trojan.win32.mupad.a

trojan.win32.mupad.a also known as Adware.Agent, W32/S-38b4d92a!Eldorado, Adware.Agent. Malware Analysis of trojan.win32.mupad.a – WAGVEM.EXE Created files: %TEMP%FOLDER\NORROCHULAG\SSL3.DLL %APPDATA%\XIDKEPBODKUL\NAJDOM.DIN %APPDATA%\XIDKEPBODKUL\WAGVEM.EXE Detected by UnHackMe: WAGVEM.EXE DEFAULT LOCATION: %APPDATA%\XIDKEPBODKUL\WAGVEM.EXE Dropper hash(md5): d85a345db352d1ca9dc43d0398b9f668 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any…

Continue reading

PUP.Optional.Solvusoft

PUP.Optional.Solvusoft also known as W32.HfsAdware.D686, Program.Unwanted.952. Malware Analysis of PUP.Optional.Solvusoft – DRIVERDOC.EXE Created files: %Program Files%\Solvusoft\DriverDoc\DPInst32.exe %Program Files%\Solvusoft\DriverDoc\DPInst64.exe %Program Files%\Solvusoft\DriverDoc\DriverDoc.exe %Program Files%\Solvusoft\DriverDoc\DriverHiveEngine.dll %Program Files%\Solvusoft\DriverDoc\Html\about_lightbox.html Autostart registry keys: HKLM\Software\Classes\Applications\DriverDocSetup.exe\IsHostApp: “” HKLM\Software\Classes\Applications\EULA.rtf\NoStartPage: “” HKLM\Software\Classes\Applications\LogFilesCollector.exe\NoStartPage: “” HKLM\Software\Classes\Applications\Setup_DriverDoc_2016.exe\IsHostApp: “” HKLM\Software\Classes\Applications\ShortcutLauncher.exe\NoStartPage: “” HKLM\Software\Classes\Applications\SolvusoftTray.exe\NoStartPage: “” HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0570A0D4430B8FD479ED621F12A22CFF\InstallProperties\DisplayName: “DriverDoc” HKLM\Software\Microsoft\Windows\CurrentVersion\Run\CommonToolkitTray_Solvusoft: “%Program Files%\Solvusoft\Tray\SolvusoftTray.exe” HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\DriverDoc\DisplayName: “DriverDoc” HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\DRIVERDOC\UNINSTALLSTRING: “”%COMMON APPDATA%\{0897014C-63E3-47DF-8A5F-4399CC5D61B9}\DRIVERDOCSETUP.EXE” REMOVE=TRUE MODIFY=FALSE” HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4D0A0750-B034-4DF8-97DE-26F1212AC2FF}\DisplayName: “DriverDoc” HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4D0A0750-B034-4DF8-97DE-26F1212AC2FF}\UNINSTALLSTRING: “%COMMON…

Continue reading

Win32/Heim

Win32/Heim also known as Artemis!A0C36E20081B, Win32.SuspectCrc, Suspicious.Cloud.5. Malware Analysis of Win32/Heim – SESSIONSTORE.EXE Created files: %Appdata%\Adobe\Flash Player\AssetCache\sessionstore.exe %Appdata%\Adobe\Flash Player\AssetCache\sessionstore.osv %Appdata%\Adobe\Flash Player\AssetCache\Transfer.tmp %Local Appdata%\Identities\{FD9F837C-5851-47A2-A9B3-B6680CCE76B7}\Microsoft\Outlook Express\Sent Items.dbx Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\sessionstore.exe: “”%Appdata%\Adobe\Flash Player\AssetCache\sessionstore.exe”” Detected by UnHackMe: SESSIONSTORE.EXE Default location: %APPDATA%\ADOBE\FLASH PLAYER\ASSETCACHE\SESSIONSTORE.EXE Dropper hash(md5): a0c36e20081babf9440298ea51a87d7b Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with…

