Removed: 4DW4R3.SYS, 4DW4R3C.DLL, 4DW4R3NVGMVSROER.SYS, 4DW4R3RIEYBBXFBI.DLL (trojan Cosmu/Alureon)

Malware: C:\sand-box\lsassc.exe Removed: C:\WINDOWS\SYSTEM32\DRIVERS\4DW4R3.SYS C:\WINDOWS\SYSTEM32\4DW4R3C.DLL C:\WINDOWS\SYSTEM32\DRIVERS\4DW4R3NVGMVSROER.SYS C:\WINDOWS\SYSTEM32\4DW4R3RIEYBBXFBI.DLL —————————————————————————————————————————- Detected by RegRun Warrior: 1. Examiner: 1.1 4DW4R3.SYS Default location: C:\WINDOWS\SYSTEM32\DRIVERS\4DW4R3.SYS MD5: EC196B8CB70705090480E76A6D3FABF4 SHA1: 84BBDAD7 7FDB17F8 1E008F70 C820C43A C150933A File Size: 46 592 1.2 4DW4R3C.DLL Default location: C:\WINDOWS\SYSTEM32\4DW4R3C.DLL MD5: 53B2EEBB1A2D91A861CA7A242AED11A1 SHA1: 56121B5B CF30DC03 8490FC03 60CB0953 5D35EB56 File Size: 28 160 1.3 4DW4R3NVGMVSROER.SYS Default location: C:\WINDOWS\SYSTEM32\DRIVERS\4DW4R3NVGMVSROER.SYS MD5: EC196B8CB70705090480E76A6D3FABF4 [...]

Restored: WS2IFSL.SYS (trojan TDSS/Alureon/Olmarik)

Malware: C:\sand-box\Ultimate Codes.exe Restored: C:\WINDOWS\SYSTEM32\DRIVERS\WS2IFSL.SYS —————————————————————————————————————————- Detected by RegRun Warrior: Item Name: WS2IFSL.SYS Author: Microsoft Corporation Related File: C:\WINDOWS\SYSTEM32\DRIVERS\WS2IFSL.SYS Type: Detected using Heuristic Algorithm The original WS2IFSL.SYS has been successfully restore using RegRun Warrior from the Windows installation CD. Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 [...]

Restored: INTELIDE.SYS (trojan TDSS/Alureon/Olmarik)

Malware: C:\sand-box\1.exe Restored: C:\WINDOWS\SYSTEM32\DRIVERS\INTELIDE.SYS —————————————————————————————————————————- Detected by UnHackMe: Item Name: INTELIDE.SYS Related File: C:\WINDOWS\SYSTEM32\DRIVERS\INTELIDE.SYS Type: Detected using Heuristic Algorithm The original INTELIDE.SYS has been successfully restore using RegRun Warrior from the Windows installation CD. Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.05.20 Trojan.TDss.ADZ Kaspersky 7.0.0.125 2010.05.20 [...]

Restored: C:\WINDOWS\SYSTEM32\DRIVERS\ATAPI.SYS (trojan TDSS/Alureon)

Malware: C:\sand-box\setup.exe Restored: C:\WINDOWS\SYSTEM32\DRIVERS\ATAPI.SYS —————————————————————————————————————————- Detected by UnHackMe: Item Name: ATAPI.SYS Author: Microsoft Corporation Related File: C:\WINDOWS\SYSTEM32\DRIVERS\ATAPI.SYS Type: Detected using Heuristic Algorithm The original ATAPI.SYS has been successfully restore using RegRun Warrior from the Windows installation CD. Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.05.13 – [...]

Restored: DISK.SYS (infected by Alureon/TDSS/Olmarik)

Malware: C:\sand-box\in.exe Restored: C:\WINDOWS\SYSTEM32\DRIVERS\DISK.SYS —————————————————————————————————————————- Detected by RegRun Warrior: Item Name: DISK.SYS Author: Microsoft Corporation Related File: C:\WINDOWS\SYSTEM32\DRIVERS\DISK.SYS Type: Detected using Heuristic Algorithm The original DISK.SYS has been successfully restore using RegRun Warrior from the Windows installation CD. Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.05.12 [...]

Removed: PRAGMAd.sys (variant of TDSS trojan – Alureon/Olmarik)

Malware: C:\sand-box\install01.exe Removed: C:\WINDOWS\PRAGMAqipfvcxnqq\PRAGMAd.sys —————————————————————————————————————————- After first reboot detected by UnHackMe: Item Name: PRAGMAqipfvcxnqq Author: Related File: C:\WINDOWS\PRAGMAQIPFVCXNQQ\PRAGMAD.SYS Type: Services detected by Partizan Removal Results: Success Number of reboot: 2 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.05.11 Gen:Variant.TDss.20 Kaspersky 7.0.0.125 2010.05.11 Trojan-Downloader.Win32.FraudLoad.xcxu Microsoft 1.5703 2010.05.11 Trojan:Win32/Alureon.gen!J NOD32 5105 2010.05.11 Win32/Olmarik.YX —————————————————————————————————————————- Additional [...]

