KDE.EXE – KeyLogger Ardamax

The file KDE.EXE is malware related. You must delete the file KDE.EXE immediately! Delete the file KDE.EXE without delay! Kill the process KDE.EXE and remove KDE.EXE from the Windows startup. Malware Analysis of “KDE.EXE” Executed: server.exe Removed: KDE.exe. Full path: C:\WINDOWS\system32\AYXECD\KDE.exe Detected by UnHackMe: – none – After first reboot detected by UnHackMe: Item Name: […]
More…

HBLITESA.EXE – adware HotBar

We received the file HBLITESA.EXE and detected that HBLITESA.EXE is not good. HBLITESA.EXE is Adware. You should remove the file HBLITESA.EXE. Kill the process HBLITESA.EXE and remove HBLITESA.EXE from Windows. Malware Analysis of “HBLITESA.EXE” Executed: BA2877A1BC40C0508F5C7D37E436E0D4.exe Full path: %ProgramFiles%\HBLite\bin\11.0.363.0\HBLiteSA.exe HBLITESA.EXE is known as: Adware.Win32.HotBar HBLITESA.EXE hash: MD5: df8ed4f27622dbbb8f25617658ae1a7f SHA1: fc257950a2a12a994c4234b17b874dc738ddce09 How to quickly detect HBLITESA.EXE […]
More…

MIDISAPPE.DLL – trojan Invader

Is the file MIDISAPPE.DLL located on your computer? Then your computer is infected. We do suggest you should remove MIDISAPPE.DLL from your computer as soon as possible. MIDISAPPE.DLL is Trojan/Backdoor. Kill the process MIDISAPPE.DLL and remove MIDISAPPE.DLL from the Windows startup. Malware Analysis of “MIDISAPPE.DLL” Executed: 2211.exe Full path: %System%\midisappe.dll MIDISAPPE.DLL is known as: Trojan.Hider, […]
More…

SCANQUERY.DLL – adware Zwang

We received the file SCANQUERY.DLL and detected that SCANQUERY.DLL is not good. SCANQUERY.DLL is Adware. You should remove the file SCANQUERY.DLL. Kill the process SCANQUERY.DLL and remove SCANQUERY.DLL from Windows. Malware Analysis of “SCANQUERY.DLL” Full path: %ProgramFiles%\ScanQuery\scanquery.dll SCANQUERY.DLL is known as: Adware.Zwang, Adware.Onestepsearch SCANQUERY.DLL hash: MD5: 869a30b3137799c66ad1355cb7175d5 SHA1: b3bce4fad71b6aad6e4a2ad953aae4f89ba1754 How to quickly detect SCANQUERY.DLL presence?  […]
More…

PROFILINSTYLIN.DLL – adware

We received the file PROFILINSTYLIN.DLL and detected that PROFILINSTYLIN.DLL is not good. PROFILINSTYLIN.DLL is Adware. You should remove the file PROFILINSTYLIN.DLL. Kill the process PROFILINSTYLIN.DLL and remove PROFILINSTYLIN.DLL from Windows. Malware Analysis of “PROFILINSTYLIN.DLL” Executed: FreeCodec.exe Full path: %ProgramFiles%\profilinstylin\profilinstylin.dll PROFILINSTYLIN.DLL is known as: New Adware PROFILINSTYLIN.DLL hash: MD5: 0d56100faa2e765f70b9c203ec543f9 SHA1: bc6a13c38c174fe0f1919a92a0fe7125e9b1fc6 How to quickly detect […]
More…

METUSBOT.EXE – trojan Veebuu

The file METUSBOT.EXE is malware related. You must delete the file METUSBOT.EXE immediately! Delete the file METUSBOT.EXE without delay! Kill the process METUSBOT.EXE and remove METUSBOT.EXE from the Windows startup. Malware Analysis of “METUSBOT.EXE” Executed: metusbot.exe Removed: metusbot.exe. Full path: %WinDir%\Config\metusbot.exe Detected by UnHackMe: Item Name: metusbot.exe Author: Related File: %WinDir%\CONFIG\METUSBOT.EXE Type: Registry Run Removal […]
More…

MSTWAIN32.EXE – backdoor Turkojan

The program MSTWAIN32.EXE is used for hidden penetration into PC and its remote administration. UnHackMe is recommended as a reliable program for solving the problem with MSTWAIN32.EXE. Download for free: http://www.unhackme.com Malware Analysis of “MSTWAIN32.EXE” Executed: screensavers.exe Removed: mstwain32.exe. Full path: %WinDir%\mstwain32.exe Detected by UnHackMe: Item Name: mstwain32.exe Author: Unknown Related File: %WinDir%\MSTWAIN32.EXE Type: Running […]
More…

JAVAXPP.EXE – backdoor Bifrose

The program JAVAXPP.EXE is used for hidden penetration into PC and its remote administration. UnHackMe is recommended as a reliable program for solving the problem with JAVAXPP.EXE. Download for free: http://www.unhackme.com Malware Analysis of “JAVAXPP.EXE” Executed: 9.exe Removed: javaxpp.exe. Full path: %SysDir%\javax\javaxpp.exe JAVAXPP.EXE is known as: Win32.Trojan.Bifrose JAVAXPP.EXE hash: MD5: 06552e17b15862aff4cb1ef7ad3cade SHA1: fa6f9a02729d0b310ff5756604e4dd58eea6b10 How to […]
More…

CATROOT3.EXE – backdoor Bifrost

The program CATROOT3.EXE is used for hidden penetration into PC and its remote administration. UnHackMe is recommended as a reliable program for solving the problem with CATROOT3.EXE. Download for free: http://www.unhackme.com Malware Analysis of “CATROOT3.EXE” Executed: ilham.jpg.exe Removed: catroot3.exe. Full path: %SysDir%\catroot3\catroot3.exe Detected by UnHackMe: Item Name: {ADEDA5DB-3F1B-FDF4-F0FF-F68F47B6D4FC} Author: Unknown Related File: %SYSDIR%\CATROOT3\CATROOT3.EXE Type: ActiveSetup […]
More…

SYS.EXE – backdoor Xtrat

The program SYS.EXE is used for hidden penetration into PC and its remote administration. UnHackMe is recommended as a reliable program for solving the problem with SYS.EXE. Download for free: http://www.unhackme.com Malware Analysis of “SYS.EXE” Executed: kiss.exe Removed: sys.exe. Full path: %WinDir%\sys32\sys.exe Detected by UnHackMe: Item Name: {2Q2MYJ47-J41F-A325-PS3V-D0735R42TX5O} Author: Cvn Related File: %WinDir%\SYS32\SYS.EXE Type: ActiveSetup […]
More…

AUDIOHDN.EXE – worm Ainslot

The file AUDIOHDN.EXE is a computer worm. The worm AUDIOHDN.EXE is a self-replicating malicious program, which uses a computer network to send copies of itself to other computers. You must fix the AUDIOHDN.EXE problem as soon as possible! Delete the file AUDIOHDN.EXE from all infected computers in your network. Set up your network firewall against […]
More…

JAIVAI.EXE – backdoor Bifrose

The program JAIVAI.EXE is used for hidden penetration into PC and its remote administration. UnHackMe is recommended as a reliable program for solving the problem with JAIVAI.EXE. Download for free: http://www.unhackme.com Malware Analysis of “JAIVAI.EXE” Executed: 13.exe Removed: jaivai.exe. Full path: %SysDir%\jaivaa\jaivai.exe JAIVAI.EXE is known as: BackDoor.Bifrose, Trojan.Win32.Refroso JAIVAI.EXE hash: MD5: 2dba056178df3866e01e67ee5bc424c SHA1: 0bf1c73dda92875853e0792b4799ca8ad37d8cb How […]
More…

