Pmroject1.exe Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ChromeUpdatedv01: “%Program Files%\FlashSockv01\Pmroject1.exe” Detected by UnHackMe: PMROJECT1.EXE Default location: %PROGRAM FILES%\FLASHSOCKV01\PMROJECT1.EXE Dropper hash(md5): a60009592c4e6f2f5e7ca6dbb12a2c22 Fix it immediately! UnHackMe removes malware invisible for your antivirus!

Trojan[Downloader]/Win32.Banload

Trojan[Downloader]/Win32.Banload also known as W32/Dadobra.A.gen!Eldorado, TROJ_SPNR.09GH14, Win32:Dropper-gen [Drp]. Malware Analysis of Trojan[Downloader]/Win32.Banload – PMROJECT1.EXE Created files: %Local Appdata%\Google\Chrome\User Data\Default\Web Data-journal %Local Appdata%\Google\Chrome\User Data\lockfile %Program Files%\FlashSockv01\Pmroject1.exe Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ChromeUpdatedv01: “%Program Files%\FlashSockv01\Pmroject1.exe” Detected by UnHackMe: PMROJECT1.EXE Default location: %PROGRAM FILES%\FLASHSOCKV01\PMROJECT1.EXE Dropper hash(md5): a60009592c4e6f2f5e7ca6dbb12a2c22 Fix it immediately! UnHackMe removes malware invisible for your antivirus!

PE:Trojan.Win32.Generic.16F8BCB2!385399986

PE:Trojan.Win32.Generic.16F8BCB2!385399986 also known as Win32/TrojanDownloader.Agent.AQP, TROJ_SPNR.09GH14, Trojan-Downloader.Win32.Doldow. Malware Analysis of PE:Trojan.Win32.Generic.16F8BCB2!385399986 – PMROJECT1.EXE Created files: %Local Appdata%\Google\Chrome\User Data\Default\Web Data-journal %Local Appdata%\Google\Chrome\User Data\lockfile %Program Files%\FlashSockv01\Pmroject1.exe Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ChromeUpdatedv01: “%Program Files%\FlashSockv01\Pmroject1.exe” Detected by UnHackMe: PMROJECT1.EXE Default location: %PROGRAM FILES%\FLASHSOCKV01\PMROJECT1.EXE Dropper hash(md5): a60009592c4e6f2f5e7ca6dbb12a2c22 Fix it immediately! UnHackMe removes malware invisible for your antivirus!

RDN/Generic Downloader.x!ko

RDN/Generic Downloader.x!ko also known as TROJ_SPNR.09GH14, Win32/TrojanDownloader.Agent.AQP, Trojan-Downloader ( 0049d43e1 ). Malware Analysis of RDN/Generic Downloader.x!ko – PMROJECT1.EXE Created files: %Local Appdata%\Google\Chrome\User Data\Default\Web Data-journal %Local Appdata%\Google\Chrome\User Data\lockfile %Program Files%\FlashSockv01\Pmroject1.exe Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ChromeUpdatedv01: “%Program Files%\FlashSockv01\Pmroject1.exe” Detected by UnHackMe: PMROJECT1.EXE Default location: %PROGRAM FILES%\FLASHSOCKV01\PMROJECT1.EXE Dropper hash(md5): a60009592c4e6f2f5e7ca6dbb12a2c22 Fix it immediately! UnHackMe removes malware invisible for your…

