Category Archives: KeyLogger

Hack.Tool/Gen-Keylogger

Hack.Tool/Gen-Keylogger also known as Perfect Keylogger, Win-Trojan/Perflogger.24576, Trojan.Peflog.159. Malware Analysis of Hack.Tool/Gen-Keylogger – GHOSTHK.DLL Created files: %TEMP%\RARSFX0\RINST.EXE %SYSDIR%\GHOST.EXE %SYSDIR%\GHOSTHK.DLL %SYSDIR%\GHOSTR.EXE %SYSDIR%\GHOSTWB.DLL Detected by UnHackMe: GHOSTHK.DLL Default location: %SYSDIR%\GHOSTHK.DLL Dropper hash(md5): d723ea90bdb19d30ec8aef209d34ceea Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does…

Continue reading

SPYW_PerfectKeylogger

SPYW_PerfectKeylogger also known as Trojan-Downloader.Win32.Small!cobra (v), Generic.Perfloger.DF90E1A8. Malware Analysis of SPYW_PerfectKeylogger – GHOSTR.EXE Created files: %SYSDIR%\GHOST.EXE %SYSDIR%\GHOSTHK.DLL %SYSDIR%\GHOSTR.EXE %SYSDIR%\GHOSTWB.DLL %SYSDIR%\INST.DAT Detected by UnHackMe: GHOSTR.EXE Default location: %SYSDIR%\GHOSTR.EXE Dropper hash(md5): d723ea90bdb19d30ec8aef209d34ceea Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not…

Continue reading

Win.Trojan.PerfectKeylogger-9

Win.Trojan.PerfectKeylogger-9 also known as Generic.Win32.9ac9028338!MD, TrojWare.Win32.Spy.PerfKey.NAA, Hack.Tool/Gen-Keylogger. Malware Analysis of Win.Trojan.PerfectKeylogger-9 – GHOSTHK.DLL Created files: %TEMP%\RARSFX0\RINST.EXE %SYSDIR%\GHOST.EXE %SYSDIR%\GHOSTHK.DLL %SYSDIR%\GHOSTR.EXE %SYSDIR%\GHOSTWB.DLL Detected by UnHackMe: GHOSTHK.DLL Default location: %SYSDIR%\GHOSTHK.DLL Dropper hash(md5): d723ea90bdb19d30ec8aef209d34ceea Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not…

Continue reading

W32.PerfKeylogEDll.Trojan

W32.PerfKeylogEDll.Trojan also known as Trjoan.Generic-NDcJlLK5kyT (Cloud), Trojan.PolyCrypt.Win32.1716, Generic.Perfloger.80ACE920 (B). Malware Analysis of W32.PerfKeylogEDll.Trojan – GHOSTHK.DLL Created files: %TEMP%\RARSFX0\RINST.EXE %SYSDIR%\GHOST.EXE %SYSDIR%\GHOSTHK.DLL %SYSDIR%\GHOSTR.EXE %SYSDIR%\GHOSTWB.DLL Detected by UnHackMe: GHOSTHK.DLL Default location: %SYSDIR%\GHOSTHK.DLL Dropper hash(md5): d723ea90bdb19d30ec8aef209d34ceea Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it…

Continue reading

TrojanSpy.Keylogger.al

TrojanSpy.Keylogger.al also known as HEUR/Malware.QVM27.Gen, Trojan-Spy.PerfKey.c, Generic.Perfloger.80ACE920. Malware Analysis of TrojanSpy.Keylogger.al – GHOSTHK.DLL Created files: %TEMP%\RARSFX0\RINST.EXE %SYSDIR%\GHOST.EXE %SYSDIR%\GHOSTHK.DLL %SYSDIR%\GHOSTR.EXE %SYSDIR%\GHOSTWB.DLL Detected by UnHackMe: GHOSTHK.DLL Default location: %SYSDIR%\GHOSTHK.DLL Dropper hash(md5): d723ea90bdb19d30ec8aef209d34ceea Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not…

Continue reading

W32.PerfKeylogCB.Trojan

W32.PerfKeylogCB.Trojan also known as W32/Perflogger.CB!tr, W32/Perflogger.LADU-6047, Perfect Keylogger (PUA). Malware Analysis of W32.PerfKeylogCB.Trojan – GHOSTR.EXE Created files: %SYSDIR%\GHOST.EXE %SYSDIR%\GHOSTHK.DLL %SYSDIR%\GHOSTR.EXE %SYSDIR%\GHOSTWB.DLL %SYSDIR%\INST.DAT Detected by UnHackMe: GHOSTR.EXE Default location: %SYSDIR%\GHOSTR.EXE Dropper hash(md5): d723ea90bdb19d30ec8aef209d34ceea Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it…