DLLLHOST.EXE – trojan VBChuchelo

We checked up the file DLLLHOST.EXE and found it hazardous. The file DLLLHOST.EXE must be deleted from the system immediately. Kill the process DLLLHOST.EXE and remove DLLLHOST.EXE from the Windows startup. Malware Analysis of “DLLLHOST.EXE” Executed: 4015474.exe Removed: dlllhost.exe. Full path: %WinDir%\dlllhost.exe Detected by UnHackMe: Item Name: Winupdate Author: Related File: %WinDir%\DLLLHOST.EXE Type: Registry Run […]
More…

LBTSERV.EXE – backdoor IRCBot

The program LBTSERV.EXE is used for hidden penetration into PC and its remote administration. UnHackMe is recommended as a reliable program for solving the problem with LBTSERV.EXE. Download for free: http://www.unhackme.com Malware Analysis of “LBTSERV.EXE” Executed: oo.exe Removed: LBTServ.exe. Full path: %SysDir%\LBTServ.exe Detected by UnHackMe: Item Name: Microsoft Driver Setup Author: Logitech, Inc. Related File: […]
More…

WIZPOP_HELPER.DLL – adware WizPop

We received the file WIZPOP_HELPER.DLL and detected that WIZPOP_HELPER.DLL is not good. WIZPOP_HELPER.DLL is Adware. You should remove the file WIZPOP_HELPER.DLL. Kill the process WIZPOP_HELPER.DLL and remove WIZPOP_HELPER.DLL from Windows. Malware Analysis of “WIZPOP_HELPER.DLL” Executed: wizpop_renew.exe Removed: WizPop_Helper.dll. Full path: %Program Files%\WizPop\WizPop_Helper.dll Detected by UnHackMe: Item Name: {6C9DAB8A-6137-4371-AA5C-328535084E5E} Author: Wizpop Related File: %PROGRAM FILES%\WIZPOP\WIZPOP_HELPER.DLL Type: […]
More…

SMWIDGDLL.DLL – adware Kraddare

We received the file SMWIDGDLL.DLL and detected that SMWIDGDLL.DLL is not good. SMWIDGDLL.DLL is Adware. You should remove the file SMWIDGDLL.DLL. Kill the process SMWIDGDLL.DLL and remove SMWIDGDLL.DLL from Windows. Malware Analysis of “SMWIDGDLL.DLL” Executed: smwidgins.exe Removed: smwidgdll.dll. Full path: %Program Files%\SMS1000\Widget\smwidgdll.dll Detected by UnHackMe: Item Name: {3C40B03D-4A01-4941-9501-7FB6F372F4F2} Author: Related File: C:\PROGRA~1\SMS1000\WIDGET\SMWIDG~1.DLL Type: Browser Helper […]
More…

SVOHCST.EXE – trojan QQPass

The file SVOHCST.EXE is malware related. You must delete the file SVOHCST.EXE immediately! Delete the file SVOHCST.EXE without delay! Kill the process SVOHCST.EXE and remove SVOHCST.EXE from the Windows startup. Malware Analysis of “SVOHCST.EXE” Executed: calc.exe Removed: svohcst.exe. Full path: C:\mxd\svohcst.exe Detected by UnHackMe: Item Name: mxd Author: Unknown Related File: C:\MXD\SVOHCST.EXE Type: Registry Run […]
More…

SIDETAB.DLL – adware SideTab

We received the file SIDETAB.DLL and detected that SIDETAB.DLL is not good. SIDETAB.DLL is Adware. You should remove the file SIDETAB.DLL. Kill the process SIDETAB.DLL and remove SIDETAB.DLL from Windows. Malware Analysis of “SIDETAB.DLL” Executed: sidetab_st48.exe Removed: SideTab.dll. Full path: %Program Files%\SideTab\SideTab.dll Detected by UnHackMe: SIDETAB.DLL Default location: %PROGRAM FILES%\SIDETAB\SIDETAB.DLL MD5: 7E1271A61BB6AA272C7863B342EC07B5 SHA1: 38B51B48 1BD3C95B […]
More…

CUNT.EXE – trojan Ircbrute

The file CUNT.EXE is malware related. You must delete the file CUNT.EXE immediately! Delete the file CUNT.EXE without delay! Kill the process CUNT.EXE and remove CUNT.EXE from the Windows startup. Malware Analysis of “CUNT.EXE” Executed: arb.exe Removed: cunt.exe. Full path: C:\Documents and Settings\Administrator\Application Data\cunt.exe Detected by UnHackMe: Item Name: Run32.dll Author: Eduardo Presbyterian Gallagher Natalie […]
More…

BOANCLEAR.EXE – Fake AntiVirus BoanClear

The file BOANCLEAR.EXE is a part of Fake Antiviral software. You must delete the file BOANCLEAR.EXE immediately! Delete the file BOANCLEAR.EXE without delay! Kill the process BOANCLEAR.EXE and remove BOANCLEAR.EXE from the Windows startup. Malware Analysis of “BOANCLEAR.EXE” Executed: boanclear_evidence_s.exe Removed: BoanClear.exe. Full path: C:\Program Files\BoanClear\BoanClear.exe Detected by UnHackMe: Item Name: BoanClear Author: ??????? Related […]
More…

SAFEGREEN.EXE – Fake AntiVirus SafeGreen

The file SAFEGREEN.EXE is a part of Fake Antiviral software. You must delete the file SAFEGREEN.EXE immediately! Delete the file SAFEGREEN.EXE without delay! Kill the process SAFEGREEN.EXE and remove SAFEGREEN.EXE from the Windows startup. Malware Analysis of “SAFEGREEN.EXE” Executed: safegreen_sailor_s.exe Removed: SafeGreen.exe. Full path: C:\Program Files\SafeGreen\SafeGreen.exe Detected by UnHackMe: Item Name: SafeGreen Author: ????? Related […]
More…

IWI.EXE – backdoor Ruskill

The program IWI.EXE is used for hidden penetration into PC and its remote administration. UnHackMe is recommended as a reliable program for solving the problem with IWI.EXE. Download for free: http://www.unhackme.com Malware Analysis of “IWI.EXE” Executed: facebook-pic0057484-JPG.exe Removed: iwi.exe. Full path: C:\Documents and Settings\Administrator\Local Settings\Temp\iwi.exe Detected by UnHackMe: Item Name: Java Update Manager Author: Related […]
More…

LAESS.EXE – trojan OnLineGames

The file LAESS.EXE is malware related. You must delete the file LAESS.EXE immediately! Delete the file LAESS.EXE without delay! Kill the process LAESS.EXE and remove LAESS.EXE from the Windows startup. Malware Analysis of “LAESS.EXE” Executed: tw1121.exe Removed: laess.exe. Full path: C:\laess.exe Detected by UnHackMe: Item Name: cao Author: Unknown Related File: C:\LAESS.EXE Type: Registry RunOnce […]
More…

HXZQZX.EXE – worm Dorkbot

The file HXZQZX.EXE is a computer worm. The worm HXZQZX.EXE is a self-replicating malicious program, which uses a computer network to send copies of itself to other computers. You must fix the HXZQZX.EXE problem as soon as possible! Delete the file HXZQZX.EXE from all infected computers in your network. Set up your network firewall against […]
More…

FRIENDS.EXE – virus CeeInject

The file FRIENDS.EXE is malware related. You must delete the file FRIENDS.EXE immediately! Delete the file FRIENDS.EXE without delay! Kill the process FRIENDS.EXE and remove FRIENDS.EXE from the Windows startup. Malware Analysis of “FRIENDS.EXE” Executed: Removed: Friends.exe. Full path: C:\Documents and Settings\Administrator\Local Settings\Temp\Friends.exe Detected by UnHackMe: Item Name: Srvhost.exe Author: Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\FRIENDS.EXE Type: Explorer […]
More…