Continue reading

Mal/KeyGen-M

Mal/KeyGen-M also known as W32/Risk.OHCW-8559, PSW.Generic7.BWBC. Malware Analysis of Mal/KeyGen-M Created files: %Program Files%\Wkarj\Ueaj\Qrpio.ini %Appdata%\Microsoft\Protect\S-1-5-21-1659004503-1708537768-1801674531-500\2b39c23a-e9aa-4695-bf8e-a733a6e2d532 %Temp%\g81\FinePrint.v6.10.x64.Incl.Keymaker-ZWT.exe %Temp%\g81\jTemp.dat %Temp%\g81\setup.ini Detected by UnHackMe: FINEPRINT.V6.10.X64.INCL.KEYMAKER-ZWT.EXE Default location: %TEMP%\G81\FINEPRINT.V6.10.X64.INCL.KEYMAKER-ZWT.EXE Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form of malware,…

Continue reading

Trojan.Win32.Mlw.emahbr

Trojan.Win32.Mlw.emahbr also known as trojan.win32.skeeyah.a!rfn, MSIL/Injector.RNC!tr. Malware Analysis of Trojan.Win32.Mlw.emahbr – CTSMDMOP.EXE Created files: %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.EXE %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.LNK %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\FL.TXT %APPDATA%\MONITOR\GUARD\1 %APPDATA%\MONITOR\SCREENSHOTS\03-23-2017\2.14 PM Autostart registry keys: HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS\LOAD: “%APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.LNK” Detected by UnHackMe: CTSMDMOP.EXE DEFAULT LOCATION: %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.EXE Dropper hash(md5): 3debec4b431bedc25cb31a3da16d5b04 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100%…

Continue reading

Trojan ( 004fa5aa1 )

Trojan ( 004fa5aa1 ) also known as Artemis!3DEBEC4B431B, Artemis!Trojan. Malware Analysis of Trojan ( 004fa5aa1 ) – CTSMDMOP.EXE Created files: %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.EXE %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.LNK %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\FL.TXT %APPDATA%\MONITOR\GUARD\1 %APPDATA%\MONITOR\SCREENSHOTS\03-23-2017\2.14 PM Autostart registry keys: HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS\LOAD: “%APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.LNK” Detected by UnHackMe: CTSMDMOP.EXE DEFAULT LOCATION: %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.EXE Dropper hash(md5): 3debec4b431bedc25cb31a3da16d5b04 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with…

Continue reading

Gen:Variant.MSILPerseus.79826

Gen:Variant.MSILPerseus.79826 also known as Trojan.MSILPerseus.D137D2, Trojan.Win32.Autorun.emfzsp, Trojan.Win32.Generic!BT. Malware Analysis of Gen:Variant.MSILPerseus.79826 – HDAUDIODRIVER.EXE Created files: %APPDATA%\HDAUDIODRIVER.EXE Autostart registry keys: HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\REALTEK HIGH DEFINITION AUDIO DRIVER: “%APPDATA%\HDAUDIODRIVER.EXE” Detected by UnHackMe: HDAUDIODRIVER.EXE DEFAULT LOCATION: %APPDATA%\HDAUDIODRIVER.EXE Dropper hash(md5): 5d4c342eb8fcb5bb956cfa08af090115 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN,…

Continue reading

BehavesLike.Win32.Almanahe.lt

BehavesLike.Win32.Almanahe.lt also known as Trojan.Generic.12545610, Trojan.Win32.Generic!BT, Suspicious_GEN.F47V0117. Malware Analysis of BehavesLike.Win32.Almanahe.lt – IE11.EXE Created files: %TEMP%\VER.TXT %Program Files Common%\ie.ini %Program Files Common%\IE11.exe %Program Files%\360\360Safe\deepscan\speedmem2.hg %Program Files%\Home\srvany.exe Autostart registry keys: HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\5ACA0FF9C58DEFA28B00D12E3F1ABC33: “%SYSTEMDRIVE%\SAND-BOX\5ACA0FF9C58DEFA28B00D12E3F1ABC33.EXE” Detected by UnHackMe: IE11.EXE Default location: %PROGRAM FILES COMMON%\IE11.EXE Dropper hash(md5): 5aca0ff9c58defa28b00d12e3f1abc33 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible…

Continue reading

MSIL/Injector.RNC!tr

MSIL/Injector.RNC!tr also known as Artemis!Trojan, Trojan.Nanocore.23, Troj.Dropper.Msil!c. Malware Analysis of MSIL/Injector.RNC!tr – CTSMDMOP.EXE Created files: %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.EXE %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.LNK %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\FL.TXT %APPDATA%\MONITOR\GUARD\1 %APPDATA%\MONITOR\SCREENSHOTS\03-23-2017\2.14 PM Autostart registry keys: HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS\LOAD: “%APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.LNK” Detected by UnHackMe: CTSMDMOP.EXE DEFAULT LOCATION: %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.EXE Dropper hash(md5): 3debec4b431bedc25cb31a3da16d5b04 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is…