Continue reading

Trojan.Keylogger.PerfectKey

Trojan.Keylogger.PerfectKey also known as W32/Perflogger.B, Win32/Spy.PerfKey.NAA. Malware Analysis of Trojan.Keylogger.PerfectKey – GHOSTR.EXE Created files: %SYSDIR%\GHOST.EXE %SYSDIR%\GHOSTHK.DLL %SYSDIR%\GHOSTR.EXE %SYSDIR%\GHOSTWB.DLL %SYSDIR%\INST.DAT Detected by UnHackMe: GHOSTR.EXE Default location: %SYSDIR%\GHOSTR.EXE Dropper hash(md5): d723ea90bdb19d30ec8aef209d34ceea Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain…

Continue reading

a variant of Win32/KeyLogger.Spyrix.F

a variant of Win32/KeyLogger.Spyrix.F also known as Adware.SpyrixCRTD.Win32.524. Malware Analysis of a variant of Win32/KeyLogger.Spyrix.F – SPM_SETUPKL.EXE Created files: %Temp%\7zS09736340\cfg000.exe %Temp%\7zS09736340\config.exe %Temp%\7zS09736340\spm_setupkl.7z %Temp%\7zS09736340\spm_setupkl.exe %Temp%\is-QF7A6.tmp\spm_setupKL.tmp Detected by UnHackMe: SPM_SETUPKL.EXE Default location: %TEMP%\7ZS09736340\SPM_SETUPKL.EXE Dropper hash(md5): 1938fd6b8163d567adf17c26545b1668 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which…

Continue reading

MSIL/Spy.Keylogger.BKP

MSIL/Spy.Keylogger.BKP also known as Trojan.Win32.Z.Agent.24064.ADD[h], Gen:Variant.Zusy.Elzob.3001, Gen:Variant.Zusy.Elzob.3001. Malware Analysis of MSIL/Spy.Keylogger.BKP – WINUPDTSZ.EXE Created files: %Temp%\KeyLog\Administrator.txt %Startup%\WinUpdtsz.exe Detected by UnHackMe: WINUPDTSZ.EXE Default location: %STARTUP%\WINUPDTSZ.EXE Dropper hash(md5): b176105c138a004151d30630d1cc0890 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form…

Continue reading

TrojanSpy.KeyLogger!50i6tKLyTCA

TrojanSpy.KeyLogger!50i6tKLyTCA also known as Trojan.Win32.MulDrop6.ebrefv, W32/MSIL_Troj.FT.gen!Eldorado, Riskware ( 0040eff71 ). Malware Analysis of TrojanSpy.KeyLogger!50i6tKLyTCA – WINUPDTSZ.EXE Created files: %Temp%\KeyLog\Administrator.txt %Startup%\WinUpdtsz.exe Detected by UnHackMe: WINUPDTSZ.EXE Default location: %STARTUP%\WINUPDTSZ.EXE Dropper hash(md5): b176105c138a004151d30630d1cc0890 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not…

Continue reading

Msil.Trojan-spy.Keylogger.Pfjg

Msil.Trojan-spy.Keylogger.Pfjg also known as Trojan.MulDrop6.37623, Trojan.Win32.Z.Agent.24064.ADD[h], Gen:Variant.Zusy.Elzob.3001. Malware Analysis of Msil.Trojan-spy.Keylogger.Pfjg – WINUPDTSZ.EXE Created files: %Temp%\KeyLog\Administrator.txt %Startup%\WinUpdtsz.exe Detected by UnHackMe: WINUPDTSZ.EXE Default location: %STARTUP%\WINUPDTSZ.EXE Dropper hash(md5): b176105c138a004151d30630d1cc0890 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form…

Continue reading

Trojan-Spy.MSIL.KeyLogger.jnb

Trojan-Spy.MSIL.KeyLogger.jnb also known as W32/MSIL_Troj.FT.gen!Eldorado, Win32:Malware-gen, Artemis!BD0CDB9767F3. Malware Analysis of Trojan-Spy.MSIL.KeyLogger.jnb – WINUPDTSZ.EXE Created files: %Temp%\KeyLog\Administrator.txt %Startup%\WinUpdtsz.exe Detected by UnHackMe: WINUPDTSZ.EXE Default location: %STARTUP%\WINUPDTSZ.EXE Dropper hash(md5): b176105c138a004151d30630d1cc0890 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form…

