Removed: C:\Documents and Settings\Administrator\ctfmon.exe (worm Rimecud)

Removed: C:\Documents and Settings\Administrator\ctfmon.exe —————————————————————————————————————————- Detected by UnHackMe in “Malti AV scan”: CTFMON.EXE Default location: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\CTFMON.EXE MD5: 26CD08E868F9FDE5F28A6634B3E42F13 SHA1: 2CAFF9A7 B11C67DC 1943A74B ADB6C90E A7637E78 File Size: 159 744 Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.05.22 Gen:Variant.Rimecud.2 Kaspersky 7.0.0.125 2010.05.23 – Microsoft 1.5802 2010.05.23 [...]

Removed: servicelayer.exe, svw.exe, C:\WINDOWS\lsass.exe, svc.exe, svchosty.exe, C:\WINDOWS\ctfmon.exe (trojan Microjoin)

Malware: Removed: C:\WINDOWS\servicelayer.exe C:\WINDOWS\svw.exe C:\WINDOWS\lsass.exe C:\WINDOWS\svc.exe C:\Documents and Settings\Administrator\Local Settings\Temp\ope6.exe C:\Documents and Settings\Administrator\Local Settings\Temp\svchosty.exe C:\WINDOWS\ctfmon.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: servicelayer Author: Unknown Related File: C:\WINDOWS\SERVICELAYER.EXE Type: Registry Run Item Name: netw Author: Unknown Related File: C:\WINDOWS\SVW.EXE Type: Registry Run Item Name: lsass Author: Unknown Related File: C:\WINDOWS\LSASS.EXE Type: Registry Run Item Name: netc [...]

Removed: ..\system32\keepsafe.exe / Restored: ..\system32\ctfmon.exe

Malware: laoshuxzz1.exe —————————————————————————————————————————- Removed: C:\WINDOWS\system32\keepsafe.exe —————————————————————————————————————————- Restored: C:\WINDOWS\system32\ctfmon.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.04.05 – Kaspersky 7.0.0.125 2010.04.05 Trojan.Win32.Antavmu.hgs Microsoft 1.5605 2010.04.05 TrojanDownloader:Win32/Small.gen!D NOD32 4999 2010.04.04 – —————————————————————————————————————————- Additional information File size: 49152 bytes MD5   : e0a226485796d0976200bdcd2d3456ad SHA1  : cc40e22de18f537fb0c0d1798c12db322d69e87b SHA256: c5d7d812d8503743a0af2485d715fea5182926ba58e2a1961dc1b75201faa8b1 —————————————————————————————————————————- Detected by UnHackMe: Item Name: TXMouie Author: Unknown Related File: C:\WINDOWS\SYSTEM32\KEEPSAFE.EXE [...]

Removed: ctfmon.exe, lsass.exe, odbnsy.exe, sms.exe, svc.exe, svw.exe

Malware: 50.exe Removed: C:\WINDOWS\ctfmon.exe C:\WINDOWS\lsass.exe C:\WINDOWS\odbnsy.exe C:\WINDOWS\sms.exe C:\WINDOWS\svc.exe C:\WINDOWS\svw.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.17 Trojan-Dropper:W32/Mudrop.D Kaspersky 7.0.0.125 2010.03.17 Trojan-Dropper.Win32.Mudrop.hch McAfee 5922 2010.03.16 – Microsoft 1.5605 2010.03.17 TrojanDropper:Win32/Microjoin.gen!B NOD32 4950 2010.03.16 a variant of Win32/Kryptik.CZA —————————————————————————————————————————- Additional information File size: 2384384 bytes MD5   : a8edb5fae8980dcfd4bfa83c415dd761 SHA1  : df248d95560bb7c03c70fcfa053f9f2f52a4e306 SHA256: b6b1a7af5229f62e4cbd538102cadb79416334ca87d3b1a7962a9a50c269c48e —————————————————————————————————————————- Installation When the [...]

Removed: servicelayer.exe, wdmon.exe, svw.exe, ctfmon.exe, amoumain.exe

Malware: 123.exe Removed: C:\WINDOWS\servicelayer.exe C:\WINDOWS\wdmon.exe C:\WINDOWS\svw.exe C:\WINDOWS\ctfmon.exe C:\WINDOWS\amoumain.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.01.26 – Kaspersky 7.0.0.125 2010.01.26 Trojan-Dropper.Win32.Mudrop.fuc McAfee 5872 2010.01.25 – Microsoft 1.5405 2010.01.26 – NOD32 4806 2010.01.26 – Symantec 20091.2.0.41 2010.01.26 – —————————————————————————————————————————- Additional information File size: 2661888 bytes MD5 : 6411876d41f55fa21003afe9256b24d2 SHA1 : 8c7c365fa01cd64f7d20536c5d11d4c932c80ac9 SHA256: e8cbf67fff6888ff759fa59af3dbeabd2416db777c5b6593b9b09bf232d20536 —————————————————————————————————————————- [...]

