Removed: win32x.sys, win32x.exe Restored: userinit.exe (worm Joleee)

Malware: a.exe Removed: C:\WINDOWS\system32\drivers\win32x.sys C:\WINDOWS\system32\win32x.exe Restored: C:\WINDOWS\system32\userinit.exe —————————————————————————————————————————- Detected by RegRun Warrior: 1. RegRun Reanimator: Item Name: win32x Author: Related File: C:\WINDOWS\SYSTEM32\DRIVERS\WIN32X.SYS Type: Drivers 2. Multi AntiVirus scan: USERINIT.EXE Default location: C:\WINDOWS\system32\userinit.exe MD5: 03D30A3DF875F8204E782E87794D66E5 SHA1: 863CB1CF C5670AE5 B086291E 025FD834 72EA6CD0 File Size: 76 288 Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How to quickly [...]

Removed: updater.exe, 138843_xeex.exe, 77968_xeex.exe, ABFMOKF.DLL, SOSO.DLL, pcidump.sys; Restored: DSOUND.DLL, MSHTML.DLL, USERINIT.EXE (trojan Bulilit)

Malware: P44.exe Removed: C:\WINDOWS\system32\updater.exe C:\Documents and Settings\Administrator\Local Settings\Temp\138843_xeex.exe C:\Documents and Settings\Administrator\Local Settings\Temp\77968_xeex.exe C:\WINDOWS\SYSTEM32\ABFMOKF.DLL C:\PROGRAM FILES\TENCENT\SOSO.DLL C:\WINDOWS\SYSTEM32\DRIVERS\pcidump.sys Restored: C:\WINDOWS\SYSTEM32\DSOUND.DLL C:\WINDOWS\SYSTEM32\MSHTML.DLL C:\WINDOWS\SYSTEM32\USERINIT.EXE —————————————————————————————————————————- Detected by UnHackMe: Item Name: updater Author: Related File: C:\WINDOWS\system32\updater.exe Type: Registry Run After first reboot detected by UnHackMe: Item Name: 36703_xeex.exe Author: Unknown Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\36703_XEEX.EXE Type: Running Processes Item Name: 40515_xeex.exe Author: [...]

Removed: idse.exe, comsats.sys, msrcqxbq.dll, szetyj67v.exe, szetyj67vx.exe, svc2.exe Restored: USERINIT.EXE (trojan VB)

Malware: kp.exe Removed: C:\Documents and Settings\Administrator\Local Settings\Temp\idse.exe C:\WINDOWS\system32\comsats.sys C:\WINDOWS\system32\msrcqxbq.dll C:\WINDOWS\system32\szetyj67v.exe C:\WINDOWS\system32\szetyj67vx.exe C:\WINDOWS\svc2.exe Restored: C:\WINDOWS\SYSTEM32\USERINIT.EXE —————————————————————————————————————————- Detected by UnHackMe: Item Name: NetLog2 Author: Related File: C:\WINDOWS\SVC2.EXE Type: Registry Run Item Name: szetyj67v Author: Related File: C:\WINDOWS\SYSTEM32\SZETYJ67V.EXE Type: Registry Run Item Name: szetyj67vx Author: Related File: C:\WINDOWS\SYSTEM32\SZETYJ67VX.EXE Type: Registry Run Item Name: szetyj67v.exe Author: Related File: C:\WINDOWS\SYSTEM32\SZETYJ67V.EXE [...]

Removed: pizda_ntload.dll, userinit.exe, ntdevice.exe (trojan Opachki)

Malware: exe.exe Removed:C:\Documents and Settings\Administrator\pizda_ntload.dll C:\Documents and Settings\Administrator\userinit.exe C:\WINDOWS\system32\ntdevice.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: shell Author: Unknown Related File: explorer.exe C:\WINDOWS\system32\ntdevice.exe Type: System.ini Item Name: rundll32 Author: Unknown Related File: C:\WINDOWS\SYSTEM32\NTDEVICE.EXE Type: Registry Run Item Name: ntdevice.exe Author: Unknown Related File: C:\WINDOWS\SYSTEM32\NTDEVICE.EXE Type: Running Processes Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- How [...]

Removed: C:\WINDOWS\MSVCR.DLL C:\WINDOWS\system32\402077.IME C:\WINDOWS\system32\2722702.IME Restored: C:\WINDOWS\SYSTEM32\USERINIT.EXE (Fake QvodPlayer, trojan Murlo)

Malware: qvodsetupuls9.exe Removed: C:\WINDOWS\MSVCR.DLL C:\WINDOWS\system32\402077.IME C:\WINDOWS\system32\2722702.IME Restored: C:\WINDOWS\SYSTEM32\USERINIT.EXE —————————————————————————————————————————- Detected by UnHackMe: Item Name: E0200804 Author: Related File: C:\WINDOWS\system32\402077.IME Type: Keyboard Listeners Item Name: E0210804 Author: Related File: C:\WINDOWS\system32\2722702.IME Type: Keyboard Listeners After first reboot detected by UnHackMe: Item Name: CDBurn Author: Unknown Related File: C:\WINDOWS\MSVCR.DLL Type: Shell Services DelayLoad Item Name: E0220804 Author: Related [...]

