Removed: C:\WINDOWS\system32\nmklo.dll, C:\WINDOWS\system32\dllcache\user32.dll, C:\WINDOWS\system32\cooper.mine (trojan Mariofev)

Malware: marzm.exe Removed: C:\WINDOWS\system32\nmklo.dll C:\WINDOWS\system32\dllcache\user32.dll C:\WINDOWS\system32\cooper.mine —————————————————————————————————————————- Detected manualy: NMKLO.DLL Default location: C:\WINDOWS\system32\nmklo.dll MD5: 3F7529FE29D61EA2C465B56E1AE618AF SHA1: 80859DB2 5FDADED7 57347C46 B156DB45 7196A846 File Size: 167 936 USER32.DLL Default location: C:\WINDOWS\system32\dllcache\user32.dll MD5: BBC70B9BE4BB80D2BA108B2EBABFF7EE SHA1: 254A2A8B FCD4D909 111920FC 89304032 CF7E8FD6 File Size: 578 560 Version Info: OriginalFilename: user32 FileDescription: Windows XP USER API Client DLL InternalName: user32 CompanyName: [...]

Removed: C:\WINDOWS\SYSTEM32\NMKLO.DLL Restored: C:\WINDOWS\SYSTEM32\USER32.DLL (trojan Meredrop)

Malware: file1.exe Removed: C:\WINDOWS\SYSTEM32\NMKLO.DLL Restored: C:\WINDOWS\SYSTEM32\USER32.DLL —————————————————————————————————————————- Detected by UnHackMe: Item Name: USER32.DLL Author: Microsoft Corporation Related File: C:\WINDOWS\SYSTEM32\USER32.DLL Type: Infected System Files Detected by RegRun Warrior: 1. Examiner: NMKLO.DLL Default location: C:\WINDOWS\SYSTEM32\NMKLO.DLL MD5: 0B7EFAD1243388CE1A3CFFD7FFD0BAA6 SHA1: 15D199A2 C1B1218A A8F6ED35 F94F4CA1 7B6994F2 File Size: 212 992 2. RegRun Reanimator: – none – 3. Multi AntiVirus scan: [...]

Removed: cbss.dll, ccl9ke.exe, nrktcvy.exe, absj.jjo, w13p1bp.exe, C:\WINDOWS\system\dwm.exe Restored: C:\WINDOWS\SYSTEM32\USER32.DLL (trojan downloader Harnig)

Malware: loaderadv600.exe Removed: C:\Documents and Settings\All Users\Documents\Settings\cbss.dll C:\Documents and Settings\Administrator\Local Settings\Temp\ccl9ke.exe C:\Documents and Settings\Administrator\Local Settings\Temp\nrktcvy.exe C:\WINDOWS\system32\absj.jjo C:\Documents and Settings\Administrator\Local Settings\Temp\w13p1bp.exe C:\WINDOWS\system\dwm.exe Restored: C:\WINDOWS\SYSTEM32\USER32.DLL —————————————————————————————————————————- Detected by UnHackMe: Item Name: cbssreg Author: Related File: C:\DOCUMENTS AND SETTINGS\ALL USERS\DOCUMENTS\SETTINGS\CBSS.DLL Type: Winlogon Notification Item Name: khfy2n Author: Unknown Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\CCL9KE.EXE Type: Explorer Run Item Name: 12370 Author: [...]

Removed: nmklo.dll Restored: user32.DLL (trojan Pinit)

Malware: mic.exe Removed: C:\WINDOWS\system32\nmklo.dll Restored: C:\WINDOWS\system32\user32.DLL —————————————————————————————————————————- Detected by UnHackMe: NMKLO.DLL Default location: C:\sand-box\files_added\nmklo.dll MD5: 4C3FE9D49B49097D8BE58A94BB140BC5 SHA1: CDCF4F72 84A95DF8 EDE8EEEF 1A142DB7 4FBDC123 File Size: 98 304 USER32.DLL Default location: C:\sand-box\files_added\user32.dll MD5: D8C58E94A30C552FE17BA86B56F9E9E8 SHA1: ED429EB0 9BE1CE20 60E0BFE2 BE0FFA17 F943E7FD File Size: 578 560 Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update [...]

Malware: so1.exe

Malware: so1.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.03.01 Trojan.Generic.KD.143 Kaspersky 7.0.0.125 2010.03.01 Worm.Win32.Pinit.jr McAfee 5906 2010.02.28 Generic.dx!okm Microsoft 1.5502 2010.02.28 VirTool:Win32/Obfuscator.HY NOD32 4903 2010.02.28 a variant of Win32/Kryptik.COP —————————————————————————————————————————- Additional information File size: 219648 bytes MD5 : 0c27ab86792d213cd6870f21b67b3489 SHA1 : 8c7416f2533f2304cf6c5e28f63a8715d1a50554 SHA256: 89bd9eb833da845d4eb312b07b656e1992c740b54379b86e2b6131586c48473a —————————————————————————————————————————- Installation When the program is executed, it [...]

