Removed: winlogon32.exe, SMSS32.EXE, ES15.EXE, HELPERS32.DLL, SE2010.EXE Restored: MOUCLASS.SYS (FakeAV – updated Security Essentials 2010 and TDL3+)

Malware: SetupFlashPlayerPatch.exe Removed: C:\WINDOWS\system32\winlogon32.exe C:\WINDOWS\SYSTEM32\SMSS32.EXE C:\WINDOWS\SYSTEM32\ES15.EXE C:\WINDOWS\SYSTEM32\HELPERS32.DLL C:\PROGRAM FILES\SECURITYESSENTIALS2010\SE2010.EXE Restored: C:\WINDOWS\SYSTEM32\DRIVERS\MOUCLASS.SYS —————————————————————————————————————————- Some files were downloaded during testing. Detected by UnHackMe: Item Name: UserInit Author: Unknown Related File: C:\WINDOWS\system32\winlogon32.exe Type: UserInit Value Item Name: smss32.exe Author: Unknown Related File: C:\WINDOWS\SYSTEM32\SMSS32.EXE Type: Registry Run Item Name: ES15.exe Author: Related File: C:\WINDOWS\SYSTEM32\ES15.EXE Type: Running Processes After first [...]

Removed: C:\WINDOWS\system32\helpers32.dll, C:\WINDOWS\system32\winlogon32.exe, C:\WINDOWS\system32\smss32.exe, C:\Program Files\Securityessentials2010\SE2010.exe (Fake AV – Security Essentials 2010)

Malware: smss32.exe Removed: C:\WINDOWS\system32\helpers32.dll C:\WINDOWS\system32\winlogon32.exe C:\WINDOWS\system32\smss32.exe C:\Program Files\Securityessentials2010\SE2010.exe —————————————————————————————————————————- Detected by UnHackMe: Item Name: helpers32.dll Author: Unknown Related File: C:\WINDOWS\SYSTEM32\HELPERS32.DLL Type: WinSock2 Components Item Name: UserInit Author: Unknown Related File: C:\WINDOWS\system32\winlogon32.exe Type: UserInit Value Item Name: smss32.exe Author: Unknown Related File: C:\WINDOWS\SYSTEM32\SMSS32.EXE Type: Registry Run Item Name: Security essentials 2010 Author: Unknown Related File: C:\PROGRAM [...]

Removed: winlogon32.exe, SMSS32.EXE (FakeAlert)

Malware: exe.exe Removed: C:\WINDOWS\system32\winlogon32.exe C:\WINDOWS\SYSTEM32\SMSS32.EXE —————————————————————————————————————————- Detected by UnHackMe: Item Name: UserInit Author: Unknown Related File: C:\WINDOWS\system32\winlogon32.exe Type: UserInit Value Item Name: smss32.exe Author: QnXi Related File: C:\WINDOWS\SYSTEM32\SMSS32.EXE Type: Registry Run Removal Results: Success Number of reboot: 1 —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.04.18 Trojan.Generic.3116009 Kaspersky 7.0.0.125 2010.04.18 Trojan-Downloader.Win32.FraudLoad.wxtw McAfee 5.400.0.1158 [...]

Removed: winlogon32.exe

Malware: 309d6d1f3e2e58f98fc397ad85f58e19.exe Removed: C:\WINDOWS\winlogon32.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure – - Trojan.Win32.Dialer.wl Kaspersky – - Trojan.Win32.Dialer.wl McAfee – - – Microsoft – - – NOD32v2 – - – —————————————————————————————————————————- Additional information File size: 5152 bytes MD5 : f541e78cc2d84ed43737beb27f098789 SHA1 : d391ceab5af77dbd1f9846f74f4ef63cc5e23cd6 SHA256: 2d6c5ab8d6671c573cb19c24e8684561e992c328454571d0734604d9f0bdd8e5 —————————————————————————————————————————- Installation When the program is executed, it creates [...]

Removed: helper32.dll, winlogon32.exe, smss32.exe

—————————————————————————————————————————- Malware: exe.exe Removed: C:\WINDOWS\system32\helper32.dll C:\WINDOWS\system32\winlogon32.exe C:\WINDOWS\system32\smss32.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.02.13 – Kaspersky 7.0.0.125 2010.02.13 Trojan.Win32.FraudPack.alhw McAfee 5891 2010.02.13 – Microsoft 1.5406 2010.02.13 – NOD32 4864 2010.02.13 – Symantec 20091.2.0.41 2010.02.13 Suspicious.Insight —————————————————————————————————————————- Additional information File size: 40960 bytes MD5 : 831489d4a74ee66ba92aede4f983b1e9 SHA1 : c542590896eb710ca38ecffb3cce5ad7ca96dd25 SHA256: bc47593696b4f63738ea45a48be15be950deebf00e536ea628215d4c14ba9e2e —————————————————————————————————————————- Installation [...]