Continue reading

Backdoor.LuminosityLink

Backdoor.LuminosityLink also known as Trojan ( 004fa5aa1 ), Trojan ( 004fa5aa1 ), Trojan.GenericKD.4504452. Malware Analysis of Backdoor.LuminosityLink – CTSMDMOP.EXE Created files: %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.EXE %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.LNK %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\FL.TXT %APPDATA%\MONITOR\GUARD\1 %APPDATA%\MONITOR\SCREENSHOTS\03-23-2017\2.14 PM Autostart registry keys: HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS\LOAD: “%APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.LNK” Detected by UnHackMe: CTSMDMOP.EXE DEFAULT LOCATION: %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.EXE Dropper hash(md5): 3debec4b431bedc25cb31a3da16d5b04 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible…

Continue reading

Gen:Variant.MSILPerseus.79826 (B)

Gen:Variant.MSILPerseus.79826 (B) also known as generic.ml, Gen:Variant.MSILPerseus.79826, Worm.Win32.VBNA.bttn. Malware Analysis of Gen:Variant.MSILPerseus.79826 (B) – HDAUDIODRIVER.EXE Created files: %APPDATA%\HDAUDIODRIVER.EXE Autostart registry keys: HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\REALTEK HIGH DEFINITION AUDIO DRIVER: “%APPDATA%\HDAUDIODRIVER.EXE” Detected by UnHackMe: HDAUDIODRIVER.EXE DEFAULT LOCATION: %APPDATA%\HDAUDIODRIVER.EXE Dropper hash(md5): 5d4c342eb8fcb5bb956cfa08af090115 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is…

Continue reading

Artemis!3DEBEC4B431B

Artemis!3DEBEC4B431B also known as Mal/Generic-S, trojan.win32.skeeyah.a!rfn. Malware Analysis of Artemis!3DEBEC4B431B – CTSMDMOP.EXE Created files: %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.EXE %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.LNK %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\FL.TXT %APPDATA%\MONITOR\GUARD\1 %APPDATA%\MONITOR\SCREENSHOTS\03-23-2017\2.14 PM Autostart registry keys: HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS\LOAD: “%APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.LNK” Detected by UnHackMe: CTSMDMOP.EXE DEFAULT LOCATION: %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.EXE Dropper hash(md5): 3debec4b431bedc25cb31a3da16d5b04 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100%…

Continue reading

Trojan.GenericKD.4504452

Trojan.GenericKD.4504452 also known as Trojan.Win32.Mlw.emahbr, MSIL/Injector.RNC!tr, Win32.Trojan.WisdomEyes.16070401.9500.9996. Malware Analysis of Trojan.GenericKD.4504452 – CTSMDMOP.EXE Created files: %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.EXE %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.LNK %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\FL.TXT %APPDATA%\MONITOR\GUARD\1 %APPDATA%\MONITOR\SCREENSHOTS\03-23-2017\2.14 PM Autostart registry keys: HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS\LOAD: “%APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.LNK” Detected by UnHackMe: CTSMDMOP.EXE DEFAULT LOCATION: %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.EXE Dropper hash(md5): 3debec4b431bedc25cb31a3da16d5b04 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is…

Continue reading

Trojan.Generic.12545610

Trojan.Generic.12545610 also known as . Malware Analysis of Trojan.Generic.12545610 – IE11.EXE Created files: %TEMP%\VER.TXT %Program Files Common%\ie.ini %Program Files Common%\IE11.exe %Program Files%\360\360Safe\deepscan\speedmem2.hg %Program Files%\Home\srvany.exe Autostart registry keys: HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\5ACA0FF9C58DEFA28B00D12E3F1ABC33: “%SYSTEMDRIVE%\SAND-BOX\5ACA0FF9C58DEFA28B00D12E3F1ABC33.EXE” Detected by UnHackMe: IE11.EXE Default location: %PROGRAM FILES COMMON%\IE11.EXE Dropper hash(md5): 5aca0ff9c58defa28b00d12e3f1abc33 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most…