Continue reading

Win32.Trojan.Falsesign.Pdmp

Win32.Trojan.Falsesign.Pdmp also known as Win32.Troj.Undef.(kcloud), MyWebSearch.J (v) (not malicious), Adware/WebSearch. Malware Analysis of Win32.Trojan.Falsesign.Pdmp – NPV4STUB.DLL Created files: %Program Files%\DictionaryBoss\bar\1.bin\installKeys.js %Program Files%\DictionaryBoss\bar\1.bin\LOGO.BMP %Program Files%\DictionaryBoss\bar\1.bin\NPv4Stub.dll %Program Files%\DictionaryBoss\bar\1.bin\T8EPMSUP.DLL %Program Files%\DictionaryBoss\bar\1.bin\T8EXTEX.DLL Autostart registry keys: HKLM\Software\Classes\CLSID\{032416f0-0007-481b-9df8-9bcd1bf357f0}\InprocServer32\: “%Program Files%\DictionaryBoss\bar\1.bin\v4feedmg.dll” HKLM\Software\Classes\CLSID\{23f28f6b-50a2-4327-9450-7d3d2f33daae}\InprocServer32\: “%Program Files%\DictionaryBoss\bar\1.bin\v4httpct.dll” HKLM\Software\Classes\CLSID\{272143f8-3dbe-424c-949f-20acd11e5a6d}\InprocServer32\: “%Program Files%\DictionaryBoss\bar\1.bin\v4skin.dll” HKLM\Software\Classes\CLSID\{3042df7a-e900-4389-9b94-923df0daa57e}\InprocServer32\: “%Program Files%\DictionaryBoss\bar\1.bin\v4bar.dll” HKLM\Software\Classes\CLSID\{488c2712-1482-42ad-bc4d-681e5832f0c2}\InprocServer32\: “%Program Files%\DictionaryBoss\bar\1.bin\v4datact.dll” HKLM\Software\Classes\CLSID\{58376892-60e7-4f63-aca0-0f686af554d6}\InprocServer32\: “%Program Files%\DictionaryBoss\bar\1.bin\v4SrcAs.dll” HKLM\Software\Classes\CLSID\{5b610696-32b6-416c-bf5c-ca4f60a345dd}\InprocServer32\: “%Program Files%\DictionaryBoss\bar\1.bin\v4skin.dll” HKLM\Software\Classes\CLSID\{6eb534fb-2001-45c4-b860-bc904865a379}\InprocServer32\: “C:\PROGRA~1\DICTIO~1\bar\1.bin\v4bar.dll” HKLM\Software\Classes\CLSID\{715321aa-a1fc-4058-8ffa-668d687b6e32}\InprocServer32\:…

Continue reading

Suspicious_GEN.F47V0718

Suspicious_GEN.F47V0718 also known as Adware.Win32.MyWebSearch.bQ, Win32.Trojan.Falsesign.Pdmp. Malware Analysis of Suspicious_GEN.F47V0718 – NPV4STUB.DLL Created files: %Program Files%\DictionaryBoss\bar\1.bin\installKeys.js %Program Files%\DictionaryBoss\bar\1.bin\LOGO.BMP %Program Files%\DictionaryBoss\bar\1.bin\NPv4Stub.dll %Program Files%\DictionaryBoss\bar\1.bin\T8EPMSUP.DLL %Program Files%\DictionaryBoss\bar\1.bin\T8EXTEX.DLL Autostart registry keys: HKLM\Software\Classes\CLSID\{032416f0-0007-481b-9df8-9bcd1bf357f0}\InprocServer32\: “%Program Files%\DictionaryBoss\bar\1.bin\v4feedmg.dll” HKLM\Software\Classes\CLSID\{23f28f6b-50a2-4327-9450-7d3d2f33daae}\InprocServer32\: “%Program Files%\DictionaryBoss\bar\1.bin\v4httpct.dll” HKLM\Software\Classes\CLSID\{272143f8-3dbe-424c-949f-20acd11e5a6d}\InprocServer32\: “%Program Files%\DictionaryBoss\bar\1.bin\v4skin.dll” HKLM\Software\Classes\CLSID\{3042df7a-e900-4389-9b94-923df0daa57e}\InprocServer32\: “%Program Files%\DictionaryBoss\bar\1.bin\v4bar.dll” HKLM\Software\Classes\CLSID\{488c2712-1482-42ad-bc4d-681e5832f0c2}\InprocServer32\: “%Program Files%\DictionaryBoss\bar\1.bin\v4datact.dll” HKLM\Software\Classes\CLSID\{58376892-60e7-4f63-aca0-0f686af554d6}\InprocServer32\: “%Program Files%\DictionaryBoss\bar\1.bin\v4SrcAs.dll” HKLM\Software\Classes\CLSID\{5b610696-32b6-416c-bf5c-ca4f60a345dd}\InprocServer32\: “%Program Files%\DictionaryBoss\bar\1.bin\v4skin.dll” HKLM\Software\Classes\CLSID\{6eb534fb-2001-45c4-b860-bc904865a379}\InprocServer32\: “C:\PROGRA~1\DICTIO~1\bar\1.bin\v4bar.dll” HKLM\Software\Classes\CLSID\{715321aa-a1fc-4058-8ffa-668d687b6e32}\InprocServer32\: “%Program Files%\DictionaryBoss\bar\1.bin\v4radio.dll” HKLM\Software\Classes\CLSID\{73a7cce6-ff3a-4c7f-9a3e-db9bd92be292}\InprocServer32\: “%Program…

