mydll.exe - Dangerous
%windir%\@@@\mydll.exe
Manual removal instructions:
Antivirus Report of %windir%\@@@\mydll.exe:
%windir%\@@@\mydll.exe
mydll.exe is rootkit Backdoor.Darkmoon.
mydll.exe is used to hide files, processes and registry.
mydll.exe is a kernel mode rootkit.
Rootkit injects itself into the iexplore.exe process.
mydll.exe opens a back door on on TCP ports 6868 and 7777.
Rootkit creates new system drivers.
mydll.exe monitors user Internet activity and private information.
It sends stolen data to a hacker site.
Related files:
%System%\[FILENAME].d1l
%System%\drivers\[FILENAME].sys .
%Windir%\@@@\___.exe
%Windir%\@@@\mydll.exe
%Windir%\@@@\win32.exe
%Windir%\win32log.dat
%Temp%\~MS[RANDOM CHARACTERS].doc
%Temp%\~$~MS[RANDOM CHARACTERS].doc
Adds the value:
"Microsoft" = "%Windir%\@@@\win32.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"ServiceDll" = "%System%\[FILENAME].d1l"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dmserver\Parameters
to the Windows startup registry keys.
Added to registry:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\[FILENAME]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_[FILENAME]
| %windir%\@@@\mydll.exe | Malware |
| %windir%\@@@\mydll.exe | Dangerous |
| %windir%\@@@\mydll.exe | High Risk |
mydll.exe is used to hide files, processes and registry.
mydll.exe is a kernel mode rootkit.
Rootkit injects itself into the iexplore.exe process.
mydll.exe opens a back door on on TCP ports 6868 and 7777.
Rootkit creates new system drivers.
mydll.exe monitors user Internet activity and private information.
It sends stolen data to a hacker site.
Related files:
%System%\[FILENAME].d1l
%System%\drivers\[FILENAME].sys .
%Windir%\@@@\___.exe
%Windir%\@@@\mydll.exe
%Windir%\@@@\win32.exe
%Windir%\win32log.dat
%Temp%\~MS[RANDOM CHARACTERS].doc
%Temp%\~$~MS[RANDOM CHARACTERS].doc
Adds the value:
"Microsoft" = "%Windir%\@@@\win32.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"ServiceDll" = "%System%\[FILENAME].d1l"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dmserver\Parameters
to the Windows startup registry keys.
Added to registry:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\[FILENAME]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_[FILENAME]
Dmitry Sokolov:
I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.
Since that time I work every day to fix the issues that antiviruses cannot.
If your antivirus have not helped you solve the problem, you should try UnHackMe.
We are a small company and you can ask me directly, if you have any questions.