Removed: winlogon32.exe, smss32.exe, helpers32.dll

Malware: load.exe Removed: C:\WINDOWS\system32\winlogon32.exe C:\WINDOWS\system32\smss32.exe C:\WINDOWS\system32\helpers32.dll —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.02.12 Gen:Trojan.Heur.PT.cmKfbGdhxEci Kaspersky 7.0.0.125 2010.02.12 Trojan.Win32.Vilsel.sqt McAfee 5890 2010.02.12 Suspect-02!0D59E50A46C1 Microsoft 1.5406 2010.02.12 – NOD32 4861 2010.02.12 Win32/VB.OUE Symantec 20091.2.0.41 2010.02.12 Downloader —————————————————————————————————————————- Additional information File size: 38912 bytes MD5 : 0d59e50a46c134023431c71ec7fe2c44 SHA1 : fe1058ce437da58650cbab93d6306dd5da2b3799 SHA256: 2a11d9668cc428adc9d983957bb55773d143d752e53e3a12457e08efd7f8695a —————————————————————————————————————————- Installation When [...]

Removed: helper32.dll, winlogon32.exe, smss32.exe, IS2010.exe

Malware: yahoo.exe Removed: C:\WINDOWS\system32\helper32.dll C:\WINDOWS\system32\winlogon32.exe C:\WINDOWS\system32\smss32.exe C:\Program Files\InternetSecurity2010\IS2010.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.02.10 – Kaspersky 7.0.0.125 2010.02.10 Trojan.Win32.Agent2.lid McAfee 5888 2010.02.10 Downloader-CFA Microsoft 1.5406 2010.02.10 TrojanDownloader:Win32/Fakeinit NOD32 4854 2010.02.10 Win32/TrojanDownloader.FakeAlert.AED Symantec 20091.2.0.41 2010.02.10 Trojan.FakeAV!gen18 —————————————————————————————————————————- Additional information File size: 36864 bytes MD5 : 6fd8a1122cdde897ab88cec08cb2c468 SHA1 : 5cc2bb702519c4df44311ea0b47d51249881cffa SHA256: 4ce879fc865fd2ccc365f54311b9211e854c5d9d7d7ff6e75bd20a6f0907413a —————————————————————————————————————————- [...]

Removed: winlogon32.exe, smss32.exe, svc.exe, lsass.exe, localxmlruntime.dll, nvwrfont50.exe, 376bcd.exe, odbn0.exe

Malware: 45089.exe Removed: C:\WINDOWS\system32\winlogon32.exe C:\WINDOWS\system32\smss32.exe C:\WINDOWS\svc.exe C:\WINDOWS\lsass.exe C:\Documents and Settings\Administrator\Local Settings\Application Data\localxmlruntime\localxmlruntime.dll C:\Documents and Settings\Administrator\Application Data\nvwrfont50\nvwrfont50.exe C:\Documents and Settings\Administrator\Application Data\376bcd.exe C:\WINDOWS\odbn0.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.02.08 – Kaspersky 7.0.0.125 2010.02.08 – McAfee 5885 2010.02.07 – Microsoft 1.5406 2010.02.08 – NOD32 4847 2010.02.08 a variant of Win32/Kryptik.CDU —————————————————————————————————————————- Additional information File size: [...]

Removed: winlogon32.exe, smss32.exe

Malware: exe.exe Removed: C:\WINDOWS\system32\winlogon32.exe C:\WINDOWS\system32\smss32.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.02.04 Trojan-Downloader:W32/FakeAlert.JH Kaspersky 7.0.0.125 2010.02.04 Trojan-Downloader.Win32.FraudLoad.wxvr McAfee 5881 2010.02.03 FakeAlert-SpyPro.gen.b Microsoft 1.5406 2010.02.04 TrojanDownloader:Win32/Fakeinit NOD32 4833 2010.02.03 Win32/TrojanDownloader.FakeAlert.AED —————————————————————————————————————————- Additional information File size: 34304 bytes MD5 : 0cd9bef2ff880fd73a38857560d9660d SHA1 : b6e45b2932486c4b3b982e9952661d63f2cd1bae SHA256: 89db231e2ccbf1edaf25da20792e5c7cd327f0de420700bf5e4b44e8330ecf81 —————————————————————————————————————————- Installation When the program is executed, it [...]