Continue reading

Artemis!5D4C342EB8FC

Artemis!5D4C342EB8FC also known as Trojan ( 00309b371 ), Gen:Variant.MSILPerseus.79826, Trojan.Win32.Generic!BT. Malware Analysis of Artemis!5D4C342EB8FC – HDAUDIODRIVER.EXE Created files: %APPDATA%\HDAUDIODRIVER.EXE Autostart registry keys: HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\REALTEK HIGH DEFINITION AUDIO DRIVER: “%APPDATA%\HDAUDIODRIVER.EXE” Detected by UnHackMe: HDAUDIODRIVER.EXE DEFAULT LOCATION: %APPDATA%\HDAUDIODRIVER.EXE Dropper hash(md5): 5d4c342eb8fcb5bb956cfa08af090115 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe…

Continue reading

ransom.msil.jigsawlocker.a

ransom.msil.jigsawlocker.a also known as Msil.Worm.Autorun.Sxey, Trojan.MSILPerseus.D137D2, TR/Dropper.MSIL.Gen. Malware Analysis of ransom.msil.jigsawlocker.a – HDAUDIODRIVER.EXE Created files: %APPDATA%\HDAUDIODRIVER.EXE Autostart registry keys: HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\REALTEK HIGH DEFINITION AUDIO DRIVER: “%APPDATA%\HDAUDIODRIVER.EXE” Detected by UnHackMe: HDAUDIODRIVER.EXE DEFAULT LOCATION: %APPDATA%\HDAUDIODRIVER.EXE Dropper hash(md5): 5d4c342eb8fcb5bb956cfa08af090115 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN,…

Continue reading

Artemis!2219328E5B97

Artemis!2219328E5B97 also known as PE:Malware.XPACK-HIE/Heur!1.9C48, Suspicious_GEN.F47V0117, Trojan.Generic.12545610. Malware Analysis of Artemis!2219328E5B97 – IE11.EXE Created files: %TEMP%\VER.TXT %Program Files Common%\ie.ini %Program Files Common%\IE11.exe %Program Files%\360\360Safe\deepscan\speedmem2.hg %Program Files%\Home\srvany.exe Autostart registry keys: HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\5ACA0FF9C58DEFA28B00D12E3F1ABC33: “%SYSTEMDRIVE%\SAND-BOX\5ACA0FF9C58DEFA28B00D12E3F1ABC33.EXE” Detected by UnHackMe: IE11.EXE Default location: %PROGRAM FILES COMMON%\IE11.EXE Dropper hash(md5): 5aca0ff9c58defa28b00d12e3f1abc33 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible…

Continue reading

Dropper/Win32.MSIL.C1748859

Dropper/Win32.MSIL.C1748859 also known as Trojan ( 004fa5aa1 ), Artemis!Trojan, Trojan.Nanocore.23. Malware Analysis of Dropper/Win32.MSIL.C1748859 – CTSMDMOP.EXE Created files: %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.EXE %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.LNK %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\FL.TXT %APPDATA%\MONITOR\GUARD\1 %APPDATA%\MONITOR\SCREENSHOTS\03-23-2017\2.14 PM Autostart registry keys: HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS\LOAD: “%APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.LNK” Detected by UnHackMe: CTSMDMOP.EXE DEFAULT LOCATION: %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.EXE Dropper hash(md5): 3debec4b431bedc25cb31a3da16d5b04 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus…

Continue reading

TR/Dropper.MSIL.jlllh

TR/Dropper.MSIL.jlllh also known as Trojan:Win32/Dynamer!ac, Mal/Generic-S, Trojan ( 004fa5aa1 ). Malware Analysis of TR/Dropper.MSIL.jlllh – CTSMDMOP.EXE Created files: %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.EXE %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.LNK %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\FL.TXT %APPDATA%\MONITOR\GUARD\1 %APPDATA%\MONITOR\SCREENSHOTS\03-23-2017\2.14 PM Autostart registry keys: HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS\LOAD: “%APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.LNK” Detected by UnHackMe: CTSMDMOP.EXE DEFAULT LOCATION: %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.EXE Dropper hash(md5): 3debec4b431bedc25cb31a3da16d5b04 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus…