Continue reading

Trojan.Keylogger.Win32.49092

Trojan.Keylogger.Win32.49092 also known as Win32.Trojan.WisdomEyes.151026.9950.9998, Trojan.Win32.Generic!BT, Trojan.Win32.Generic!BT. Malware Analysis of Trojan.Keylogger.Win32.49092 – WINUPDTSZ.EXE Created files: %Temp%\KeyLog\Administrator.txt %Startup%\WinUpdtsz.exe Detected by UnHackMe: WINUPDTSZ.EXE Default location: %STARTUP%\WINUPDTSZ.EXE Dropper hash(md5): b176105c138a004151d30630d1cc0890 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form…

Continue reading

MSIL/Keylogger.BKP!tr.spy

MSIL/Keylogger.BKP!tr.spy also known as Trojan.Win32.MulDrop6.ebrefv, Trojan.MulDrop6.37623, Win32.Trojan.WisdomEyes.151026.9950.9998. Malware Analysis of MSIL/Keylogger.BKP!tr.spy – WINUPDTSZ.EXE Created files: %Temp%\KeyLog\Administrator.txt %Startup%\WinUpdtsz.exe Detected by UnHackMe: WINUPDTSZ.EXE Default location: %STARTUP%\WINUPDTSZ.EXE Dropper hash(md5): b176105c138a004151d30630d1cc0890 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form…

Continue reading

Generic.Keylogger.2.B063B6FC (B)

Generic.Keylogger.2.B063B6FC (B) also known as Trojan.DownLoader4.56577, Win32/BsBot.B!generic, Posible_Worm32. Malware Analysis of Generic.Keylogger.2.B063B6FC (B) – 30QJOHPM.EXE Created files: %Appdata%\30QJOHPM.exe %Appdata%\FQ00C5.dll %Temp%\BIT4.tmp Autostart registry keys: HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\run\YBK9IL074VDZ: “%Appdata%\30QJOHPM.exe” HKLM\Software\Microsoft\Windows\CurrentVersion\Run\YBK9IL074VDZ: “%Appdata%\30QJOHPM.exe” HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\run\YBK9IL074VDZ: “%Appdata%\30QJOHPM.exe” HKCU\Software\Microsoft\Windows\CurrentVersion\Run\YBK9IL074VDZ: “%Appdata%\30QJOHPM.exe” Detected by UnHackMe: 30QJOHPM.EXE Default location: %APPDATA%\30QJOHPM.EXE Dropper hash(md5): d6110b51fe7ccef5bab0a7cb147ec5e0 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most…

Continue reading

Generic.Keylogger.2.B063B6FC

Generic.Keylogger.2.B063B6FC also known as FraudTool.Win32.AVSoft (v), Worm.Win32.VBNA.b. Malware Analysis of Generic.Keylogger.2.B063B6FC – 30QJOHPM.EXE Created files: %Appdata%\30QJOHPM.exe %Appdata%\FQ00C5.dll %Temp%\BIT4.tmp Autostart registry keys: HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\run\YBK9IL074VDZ: “%Appdata%\30QJOHPM.exe” HKLM\Software\Microsoft\Windows\CurrentVersion\Run\YBK9IL074VDZ: “%Appdata%\30QJOHPM.exe” HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\run\YBK9IL074VDZ: “%Appdata%\30QJOHPM.exe” HKCU\Software\Microsoft\Windows\CurrentVersion\Run\YBK9IL074VDZ: “%Appdata%\30QJOHPM.exe” Detected by UnHackMe: 30QJOHPM.EXE Default location: %APPDATA%\30QJOHPM.EXE Dropper hash(md5): d6110b51fe7ccef5bab0a7cb147ec5e0 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software.…

Continue reading

Keylogger.BugBear

Keylogger.BugBear also known as Email-Worm.Win32.Mydoom.gen (v), Worm.Tanatos, TrojanSpy:Win32/Bugbear.B. Malware Analysis of Keylogger.BugBear – ZGQPOMV.DLL Created files: %SysDir%\fsqept.dll %SysDir%\ozqirkn.dll %SysDir%\zgqpomv.dll %WinDir%\hcqxef.dat %WinDir%\yiqftc.dat Detected by UnHackMe: ZGQPOMV.DLL Default location: %SYSDIR%\ZGQPOMV.DLL Dropper hash(md5): d7832fea2ae91f30012582d10615851a Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does…