BULLSHS.EXE – adware Kraddare

We received the file BULLSHS.EXE and detected that BULLSHS.EXE is not good. BULLSHS.EXE is Adware. You should remove the file BULLSHS.EXE. Kill the process BULLSHS.EXE and remove BULLSHS.EXE from Windows. Malware Analysis of “BULLSHS.EXE” Executed: bullshv.exe Removed: bullshs.exe. Full path: C:\Documents and Settings\Administrator\Application Data\bullshs.exe Detected by UnHackMe: Item Name: bullsht Author: Unknown Related File: C:\DOCUMENTS […]
More…

CZH6AFJ71B.EXE – worm Ainslot

The file CZH6AFJ71B.EXE is a computer worm. The worm CZH6AFJ71B.EXE is a self-replicating malicious program, which uses a computer network to send copies of itself to other computers. You must fix the CZH6AFJ71B.EXE problem as soon as possible! Delete the file CZH6AFJ71B.EXE from all infected computers in your network. Set up your network firewall against […]
More…

WINIPCFG32.EXE – trojan VBKrypt

We checked some samples of WINIPCFG32.EXE and detected the file WINIPCFG32.EXE as threat. Remove the WINIPCFG32.EXE file from your computer right now. Removal tool: http://www.unhackme.com Malware Analysis of “WINIPCFG32.EXE” Executed: winipcfg32.exe Removed: winipcfg32.exe. Full path: C:\Documents and Settings\Administrator\Application Data\winipcfg32.exe Detected by RegRun Warrior: 1. RegRun Reanimator: Item Name: winipcfg32 Author: XZJAPHFBVLJUEDFGAVEOHNI Related File: C:\DOCUMENTS AND […]
More…

SYSDAIG64.EXE – trojan Smalldoor

We checked up the file SYSDAIG64.EXE and found it hazardous. The file SYSDAIG64.EXE must be deleted from the system immediately. Kill the process SYSDAIG64.EXE and remove SYSDAIG64.EXE from the Windows startup. Malware Analysis of “SYSDAIG64.EXE” Executed: a.exe Removed: sysdaig64.exe. Full path: C:\WINDOWS\system32\sysdaig64.exe Detected by UnHackMe: Item Name: {61A94B5C-AE68-BBFD-4DF4-6FA443CC9BBC} Author: Related File: C:\WINDOWS\SYSTEM32\SYSDAIG64.EXE Type: ActiveSetup Item […]
More…

7C9CR2A.EXE – trojan VB

We checked up the file 7C9CR2A.EXE and found it hazardous. The file 7C9CR2A.EXE must be deleted from the system immediately. Kill the process 7C9CR2A.EXE and remove 7C9CR2A.EXE from the Windows startup. Malware Analysis of “7C9CR2A.EXE” Executed: 7c9cr2a.exe Removed: 7c9cr2a.exe. Full path: %AppData%\7c9cr2a.exe 7C9CR2A.EXE is known as: Trojan.Win32.VB 7C9CR2A.EXE hash: MD5: 0fc638ed10c880860b7e27280993919 SHA1: 1188e9a0514460998a93649d197c27de6eadcf3 How to […]
More…

SYSTEMCLEANER.EXE – adware SystemPro2011

We received the file SYSTEMCLEANER.EXE and detected that SYSTEMCLEANER.EXE is not good. SYSTEMCLEANER.EXE is Adware. You should remove the file SYSTEMCLEANER.EXE. Kill the process SYSTEMCLEANER.EXE and remove SYSTEMCLEANER.EXE from Windows. Malware Analysis of “SYSTEMCLEANER.EXE” Executed: systemcleaner.exe Removed: systemcleaner.exe. Full path: %ProgramFiles%\GalileoCleaner\systemcleaner.exe SYSTEMCLEANER.EXE is known as: FakeAlert-Galileo, Win32.Adware.SystemPro2011 SYSTEMCLEANER.EXE hash: MD5: cdee7662629f9c7e18bf86bc80644e2 SHA1: 017fba65293da6b4655e7edf8db55a062428598 How to […]
More…

MDHCP32.DLL – trojan Lukicsel

The file MDHCP32.DLL is malware related. You must delete the file MDHCP32.DLL immediately! Delete the file MDHCP32.DLL without delay! Kill the process MDHCP32.DLL and remove MDHCP32.DLL from the Windows startup. Malware Analysis of “MDHCP32.DLL” Executed: 8A151C5A2B00F9C22B621ED59099FC70.exe Removed: mdhcp32.dll. Full path: %System%\mdhcp32.dll MDHCP32.DLL is known as: Trojan.Win32.Lukicsel MDHCP32.DLL hash: MD5: 338fa5d0ca4cd137869179b6ffcc1ad SHA1: 1d1831722c6a848e5c5b8f6869776ed3a80e64b How to quickly […]
More…

CPUMIN.EXE – trojan WS.Reputation

We checked some samples of CPUMIN.EXE and detected the file CPUMIN.EXE as threat. Remove the CPUMIN.EXE file from your computer right now. Removal tool: http://www.unhackme.com Malware Analysis of “CPUMIN.EXE” Executed: 93C9B388AF56CD66C55630509DB05DFD.exe Removed: cpumin.exe. Full path: %System%\cpumin\cpumin.exe CPUMIN.EXE is known as: WS.Reputation.1 CPUMIN.EXE hash: MD5: 77990f035cdf11c930de33c35dc9480 SHA1: 9acda9d1528a078243653363defa29126a2ec50 How to quickly detect CPUMIN.EXE presence?  Folders: %System%\cpumin […]
More…

ACCED.EXE – backdoor PcClient

The program ACCed.exe is used for hidden penetration into PC and its remote administration. UnHackMe is recommended as a reliable program for solving the problem with ACCed.exe. Download for free: http://www.unhackme.com Malware Analysis of “ACCED.EXE” Executed: mm.exe Removed: ACCed.exe. Full path: c:\ACCed.exe ACCED.EXE is known as: Backdoor.Win32.PcClient ACCED.EXE hash: MD5: deb0d54419b34efe0d1bf6578d00a73 SHA1: 5ead44655de31642c074236f7f04ed394240efa How to […]
More…

SVCHOSTXXX.EXE – rootkit SpyEye

Rootkit SVCHOSTXXX.EXE is software that enables continued privileged access to a computer while actively hiding its presence. Detection and removal of SVCHOSTXXX.EXE may be a very difficult process. You should use anti-rootkit software to fix the SVCHOSTXXX.EXE problem. Malware Analysis of “SVCHOSTXXX.EXE” Executed: svchostxxx.exe Removed: svchostxxx.exe. Full path: c:\svchostxxx.exe\svchostxxx.exe SVCHOSTXXX.EXE is known as: Trojan-Spy.Win32.SpyEyes SVCHOSTXXX.EXE […]
More…

MGASETUP.EXE – WPA Kill

We checked some samples of MGASETUP.EXE and detected the file MGASETUP.EXE as threat. Remove the MGASETUP.EXE file from your computer right now. Removal tool: http://www.unhackme.com Malware Analysis of “MGASETUP.EXE” Executed: WGAv1.9.40.0_OGAv2.0.48.0_Fix27.08.09.exe Full path: %Temp%\MGASetup.exe MGASETUP.EXE is known as: not-a-virus.Hacktool.WPA, HackTool:Win32/Keygen MGASETUP.EXE hash: MD5: 13d083d39156df3aa9a26000bd5f3f6 SHA1: 615bd67a721cc892033d43d01425b785915de28 How to quickly detect MGASETUP.EXE presence?  Folders: %Temp%\WGAv1.9.40.0_OGAv2.0.48.0_Fix27.08.09 Files: […]
More…