Malware: load.exe

Malware: load.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.02.24 – Kaspersky 7.0.0.125 2010.02.24 Backdoor.Win32.Small.iys McAfee 5901 2010.02.23 – Microsoft 1.5406 2010.02.24 Worm:Win32/Mariofev.A NOD32 4892 2010.02.24 Win32/Pinit.AF Symantec 20091.2.0.41 2010.02.24 Suspicious.Insight —————————————————————————————————————————- Additional information File size: 265728 bytes MD5 : 70518439511d549ee65f6d45e008b6eb SHA1 : c4759c639bece7900fff2fe0c77ae83aa4f90dc0 SHA256: a741631213bdc0e2514a1989e25e807eee306cfbbdd876036f9b7cf105762fd4 —————————————————————————————————————————- Installation When the program is executed, [...]

• Greatis Software

  • Free Download
  • Send a file

• AverScanner

  AverScaner- EveryDay Malware Scan

• Testimonials

  People say

  Greg

  I spent over 10 hours trying to manually hunt down and remove a rootkit and browser hijacker from my computer. That was a mistake!

  This virus/malware could not be removed by Norton, ZoneLabs, MS Essentials; etc.

  In about 1 hour, I was able to download your software, create the CD-ROM, watch the instruction video and kill 3 ROOKITS from my PC. (Your software hunted down the rootkits and killed them like Spetsnaz going after the enemy!) Get it!

  Joseph

  Your product is the only one on the market that has found and removed rootkits from my system, three rootkits to be precise. I have used other products but they don't measure up to UnHackMe.

  Bob

  The UnHackMe is a real program, no spyware or phish and works great and is easy to use. Enjoy!

  Click Here to Update All your PC's Outdated drivers

• Categories

  • Adware
  • Backdoor
  • Fake Driver-Codec
  • Fake System Tool
  • FakeAV
  • Locker
  • Malware
  • Malware Domain
  • Not-a-Virus
  • Rootkit
  • unknown
  • Virus
  • Worm

• Recent Posts

  • STKSCAN.DLL is Trojan Sirefef.BP
  • %Local Appdata%\3308c706\X is Rootkit ZeroAccess
  • PCDRNT.DLL is Rootkit ZeroAccess
  • MAYA70DOCSERVER.DLL is Rootkit ZeroAccess
  • INETACCELERATOR.EXE is Trojan Foreign
  • _EX-68.EXE is Trojan Banload
  • OTYTKF.EXE is Worm Palevo
  • FUNSHIONINSTALL.EXE is Trojan Delf
  • MAXTUDOXDB.EXE is Trojan CFI
  • MSDSCSC.EXE is Backdoor Finlosky

• 
• Remember: the best way to remove rootkits is from the outside!

  

• Blogroll

  • RegRun Security Suite. Detects and removes rootkits/malware/adware that your antivirus could not.
  • RegRun Warrior – Removing rootkits is best done from the outside!
  • UnHackMe – rootkit & malware killer

• Popular

  1. 3%QKM.EXE is Trojan Kryptik
  2. 2%BETTERINSTALLER.EXE is Adware Somoto
  3. 1%U997.EXE is not a virus UltraSurf
  4. 1%MSLOOP.DLL is Rootkit Zero Access
  5. 1%TEMP:WINUPD.EXE is BackDoor TDSS
  6. 1%GREP.3XE is Trojan Tool-NirCmd
  7. 1%MVSCAVAP.EXE is Trojan Banker6
  8. 1%PCOTP.EXE is Trojan Offend
  9. 1%HPDSKFLT.DLL is Rootkit ZeroAccess
  10. 1%XUAT.EXE is Trojan Rimecud
  11. 1%CHINDE.EXE is Trojan Jorik
  12. 1%SYSTEMINSTALLATION.EXE is Trojan Llac
  13. 1%RADCLOCK.DLL is Rootkit ZeroAccess
  14. 1%F16.EXE is Trojan FakeAV
  15. 1%MRTSTUB.EXE is Trojan Banker
  16. 1%DLLHSTS.EXE is Trojan LockScreen
  17. 1%HKAVGLRJ.EXE is Trojan Banker
  18. 1%PROCEXP111.DLL is Rootkit ZeroAccess
  19. 1%QUESTBASIC.EXE is AdWare AdLoad
  20. 1%TOSCOSRV.DLL is Rootkit ZeroAccess

• Tags

  3308c706 Adware Agent Ainslot ATAPI.SYS AutoRun autorun.inf Backdoor Bancos Banker Banload BHO Bifrose Buzus Delf Fake AntiVirus FakeAV Injector IRCBot Jorik KeyLogger Koobface Kraddare Kryptik lsass.exe Malware Domain Oficla OnLineGames Palevo Rebhip Rootkit Scar services.exe SpyEye svchost.exe Taterf TDSS Trojan VB VBInject VBKrypt Virus winlogon.exe Worm ZeroAccess