WKOCFFMPAI.EXE is Fake System Tools
Alex NightWatcher: Solved! Fix it immediately: The file WKOCFFMPAI.EXE is a part of Fake System Tools software. You must delete the file WKOCFFMPAI.EXE immediately! Delete the file WKOCFFMPAI.EXE without delay! Kill the process WKOCFFMPAI.EXE and remove WKOCFFMPAI.EXE from the Windows startup. Malware Analysis of WKOCFFMPAI.EXE Full path on a computer: %Common Appdata%\WKocfFMPaI.exe Detected by UnHackMe: [...]
Removal Tool
Windows XP Repair – Fake System Tool
Alex NightWatcher: Solved! Fix it immediately: The file GrTa4xSRzsUNFtdK.exe is a part of Fake System software. You must delete the file GrTa4xSRzsUNFtdK.exe immediately! Delete the file GrTa4xSRzsUNFtdK.exe without delay! Kill the process GrTa4xSRzsUNFtdK.exe and remove GrTa4xSRzsUNFtdK.exe from the Windows startup. Malware Analysis of “Windows XP Repair” Executed: payload_unpacked_cryptor_upx.exe Removed: GrTa4xSRzsUNFtdK.exe. Full path: C:\Documents and Settings\All [...]
Removal Tool
Windows XP Recovery – Fake System Tool
Alex NightWatcher: Solved! Fix it immediately: The Windows XP Recovery is a Fake System software. You must delete the Windows XP Recovery immediately! Delete the Windows XP Recovery without delay! Kill the Windows XP Recovery and remove Windows XP Recovery from the Windows startup. Malware Analysis of “Windows XP Recovery” Executed: VHCnUjkqcwhmNay.exe Removed: VHCnUjkqcwhmNay.exe. Full [...]
Removal Tool
Fake System Tools “Windows Restore”
Alex NightWatcher: Solved! Fix it immediately: The “Windows Restore” is a part of Fake System Tools software. You must delete the “Windows Restore” immediately! Malware Analysis of Fake System Tools “Windows Restore” Executed: 496-new2.exe Removed: WTyVDJpaBGULUR.exe. Full path: C:\Documents and Settings\All Users\Application Data\WTyVDJpaBGULUR.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: WTyVDJpaBGULUR Author: GPA Related File: C:\DOCUMENTS [...]
Removal Tool
Fake System Tools “Windows Fix Disk”
Alex NightWatcher: Solved! Fix it immediately: The file Windows Fix Disk is a part of Fake System Tools software. You must delete the file Windows Fix Disk immediately! Delete the file Windows Fix Disk without delay! Kill the process Windows Fix Disk and remove Windows Fix Disk from the Windows startup. Malware Analysis of Fake [...]
Removal Tool
Removed: gtwtmXEFyDc8n.exe, MuXTvpYRmxcx.exe (Fake System Tool – Windows Disk)
Alex NightWatcher: Solved! Fix it immediately: Malware: MuXTvpYRmxcx.exe Removed: C:\Documents and Settings\All Users\Application Data\gtwtmXEFyDc8n.exe C:\Documents and Settings\All Users\Application Data\MuXTvpYRmxcx.exe —————————————————————————————————————————- Detected by RegRun Warrior: 1. RegRun Reanimator: Item Name: MuXTvpYRmxcx.exe Author: imgs Related File: C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\MUXTVPYRMXCX.EXE Type: Registry Run Item Name: gtwtmXEFyDc8n Author: WISC Related File: C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\GTWTMXEFYDC8N.EXE Type: [...]
Removal Tool
Removed: C:\Documents and Settings\All Users\Application Data\39A80W39.exe (Fake System Tool – Win Disk)
Alex NightWatcher: Solved! Fix it immediately: Malware: Mo7JnMwjh3rVqS.exe Removed: C:\Documents and Settings\All Users\Application Data\39A80W39.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: 39A80W39 Author: Unknown Related File: C:\DOCUME~1\ALLUSE~1\APPLIC~1\39A80W39.EXE Type: Registry Run Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\39A80W39 Value: “C:\DOCUME~1\ALLUSE~1\APPLIC~1\39A80W39.exe” Folders: C:\Documents and Settings\Administrator\Start Menu\Programs\Win Disk Files: C:\Documents [...]
