smss.exe – trojan Startpage

We checked some samples of smss.exe and detected the file smss.exe as threat. Remove the smss.exe from your computer right now. Removal tool: http://www.unhackme.com Malware Analysis of smss.exe Executed: smss.exe Removed: smss.exe. Full path: C:\WINDOWS\system32\prsmaybyrn\smss.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: kpscc.sys Author: Unknown Related File: C:\WINDOWS\SYSTEM32\DRIVERS\KPSCC.SYS Type: Drivers Item Name: prsmaybyrn Author: Unknown Related [...]

Removed: ” .jse”, 360vbs.jse, smss.exe (trojan Agent)

Malware: dianxin.exe Removed: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ .jse C:\Documents and Settings\All Users\Start Menu\Programs\Startup\360vbs.jse C:\WINDOWS\20110117\pB52Ais52QSY5jMF\smss.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: 360vbs.jse Author: Unknown Related File: C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\STARTUP\360VBS.JSE Type: Common Startup Folder Item Name: micrososoot Author: Unknown Related File: C:\WINDOWS\20110117\PB52AIS52QSY5JMF\SMSS.EXE Type: Registry Run Item Name: .jse Author: Unknown Related File: C:\DOCUMENTS AND [...]

Removed: 360vbs.jse, einnls.vbs, hihotrun.jse, smss.exe (trojan VB)

Malware: dianxin.exe Removed: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\360vbs.jse C:\Documents and Settings\All Users\Start Menu\Programs\Startup\einnls.vbs C:\Documents and Settings\All Users\Start Menu\Programs\Startup\hihotrun.jse c:\windows\201012071945\smss.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: micrososot Author: Unknown Related File: C:\WINDOWS\201012071945\SMSS.EXE Type: Registry Run Item Name: 360vbs.jse Author: Unknown Related File: C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\STARTUP\360VBS.JSE Type: Common Startup Folder Item Name: einnls.vbs Author: Unknown [...]

Removed: rghlcreaxi.exe, smss.exe, explorer.exe (trojan Swisyn)

Malware: C:\sand-box\baoma.exe Removed: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\rghlcreaxi.exe C:\WINDOWS\system32\lkkwnhgtuq\smss.exe C:\WINDOWS\system32\pctewdlfsw\explorer.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: lkkwnhgtuq Author: Unknown Related File: C:\WINDOWS\SYSTEM32\LKKWNHGTUQ\SMSS.EXE Type: Explorer Run Item Name: pctewdlfsw Author: Unknown Related File: C:\WINDOWS\SYSTEM32\PCTEWDLFSW\EXPLORER.EXE Type: Explorer Run Item Name: rghlcreaxi.exe Author: Unknown Related File: C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\STARTUP\RGHLCREAXI.EXE Type: Common Startup Folder Item Name: smss.exe [...]

Removed: C:\WINDOWS\mywins\smss.exe, dlldll.vbe, ie.vbe, iecollection.vbe, index.vbe, search.vbe (TrojanClicker.BHO)

Malware: d.exe Removed: C:\WINDOWS\mywins\smss.exe C:\Documents and Settings\All Users\Start Menu\Programs\Startup\dlldll.vbe C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ie.vbe C:\Documents and Settings\All Users\Start Menu\Programs\Startup\iecollection.vbe C:\Documents and Settings\All Users\Start Menu\Programs\Startup\index.vbe C:\Documents and Settings\All Users\Start Menu\Programs\Startup\search.vbe —————————————————————————————————————————- Detected by UnHackMe: Item Name: google Author: ?? Related File: C:\WINDOWS\MYWINS\SMSS.EXE Type: Registry Run Item Name: dlldll.vbe Author: Unknown Related File: C:\DOCUMENTS AND SETTINGS\ALL USERS\START [...]