Removed: winlogon32.exe, IS2010.exe, smss32.exe, helper32.dll

Malware: b4f489c005cfa1b0a3e2c93b305a5399.exe Removed: C:\WINDOWS\system32\winlogon32.exe C:\Program Files\InternetSecurity2010\IS2010.exe C:\WINDOWS\system32\smss32.exe C:\WINDOWS\system32\helper32.dll —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.02.01 – Kaspersky 7.0.0.125 2010.02.01 – McAfee 5878 2010.01.31 Generic FakeAlert.c Microsoft 1.5406 2010.02.01 – NOD32 4823 2010.02.01 – Symantec 20091.2.0.41 2010.02.01 Trojan.FakeAV!gen17 —————————————————————————————————————————- Additional information File size: 33280 bytes MD5 : c0ed88ccdc920a951f750c53b21996a1 SHA1 : fd0ccd3052bbaea4e1dc5f2b0e542e2a413dd939 SHA256: e5c6de61d8457d46248ea9623fe5a5521ba10102f1dc74689c698c458466fe8f [...]

Removed: winlogon32.exe, sdra64.exe, lsass.exe, svc.exe, smss32.exe, odbn0.exe

Malware: load.exe Removed: C:\WINDOWS\system32\winlogon32.exe C:\WINDOWS\system32\sdra64.exe C:\WINDOWS\lsass.exe C:\WINDOWS\svc.exe C:\WINDOWS\system32\smss32.exe C:\WINDOWS\odbn0.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.01.23 Trojan.Generic.CJ.AJYK Kaspersky 7.0.0.125 2010.01.23 Trojan-Dropper.Win32.Mudrop.fty McAfee 5870 2010.01.23 – Microsoft 1.5405 2010.01.23 TrojanDropper:Win32/Microjoin.gen!B NOD32 4800 2010.01.23 a variant of Win32/Kryptik.BCR Symantec 20091.2.0.41 2010.01.23 Trojan Horse —————————————————————————————————————————- Additional information File size: 1915904 bytes MD5 : b0cf55e2028f6b3dde658c3b9c4fc60a SHA1 [...]

Removed: winlogon32.exe, smss32.exe, helper32.dll

Malware: 4349a84aa5ed87d5773593f8f993f067.exe Removed: C:\WINDOWS\system32\winlogon32.exe C:\WINDOWS\system32\smss32.exe C:\WINDOWS\system32\helper32.dll —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.01.17 – Kaspersky 7.0.0.125 2010.01.17 Trojan-Downloader.Win32.FraudLoad.gjs McAfee 5863 2010.01.16 – Microsoft 1.5302 2010.01.16 TrojanDownloader:Win32/Fakeinit NOD32 4778 2010.01.16 Win32/TrojanDownloader.FakeAlert.AED Symantec 20091.2.0.41 2010.01.17 – —————————————————————————————————————————- Additional information File size: 31744 bytes MD5 : 2402f97bbd41e9f761533804fc795aa7 SHA1 : b7714657be0e763cbe5fb60f05c26cc2d6138ce7 SHA256: 4563d174a8cbb91e8f26e2da08b692ead904df075888da32f698d5db68353dfd —————————————————————————————————————————- Installation When [...]

Removed: winlogon32.exe, smss32.exe

Malware: qKmfGb.exe Removed: C:\WINDOWS\system32\winlogon32.exe C:\WINDOWS\system32\smss32.exe —————————————————————————————————————————- Classification: Antivirus Version Last Update Result F-Secure 9.0.15370.0 2010.01.11 Trojan.Downloader.FakeAlert.EG Kaspersky 7.0.0.125 2010.01.11 Trojan-Downloader.Win32.FraudLoad.wxoe McAfee 5858 2010.01.11 – Microsoft 1.5302 2010.01.11 TrojanDownloader:Win32/Fakeinit NOD32 4761 2010.01.11 Win32/TrojanDownloader.FakeAlert.AED Symantec 20091.2.0.41 2010.01.11 – —————————————————————————————————————————- Additional information File size: 33792 bytes MD5   : f37b675d8a6689f2bb745f1256aa21ba SHA1  : c5d1f9810383550f6440043bf1dd36d9072d5f96 SHA256: 4ee1989f1922e7c352b1055d56fa7c398037d25d41e52f14cee903f77dbd2076 —————————————————————————————————————————- Installation When the program is executed, [...]