Removal Tool
Removed: JesaaUOruapG.exe, pR0BzemaG2.exe (Fake System Tool – Windows Scan)
Alex NightWatcher: Solved! Fix it immediately: Malware: C:\sand-box\setup.exe Removed: C:\Documents and Settings\All Users\Application Data\JesaaUOruapG.exe C:\Documents and Settings\All Users\Application Data\pR0BzemaG2.exe —————————————————————————————————————————- Detected by RegRun Warrior: 1. RegRun Reanimator: Item Name: JesaaUOruapG.exe Author: imgs Related File: C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\JESAAUORUAPG.EXE Type: Registry Run Item Name: pR0BzemaG2 Author: WISC Related File: C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\PR0BZEMAG2.EXE Type: [...]
Removal Tool
Removed: eCKfEsOtOABG.exe, GjrXzB6l1LFXg.exe; Restored: C:\WINDOWS\SYSTEM32\DRIVERS\VOLSNAP.SYS (Fake System Tools – Windows Scan, rootkit Pragma)
Alex NightWatcher: Solved! Fix it immediately: Malware: 9dcaf5646b1a4397363ce703a0ce028e.exe Removed: C:\Documents and Settings\All Users\Application Data\eCKfEsOtOABG.exe C:\Documents and Settings\All Users\Application Data\GjrXzB6l1LFXg.exe Restored: C:\WINDOWS\SYSTEM32\DRIVERS\VOLSNAP.SYS —————————————————————————————————————————- Detected by RegRun Warrior: 1. RegRun Reanimator: Item Name: volsnap.sys Author: Unknown Related File: C:\WINDOWS\SYSTEM32\DRIVERS\VOLSNAP.SYS Type: System Drivers Infected by Rootkit Item Name: eCKfEsOtOABG.exe Author: IECorp Related File: C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\ECKFESOTOABG.EXE [...]
Removal Tool
Removed: C:\Documents and Settings\Administrator\Application Data\protect.exe (FakeAV – Microsoft Security Essentials Alert, Fake System Tool – Windows Optimization Center)
Alex NightWatcher: Solved! Fix it immediately: Malware: C:\sand-box\73a745d4fac9ab1b2a750c2689ae0d65.exe Removed: C:\Documents and Settings\Administrator\Application Data\protect.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: shell Author: Unknown Related File: C:\Documents and Settings\Administrator\Application Data\protect.exe Type: User Shell Item Name: protect.exe Author: Unknown Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\PROTECT.EXE Type: Running Processes Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to [...]
Removal Tool
Removed: 9Z4BSn5t9.exe, VkhJcxPIEQM.exe (Fake System Tool – Fix HDD)
Alex NightWatcher: Solved! Fix it immediately: Malware: C:\sand-box\movie.exe Removed: C:\Documents and Settings\All Users\Application Data\9Z4BSn5t9.exe C:\Documents and Settings\All Users\Application Data\VkhJcxPIEQM.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: VkhJcxPIEQM.exe Author: Uint Corp Related File: C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\VKHJCXPIEQM.EXE Type: Registry Run Item Name: 9Z4BSn5t9 Author: Related File: C:\DOCUME~1\ALLUSE~1\APPLIC~1\9Z4BSn5t9.exe Type: Registry Run Item Name: R9PixSjmq2GO3 Author: SDHDD Related [...]
Removal Tool
Removed: BS8ZWB6SOka969Db.exe, CvMMcsnbGpjQKX.exe (Fake System Tool – Ease Scan)
Alex NightWatcher: Solved! Fix it immediately: Malware: C:\sand-box\readme.exe Removed: C:\Documents and Settings\All Users\Application Data\BS8ZWB6SOka969Db.exe C:\Documents and Settings\All Users\Application Data\CvMMcsnbGpjQKX.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: CvMMcsnbGpjQKX.exe Author: msql software Related File: C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\CVMMCSNBGPJQKX.EXE Type: Registry Run Item Name: BS8ZWB6SOka969Db Author: Related File: C:\DOCUME~1\ALLUSE~1\APPLIC~1\BS8ZWB6SOka969Db.exe Type: Registry Run Item Name: TzmrJbPj Author: mdisk Corp [...]
Removal Tool
Removed: 29859.exe, ElkTBhTOiqUEWYN.exe (Fake System Tool – Scanner)
Alex NightWatcher: Solved! Fix it immediately: Malware: krezaskpy.exe Removed: C:\Documents and Settings\Administrator\Local Settings\Temp\29859.exe C:\Documents and Settings\Administrator\Local Settings\Temp\ElkTBhTOiqUEWYN.exe —————————————————————————————————————————- Detected by RegRun Reanimator: Item Name: ElkTBhTOiqUEWYN.exe Author: iWin software Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\ELKTBHTOIQUEWYN.EXE Type: Registry Run Item Name: 29859 Author: HDD Corporation Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\29859.EXE Type: Registry Run Item Name: 29859.exe Author: HDD Corporation Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\29859.EXE [...]