Removed: smss.exe, qq.exe, qq.vbs (trojan Meredrop)

Malware: pptv.exe Removed: C:\Documents and Settings\Administrator\Application Data\smss.exe C:\Documents and Settings\All Users\Start Menu\Programs\Startup\qq.exe C:\Documents and Settings\All Users\Start Menu\Programs\Startup\qq.vbs —————————————————————————————————————————- Detected by UnHackMe: Item Name: qq.exe Author: Unknown Related File: C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\STARTUP\QQ.EXE Type: Common Startup Folder Item Name: OAOUIµI?µCA?µAIA???¬E??yµoI?·?Oy??µCA?IµI??? Author: Unknown Related File: C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\SMSS.EXE Type: Registry Run Item Name: qq.vbs Author: [...]

Removed: smss.exe, C:\WINDOWS\system32:svchost.exe, Realtek.exe

Malware: flash_update.exe Removed: C:\windows\system32\drivers\smss.exe C:\WINDOWS\system32:svchost.exe C:\WINDOWS\system32\drivers\Realtek.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.09 Trojan.Downloader.AutoIT.AN Kaspersky 7.0.0.125 2010.03.09 Trojan-Downloader.Win32.AutoIt.ls McAfee 5914 2010.03.08 Generic Downloader.x!ddi Microsoft 1.5502 2010.03.09 Trojan:Win32/Comisproc NOD32 4929 2010.03.09 Win32/TrojanDownloader.Autoit.NBF —————————————————————————————————————————- Additional information File size: 209069 bytes MD5 : 3cdaa6840a4a2af61cbdb1521e20d96b SHA1 : 61e95a50ecb2aff2b968f2073268c21295eb3504 SHA256: cb2acc9f8aad7a40b269cc423aa9f359f47a32df8bc70b1e537a863bb8af934e —————————————————————————————————————————- Installation When the program is [...]

Removed: eksplorasi.exe, bronstab.exe, smss.exe, Empty.pif, WowTumpeh.com

Malware: WowTumpeh.com.exe Removed: C:\WINDOWS\eksplorasi.exe C:\WINDOWS\ShellNew\bronstab.exe C:\Documents and Settings\Administrator\Local Settings\Application Data\smss.exe C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Empty.pif C:\Documents and Settings\Administrator\Templates\WowTumpeh.com —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.01.30 Email-Worm:W32/Brontok.AS Kaspersky 7.0.0.125 2010.01.31 Email-Worm.Win32.Brontok.q McAfee 5877 2010.01.30 W32/Rontokbro.gen@MM Microsoft 1.5406 2010.01.31 Worm:Win32/Brontok.L@mm NOD32 4821 2010.01.30 Win32/Brontok.T Symantec 20091.2.0.41 2010.01.31 W32.Rontokbro@mm —————————————————————————————————————————- Additional information File size: 349265 bytes [...]

Removed: smss.exe, winsccoo.exe, winyyy.sys

Malware: b2.exe Removed: C:\WINDOWS\smss.exe C:\WINDOWS\winsccoo.exe C:\WINDOWS\system32\drivers\winyyy.sys —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.01.17 Suspicious:W32/Malware!Gemini Kaspersky 7.0.0.125 2010.01.17 Trojan.Win32.Agent.ddke McAfee 5864 2010.01.17 Suspect-0B!1E33F65C3E77 Microsoft 1.5302 2010.01.17 TrojanDownloader:Win32/Tesefo.A NOD32 4780 2010.01.17 Win32/TrojanDropper.Delf.NMT Symantec 20091.2.0.41 2010.01.17 Downloader —————————————————————————————————————————- Additional information File size: 143873 bytes MD5 : 1e33f65c3e7730b05560d1e947978807 SHA1 : 607b91750316d50e063e31532044d8972546e9a5 SHA256: aab83d03133239a80896c0b7bec048fc985ea1226939937d0313bdd12d2947bf —————————————————————————————————————————- Installation When [...]

• Greatis Software

  • Free Download
  • Send a file

• AverScanner

  AverScaner- EveryDay Malware Scan

• Testimonials

  People say

  Greg

  I spent over 10 hours trying to manually hunt down and remove a rootkit and browser hijacker from my computer. That was a mistake!