Continue reading

Agent4.BXJG

Agent4.BXJG also known as Trojan.Staser, Trojan.Gen, Trojan.Staser.Win32.931. Malware Analysis of Agent4.BXJG – USYBTND.EXE Created files: %Program Files%\Windows NT\Usybtnd.exe Autostart registry keys: HKLM\System\CurrentControlSet\Services\Wsmnnh oryqjhhn\ImagePath: “%Program Files%\Windows NT\Usybtnd.exe” HKLM\System\CurrentControlSet\Services\Wsmnnh oryqjhhn\DisplayName: “Cwykqa yagasscc” Detected by UnHackMe: USYBTND.EXE Default location: %PROGRAM FILES%\WINDOWS NT\USYBTND.EXE Dropper hash(md5): ab5dab9b95b114dee0fb060dff5b9628 Fix it immediately! UnHackMe removes malware invisible for your antivirus!

Trojan.Staser

Trojan.Staser also known as Agent4.BXJG, a variant of Win32/Fusing.CF, Trojan.GenericKD.1761213. Malware Analysis of Trojan.Staser – USYBTND.EXE Created files: %Program Files%\Windows NT\Usybtnd.exe Autostart registry keys: HKLM\System\CurrentControlSet\Services\Wsmnnh oryqjhhn\ImagePath: “%Program Files%\Windows NT\Usybtnd.exe” HKLM\System\CurrentControlSet\Services\Wsmnnh oryqjhhn\DisplayName: “Cwykqa yagasscc” Detected by UnHackMe: USYBTND.EXE Default location: %PROGRAM FILES%\WINDOWS NT\USYBTND.EXE Dropper hash(md5): ab5dab9b95b114dee0fb060dff5b9628 Fix it immediately! UnHackMe removes malware invisible for your antivirus!

Trojan/Win32.Staser

Trojan/Win32.Staser also known as a variant of Win32/Fusing.CF, Trojan.GenericKD.1761213 (B), Trojan.GenericKD.1761213. Malware Analysis of Trojan/Win32.Staser – USYBTND.EXE Created files: %Program Files%\Windows NT\Usybtnd.exe Autostart registry keys: HKLM\System\CurrentControlSet\Services\Wsmnnh oryqjhhn\ImagePath: “%Program Files%\Windows NT\Usybtnd.exe” HKLM\System\CurrentControlSet\Services\Wsmnnh oryqjhhn\DisplayName: “Cwykqa yagasscc” Detected by UnHackMe: USYBTND.EXE Default location: %PROGRAM FILES%\WINDOWS NT\USYBTND.EXE Dropper hash(md5): ab5dab9b95b114dee0fb060dff5b9628 Fix it immediately! UnHackMe removes malware invisible for your…

Continue reading

Trojan ( 0049a1a11 )

Trojan ( 0049a1a11 ) also known as DLOADER.Trojan, a variant of Win32/Fusing.CF, Trojan.Staser. Malware Analysis of Trojan ( 0049a1a11 ) – USYBTND.EXE Created files: %Program Files%\Windows NT\Usybtnd.exe Autostart registry keys: HKLM\System\CurrentControlSet\Services\Wsmnnh oryqjhhn\ImagePath: “%Program Files%\Windows NT\Usybtnd.exe” HKLM\System\CurrentControlSet\Services\Wsmnnh oryqjhhn\DisplayName: “Cwykqa yagasscc” Detected by UnHackMe: USYBTND.EXE Default location: %PROGRAM FILES%\WINDOWS NT\USYBTND.EXE Dropper hash(md5): ab5dab9b95b114dee0fb060dff5b9628 Fix it immediately! UnHackMe…

Continue reading

Trojan.GenericKD.1761213

Trojan.GenericKD.1761213 also known as Trojan.Staser, Trojan.Staser!. Malware Analysis of Trojan.GenericKD.1761213 – USYBTND.EXE Created files: %Program Files%\Windows NT\Usybtnd.exe Autostart registry keys: HKLM\System\CurrentControlSet\Services\Wsmnnh oryqjhhn\ImagePath: “%Program Files%\Windows NT\Usybtnd.exe” HKLM\System\CurrentControlSet\Services\Wsmnnh oryqjhhn\DisplayName: “Cwykqa yagasscc” Detected by UnHackMe: USYBTND.EXE Default location: %PROGRAM FILES%\WINDOWS NT\USYBTND.EXE Dropper hash(md5): ab5dab9b95b114dee0fb060dff5b9628 Fix it immediately! UnHackMe removes malware invisible for your antivirus!