GCLGAF40.DLL – trojan Agent

Is the file GCLGAF40.DLL located on your computer? Then your computer is infected. We do suggest you should remove GCLGAF40.DLL from your computer as soon as possible. GCLGAF40.DLL is Trojan/Backdoor. Kill the process GCLGAF40.DLL and remove GCLGAF40.DLL from the Windows startup. Malware Analysis of “GCLGAF40.DLL” Executed: smona.exe Removed: gclgaf40.dll. Full path: %AppData%\Microsoft\gclgaf40.dll GCLGAF40.DLL is known […]
More…

BITCOIN.EXE – trojan Kryptik

We checked up the file BITCOIN.EXE and found it hazardous. The file BITCOIN.EXE must be deleted from the system immediately. Kill the process BITCOIN.EXE and remove BITCOIN.EXE from the Windows startup. Malware Analysis of “BITCOIN.EXE” Executed: cloud.exe Removed: bitcoin.exe. Full path: %Temp%\tmp878dd1ff\bitcoin.exe BITCOIN.EXE is known as: Trojan/W32.Agent.184832.JP, Trojan/Kryptik.oiy BITCOIN.EXE hash: MD5: bbb6ef0487c8100eb7acddfcb12fde8 SHA1: 6ee0711ee9b477adce790d162e88720146dbd2a How […]
More…

VERCONTROL.EXE – iTunes Export Wizard

The file VERCONTROL.EXE is not a virus. The program VERCONTROL.EXE is a system tool. But the VERCONTROL.EXE tool may be used to compromise computer security by the hacker. Use the VERCONTROL.EXE file at your own risk! You can delete the VERCONTROL.EXE program from your computer with problems. Malware Analysis of “VERCONTROL.EXE” Executed: iTunesExportWizardSetupFull.exe Full path: […]
More…

QUESTBRWSEARCH.EXE – adware AdSearcher

We received the file QUESTBRWSEARCH.EXE and detected that QUESTBRWSEARCH.EXE is not good. QUESTBRWSEARCH.EXE is Adware. You should remove the file QUESTBRWSEARCH.EXE. Kill the process QUESTBRWSEARCH.EXE and remove QUESTBRWSEARCH.EXE from Windows. Malware Analysis of “QUESTBRWSEARCH.EXE” Executed: 0371ECB718C6FCA8616B0108305A3100B3B30A10.exe Removed: questbrwsearch.exe. Full path: %ProgramFiles%\QuestBrwSearch\questbrwsearch.exe QUESTBRWSEARCH.EXE is known as: AdSearcher.AV, Adware-OneStep.l, BrowserModifier:Win32/Zwangi QUESTBRWSEARCH.EXE hash: MD5: c5861c01f3073db55f8b960c5e7e0dc SHA1: 2bb19f27d0fd056cc013f368bcf8e04ef96ee4a How […]
More…

T1TVGQB.EXE – trojan Siggen2

The file T1TVGQB.EXE is malware related. You must delete the file T1TVGQB.EXE immediately! Delete the file T1TVGQB.EXE without delay! Kill the process T1TVGQB.EXE and remove T1TVGQB.EXE from the Windows startup. Malware Analysis of “T1TVGQB.EXE” Executed: 47509.exe Removed: t1tvgqb.exe. Full path: %AppData%\t1tvgqb.exe T1TVGQB.EXE is known as: Trojan.Siggen2.46166, Worm.Win32.Cambot T1TVGQB.EXE hash: MD5: 3bd5e27267a06f6bf4b0ead73992634 SHA1: 7839b1d143ee9bb30cb3dae33a5d924abdf1109 How to […]
More…

2QW9.EXE – trojan VB

Is the file 2QW9.EXE located on your computer? Then your computer is infected. We do suggest you should remove 2QW9.EXE from your computer as soon as possible. 2QW9.EXE is Trojan/Backdoor. Kill the process 2QW9.EXE and remove 2QW9.EXE from the Windows startup. Malware Analysis of “2QW9.EXE” Executed: 6C633DB8613C99DDDF9645475B6FFF5B.EXE Removed: 2qw9.exe. Full path: %Windir%\Temp\2qw9.exe 2QW9.EXE is known […]
More…

TPLSUB700JK.EXE – Fake AntiVirus “Antimalware Doctor”

The file tplsub700jk.exe is a part of Fake Antiviral software. You must delete the file tplsub700jk.exe immediately! Delete the file tplsub700jk.exe without delay! Kill the process tplsub700jk.exe and remove tplsub700jk.exe from the Windows startup. Malware Analysis of “TPLSUB700JK.EXE” Executed: utrsid70.exe Removed: tplsub700jk.exe. Full path: %AppData%\40FFE3D88A57C322529CD28ABD33E34B\tplsub700jk.exe TPLSUB700JK.EXE is known as: TR/Crypt.XPACK.Gen, W32/FakeAV.BYF!tr TPLSUB700JK.EXE hash: MD5: 7c4761a0b48fb193c2e4fbedf8b3bff […]
More…

MAC.EXE – trojan VB

We checked up the file MAC.EXE and found it hazardous. The file MAC.EXE must be deleted from the system immediately. Kill the process MAC.EXE and remove MAC.EXE from the Windows startup. Malware Analysis of “MAC.EXE” Executed: cena-id75412.exe Removed: mac.exe. Full path: C:\addons\mac.exe Detected by UnHackMe: Item Name: mac Author: Related File: c:\addon\mac.exe Type: Registry Run […]
More…

MSERVICE32_T.EXE – trojan Tibia

We checked some samples of MSERVICE32_T.EXE and detected the file MSERVICE32_T.EXE as threat. Remove the MSERVICE32_T.EXE file from your computer right now. Removal tool: http://www.unhackme.com Malware Analysis of “MSERVICE32_T.EXE” Executed: tibiamc_tibiamc.pl.exe Removed: mservice32_t.exe. Full path: C:\Documents and Settings\Administrator\Application Data\mservice32_t.exe Detected by UnHackMe: Item Name: Update Author: Unknown Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MSERVICE32_T.EXE Type: Registry […]
More…

EBRA.EXE – trojan Dantmil

The file EBRA.EXE is malware related. You must delete the file EBRA.EXE immediately! Delete the file EBRA.EXE without delay! Kill the process EBRA.EXE and remove EBRA.EXE from the Windows startup. Malware Analysis of “EBRA.EXE” Executed: 46472b11c3667333b6383ee86b79d20c.exe Removed: ebra.exe. Full path: %AppData%\ebra.exe EBRA.EXE is known as: Trojan:Win32/Dantmil.A, Trojan/Dropper.VB.azgp EBRA.EXE hash: MD5: 6472b11c3667333b6383ee86b79d20c SHA1: 87d6620ecdd7bcf7d9b024be8f1e69b4b231c1c How to […]
More…

8ESA.EXE – worm Cambot

The file 8ESA.EXE is a computer worm. The worm 8ESA.EXE is a self-replicating malicious program, which uses a computer network to send copies of itself to other computers. You must fix the 8ESA.EXE problem as soon as possible! Delete the file 8ESA.EXE from all infected computers in your network. Set up your network firewall against […]
More…