Continue reading

Trojan.Win32.Autorun.emfzsp

Trojan.Win32.Autorun.emfzsp also known as malicious_confidence_100% (W), Gen:Variant.MSILPerseus.79826, Mal/Generic-S. Malware Analysis of Trojan.Win32.Autorun.emfzsp – HDAUDIODRIVER.EXE Created files: %APPDATA%\HDAUDIODRIVER.EXE Autostart registry keys: HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\REALTEK HIGH DEFINITION AUDIO DRIVER: “%APPDATA%\HDAUDIODRIVER.EXE” Detected by UnHackMe: HDAUDIODRIVER.EXE DEFAULT LOCATION: %APPDATA%\HDAUDIODRIVER.EXE Dropper hash(md5): 5d4c342eb8fcb5bb956cfa08af090115 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100%…

Continue reading

Trojan.MSILPerseus.D137D2

Trojan.MSILPerseus.D137D2 also known as Uds.Dangerousobject.Multi!c, Trojan.Win32.Generic!BT, Gen:Variant.MSILPerseus.79826 (B). Malware Analysis of Trojan.MSILPerseus.D137D2 – HDAUDIODRIVER.EXE Created files: %APPDATA%\HDAUDIODRIVER.EXE Autostart registry keys: HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\REALTEK HIGH DEFINITION AUDIO DRIVER: “%APPDATA%\HDAUDIODRIVER.EXE” Detected by UnHackMe: HDAUDIODRIVER.EXE DEFAULT LOCATION: %APPDATA%\HDAUDIODRIVER.EXE Dropper hash(md5): 5d4c342eb8fcb5bb956cfa08af090115 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100%…

Continue reading

Worm.Win32.VBNA.bttn

Worm.Win32.VBNA.bttn also known as Gen:Variant.MSILPerseus.79826, Trojan.Win32.Generic!BT, Worm/MSIL.EVA. Malware Analysis of Worm.Win32.VBNA.bttn – HDAUDIODRIVER.EXE Created files: %APPDATA%\HDAUDIODRIVER.EXE Autostart registry keys: HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\REALTEK HIGH DEFINITION AUDIO DRIVER: “%APPDATA%\HDAUDIODRIVER.EXE” Detected by UnHackMe: HDAUDIODRIVER.EXE DEFAULT LOCATION: %APPDATA%\HDAUDIODRIVER.EXE Dropper hash(md5): 5d4c342eb8fcb5bb956cfa08af090115 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN,…

Continue reading

Trojan.Generic.12545610 (B)

Trojan.Generic.12545610 (B) also known as BehavesLike.Win32.Almanahe.lt, Trojan.Agent. Malware Analysis of Trojan.Generic.12545610 (B) – IE11.EXE Created files: %TEMP%\VER.TXT %Program Files Common%\ie.ini %Program Files Common%\IE11.exe %Program Files%\360\360Safe\deepscan\speedmem2.hg %Program Files%\Home\srvany.exe Autostart registry keys: HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\5ACA0FF9C58DEFA28B00D12E3F1ABC33: “%SYSTEMDRIVE%\SAND-BOX\5ACA0FF9C58DEFA28B00D12E3F1ABC33.EXE” Detected by UnHackMe: IE11.EXE Default location: %PROGRAM FILES COMMON%\IE11.EXE Dropper hash(md5): 5aca0ff9c58defa28b00d12e3f1abc33 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is…

Continue reading

Win32.Trojan.WisdomEyes.16070401.9500.9996

Win32.Trojan.WisdomEyes.16070401.9500.9996 also known as malicious_confidence_100% (W), Atros5.JDA, Trojan.GenericKD.4504452. Malware Analysis of Win32.Trojan.WisdomEyes.16070401.9500.9996 – CTSMDMOP.EXE Created files: %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.EXE %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.LNK %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\FL.TXT %APPDATA%\MONITOR\GUARD\1 %APPDATA%\MONITOR\SCREENSHOTS\03-23-2017\2.14 PM Autostart registry keys: HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS\LOAD: “%APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.LNK” Detected by UnHackMe: CTSMDMOP.EXE DEFAULT LOCATION: %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.EXE Dropper hash(md5): 3debec4b431bedc25cb31a3da16d5b04 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe…