DLOADER.Trojan

DLOADER.Trojan also known as Trojan.GenericKD.1761213, Trojan.Staser!, Trojan ( 0049a1a11 ). Malware Analysis of DLOADER.Trojan – USYBTND.EXE Created files: %Program Files%\Windows NT\Usybtnd.exe Autostart registry keys: HKLM\System\CurrentControlSet\Services\Wsmnnh oryqjhhn\ImagePath: “%Program Files%\Windows NT\Usybtnd.exe” HKLM\System\CurrentControlSet\Services\Wsmnnh oryqjhhn\DisplayName: “Cwykqa yagasscc” Detected by UnHackMe: USYBTND.EXE Default location: %PROGRAM FILES%\WINDOWS NT\USYBTND.EXE Dropper hash(md5): ab5dab9b95b114dee0fb060dff5b9628 Fix it immediately! UnHackMe removes malware invisible for your antivirus!

Trojan.Staser.Win32.931

Trojan.Staser.Win32.931 also known as Trojan.GenericKD.1761213, Trojan.GenericKD.1761213 (B), Trojan.Agent.QQGen. Malware Analysis of Trojan.Staser.Win32.931 – USYBTND.EXE Created files: %Program Files%\Windows NT\Usybtnd.exe Autostart registry keys: HKLM\System\CurrentControlSet\Services\Wsmnnh oryqjhhn\ImagePath: “%Program Files%\Windows NT\Usybtnd.exe” HKLM\System\CurrentControlSet\Services\Wsmnnh oryqjhhn\DisplayName: “Cwykqa yagasscc” Detected by UnHackMe: USYBTND.EXE Default location: %PROGRAM FILES%\WINDOWS NT\USYBTND.EXE Dropper hash(md5): ab5dab9b95b114dee0fb060dff5b9628 Fix it immediately! UnHackMe removes malware invisible for your antivirus!

Trojan.Staser!

Trojan.Staser! also known as Trojan.Agent.QQGen, Win32:Malware-gen. Malware Analysis of Trojan.Staser! – USYBTND.EXE Created files: %Program Files%\Windows NT\Usybtnd.exe Autostart registry keys: HKLM\System\CurrentControlSet\Services\Wsmnnh oryqjhhn\ImagePath: “%Program Files%\Windows NT\Usybtnd.exe” HKLM\System\CurrentControlSet\Services\Wsmnnh oryqjhhn\DisplayName: “Cwykqa yagasscc” Detected by UnHackMe: USYBTND.EXE Default location: %PROGRAM FILES%\WINDOWS NT\USYBTND.EXE Dropper hash(md5): ab5dab9b95b114dee0fb060dff5b9628 Fix it immediately! UnHackMe removes malware invisible for your antivirus!

Trojan.Win32.Staser.dbbxcv

Trojan.Win32.Staser.dbbxcv also known as Trojan.Staser!, Win32:Malware-gen, Trojan.Staser. Malware Analysis of Trojan.Win32.Staser.dbbxcv – USYBTND.EXE Created files: %Program Files%\Windows NT\Usybtnd.exe Autostart registry keys: HKLM\System\CurrentControlSet\Services\Wsmnnh oryqjhhn\ImagePath: “%Program Files%\Windows NT\Usybtnd.exe” HKLM\System\CurrentControlSet\Services\Wsmnnh oryqjhhn\DisplayName: “Cwykqa yagasscc” Detected by UnHackMe: USYBTND.EXE Default location: %PROGRAM FILES%\WINDOWS NT\USYBTND.EXE Dropper hash(md5): ab5dab9b95b114dee0fb060dff5b9628 Fix it immediately! UnHackMe removes malware invisible for your antivirus!

Trojan.Agent.QQGen

Trojan.Agent.QQGen also known as Trojan.Win32.Fusing.bCF, DLOADER.Trojan, Trojan ( 0049a1a11 ). Malware Analysis of Trojan.Agent.QQGen – USYBTND.EXE Created files: %Program Files%\Windows NT\Usybtnd.exe Autostart registry keys: HKLM\System\CurrentControlSet\Services\Wsmnnh oryqjhhn\ImagePath: “%Program Files%\Windows NT\Usybtnd.exe” HKLM\System\CurrentControlSet\Services\Wsmnnh oryqjhhn\DisplayName: “Cwykqa yagasscc” Detected by UnHackMe: USYBTND.EXE Default location: %PROGRAM FILES%\WINDOWS NT\USYBTND.EXE Dropper hash(md5): ab5dab9b95b114dee0fb060dff5b9628 Fix it immediately! UnHackMe removes malware invisible for your antivirus!