JU7BD.EXE – backdoor Floder

The program JU7BD.EXE is used for hidden penetration into PC and its remote administration. UnHackMe is recommended as a reliable program for solving the problem with JU7BD.EXE. Download for free: http://www.unhackme.com Malware Analysis of “JU7BD.EXE” Executed: p[1].exe Removed: ju7bd.exe. Full path: c:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-2734\ju7bd.exe JU7BD.EXE is known as: Backdoor.Win32.Floder.gy JU7BD.EXE hash: MD5: 0987570b68836df26e5c82e9642f902 SHA1: 0b836570078d9552ac363a07d06947eb34e23a5 How to […]
More…

E26F5077.EXE – backdoor Ruskill

The program E26F5077.EXE is used for hidden penetration into PC and its remote administration. UnHackMe is recommended as a reliable program for solving the problem with E26F5077.EXE. Download for free: http://www.unhackme.com Malware Analysis of “E26F5077.EXE” Executed: USB.zip.exe Removed: e26f5077.exe. Full path: %Temp%\RECYCLER\e26f5077.exe E26F5077.EXE is known as: Backdoor/Win32.Ruskill, Worm:Win32/Dorkbot, Trojan.IRCBot E26F5077.EXE hash: MD5: 8273a9d1e1ce42ffb296a3f1dfb89eb SHA1: 5e28c5e4f71d39b940d0a4399d520121b438703 […]
More…

PPJXQ.DLL – adware SmartAdsSolutions

We received the file PPJXQ.DLL and detected that PPJXQ.DLL is not good. PPJXQ.DLL is Adware. You should remove the file PPJXQ.DLL. Kill the process PPJXQ.DLL and remove PPJXQ.DLL from Windows. Malware Analysis of “PPJXQ.DLL” Executed: b83b6946ddf4def2c34948d889dbedc9.exe Removed: ppjxq.dll. Full path: %Windir%\$XNTUninstall643$\ppjxq.dll PPJXQ.DLL is known as: AdWare.Win32.SmartAdsSolutions, AdWare.Win32.BHO.szs, Trojan.Adclicker PPJXQ.DLL hash: MD5: 628bd3bca0786dcb28253302415a632 SHA1: adf7319c42a970a0d16be82e82917e39931c013 How […]
More…

LSHSS.EXE – trojan Dybalom

We checked up the file LSHSS.EXE and found it hazardous. The file LSHSS.EXE must be deleted from the system immediately. Kill the process LSHSS.EXE and remove LSHSS.EXE from the Windows startup. Malware Analysis of “LSHSS.EXE” Executed: fud_2011-05-15.exe Removed: lshss.exe. Full path: C:\Documents and Settings\Administrator\Application Data\lshss.exe Detected by UnHackMe: Item Name: fud_2011-05-15.exe Author: Microsoft Corporation Related […]
More…

TORANGCOMZ.DLL – adware Torangcomz

We received the file TORANGCOMZ.DLL and detected that TORANGCOMZ.DLL is not good. TORANGCOMZ.DLL is Adware. You should remove the file TORANGCOMZ.DLL. Kill the process TORANGCOMZ.DLL and remove TORANGCOMZ.DLL from Windows. Malware Analysis of “TORANGCOMZ.DLL” Executed: d318424097262f1fd69991b70100a775.exe Removed: torangcomz.dll. Full path: %ProgramFiles%\Keyword Search\torangcomz.dll TORANGCOMZ.DLL is known as: AdWare.Win32.BHO.slb, Adware:Win32/Torangcomz, Win32/Adware.Kraddare.AR TORANGCOMZ.DLL hash: MD5: bb2728914217b8494da6801a92fbe3e SHA1: 90ffcfdbbb64308eed576887a279a18f27ffc85 […]
More…

APNSTUB.EXE – adware BHO

We received the file APNSTUB.EXE and detected that APNSTUB.EXE is not good. APNSTUB.EXE is Adware. You should remove the file APNSTUB.EXE. Kill the process APNSTUB.EXE and remove APNSTUB.EXE from Windows. Malware Analysis of “APNSTUB.EXE” Executed: Regwork_FastInstaller.exe Removed: ApnStub.exe. Full path: %Temp%\RegWork\ApnStub.exe APNSTUB.EXE is known as: Adware/Drop.BOH.seq APNSTUB.EXE hash: MD5: 182a2d31921f95e4d00a3435938eeaf SHA1: 723695a4f5b1b876934e569ed5ab5ddf02488be How to quickly […]
More…

CLEANHTM.EXE – backdoor Clemag

The program CLEANHTM.EXE is used for hidden penetration into PC and its remote administration. UnHackMe is recommended as a reliable program for solving the problem with CLEANHTM.EXE. Download for free: http://www.unhackme.com Malware Analysis of “CLEANHTM.EXE” Executed: divxinstaller.exe Removed: cleanhtm.exe. Full path: C:\Documents and Settings\Administrator\Application Data\cleanhtm.exe Detected by UnHackMe: Item Name: 209.172.52.69 www.google.com Author: Unknown Related […]
More…

PULPIT.EXE – trojan Ulubione

We checked up the file PULPIT.EXE and found it hazardous. The file PULPIT.EXE must be deleted from the system immediately. Kill the process PULPIT.EXE and remove PULPIT.EXE from the Windows startup. Malware Analysis of “PULPIT.EXE” Executed: lolitka.exe Removed: pulpit.exe. Full path: C:\WINDOWS\pulpit.exe Detected by UnHackMe: PULPIT.EXE Default location: C:\WINDOWS\PULPIT.EXE MD5: 0AF2637A4BDB2E2A6DE478DA45EF7998 SHA1: 7708C2C8 31677544 51A559E5 […]
More…

APSX85.SYS – rootkit Agent

Rootkit APSX85.SYS is software that enables continued privileged access to a computer while actively hiding its presence. Detection and removal of APSX85.SYS may be a very difficult process. You should use anti-rootkit software to fix the APSX85.SYS problem. Malware Analysis of “APSX85.SYS” Executed: 001.exe Removed: ApsX85.sys. Full path: C:\WINDOWS\system32\drivers\ApsX85.sys Detected by UnHackMe: Item Name: ApsX85.sys […]
More…

GUIDEON.DLL – adware PinGuide

We received the file GUIDEON.DLL and detected thatGUIDEON.DLL is not good. GUIDEON.DLL is Adware. You should remove the file GUIDEON.DLL. Kill the process GUIDEON.DLL and remove GUIDEON.DLL from Windows. Malware Analysis of “GUIDEON.DLL” Executed: PinSearch_PI00.exe Removed: GuideOn.dll. Full path: C:\Program Files\GuideOn\GuideOn.dll Detected by UnHackMe: GUIDEON.DLL Default location: C:\PROGRAM FILES\GUIDEON\GUIDEON.DLL MD5: 5596811C111D2F34F41E9ACA24EE3096 SHA1: 8CFEDD0C 21E93AA6 D6E085F7 […]
More…

SX621.EXE – trojan Wigon

The file SX621.EXE is malware related. You must delete the file SX621.EXE immediately! Delete the file SX621.EXE without delay! Kill the process SX621.EXE and remove SX621.EXE from the Windows startup. Malware Analysis of “SX621.EXE” Executed: 97654.exe Removed: sx621.exe. Full path: C:\Documents and Settings\Administrator\sx621.exe Detected by UnHackMe: Item Name: sx621 Author: Unknown Related File: C:\DOCUMENTS AND […]
More…

DBR0003.OCX – trojan OnlineGames

Is the file DBR0003.OCX located on your computer? Then your computer is infected. We do suggest you should remove DBR0003.OCX from your computer as soon as possible. DBR0003.OCX is Trojan/Backdoor. Kill the process DBR0003.OCX and remove DBR0003.OCX from the Windows startup. Malware Analysis of “DBR0003.OCX” Executed: z5.exe Removed: dbr0003.ocx. Full path: C:\WINDOWS\system32\dbr0003.ocx Detected by RegRun […]
More…