Continue reading

a variant of MSIL/Injector.RNC

a variant of MSIL/Injector.RNC also known as Dropper/Win32.MSIL.C1748859, Artemis!Trojan, Trojan ( 004fa5aa1 ). Malware Analysis of a variant of MSIL/Injector.RNC – CTSMDMOP.EXE Created files: %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.EXE %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.LNK %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\FL.TXT %APPDATA%\MONITOR\GUARD\1 %APPDATA%\MONITOR\SCREENSHOTS\03-23-2017\2.14 PM Autostart registry keys: HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS\LOAD: “%APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.LNK” Detected by UnHackMe: CTSMDMOP.EXE DEFAULT LOCATION: %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.EXE Dropper hash(md5): 3debec4b431bedc25cb31a3da16d5b04 Share This: UnHackMe removes malware invisible for your antivirus!…

Continue reading

Trojan.Nanocore.23

Trojan.Nanocore.23 also known as Atros5.JDA, Trojan.Win32.Mlw.emahbr, trojan.win32.skeeyah.a!rfn. Malware Analysis of Trojan.Nanocore.23 – CTSMDMOP.EXE Created files: %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.EXE %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.LNK %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\FL.TXT %APPDATA%\MONITOR\GUARD\1 %APPDATA%\MONITOR\SCREENSHOTS\03-23-2017\2.14 PM Autostart registry keys: HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS\LOAD: “%APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.LNK” Detected by UnHackMe: CTSMDMOP.EXE DEFAULT LOCATION: %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.EXE Dropper hash(md5): 3debec4b431bedc25cb31a3da16d5b04 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is…

Continue reading

MSIL/Spy_Agent.R!worm

MSIL/Spy_Agent.R!worm also known as Win32.Trojan.WisdomEyes.16070401.9500.9994, Trojan.Win32.Generic!BT, ransom.msil.jigsawlocker.a. Malware Analysis of MSIL/Spy_Agent.R!worm – HDAUDIODRIVER.EXE Created files: %APPDATA%\HDAUDIODRIVER.EXE Autostart registry keys: HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\REALTEK HIGH DEFINITION AUDIO DRIVER: “%APPDATA%\HDAUDIODRIVER.EXE” Detected by UnHackMe: HDAUDIODRIVER.EXE DEFAULT LOCATION: %APPDATA%\HDAUDIODRIVER.EXE Dropper hash(md5): 5d4c342eb8fcb5bb956cfa08af090115 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN,…

Continue reading

Worm/MSIL.EVA

Worm/MSIL.EVA also known as Win32.HLLW.Autoruner2.27616, Gen:Variant.MSILPerseus.79826, Trojan.Win32.Autorun.emfzsp. Malware Analysis of Worm/MSIL.EVA – HDAUDIODRIVER.EXE Created files: %APPDATA%\HDAUDIODRIVER.EXE Autostart registry keys: HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\REALTEK HIGH DEFINITION AUDIO DRIVER: “%APPDATA%\HDAUDIODRIVER.EXE” Detected by UnHackMe: HDAUDIODRIVER.EXE DEFAULT LOCATION: %APPDATA%\HDAUDIODRIVER.EXE Dropper hash(md5): 5d4c342eb8fcb5bb956cfa08af090115 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN,…

Continue reading

Win32.Trojan.Agent.SQ4IWE

Win32.Trojan.Agent.SQ4IWE also known as Trojan.Win32.Mlw.emahbr, Artemis!3DEBEC4B431B, Atros5.JDA. Malware Analysis of Win32.Trojan.Agent.SQ4IWE – CTSMDMOP.EXE Created files: %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.EXE %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.LNK %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\FL.TXT %APPDATA%\MONITOR\GUARD\1 %APPDATA%\MONITOR\SCREENSHOTS\03-23-2017\2.14 PM Autostart registry keys: HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS\LOAD: “%APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.LNK” Detected by UnHackMe: CTSMDMOP.EXE DEFAULT LOCATION: %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.EXE Dropper hash(md5): 3debec4b431bedc25cb31a3da16d5b04 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is…

Continue reading

Worm.VBNA!8.2BE (cloud:iS5WJVFyZQL)