Removed: C:\Documents and Settings\Administrator\Local Settings\Temp\svcnost.exe C:\WINDOWS\system32\userinitxx.exe Restored: C:\WINDOWS\system32\userinit.exe (trojan Wemon)

Malware: C:\sand-box\svchost.exe Removed: C:\Documents and Settings\Administrator\Local Settings\Temp\svcnost.exe C:\WINDOWS\system32\userinitxx.exe Restored: C:\WINDOWS\system32\userinit.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: svcnost.exe Author: Unknown Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\SVCNOST.EXE Type: Running Processes After first reboot detected by UnHackMe: Item Name: svcnost.exe Author: Unknown Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\SVCNOST.EXE Type: Running Processes Detected by UnHackMe in “Multi AntiVirus scan” mode: USERINIT.EXE Default location: C:\WINDOWS\SYSTEM32\USERINIT.EXE MD5: [...]

Removed: updata.exe, kav.exe, AMDK8.SYS. Restored: C:\WINDOWS\SYSTEM32\USERINIT.EXE (trojan Geral)

Malware: C:\sand-box\x5(1).exe Removed: C:\Documents and Settings\Administrator\Local Settings\Temp\updata.exe C:\WINDOWS\system32\kav.exe C:\WINDOWS\SYSTEM32\DRIVERS\AMDK8.SYS Restored: C:\WINDOWS\SYSTEM32\USERINIT.EXE —————————————————————————————————————————- Detected by UnHackMe: Item Name: KAV Author: Unknown Related File: C:\WINDOWS\SYSTEM32\KAV.EXE Type: Registry Run Item Name: kav.exe Author: Unknown Related File: C:\WINDOWS\SYSTEM32\KAV.EXE Type: Running Processes Item Name: updata.exe Author: Microsoft Corporation Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\UPDATA.EXE Type: Running Processes After first reboot detected by UnHackMe: [...]

Removed: C:\Documents and Settings\Administrator\Local Settings\Temp\updata.exe, C:\WINDOWS\system32\kav.exe, Restored: C:\WINDOWS\SYSTEM32\USERINIT.EXE (trojan Geral)

Malware: C:\sand-box\mtv.mdb.exe Removed: C:\Documents and Settings\Administrator\Local Settings\Temp\updata.exe C:\WINDOWS\system32\kav.exe Restored: C:\WINDOWS\SYSTEM32\USERINIT.EXE —————————————————————————————————————————- Detected by UnHackMe: Item Name: KAV Author: Unknown Related File: C:\WINDOWS\SYSTEM32\KAV.EXE Type: Registry Run Item Name: kav.exe Author: Unknown Related File: C:\WINDOWS\SYSTEM32\KAV.EXE Type: Running Processes Item Name: updata.exe Author: Microsoft Corporation Related File: C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\UPDATA.EXE Type: Running Processes After first reboot detected by UnHackMe: Item [...]

Removed: C:\WINDOWS\system32\regedit.exe, ws.exe, ccl9ke.exe, C:\RECYCLER\S-1-5-21-7616925526-8384343833-780153681-2809\mgrls32.exe, aqjunaynp.exe Restored: C:\WINDOWS\SYSTEM32\USERINIT.EXE (trojan Harnig)

Malware: ppi.exe Removed: C:\WINDOWS\system32\regedit.exe C:\sand-box\ws.exe C:\Documents and Settings\Administrator\Local Settings\Temp\ccl9ke.exe C:\RECYCLER\S-1-5-21-7616925526-8384343833-780153681-2809\mgrls32.exe C:\Documents and Settings\Administrator\aqjunaynp.exe C:\WINDOWS\system32\aqjunaynp.exe Restored: C:\WINDOWS\SYSTEM32\USERINIT.EXE —————————————————————————————————————————- Detected by UnHackMe: Item Name: Regedit32 Author: Unknown Related File: C:\WINDOWS\SYSTEM32\REGEDIT.EXE Type: Registry Run Item Name: Aux Service Updater Author: Unknown Related File: C:\SAND-BOX\WS.EXE Type: Registry Run Item Name: regedit.exe Author: Unknown Related File: C:\WINDOWS\SYSTEM32\REGEDIT.EXE Type: Running Processes [...]

Removed: scvhost.exe, autorun.inf, extext64750t.exe Restored: C:\WINDOWS\system32\drivers\asyncmac.sys C:\WINDOWS\SYSTEM32\USERINIT.EXE (trojan AntiAV)

Malware: C:\sand-box\p.exe Removed: C:\WINDOWS\system32\scvhost.exe C:\autorun.inf C:\WINDOWS\extext64750t.exe Restored: C:\WINDOWS\system32\drivers\asyncmac.sys C:\WINDOWS\SYSTEM32\USERINIT.EXE —————————————————————————————————————————- Detected by UnHackMe: Item Name: scvhost.exe Author: Unknown Related File: C:\WINDOWS\SYSTEM32\SCVHOST.EXE Type: Running Processes Item Name: C:\autorun.inf Author: Unknown Related File: C:\autorun.inf Type: Autorun.inf Item Name: extext64234t.exe Author: Unknown Related File: C:\WINDOWS\EXTEXT64234T.EXE Type: Running Processes After first reboot detected by UnHackMe: Item Name: pcidump Author: [...]