RSBOT.EXE – worm Ainslot

The file RSBOT.EXE is a computer worm. The worm RSBOT.EXE is a self-replicating malicious program, which uses a computer network to send copies of itself to other computers. You must fix the RSBOT.EXE problem as soon as possible! Delete the file RSBOT.EXE from all infected computers in your network. Set up your network firewall against […]
More…

CCEPIC.EXE – backdoor Fynloski

The program CCEPIC.EXE is used for hidden penetration into PC and its remote administration. UnHackMe is recommended as a reliable program for solving the problem with CCEPIC.EXE. Download for free: http://www.unhackme.com Malware Analysis of “CCEPIC.EXE” Executed: ccepic.exe Removed: ccepic.exe. Full path: C:\Documents and Settings\Administrator\Application Data\ccepic\ccepic\7.9.1.0\ccepic.exe Detected by UnHackMe: Item Name: ccepic Author: ccepic Related File: […]
More…

SOUNDSYS.EXE – backdoor Cybergate

The program SOUNDSYS.EXE is used for hidden penetration into PC and its remote administration. UnHackMe is recommended as a reliable program for solving the problem with SOUNDSYS.EXE. Download for free: http://www.unhackme.com Malware Analysis of “SOUNDSYS.EXE” Executed: tr.exe Removed: SoundSys.exe. Full path: C:\Documents and Settings\Administrator\Application Data\SoundSys.exe Detected by UnHackMe: Item Name: Sound Author: YhJUVRaHwTEFSBVqeaVqCUsEyRzSa Related File: […]
More…

POSTTIP.DLL – adware BonusCash

We received the file POSTTIP.DLL and detected thatPOSTTIP.DLL is not good. POSTTIP.DLL is Adware. You should remove the file POSTTIP.DLL. Kill the process POSTTIP.DLL and remove POSTTIP.DLL from Windows. Malware Analysis of “POSTTIP.DLL” Executed: posttip_ip12.exe Removed: PostTip.dll. Full path: C:\Program Files\PostTip\PostTip.dll Detected by UnHackMe: Item Name: {C4BF6897-41A2-454b-AC3B-437F30BEA671} Author: Related File: C:\Program Files\PostTip\PostTip.dll Type: Browser Helper […]
More…

MSADCO40.TLR – trojan Menti

The file MSADCO40.TLR is malware related. You must delete the file MSADCO40.TLR immediately! Delete the file MSADCO40.TLR without delay! Kill the process MSADCO40.TLR and remove MSADCO40.TLR from the Windows startup. Malware Analysis of “MSADCO40.TLR” Executed: calc.exe Removed: msadco40.tlr. Full path: C:\Program Files\Common Files\msadco40.tlr Detected by UnHackMe: Item Name: LanmanServer Author: Unknown Related File: C:\PROGRAM FILES\COMMON […]
More…

MSNGRPMSN.EXE – trojan Ircbrute

We checked up the file MSNGRPMSN.EXE and found it hazardous. The file MSNGRPMSN.EXE must be deleted from the system immediately. Kill the process MSNGRPMSN.EXE and remove MSNGRPMSN.EXE from the Windows startup. Malware Analysis of “MSNGRPMSN.EXE” Executed: facebook_photos_26_06_2011_jpg.exe Removed: msngrpmsn.exe. Full path: C:\Documents and Settings\Administrator\Application Data\C-76947-8457-2745\msngrpmsn.exe Detected by UnHackMe: Item Name: WindowsLiveMessenger Author: Microsoft Related File: […]
More…

ISE32.EXE – trojan Kolab

We checked some samples of ISE32.EXE and detected the file ISE32.EXE as threat. Remove the ISE32.EXE file from your computer right now. Removal tool: http://www.unhackme.com Malware Analysis of “ISE32.EXE” Removed: ise32.exe. Full path: C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe Detected by UnHackMe: Item Name: {28ABC5C0-4FCB-11CF-AAX5-81CX1C635612} Author: Related File: C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ISE32.EXE Type: ActiveSetup Removal Results: Success Number of reboot: 1 ISE32.EXE is […]
More…

WEBDEV.EXE – trojan Siggen2

Is the file WEBDEV.EXE located on your computer? Then your computer is infected. We do suggest you should remove WEBDEV.EXE from your computer as soon as possible. WEBDEV.EXE is Trojan/Backdoor. Kill the process WEBDEV.EXE and remove WEBDEV.EXE from the Windows startup. Malware Analysis of “WEBDEV.EXE” Executed: video.exe Removed: webdev.exe. Full path: C:\Documents and Settings\Administrator\Application Data\webdev.exe […]
More…

ZZAHNET.EXE – trojan Bancos

We checked some samples of ZZAHNET.EXE and detected the file ZZAHNET.EXE as threat. Remove the ZZAHNET.EXE file from your computer right now. Removal tool: http://www.unhackme.com Malware Analysis of “ZZAHNET.EXE” Executed: zzahnet.exe Removed: zzahnet.exe. Full path: C:\Documents and Settings\All Users\Application Data\zzahnet.exe Detected by UnHackMe: Item Name: zzahnet.exe Author: Unknown Related File: C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\ZZAHNET.EXE […]
More…

SYSCORE.DLL – trojan Agent

We checked up the file SYSCORE.DLL and found it hazardous. The file SYSCORE.DLL must be deleted from the system immediately. Kill the process SYSCORE.DLL and remove SYSCORE.DLL from the Windows startup. Malware Analysis of “SYSCORE.DLL” Executed: img_24kk755756.exe Removed: syscore.dll. Full path: C:\WINDOWS\system32\syscore.dll Detected by UnHackMe: Item Name: AppInit_DLLs Author: Unknown Related File: syscore.dll Type: List […]
More…

WINMINIX.DLL – trojan Agent

The file WINMINIX.DLL is malware related. You must delete the file WINMINIX.DLL immediately! Delete the file WINMINIX.DLL without delay! Kill the process WINMINIX.DLL and remove WINMINIX.DLL from the Windows startup. Malware Analysis of “WINMINIX.DLL” Executed: img_24kk755756.exe Removed: winminix.dll. Full path: C:\WINDOWS\system32\winminix.dll Detected by UnHackMe: Item Name: AppInit_DLLs Author: Unknown Related File: syscore.dll Type: List of […]
More…

MSINSTALLPATCH.EXE – trojan Noitap

Is the file MSINSTALLPATCH.EXE located on your computer? Then your computer is infected. We do suggest you should remove MSINSTALLPATCH.EXE from your computer as soon as possible. MSINSTALLPATCH.EXE is Trojan/Backdoor. Kill the process MSINSTALLPATCH.EXE and remove MSINSTALLPATCH.EXE from the Windows startup. Malware Analysis of “MSINSTALLPATCH.EXE” Executed: goo.exe Removed: MsInstallPatch.exe. Full path: C:\WINDOWS\system32\MsInstallPatch.exe Detected by UnHackMe: […]
More…

C2FPOST3.EXE – trojan Monicker

We checked up the file C2FPOST3.EXE and found it hazardous. The file C2FPOST3.EXE must be deleted from the system immediately. Kill the process C2FPOST3.EXE and remove C2FPOST3.EXE from the Windows startup. Malware Analysis of “C2FPOST3.EXE” Executed: fcpost.3.exe Removed: c2fpost3.exe. Full path: C:\Documents and Settings\Administrator\Local Settings\Temp\c2fpost3.exe Detected by UnHackMe: Item Name: fc2post Author: Unknown Related File: […]
More…