Worm.VBNA!8.2BE (cloud:iS5WJVFyZQL) also known as Trojan.Win32.Generic!BT, Msil.Worm.Autorun.Sxey. Malware Analysis of Worm.VBNA!8.2BE (cloud:iS5WJVFyZQL) – HDAUDIODRIVER.EXE Created files: %APPDATA%\HDAUDIODRIVER.EXE Autostart registry keys: HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\REALTEK HIGH DEFINITION AUDIO DRIVER: “%APPDATA%\HDAUDIODRIVER.EXE” Detected by UnHackMe: HDAUDIODRIVER.EXE DEFAULT LOCATION: %APPDATA%\HDAUDIODRIVER.EXE Dropper hash(md5): 5d4c342eb8fcb5bb956cfa08af090115 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100%…

Continue reading

Atros5.JDA

Atros5.JDA also known as Win32:Malware-gen, Trojan ( 004fa5aa1 ), Dropper/Win32.MSIL.C1748859. Malware Analysis of Atros5.JDA – CTSMDMOP.EXE Created files: %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.EXE %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.LNK %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\FL.TXT %APPDATA%\MONITOR\GUARD\1 %APPDATA%\MONITOR\SCREENSHOTS\03-23-2017\2.14 PM Autostart registry keys: HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS\LOAD: “%APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.LNK” Detected by UnHackMe: CTSMDMOP.EXE DEFAULT LOCATION: %APPDATA%\MICROSOFT\WINDOWS\SCREENTOGIF\CTSMDMOP.EXE Dropper hash(md5): 3debec4b431bedc25cb31a3da16d5b04 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus…

Continue reading

Win32/Trojan.8dd

Win32/Trojan.8dd also known as Trojan.Win32.Generic!BT, Win32.HLLW.Autoruner2.27616, MSIL/Spy_Agent.R!worm. Malware Analysis of Win32/Trojan.8dd – HDAUDIODRIVER.EXE Created files: %APPDATA%\HDAUDIODRIVER.EXE Autostart registry keys: HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\REALTEK HIGH DEFINITION AUDIO DRIVER: “%APPDATA%\HDAUDIODRIVER.EXE” Detected by UnHackMe: HDAUDIODRIVER.EXE DEFAULT LOCATION: %APPDATA%\HDAUDIODRIVER.EXE Dropper hash(md5): 5d4c342eb8fcb5bb956cfa08af090115 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN,…

Continue reading

Trojan ( 00309b371 )

Trojan ( 00309b371 ) also known as malicious (high confidence), Gen:Variant.MSILPerseus.79826, Win32:Malware-gen. Malware Analysis of Trojan ( 00309b371 ) – HDAUDIODRIVER.EXE Created files: %APPDATA%\HDAUDIODRIVER.EXE Autostart registry keys: HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\REALTEK HIGH DEFINITION AUDIO DRIVER: “%APPDATA%\HDAUDIODRIVER.EXE” Detected by UnHackMe: HDAUDIODRIVER.EXE DEFAULT LOCATION: %APPDATA%\HDAUDIODRIVER.EXE Dropper hash(md5): 5d4c342eb8fcb5bb956cfa08af090115 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible…

Continue reading

HW32.Packed.BFE8

HW32.Packed.BFE8 also known as PUA.MultiPlug!, Gen:Variant.Razy.14008, trojan.win32.dorv.b!rfn. MALWARE ANALYSIS OF HW32.PACKED.BFE8 – 3C863D9EB64691E1C92E16729D280D5D.EXE Created files: %COMMON APPDATA%\{6A7C4BE2-D64E-A596-6A7C-C4BE2D642F8B}\D9A528567ED6D0A4 %COMMON APPDATA%\{6A7C4BE2-D64E-A596-6A7C-C4BE2D642F8B}\3C863D9EB64691E1C92E16729D280D5D.DAT %COMMON APPDATA%\{6A7C4BE2-D64E-A596-6A7C-C4BE2D642F8B}\3C863D9EB64691E1C92E16729D280D5D.EXE %SYSDIR%\TASKS\SYNCEXIST %WINDIR%\TASKS\SYNCEXIST.JOB Detected by UnHackMe: 3C863D9EB64691E1C92E16729D280D5D.EXE DEFAULT LOCATION: %COMMON APPDATA%\{6A7C4BE2-D64E-A596-6A7C-C4BE2D642F8B}\3C863D9EB64691E1C92E16729D280D5D.EXE Dropper hash(md5): 3c863d9eb64691e1c92e16729d280d5d Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which…

Continue reading

WordPress SEO fine-tune by Meta SEO Pack from Poradnik Webmastera