Removed: kqgh.exe

Malware: C:\sand-box\update.exe Removed: C:\WINDOWS\system32\kqgh.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.02.16 – Kaspersky 7.0.0.125 2010.02.16 – McAfee 5894 2010.02.16 – Microsoft 1.5406 2010.02.16 – NOD32 4872 2010.02.16 – Symantec 20091.2.0.41 2010.02.16 – —————————————————————————————————————————- Additional information File size: 40448 bytes MD5 : 79e61cf72e18cb710ce2a80f5f7208c8 SHA1 : 954f708cbf3b219b63b581a43f6e0470a19c2aea SHA256: aa8ac89920d7b4e0ea00213a9e23a5f8c01ca1b04bd3216488948be956c0a27a —————————————————————————————————————————- Installation When the program [...]

• Greatis Software

  • Free Download
  • Send a file

• AverScanner

  AverScaner- EveryDay Malware Scan

• Testimonials

  People say

  Greg

  I spent over 10 hours trying to manually hunt down and remove a rootkit and browser hijacker from my computer. That was a mistake!

  This virus/malware could not be removed by Norton, ZoneLabs, MS Essentials; etc.

  In about 1 hour, I was able to download your software, create the CD-ROM, watch the instruction video and kill 3 ROOKITS from my PC. (Your software hunted down the rootkits and killed them like Spetsnaz going after the enemy!) Get it!

  Joseph

  Your product is the only one on the market that has found and removed rootkits from my system, three rootkits to be precise. I have used other products but they don't measure up to UnHackMe.

  Bob

  The UnHackMe is a real program, no spyware or phish and works great and is easy to use. Enjoy!

  Click Here to Update All your PC's Outdated drivers

• Categories

  • Adware
  • Backdoor
  • Fake Driver-Codec
  • Fake System Tool
  • FakeAV
  • Malware
  • Malware Domain
  • Not-a-Virus
  • Ransomware
  • Rootkit
  • Troyan]>
  • unknown
  • Virus
  • Worm

• Recent Posts

  • OMEGLEVIDSCHECK.EXE is Trojan Agent
  • AFTER.EXE is Trojan Bocinex
  • LIB32WAOQ.EXE is Trojan MSIL.Prash
  • MMIOA5QV0P.EXE is Worm Ainslot
  • MSIZPJ32.DLL is Trojan Downloader6
  • 50DE5TEEYX.EXE is Trojan Cutwail
  • KLLKCH4.EXE is Trojan Agent
  • JL8ZG6FX1U.EXE is Trojan Agent
  • LIB32WAOQ.EXE is Backdoor Advo
  • BIN.EXE is Rootkit SpyEye

• 
• Remember: the best way to remove rootkits is from the outside!

  

• Blogroll

  • RegRun Security Suite. Detects and removes rootkits/malware/adware that your antivirus could not.
  • RegRun Warrior – Removing rootkits is best done from the outside!
  • UnHackMe – rootkit & malware killer

• Popular

  1. 2% X11.EXE is Trojan Buzus
  2. 1% CSDRIVE32.EXE is Worm Kolab
  3. 1% BSI.BUND.EXE is Trojan Ransom
  4. 1%COMPLITLY.DLL
  5. 1% L3YG2H61AY.EXE is Trojan Wigon
  6. 1% IMDCSC.EXE is Trojan CDur
  7. 1% WAJAM.DLL is Trojan xPack
  8. 1% OSJK8S.EXE is Virus Virut
  9. 1%MSDCSC.EXE is Trojan Agent
  10. 1% WINCSA.EXE is Trojan Jorik.IRCbo
  11. 1% SANDRA.DLL is Trojan Sirefef.BV
  12. 1% LSMASS.EXE is Trojan Dapato
  13. 1% NETWORKTOOLHELPER.DLL is Worm Aspxor
  14. 1% ANTIWPA.DLL is Not-a-Virus HackTool.Wpakill
  15. 1% WWMY7SHQ7D.EXE is Trojan Downloader
  16. 1% WINRAR PASSWORD UNLOCKER 2012 1.8V.EXE
  17. 1%MSDCSC.EXE is Trojan Fynloski
  18. 1% MSDUBMNA.SCR is Backdoor Andromeda
  19. 1% FACEBOAX 2.0.3.EXE is Backdoor Poison
  20. 1% PRIAM_BHO.DLL is Adware Wajam

• Tags

  3308c706 Adware Agent Ainslot ATAPI.SYS AutoRun autorun.inf Backdoor Bancos Banker Banload BHO Bifrose Buzus Darkbot Delf Fake AntiVirus FakeAV Farfli Injector IRCBot Jorik KeyLogger Kraddare lsass.exe Malware Domain Oficla OnLineGames Palevo Rebhip Rootkit Scar services.exe SpyEye svchost.exe Taterf TDSS Trojan VB VBKrypt Virus Votwup winlogon.exe Worm ZeroAccess