WINK.EXE – trojan Vilsel

Is the file WINK.EXE located on your computer? Then your computer is infected. We do suggest you should remove WINK.EXE from your computer as soon as possible. WINK.EXE is Trojan/Backdoor. Kill the process WINK.EXE and remove WINK.EXE from the Windows startup. Malware Analysis of “WINK.EXE” Executed: google.exe Removed: wink.exe. Full path: C:\WINDOWS\wink.exe Detected by UnHackMe: […]
More…

DEFAULT.EXE – trojan Msposer

The file DEFAULT.EXE is malware related. You must delete the file DEFAULT.EXE immediately! Delete the file DEFAULT.EXE without delay! Kill the process DEFAULT.EXE and remove DEFAULT.EXE from the Windows startup. Malware Analysis of “DEFAULT.EXE” Executed: visualizardoc-pdf.exe Removed: default.exe. Full path: C:\WINDOWS\service\default.exe Detected by UnHackMe: Item Name: Default Author: Microsoft Related File: C:\WINDOWS\SERVICE\DEFAULT.EXE Type: Registry Run […]
More…

DBR99008.OCX – trojan FakeIME

We checked up the file DBR99008.OCX and found it hazardous. The file DBR99008.OCX must be deleted from the system immediately. Kill the process DBR99008.OCX and remove DBR99008.OCX from the Windows startup. Malware Analysis of “DBR99008.OCX” Executed: web07.exe Removed: dbr99008.ocx. Full path: C:\WINDOWS\system32\dbr99008.ocx Detected by UnHackMe: Item Name: E0200804 Author: Related File: C:\WINDOWS\system32\DBR99008.OCX Type: Keyboard Listeners […]
More…

UPNEXT.EXE – trojan Delf

We checked some samples of UPNEXT.EXE and detected the file UPNEXT.EXE as threat. Remove the UPNEXT.EXE file from your computer right now. Removal tool: http://www.unhackme.com Malware Analysis of “UPNEXT.EXE” Executed: update.exe Removed: upNext.exe. Full path: C:\Documents and Settings\Administrator\Local Settings\Application Data\upNext.exe Detected by UnHackMe: Item Name: MSNCore Author: HP Printers Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION […]
More…

MINER.EXE – trojan BitCoinMiner

We checked some samples of MINER.EXE and detected the file MINER.EXE as threat. Remove the MINER.EXE file from your computer right now. Removal tool: http://www.unhackme.com Malware Analysis of “MINER.EXE” Executed: ism2.exe Removed: miner.exe. Full path: C:\Documents and Settings\Administrator\Local Settings\Temp\miner.exe Detected by UnHackMe: Item Name: CPU Config Author: Microsoft Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\UDPCONMAIN.EXE Type: Registry Run Item […]
More…

FWIDDLL.DLL – trojan KD

The file FWIDDLL.DLL is malware related. You must delete the file FWIDDLL.DLL immediately! Delete the file FWIDDLL.DLL without delay! Kill the process FWIDDLL.DLL and remove FWIDDLL.DLL from the Windows startup. Malware Analysis of “FWIDDLL.DLL” Executed: fwidins.exe Removed: fwiddll.dll. Full path: C:\Program Files\F2Day\Widget\fwiddll.dll Detected by UnHackMe: Item Name: {90423785-4851-4CE6-98F3-B994C9416400} Author: Related File: C:\PROGRA~1\F2DAY\WIDGET\FWIDDLL.DLL Type: Browser Helper […]
More…

FWIDUPDATER.EXE – adware Kraddare

We received the file FWIDUPDATER.EXE and detected thatFWIDUPDATER.EXE is not good. FWIDUPDATER.EXE is Adware. You should remove the file FWIDUPDATER.EXE. Kill the process FWIDUPDATER.EXE and remove FWIDUPDATER.EXE from Windows. Malware Analysis of “FWIDUPDATER.EXE” Executed: fwidins.exe Removed: fwidupdater.exe. Full path: C:\Program Files\F2Day\Widget\fwidupdater.exe Detected by UnHackMe: Item Name: {90423785-4851-4CE6-98F3-B994C9416400} Author: Related File: C:\PROGRA~1\F2DAY\WIDGET\FWIDDLL.DLL Type: Browser Helper Objects […]
More…

KLRNE.BIN.EXE.EXE – rootkit SpyEye

Rootkit KLRNE.BIN.EXE.EXE is software that enables continued privileged access to a computer while actively hiding its presence. Detection and removal of KLRNE.BIN.EXE.EXE may be a very difficult process. You should use anti-rootkit software to fix the KLRNE.BIN.EXE.EXE problem. Malware Analysis of “KLRNE.BIN.EXE.EXE” Executed: about.exe Removed: . Full path: Detected by UnHackMe: Item Name: 2DD96A61CD9AEADC Author: […]
More…

UDPCONMAIN.EXE – trojan VB

Is the file UDPCONMAIN.EXE located on your computer? Then your computer is infected. We do suggest you should remove UDPCONMAIN.EXE from your computer as soon as possible. UDPCONMAIN.EXE is Trojan/Backdoor. Kill the process UDPCONMAIN.EXE and remove UDPCONMAIN.EXE from the Windows startup. Malware Analysis of “UDPCONMAIN.EXE” Executed: ism2.exe Removed: udpconmain.exe. Full path: C:\Documents and Settings\Administrator\Local Settings\Temp\udpconmain.exe […]
More…

MAZAFAKERX.EXE – rootkit SpyEye

Rootkit mazafakerx.exe is software that enables continued privileged access to a computer while actively hiding its presence. Detection and removal of mazafakerx.exe may be a very difficult process. You should use anti-rootkit software to fix the mazafakerx.exe problem. Malware Analysis of “MAZAFAKERX.EXE” Executed: e-cards.exe Removed: mazafakerx.exe. Full path: C:\mazafakerx.exe\mazafakerx.exe Detected by UnHackMe: Item Name: mazafakerx.exe […]
More…

AC32.EXE – backdoor Briewots

The program AC32.EXE is used for hidden penetration into PC and its remote administration. UnHackMe is recommended as a reliable program for solving the problem with AC32.EXE. Download for free: http://www.unhackme.com Malware Analysis of “AC32.EXE” Executed: ball.exe Removed: ac32.exe. Full path: C:\WINDOWS\system32\ac32.exe Detected by UnHackMe: Item Name: ac32 Author: Unknown Related File: C:\WINDOWS\SYSTEM32\AC32.EXE Type: Registry […]
More…

879R07MH9G.EXE – trojan Wigon

We checked some samples of 879R07MH9G.EXE and detected the file 879R07MH9G.EXE as threat. Remove the 879R07MH9G.EXE file from your computer right now. Removal tool: http://www.unhackme.com Malware Analysis of “879R07MH9G.EXE” Executed: about.exe Removed: 879r07mh9g.exe. Full path: C:\Documents and Settings\Administrator\879r07mh9g.exe Detected by UnHackMe: Item Name: 879r07mh9g Author: Madonna Uniroyal Bacchus Fujitsu Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\879R07MH9G.EXE Type: […]
More…

360O0K.EXE – trojan Comitsproc

The file 360O0K.EXE is malware related. You must delete the file 360O0K.EXE immediately! Delete the file 360O0K.EXE without delay! Kill the process 360O0K.EXE and remove 360O0K.EXE from the Windows startup. Malware Analysis of “360O0K.EXE” Executed: 2.exe Removed: 360O0K.exe. Full path: C:\WINDOWS\system32\360O0K.exe Detected by UnHackMe: Item Name: netpass Author: Related File: C:\WINDOWS\system32\360O0K.exe -NetSata Type: Auto Services […]
More…