a variant of Win32/Fusing.CF

a variant of Win32/Fusing.CF also known as Trojan.GenericKD.1761213, Trojan.Staser!, Trojan.Win32.Fusing.bCF. Malware Analysis of a variant of Win32/Fusing.CF – USYBTND.EXE Created files: %Program Files%\Windows NT\Usybtnd.exe Autostart registry keys: HKLM\System\CurrentControlSet\Services\Wsmnnh oryqjhhn\ImagePath: “%Program Files%\Windows NT\Usybtnd.exe” HKLM\System\CurrentControlSet\Services\Wsmnnh oryqjhhn\DisplayName: “Cwykqa yagasscc” Detected by UnHackMe: USYBTND.EXE Default location: %PROGRAM FILES%\WINDOWS NT\USYBTND.EXE Dropper hash(md5): ab5dab9b95b114dee0fb060dff5b9628 Fix it immediately! UnHackMe removes malware invisible…

Continue reading

Trojan.GenericKD.1761213 (B)

Trojan.GenericKD.1761213 (B) also known as Agent4.BXJG, Trojan.GenericKD.1761213, Trojan.Staser!. Malware Analysis of Trojan.GenericKD.1761213 (B) – USYBTND.EXE Created files: %Program Files%\Windows NT\Usybtnd.exe Autostart registry keys: HKLM\System\CurrentControlSet\Services\Wsmnnh oryqjhhn\ImagePath: “%Program Files%\Windows NT\Usybtnd.exe” HKLM\System\CurrentControlSet\Services\Wsmnnh oryqjhhn\DisplayName: “Cwykqa yagasscc” Detected by UnHackMe: USYBTND.EXE Default location: %PROGRAM FILES%\WINDOWS NT\USYBTND.EXE Dropper hash(md5): ab5dab9b95b114dee0fb060dff5b9628 Fix it immediately! UnHackMe removes malware invisible for your antivirus!

Trojan.Win32.Fusing.bCF

Trojan.Win32.Fusing.bCF also known as Trojan.GenericKD.1761213, Trojan.Win32.Staser.dbbxcv, Trojan.GenericKD.1761213. Malware Analysis of Trojan.Win32.Fusing.bCF – USYBTND.EXE Created files: %Program Files%\Windows NT\Usybtnd.exe Autostart registry keys: HKLM\System\CurrentControlSet\Services\Wsmnnh oryqjhhn\ImagePath: “%Program Files%\Windows NT\Usybtnd.exe” HKLM\System\CurrentControlSet\Services\Wsmnnh oryqjhhn\DisplayName: “Cwykqa yagasscc” Detected by UnHackMe: USYBTND.EXE Default location: %PROGRAM FILES%\WINDOWS NT\USYBTND.EXE Dropper hash(md5): ab5dab9b95b114dee0fb060dff5b9628 Fix it immediately! UnHackMe removes malware invisible for your antivirus!

Trojan ( 050000001 )

Trojan ( 050000001 ) also known as Trojan.Win32.Staser.dbbxcv, Trojan.GenericKD.1761213, Trojan.GenericKD.1761213. Malware Analysis of Trojan ( 050000001 ) – USYBTND.EXE Created files: %Program Files%\Windows NT\Usybtnd.exe Autostart registry keys: HKLM\System\CurrentControlSet\Services\Wsmnnh oryqjhhn\ImagePath: “%Program Files%\Windows NT\Usybtnd.exe” HKLM\System\CurrentControlSet\Services\Wsmnnh oryqjhhn\DisplayName: “Cwykqa yagasscc” Detected by UnHackMe: USYBTND.EXE Default location: %PROGRAM FILES%\WINDOWS NT\USYBTND.EXE Dropper hash(md5): ab5dab9b95b114dee0fb060dff5b9628 Fix it immediately! UnHackMe removes malware invisible…

Continue reading

Trojan:Win32/Comitsproc

Trojan:Win32/Comitsproc also known as Trojan/Generic.dnjo, Trojan.Generic.5867893, TrojWare.Win32.Trojan.Agent.Gen. Malware Analysis of Trojan:Win32/Comitsproc – IL56NSE.EXE Created files: %WinDir%\il56nse.exe %WinDir%\il56nse.ini Autostart registry keys: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\il56nse: “%WinDir%\il56nse.exe” Detected by UnHackMe: IL56NSE.EXE Default location: %WinDir%\IL56NSE.EXE Dropper hash(md5): 388ef8417413feef5fb4175647ef82b6 Fix it immediately! UnHackMe removes malware invisible for your antivirus!