  This virus/malware could not be removed by Norton, ZoneLabs, MS Essentials; etc.

  In about 1 hour, I was able to download your software, create the CD-ROM, watch the instruction video and kill 3 ROOKITS from my PC. (Your software hunted down the rootkits and killed them like Spetsnaz going after the enemy!) Get it!

  Joseph

  Your product is the only one on the market that has found and removed rootkits from my system, three rootkits to be precise. I have used other products but they don't measure up to UnHackMe.

  Bob

  The UnHackMe is a real program, no spyware or phish and works great and is easy to use. Enjoy!

  Click Here to Update All your PC's Outdated drivers

• Categories

  • Adware
  • Backdoor
  • Fake Driver-Codec
  • Fake System Tool
  • FakeAV
  • Malware
  • Malware Domain
  • Not-a-Virus
  • Ransomware
  • Rootkit
  • Troyan]>
  • unknown
  • Virus
  • Worm

• Recent Posts

  • OMEGLEVIDSCHECK.EXE is Trojan Agent
  • AFTER.EXE is Trojan Bocinex
  • LIB32WAOQ.EXE is Trojan MSIL.Prash
  • MMIOA5QV0P.EXE is Worm Ainslot
  • MSIZPJ32.DLL is Trojan Downloader6
  • 50DE5TEEYX.EXE is Trojan Cutwail
  • KLLKCH4.EXE is Trojan Agent
  • JL8ZG6FX1U.EXE is Trojan Agent
  • LIB32WAOQ.EXE is Backdoor Advo
  • BIN.EXE is Rootkit SpyEye

• 
• Remember: the best way to remove rootkits is from the outside!

  

• Blogroll

  • RegRun Security Suite. Detects and removes rootkits/malware/adware that your antivirus could not.
  • RegRun Warrior – Removing rootkits is best done from the outside!
  • UnHackMe – rootkit & malware killer

• Popular

  1. 2% X11.EXE is Trojan Buzus
  2. 1% CSDRIVE32.EXE is Worm Kolab
  3. 1% BSI.BUND.EXE is Trojan Ransom
  4. 1%COMPLITLY.DLL
  5. 1% L3YG2H61AY.EXE is Trojan Wigon
  6. 1% IMDCSC.EXE is Trojan CDur
  7. 1% WAJAM.DLL is Trojan xPack
  8. 1% OSJK8S.EXE is Virus Virut
  9. 1%MSDCSC.EXE is Trojan Agent
  10. 1% WINCSA.EXE is Trojan Jorik.IRCbo
  11. 1% SANDRA.DLL is Trojan Sirefef.BV
  12. 1% LSMASS.EXE is Trojan Dapato
  13. 1% NETWORKTOOLHELPER.DLL is Worm Aspxor
  14. 1% ANTIWPA.DLL is Not-a-Virus HackTool.Wpakill
  15. 1% WWMY7SHQ7D.EXE is Trojan Downloader
  16. 1% WINRAR PASSWORD UNLOCKER 2012 1.8V.EXE
  17. 1%MSDCSC.EXE is Trojan Fynloski
  18. 1% MSDUBMNA.SCR is Backdoor Andromeda
  19. 1% FACEBOAX 2.0.3.EXE is Backdoor Poison
  20. 1% PRIAM_BHO.DLL is Adware Wajam

• Tags

  3308c706 Adware Agent Ainslot ATAPI.SYS AutoRun autorun.inf Backdoor Bancos Banker Banload BHO Bifrose Buzus Darkbot Delf Fake AntiVirus FakeAV Farfli Injector IRCBot Jorik KeyLogger Kraddare lsass.exe Malware Domain Oficla OnLineGames Palevo Rebhip Rootkit Scar services.exe SpyEye svchost.exe Taterf TDSS Trojan VB VBKrypt Virus Votwup winlogon.exe Worm ZeroAccess