mskl.exe - Dangerous
%sysdir%\mskl.exe
Manual removal instructions:
Antivirus Report of %sysdir%\mskl.exe:
%sysdir%\mskl.exe
mskl.exe is a W32.Feebs!rootkit.
mskl.exe is a user mode rootkit.
mskl.exe hide files containing the string "_new!_full+crack.zip".
mskl.exe is used to hide registry keys containing the string "{22235B37-92F6-915C-DE5B-3B3D4DBC5730}".
Hooking the following Windows APIs:
FindFirstFile
FindNextFile
RegEnumEx
RegEnumKey
RegEnumValue
mskl.exe spreads by e-mail and via open network shares.
Related files:
%SysDir%\mskl32.dll
%SysDir%\mskl.exe
Added to registry:
HKEY_CLASSES_ROOT\CLSID\{22235B37-92F6-915C-DE5B-3B3D4DBC5730}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{22235B37-92F6-915C-DE5B-3B3D4DBC5730}
@="%Windir%\%SYSDIR%\mskl32.dll"
Adds the value:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
"mskl32.dll" = "{22235B37-92F6-915C-DE5B-3B3D4DBC5730}"
to the Windows startup registry keys.
| %sysdir%\mskl.exe | Malware |
| %sysdir%\mskl.exe | Dangerous |
| %sysdir%\mskl.exe | High Risk |
mskl.exe is a user mode rootkit.
mskl.exe hide files containing the string "_new!_full+crack.zip".
mskl.exe is used to hide registry keys containing the string "{22235B37-92F6-915C-DE5B-3B3D4DBC5730}".
Hooking the following Windows APIs:
FindFirstFile
FindNextFile
RegEnumEx
RegEnumKey
RegEnumValue
mskl.exe spreads by e-mail and via open network shares.
Related files:
%SysDir%\mskl32.dll
%SysDir%\mskl.exe
Added to registry:
HKEY_CLASSES_ROOT\CLSID\{22235B37-92F6-915C-DE5B-3B3D4DBC5730}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{22235B37-92F6-915C-DE5B-3B3D4DBC5730}
@="%Windir%\%SYSDIR%\mskl32.dll"
Adds the value:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
"mskl32.dll" = "{22235B37-92F6-915C-DE5B-3B3D4DBC5730}"
to the Windows startup registry keys.
Dmitry Sokolov:
I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.
Since that time I work every day to fix the issues that antiviruses cannot.
If your antivirus have not helped you solve the problem, you should try UnHackMe.
We are a small company and you can ask me directly, if you have any questions.