Trojan/Generic.dnjo

Trojan/Generic.dnjo also known as TR/VB.Downloader.Gen, W32/VBTrojan.17D2!Maximus. Malware Analysis of Trojan/Generic.dnjo – IL56NSE.EXE Created files: %WinDir%\il56nse.exe %WinDir%\il56nse.ini Autostart registry keys: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\il56nse: “%WinDir%\il56nse.exe” Detected by UnHackMe: IL56NSE.EXE Default location: %WinDir%\IL56NSE.EXE Dropper hash(md5): 388ef8417413feef5fb4175647ef82b6 Fix it immediately! UnHackMe removes malware invisible for your antivirus!

Trojan.DL.VB!8jrWePcS1hA

Trojan.DL.VB!8jrWePcS1hA also known as Trojan.Gen, Generic21.NEH, Trojan.Comitsproc.AA3. Malware Analysis of Trojan.DL.VB!8jrWePcS1hA – IL56NSE.EXE Created files: %WinDir%\il56nse.exe %WinDir%\il56nse.ini Autostart registry keys: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\il56nse: “%WinDir%\il56nse.exe” Detected by UnHackMe: IL56NSE.EXE Default location: %WinDir%\IL56NSE.EXE Dropper hash(md5): 388ef8417413feef5fb4175647ef82b6 Fix it immediately! UnHackMe removes malware invisible for your antivirus!

Trojan.Win32.VB

Trojan.Win32.VB also known as Trojan.Win32.VB!IK, WORM_AUTORUN.BMC, Trojan.Generic.5867893. Malware Analysis of Trojan.Win32.VB – IL56NSE.EXE Created files: %WinDir%\il56nse.exe %WinDir%\il56nse.ini Autostart registry keys: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\il56nse: “%WinDir%\il56nse.exe” Detected by UnHackMe: IL56NSE.EXE Default location: %WinDir%\IL56NSE.EXE Dropper hash(md5): 388ef8417413feef5fb4175647ef82b6 Fix it immediately! UnHackMe removes malware invisible for your antivirus!

W32/VB.AGWW!tr.dldr

W32/VB.AGWW!tr.dldr also known as TR/VB.Downloader.Gen, Artemis!388EF8417413, Trojan.Gen. Malware Analysis of W32/VB.AGWW!tr.dldr – IL56NSE.EXE Created files: %WinDir%\il56nse.exe %WinDir%\il56nse.ini Autostart registry keys: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\il56nse: “%WinDir%\il56nse.exe” Detected by UnHackMe: IL56NSE.EXE Default location: %WinDir%\IL56NSE.EXE Dropper hash(md5): 388ef8417413feef5fb4175647ef82b6 Fix it immediately! UnHackMe removes malware invisible for your antivirus!

a variant of Win32/TrojanDownloader.VB.PDC

a variant of Win32/TrojanDownloader.VB.PDC also known as Trojan.DownLoader2.14617, Trojan.Generic.5867893, Trojan.Comitsproc.AA3. Malware Analysis of a variant of Win32/TrojanDownloader.VB.PDC – IL56NSE.EXE Created files: %WinDir%\il56nse.exe %WinDir%\il56nse.ini Autostart registry keys: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\il56nse: “%WinDir%\il56nse.exe” Detected by UnHackMe: IL56NSE.EXE Default location: %WinDir%\IL56NSE.EXE Dropper hash(md5): 388ef8417413feef5fb4175647ef82b6 Fix it immediately! UnHackMe removes malware invisible for your antivirus!

Trojan.Comitsproc.AA3

Trojan.Comitsproc.AA3 also known as Trojan.Win32.VB, Trojan.Generic.5867893, Trojan.Generic.5867893. Malware Analysis of Trojan.Comitsproc.AA3 – IL56NSE.EXE Created files: %WinDir%\il56nse.exe %WinDir%\il56nse.ini Autostart registry keys: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\il56nse: “%WinDir%\il56nse.exe” Detected by UnHackMe: IL56NSE.EXE Default location: %WinDir%\IL56NSE.EXE Dropper hash(md5): 388ef8417413feef5fb4175647ef82b6 Fix it immediately! UnHackMe removes malware invisible for your antivirus!