tasker.exe - Dangerous
tasker.exe
Manual removal instructions:
Antivirus Report of tasker.exe:
tasker.exe
W32.Mydoom.R@mm is a mass-mailing worm that uses its own SMTP engine to send itself to the email addresses that it finds on an infected computer.
The email contains a spoofed From address. The subject and message body vary, and the attachment has a .bat, .cmd, .exe, .pif, .scr, or .zip extension.
May also attempt to open a back door on port 5422 and allow a remote attacker to have unauthorized access to the infected system.
This would allow a remote attacker to download and execute remote files.
Manual removal:
Navigate to the key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
and delete the value: "Task"="%System%\tasker.exe"
Then, navigate to the key: HKEY_CLASSES_ROOT\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\InprocServer32
and delete the value: "(Default)"="%System%\Nemog.dll"
At last, navigate to and delete the keys:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\Version
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\Version
tasker.exe | Malware |
tasker.exe | Dangerous |
tasker.exe | High Risk |
The email contains a spoofed From address. The subject and message body vary, and the attachment has a .bat, .cmd, .exe, .pif, .scr, or .zip extension.
May also attempt to open a back door on port 5422 and allow a remote attacker to have unauthorized access to the infected system.
This would allow a remote attacker to download and execute remote files.
Manual removal:
Navigate to the key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
and delete the value: "Task"="%System%\tasker.exe"
Then, navigate to the key: HKEY_CLASSES_ROOT\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\InprocServer32
and delete the value: "(Default)"="%System%\Nemog.dll"
At last, navigate to and delete the keys:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\Version
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\Version
Dmitry Sokolov:
I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.
Since that time I work every day to fix the issues that antiviruses cannot.
If your antivirus have not helped you solve the problem, you should try UnHackMe.
We are a small company and you can ask me directly, if you have any questions.