Removal Tool
Removed: 35968.exe, CobInVfBVF.exe (Fake System Tool – Win Defragmenter)
Alex NightWatcher: Solved! Fix it immediately: Malware: xl.exe Removed: C:\Documents and Settings\Administrator\Local Settings\Temp\35968.exe C:\Documents and Settings\Administrator\Local Settings\Temp\CobInVfBVF.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: CobInVfBVF.exe Author: Microsoft Corporation Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\COBINVFBVF.EXE Type: Registry Run Item Name: 35968 Author: Microsoft Corporation Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\35968.EXE Type: Registry Run Item Name: 35968.exe Author: Microsoft Corporation Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\35968.EXE Type: [...]
Removal Tool
Removed: n26Uq4vlIB.exe, ykAGlpHBmWgv.exe, ad3dpi.dll (Fake System Tool – Win Scanner)
Alex NightWatcher: Solved! Fix it immediately: Malware: exe(2).exe Removed: C:\Documents and Settings\All Users\Application Data\n26Uq4vlIB.exe C:\Documents and Settings\All Users\Application Data\ykAGlpHBmWgv.exe C:\WINDOWS\ad3dpi.dll —————————————————————————————————————————- Detected by RegRun Warrior: 1. RegRun Reanimator: Item Name: Pvesodurexur Author: Related File: C:\WINDOWS\AD3DPI.DLL Type: Registry Run Item Name: ykAGlpHBmWgv.exe Author: iWin software Related File: C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\YKAGLPHBMWGV.EXE Type: Registry Run Item [...]
Removal Tool
Removed: 3lucia.exe (trojan FakeMSN)
Alex NightWatcher: Solved! Fix it immediately: Malware: C:\sand-box\3lucia.exe Removed: C:\sand-box\3lucia.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: msne Author: Microsoft Corporation Related File: C:\SAND-BOX\3LUCIA.EXE Type: Registry Run Item Name: 3lucia.exe Author: Microsoft Corporation Related File: C:\SAND-BOX\3LUCIA.EXE Type: Running Processes Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly detect malware presence? Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\msne Value: [...]
Removal Tool
Removed: 28703.exe, WEPvYsDxdn.exe, wmanashg.dll (trojan Hiloti, fake system tool – Smart HDD)
Alex NightWatcher: Solved! Fix it immediately: Malware: exe.exe Removed: C:\Documents and Settings\Administrator\Local Settings\Temp\28703.exe C:\Documents and Settings\Administrator\Local Settings\Temp\WEPvYsDxdn.exe C:\WINDOWS\wmanashg.dll —————————————————————————————————————————- Detected by UnHackMe: Item Name: Pvesodurexur Author: Progressive Networks Related File: C:\WINDOWS\WMANASHG.DLL Type: Registry Run Item Name: WEPvYsDxdn.exe Author: secdot Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\WEPVYSDXDN.EXE Type: Registry Run Item Name: 28703.exe Author: HdddiskUtilities Corporation Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\28703.EXE Type: [...]
Removal Tool
Removed: 30937.exe, hmouHopOSV.exe (Fake System Tool – Hard Drive Diagnostic)
Alex NightWatcher: Solved! Fix it immediately: Malware: C:\sand-box\hmouHopOSV.exe Removed: C:\Documents and Settings\Administrator\Local Settings\Temp\30937.exe C:\Documents and Settings\Administrator\Local Settings\Temp\hmouHopOSV.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: hmouHopOSV.exe Author: Unknown Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\HMOUHOPOSV.EXE Type: Registry Run Item Name: 30937 Author: Unknown Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\30937.EXE Type: Registry Run Item Name: 30937.exe Author: Unknown Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\30937.EXE Type: Running Processes Removal [...]
Removal Tool
Removed: 30609.exe, IGwqNKmplw.exe (Fake System Tool – HDD Diagnostic)
Alex NightWatcher: Solved! Fix it immediately: Malware: file.exe Removed: C:\Documents and Settings\Administrator\Local Settings\Temp\30609.exe C:\Documents and Settings\Administrator\Local Settings\Temp\IGwqNKmplw.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: IGwqNKmplw.exe Author: MEDIA Corporation Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\IGWQNKMPLW.EXE Type: Registry Run Item Name: 30609 Author: HDD Corporation Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\30609.EXE Type: Registry Run Item Name: 30609.exe Author: Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\30609.EXE Type: Running Processes [...]
Removal Tool
