QQLIVE.EXE is Trojan QQPass
The file QQLIVE.EXE is identified as the Trojan Program that is used for stealing bank information and users passwords.
To delete QQLIVE.EXE we suggest you should use UnHackMe:
http://www.unhackme.com
Malware Analysis of QQLIVE.EXE
Full path on a computer: C:\ProgramData\Microsoft\Windows\QQlive.exe
Detected by RegRun Warrior:
Item Name: AudioSvc
Author: Unknown
Related File: C:\PROGRAMDATA\MICROSOFT\WINDOWS\UDPSKE.DLL
Type: Svchost DLLs
Item Name: UDPService
Author: Unknown
Related File: C:\PROGRAMDATA\MICROSOFT\WINDOWS\SERVICESZBD.DLL
Type: Svchost DLLs
Item Name: TCPSrv
Author:
Related File: C:\ProgramData\Microsoft\Windows\Docxoy.dll
Type: Svchost DLLs
Item Name: WNetService
Author:
Related File: C:\ProgramData\Microsoft\Windows\Procnnl.dll
Type: Svchost DLLs
Item Name: W32Svc
Author:
Related File: C:\ProgramData\Microsoft\Windows\Sessionpnx.dll
Type: Svchost DLLs
Item Name: DHCPServ
Author:
Related File: C:\ProgramData\Microsoft\Windows\Sunbjl.dll
Type: Svchost DLLs
Item Name: UDPSrv
Author: Unknown
Related File: C:\PROGRAMDATA\MICROSOFT\WINDOWS\NETCC324.DLL
Type: Svchost DLLs
Removal Results: Success
Number of reboot: 1
QQLIVE.EXE is known as:
Trojan.QQPass
QQLIVE.EXE hash:
- MD5: 5e95e6131ff0e79ad5df107db915760c
Registry:- HKLM\System\CurrentControlSet\Services\AudioSvc\Parameters\ServiceDll: C:\PROGRAMDATA\MICROSOFT\WINDOWS\UDPSKE.DLL
- HKLM\System\CurrentControlSet\Services\DHCPServ\Parameters\ServiceDll: C:\ProgramData\Microsoft\Windows\Sunbjl.dll
- HKLM\System\CurrentControlSet\Services\TCPSrv\Parameters\ServiceDll: C:\ProgramData\Microsoft\Windows\Docxoy.dll
- HKLM\System\CurrentControlSet\Services\UDPService\Parameters\ServiceDll: C:\PROGRAMDATA\MICROSOFT\WINDOWS\SERVICESZBD.DLL
- HKLM\System\CurrentControlSet\Services\UDPSrv\Parameters\ServiceDll: C:\PROGRAMDATA\MICROSOFT\WINDOWS\NETCC324.DLL
- HKLM\System\CurrentControlSet\Services\W32Svc\Parameters\ServiceDll: C:\ProgramData\Microsoft\Windows\Sessionpnx.dll
- HKLM\System\CurrentControlSet\Services\WNetService\Parameters\ServiceDll: C:\ProgramData\Microsoft\Windows\Procnnl.dll
Folders:- C:\ProgramData
- C:\ProgramData\Microsoft
- C:\ProgramData\Microsoft\Windows
- C:\ProgramData\Microsoft\Windows\Common
Files:- C:\ProgramData\Microsoft\Windows\NetCC324.dll
- C:\ProgramData\Microsoft\Windows\QQlive.exe
- C:\ProgramData\Microsoft\Windows\Serviceszbd.dll
- C:\ProgramData\Microsoft\Windows\UDPske.dll
Recommended: UnHackMe anti-rootkit and anti-malware
Premium software: RegRun Security Suite (Good choice for removal and protection)