• Greatis Software

  • Free Download
  • Send a file

• AverScanner

  AverScaner- EveryDay Malware Scan

• Testimonials

  People say

  Greg

  I spent over 10 hours trying to manually hunt down and remove a rootkit and browser hijacker from my computer. That was a mistake!

  This virus/malware could not be removed by Norton, ZoneLabs, MS Essentials; etc.

  In about 1 hour, I was able to download your software, create the CD-ROM, watch the instruction video and kill 3 ROOKITS from my PC. (Your software hunted down the rootkits and killed them like Spetsnaz going after the enemy!) Get it!

  Joseph

  Your product is the only one on the market that has found and removed rootkits from my system, three rootkits to be precise. I have used other products but they don't measure up to UnHackMe.

  Bob

  The UnHackMe is a real program, no spyware or phish and works great and is easy to use. Enjoy!

  Click Here to Update All your PC's Outdated drivers

• Categories

  • Adware
  • Backdoor
  • Fake Driver-Codec
  • Fake System Tool
  • FakeAV
  • Locker
  • Malware
  • Malware Domain
  • Not-a-Virus
  • Rootkit
  • unknown
  • Virus
  • Worm

• Recent Posts

  • STKSCAN.DLL is Trojan Sirefef.BP
  • %Local Appdata%\3308c706\X is Rootkit ZeroAccess
  • PCDRNT.DLL is Rootkit ZeroAccess
  • MAYA70DOCSERVER.DLL is Rootkit ZeroAccess
  • INETACCELERATOR.EXE is Trojan Foreign
  • _EX-68.EXE is Trojan Banload
  • OTYTKF.EXE is Worm Palevo
  • FUNSHIONINSTALL.EXE is Trojan Delf
  • MAXTUDOXDB.EXE is Trojan CFI
  • MSDSCSC.EXE is Backdoor Finlosky

• 
• Remember: the best way to remove rootkits is from the outside!

  

• Blogroll

  • RegRun Security Suite. Detects and removes rootkits/malware/adware that your antivirus could not.
  • RegRun Warrior – Removing rootkits is best done from the outside!
  • UnHackMe – rootkit & malware killer

• Popular

  1. 3%QKM.EXE is Trojan Kryptik
  2. 2%BETTERINSTALLER.EXE is Adware Somoto
  3. 1%U997.EXE is not a virus UltraSurf
  4. 1%MSLOOP.DLL is Rootkit Zero Access
  5. 1%TEMP:WINUPD.EXE is BackDoor TDSS
  6. 1%GREP.3XE is Trojan Tool-NirCmd
  7. 1%MVSCAVAP.EXE is Trojan Banker6
  8. 1%PCOTP.EXE is Trojan Offend
  9. 1%HPDSKFLT.DLL is Rootkit ZeroAccess
  10. 1%XUAT.EXE is Trojan Rimecud
  11. 1%CHINDE.EXE is Trojan Jorik
  12. 1%SYSTEMINSTALLATION.EXE is Trojan Llac
  13. 1%RADCLOCK.DLL is Rootkit ZeroAccess
  14. 1%F16.EXE is Trojan FakeAV
  15. 1%MRTSTUB.EXE is Trojan Banker
  16. 1%DLLHSTS.EXE is Trojan LockScreen
  17. 1%HKAVGLRJ.EXE is Trojan Banker
  18. 1%PROCEXP111.DLL is Rootkit ZeroAccess
  19. 1%QUESTBASIC.EXE is AdWare AdLoad
  20. 1%TOSCOSRV.DLL is Rootkit ZeroAccess

• Tags

  3308c706 Adware Agent Ainslot ATAPI.SYS AutoRun autorun.inf Backdoor Bancos Banker Banload BHO Bifrose Buzus Delf Fake AntiVirus FakeAV Injector IRCBot Jorik KeyLogger Koobface Kraddare Kryptik lsass.exe Malware Domain Oficla OnLineGames Palevo Rebhip Rootkit Scar services.exe SpyEye svchost.exe Taterf TDSS Trojan VB VBInject VBKrypt Virus winlogon.exe Worm ZeroAccess