xcmab.sys - Dangerous

xcmab.sys

Manual removal instructions:

Antivirus Report of xcmab.sys:
xcmab.sys Malware
xcmab.sysDangerous
xcmab.sysHigh Risk
xcmab.sys
We suggest you to remove xcmab.sys from your computer as soon as possible.
Xcmab.sys is Trojan/Backdoor.
Kill the file xcmab.sys and remove xcmab.sys from Windows startup.

Malware: C:\sand-box\011.exe

Removed: C:\WINDOWS\system32\shell.exe
C:\WINDOWS\PPlayer.2.1.58130.251.(508).dll
C:\WINDOWS\system32\finks32.exe
C:\WINDOWS\system32\bbb.exe
C:\WINDOWS\system32\winhelp.exe
C:\WINDOWS\system32\winhelp32.exe
C:\WINDOWS\system32\DRIVERS\xcmab.sys
C:\WINDOWS\system32\appmgmts.dll
C:\Documents and Settings\All Users\Application Data\Microsoft\Media Player\wmp\mtlrd.sys

You must restore the original files are changed virus:
C:\WINDOWS\system32\LSASS.EXE

Classification:Antivirus Version Last Update Result
Kaspersky 7.0.0.125 2010.02.07 Trojan.Win32.VB.aart
McAfee 5884 2010.02.06 Generic VB.z
Microsoft 1.5406 2010.02.07 -
NOD32 4842 2010.02.06 a variant of Win32/TrojanDownloader.VB.ODS

Additional information
File size: 69632 bytes
MD5 : 26fc760fd7ca7f64cfcae9f9cedb4b7d
SHA1 : 02507d0587545faefae511846046b063f89827bf
SHA256: 42f5000f5cc6e28a058f9c8634c5472582b5fb0e885ddb488b6138b4bab264fc

http://greatis.com/blog/how-to-remove-ma...

Remove xcmab.sys now!

Dmitry Sokolov:

I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.

Since that time I work every day to fix the issues that antiviruses cannot.

If your antivirus have not helped you solve the problem, you should try UnHackMe.

We are a small company and you can ask me directly, if you have any questions.

Testimonials

You can read UnHackMe testimonials here.