COIOME.EXE – backdoor Wuca

The program COIOME.EXE is used for hidden penetration into PC and its remote administration. UnHackMe is recommended as a reliable program for solving the problem with COIOME.EXE. Download for free: http://www.unhackme.com Malware Analysis of “COIOME.EXE” Executed: t.exe Removed: coiome.exe. Full path: C:\Program Files\Common Files\sebsbvx\coiome.exe Detected by UnHackMe: Item Name: safe360 Author: 360Safe.com Related File: C:\PROGRAM […]
More…

WIN_GBTERZCUZI.EXE – trojan Banker5

We checked up the file WIN_GBTERZCUZI.EXE and found it hazardous. The file WIN_GBTERZCUZI.EXE must be deleted from the system immediately. Kill the process WIN_GBTERZCUZI.EXE and remove WIN_GBTERZCUZI.EXE from the Windows startup. Malware Analysis of “WIN_GBTERZCUZI.EXE” Executed: windir.exe Removed: Win_GbterZcuzi.exe. Full path: C:\Win_GbterZcuzi.exe Detected by UnHackMe: Item Name: Win_GbterZcuzi Author: GS Win Related File: C:\WIN_GBTERZCUZI.EXE Type: […]
More…

64.31.28.195 – Malware Domain

The site 64.31.28.195 is used to spread malware. Protect your computer against this site: 64.31.28.195. Delete the lines including 64.31.28.195 from the %SysDir%\drivers\etc\hosts file. Removed all rows with “64.31.28.195″ from “%SysDir%\drivers\etc\hosts” file Executed: IMG_00165.JPG.EXE Classification of IMG_00165.JPG.EXE: TR/Drop.Banker.C.18, Virus.Hosts, BAT/Qhost.Banker.L IMG_00165.JPG.EXE hash: MD5: 88fc897097e19fe764eee52ff336934 SHA1: 9c693565deb54438f1b8d544116036e7bc3d3e3 SHA256: 145c43471f39924725f8121b3d2813e5f9b0bcfb79d7de28995dbce5de26fbc How to quickly detect IMG_00165.JPG.EXE presence? Files […]
More…

COLONY.EXE – worm Silly

The file COLONY.EXE is a computer worm. The worm COLONY.EXE is a self-replicating malicious program, which uses a computer network to send copies of itself to other computers. You must fix the COLONY.EXE problem as soon as possible! Delete the file COLONY.EXE from all infected computers in your network. Set up your network firewall against […]
More…

AWTQNKHE.DLL – backdoor DUTN

The program AWTQNKHE.DLL is used for hidden penetration into PC and its remote administration. UnHackMe is recommended as a reliable program for solving the problem with AWTQNKHE.DLL. Download for free: http://www.unhackme.com Malware Analysis of “AWTQNKHE.DLL” Executed: coupon.exe Removed: awtqnkhe.dll. Full path: C:\WINDOWS\system32\awtqnkhe.dll Detected by UnHackMe: Item Name: {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} Author: Unknown Related File: C:\WINDOWS\SYSTEM32\AWTQNKHE.DLL Type: Browser […]
More…

CRS.EXE – worm Prolaco

The file CRS.EXE is a computer worm. The worm CRS.EXE is a self-replicating malicious program, which uses a computer network to send copies of itself to other computers. You must fix the CRS.EXE problem as soon as possible! Delete the file CRS.EXE from all infected computers in your network. Set up your network firewall against […]
More…

CHECKER.EXE – backdoor ZZSlash

The program CHECKER.EXE is used for hidden penetration into PC and its remote administration. UnHackMe is recommended as a reliable program for solving the problem with CHECKER.EXE. Download for free: http://www.unhackme.com Malware Analysis of “CHECKER.EXE” Executed: unpacked.exe Removed: checker.exe. Full path: C:\Cache\checker.exe Detected by UnHackMe: Item Name: Antivirus Author: Unknown Related File: C:\CACHE\CHECKER.EXE Type: Registry […]
More…

208.85.2.93 – Malware Domain

The site 208.85.2.93 is used to spread malware. Protect your computer against this site: 208.85.2.93. Delete the lines including208.85.2.93 from the %SysDir%\drivers\etc\hosts file. Removed all rows with “208.85.2.93″ from “%SysDir%\drivers\etc\hosts” file Executed Malware: “IMG.00165.JPG.EXE” Classification of IMG.00165.JPG.EXE: TR/Drop.Banker.C.16, Trojan.Siggen2.47952, Trojan/Banker.Qhost.ms IMG.00165.JPG.EXE hash: MD5: 0154a80374d9cdf30334b6801609020 SHA1: 86f2938a158150b7395bbf1a3cb8312b0a7c625 SHA256: 42377346c1069aa0f9ed3663fb315df63fd589e66a65c5e2f7597ebb81b80d8 Recommended software: UnHackMe anti-rootkit and anti-malware http://www.unhackme.com […]
More…

BSYSMGR.EXE – worm Palevo

The file BSYSMGR.EXE is a computer worm. The worm BSYSMGR.EXE is a self-replicating malicious program, which uses a computer network to send copies of itself to other computers. You must fix the BSYSMGR.EXE problem as soon as possible! Delete the file BSYSMGR.EXE from all infected computers in your network. Set up your network firewall against […]
More…

NQ17G.EXE – trojan Siggen2

The file NQ17G.EXE is malware related. You must delete the file NQ17G.EXE immediately! Delete the file NQ17G.EXE without delay! Kill the process NQ17G.EXE and remove NQ17G.EXE from the Windows startup. Malware Analysis of “NQ17G.EXE” Executed: ic7.exe Removed: nq17g.exe. Full path: C:\Documents and Settings\Administrator\Application Data\nq17g.exe Detected by RegRun Warrior: 1. RegRun Reanimator: Item Name: TDL MBR […]
More…

MINORAL.EXE – adware Gabpath

We received the file MINORAL.EXE and detected thatMINORAL.EXE is not good. MINORAL.EXE is Adware. You should remove the file MINORAL.EXE. Kill the process MINORAL.EXE and remove MINORAL.EXE from Windows. Malware Analysis of “MINORAL.EXE” Executed: MNUpdater.prod.v5366.26062011.exe Removed: Minoral.exe. Full path: C:\Documents and Settings\Administrator\Application Data\Minoral\Minoral.exe Detected by UnHackMe: Item Name: S6CiGdCYu Author: Unknown Related File: C:\DOCUMENTS AND […]
More…

OEMBIOS.EXE – backdoor Turkojan

The program OEMBIOS.EXE is used for hidden penetration into PC and its remote administration. UnHackMe is recommended as a reliable program for solving the problem with OEMBIOS.EXE. Download for free: http://www.unhackme.com Malware Analysis of “OEMBIOS.EXE” Executed: airmaddil.exe Removed: oembios.exe. Full path: C:\WINDOWS\system32\oembios.exe Detected by RegRun Warrior: 1. RegRun Reanimator: Item Name: UserInit Author: Unknown Related […]
More…

MSN.EXE – backdoor Bifrose

The program MSN.EXE is used for hidden penetration into PC and its remote administration. UnHackMe is recommended as a reliable program for solving the problem with MSN.EXE. Download for free: http://www.unhackme.com Malware Analysis of “MSN.EXE” Executed: b.playrflash.exe Removed: msn.exe. Full path: C:\Program Files\winst\msn.exe Detected by UnHackMe: Item Name: {47940281-0AF9-2B37-1F5F-478A53905EAE} Author: FLASH@Windows Related File: C:\PROGRAM FILES\WINST\MSN.EXE […]
More…