Restored: RASACD.SYS (infected by Alureon/TDSS)

Malware: C:\sand-box\dog.exe Restored: C:\WINDOWS\SYSTEM32\DRIVERS\RASACD.SYS —————————————————————————————————————————- Detected by RegRun Warrior: Item Name: RASACD.SYS Author: Microsoft Corporation Related File: C:\WINDOWS\SYSTEM32\DRIVERS\RASACD.SYS Type: Detected using Heuristic Algorithm The original RASACD.SYS has been successfully restore using RegRun Warrior from the Windows installation CD. Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.04.19 [...]

Restored: DMLOAD.SYS (infected by Alureon/TDSS)

Malware: C:\sand-box\Browser_UpDate_For_Free.exe Restored: C:\WINDOWS\SYSTEM32\DRIVERS\DMLOAD.SYS —————————————————————————————————————————- Detected by RegRun Warrior: Item Name: DMLOAD.SYS Author: Microsoft Corporation Related File: C:\WINDOWS\SYSTEM32\DRIVERS\DMLOAD.SYS Type: Detected using Heuristic Algorithm The original DMLOAD.SYS has been successfully restore using RegRun Warrior from the Windows installation CD. Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.04.20 [...]

• Greatis Software

  • Free Download
  • Send a file

• AverScanner

  AverScaner- EveryDay Malware Scan

• Testimonials

  People say

  Greg

  I spent over 10 hours trying to manually hunt down and remove a rootkit and browser hijacker from my computer. That was a mistake!

  This virus/malware could not be removed by Norton, ZoneLabs, MS Essentials; etc.

  In about 1 hour, I was able to download your software, create the CD-ROM, watch the instruction video and kill 3 ROOKITS from my PC. (Your software hunted down the rootkits and killed them like Spetsnaz going after the enemy!) Get it!

  Joseph

  Your product is the only one on the market that has found and removed rootkits from my system, three rootkits to be precise. I have used other products but they don't measure up to UnHackMe.

  Bob

  The UnHackMe is a real program, no spyware or phish and works great and is easy to use. Enjoy!

  Click Here to Update All your PC's Outdated drivers

• Categories

  • Adware
  • Backdoor
  • Fake Driver-Codec
  • Fake System Tool
  • FakeAV
  • Locker
  • Malware
  • Malware Domain
  • Not-a-Virus
  • Rootkit
  • unknown
  • Virus
  • Worm

• Recent Posts

  • STKSCAN.DLL is Trojan Sirefef.BP
  • %Local Appdata%\3308c706\X is Rootkit ZeroAccess
  • PCDRNT.DLL is Rootkit ZeroAccess
  • MAYA70DOCSERVER.DLL is Rootkit ZeroAccess
  • INETACCELERATOR.EXE is Trojan Foreign
  • _EX-68.EXE is Trojan Banload
  • OTYTKF.EXE is Worm Palevo
  • FUNSHIONINSTALL.EXE is Trojan Delf
  • MAXTUDOXDB.EXE is Trojan CFI
  • MSDSCSC.EXE is Backdoor Finlosky

• 
• Remember: the best way to remove rootkits is from the outside!

  

• Blogroll

  • RegRun Security Suite. Detects and removes rootkits/malware/adware that your antivirus could not.
  • RegRun Warrior – Removing rootkits is best done from the outside!
  • UnHackMe – rootkit & malware killer

• Popular

  1. 3%QKM.EXE is Trojan Kryptik
  2. 2%BETTERINSTALLER.EXE is Adware Somoto
  3. 1%U997.EXE is not a virus UltraSurf
  4. 1%MSLOOP.DLL is Rootkit Zero Access
  5. 1%TEMP:WINUPD.EXE is BackDoor TDSS
  6. 1%GREP.3XE is Trojan Tool-NirCmd
  7. 1%MVSCAVAP.EXE is Trojan Banker6
  8. 1%PCOTP.EXE is Trojan Offend
  9. 1%HPDSKFLT.DLL is Rootkit ZeroAccess
  10. 1%XUAT.EXE is Trojan Rimecud
  11. 1%CHINDE.EXE is Trojan Jorik
  12. 1%RADCLOCK.DLL is Rootkit ZeroAccess
  13. 1%SYSTEMINSTALLATION.EXE is Trojan Llac
  14. 1%F16.EXE is Trojan FakeAV
  15. 1%MRTSTUB.EXE is Trojan Banker
  16. 1%DLLHSTS.EXE is Trojan LockScreen
  17. 1%HKAVGLRJ.EXE is Trojan Banker
  18. 1%PROCEXP111.DLL is Rootkit ZeroAccess
  19. 1%TOSCOSRV.DLL is Rootkit ZeroAccess
  20. 1%ACADPROC.DLL is Trojan VbCrypt

• Tags

  3308c706 Adware Agent Ainslot ATAPI.SYS AutoRun autorun.inf Backdoor Bancos Banker Banload BHO Bifrose Buzus Delf Fake AntiVirus FakeAV Injector IRCBot Jorik KeyLogger Koobface Kraddare Kryptik lsass.exe Malware Domain Oficla OnLineGames Palevo Rebhip Rootkit Scar services.exe SpyEye svchost.exe Taterf TDSS Trojan VB VBInject VBKrypt Virus winlogon.exe Worm ZeroAccess