• Greatis Software

  • Free Download
  • Send a file

• AverScanner

  AverScaner- EveryDay Malware Scan

• Testimonials

  People say

  Greg

  I spent over 10 hours trying to manually hunt down and remove a rootkit and browser hijacker from my computer. That was a mistake!

  This virus/malware could not be removed by Norton, ZoneLabs, MS Essentials; etc.

  In about 1 hour, I was able to download your software, create the CD-ROM, watch the instruction video and kill 3 ROOKITS from my PC. (Your software hunted down the rootkits and killed them like Spetsnaz going after the enemy!) Get it!

  Joseph

  Your product is the only one on the market that has found and removed rootkits from my system, three rootkits to be precise. I have used other products but they don't measure up to UnHackMe.

  Bob

  The UnHackMe is a real program, no spyware or phish and works great and is easy to use. Enjoy!

  Click Here to Update All your PC's Outdated drivers

• Categories

  • Adware
  • Backdoor
  • Fake Driver-Codec
  • Fake System Tool
  • FakeAV
  • Locker
  • Malware
  • Malware Domain
  • Not-a-Virus
  • Rootkit
  • unknown
  • Virus
  • Worm

• Recent Posts

  • STKSCAN.DLL is Trojan Sirefef.BP
  • %Local Appdata%\3308c706\X is Rootkit ZeroAccess
  • PCDRNT.DLL is Rootkit ZeroAccess
  • MAYA70DOCSERVER.DLL is Rootkit ZeroAccess
  • INETACCELERATOR.EXE is Trojan Foreign
  • _EX-68.EXE is Trojan Banload
  • OTYTKF.EXE is Worm Palevo
  • FUNSHIONINSTALL.EXE is Trojan Delf
  • MAXTUDOXDB.EXE is Trojan CFI
  • MSDSCSC.EXE is Backdoor Finlosky

• 
• Remember: the best way to remove rootkits is from the outside!

  

• Blogroll

  • RegRun Security Suite. Detects and removes rootkits/malware/adware that your antivirus could not.
  • RegRun Warrior – Removing rootkits is best done from the outside!
  • UnHackMe – rootkit & malware killer

• Popular

  1. 3%QKM.EXE is Trojan Kryptik
  2. 2%BETTERINSTALLER.EXE is Adware Somoto
  3. 1%U997.EXE is not a virus UltraSurf
  4. 1%MSLOOP.DLL is Rootkit Zero Access
  5. 1%TEMP:WINUPD.EXE is BackDoor TDSS
  6. 1%GREP.3XE is Trojan Tool-NirCmd
  7. 1%MVSCAVAP.EXE is Trojan Banker6
  8. 1%PCOTP.EXE is Trojan Offend
  9. 1%HPDSKFLT.DLL is Rootkit ZeroAccess
  10. 1%XUAT.EXE is Trojan Rimecud
  11. 1%CHINDE.EXE is Trojan Jorik
  12. 1%SYSTEMINSTALLATION.EXE is Trojan Llac
  13. 1%RADCLOCK.DLL is Rootkit ZeroAccess
  14. 1%F16.EXE is Trojan FakeAV
  15. 1%MRTSTUB.EXE is Trojan Banker
  16. 1%DLLHSTS.EXE is Trojan LockScreen
  17. 1%HKAVGLRJ.EXE is Trojan Banker
  18. 1%PROCEXP111.DLL is Rootkit ZeroAccess
  19. 1%QUESTBASIC.EXE is AdWare AdLoad
  20. 1%TOSCOSRV.DLL is Rootkit ZeroAccess

• Tags

  3308c706 Adware Agent Ainslot ATAPI.SYS AutoRun autorun.inf Backdoor Bancos Banker Banload BHO Bifrose Buzus Delf Fake AntiVirus FakeAV Injector IRCBot Jorik KeyLogger Koobface Kraddare Kryptik lsass.exe Malware Domain Oficla OnLineGames Palevo Rebhip Rootkit Scar services.exe SpyEye svchost.exe Taterf TDSS Trojan VB VBInject VBKrypt Virus winlogon.exe Worm ZeroAccess