Continue reading

W32/Keylogger.QGOJ-6889

W32/Keylogger.QGOJ-6889 also known as Generic.Malware.L!.1ACDF568 (B), Worm[Email]/Win32.Tanatos, I-Worm/Tanatos. Malware Analysis of W32/Keylogger.QGOJ-6889 – ZGQPOMV.DLL Created files: %SysDir%\fsqept.dll %SysDir%\ozqirkn.dll %SysDir%\zgqpomv.dll %WinDir%\hcqxef.dat %WinDir%\yiqftc.dat Detected by UnHackMe: ZGQPOMV.DLL Default location: %SYSDIR%\ZGQPOMV.DLL Dropper hash(md5): d7832fea2ae91f30012582d10615851a Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does…

Continue reading

W32/Keylogger.A

W32/Keylogger.A also known as Generic.Malware.L!.1ACDF568, Generic.Win32.9e607c4737!MD, Riskware ( 0040eff71 ). Malware Analysis of W32/Keylogger.A – ZGQPOMV.DLL Created files: %SysDir%\fsqept.dll %SysDir%\ozqirkn.dll %SysDir%\zgqpomv.dll %WinDir%\hcqxef.dat %WinDir%\yiqftc.dat Detected by UnHackMe: ZGQPOMV.DLL Default location: %SYSDIR%\ZGQPOMV.DLL Dropper hash(md5): d7832fea2ae91f30012582d10615851a Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means…

Continue reading

Trojan.Win32.KeyLogger.eaxpnt

Trojan.Win32.KeyLogger.eaxpnt also known as Backdoor/Win32.Noancooe, Trojan.Win32.Generic.pak!cobra, Trojan.GenericKD.3092694. Malware Analysis of Trojan.Win32.KeyLogger.eaxpnt – FIHVGHSEDDAJGPFL.EXE Created files: %Appdata%\fIhVGHSeDdAJgPFL.exe %Temp%\fIhVGHSeDdAJ C:\Documents Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce\Microsoft Corporation fIhVGHSeDdAJgPFL: “%Appdata%\fIhVGHSeDdAJgPFL.exe” Detected by UnHackMe: FIHVGHSEDDAJGPFL.EXE Default location: %APPDATA%\FIHVGHSEDDAJGPFL.EXE Dropper hash(md5): 609d8b36b70ed869c53f898a01c224c4 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN,…

Continue reading

Trojan.Keylogger.Delf.AS

Trojan.Keylogger.Delf.AS also known as BKDR_FYNLOS.SMM. Malware Analysis of Trojan.Keylogger.Delf.AS – PNNS9357YF.EXE Created files: %Appdata%\pnns9357YF.exe Detected by UnHackMe: PNNS9357YF.EXE Default location: %APPDATA%\PNNS9357YF.EXE Dropper hash(md5): d61036de5fd32394c725fd1ac358c7be Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form of malware, including…

Continue reading

Trojan.Keylogger.Delf.AS (B)

Trojan.Keylogger.Delf.AS (B) also known as BKDR_FYNLOS.SMM, Generic.gj, Trojan.Keylogger.Delf.AS. Malware Analysis of Trojan.Keylogger.Delf.AS (B) – PNNS9357YF.EXE Created files: %Appdata%\pnns9357YF.exe Detected by UnHackMe: PNNS9357YF.EXE Default location: %APPDATA%\PNNS9357YF.EXE Dropper hash(md5): d61036de5fd32394c725fd1ac358c7be Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any…

Continue reading

Trojan.KeyLogger.1957

Trojan.KeyLogger.1957 also known as Artemis!8B733E346CEE, W32/Delf.JQ!tr.pws, Trojan.Agent.SpyFly.D. Malware Analysis of Trojan.KeyLogger.1957 – MRHMMS.DLL Created files: %WinDir%\mrhmms.dll %WinDir%\mrhmms.exe %WinDir%\mrhmms.hma Autostart registry keys: HKLM\Software\Microsoft\Active Setup\Installed Components\{53E21AD1-EA21-BEA2-12C1-EAA1214AA1AC}\stubpath: “%WinDir%\mrhmms.exe” Detected by UnHackMe: MRHMMS.DLL Default location: %WinDir%\MRHMMS.DLL Dropper hash(md5): 22b67b33606c3359a261143eb03506cb Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN,…

Continue reading

Trojan.KeyLogger.1957

Trojan.KeyLogger.1957 also known as Artemis!8B733E346CEE, W32/Delf.JQ!tr.pws, Trojan.Agent.SpyFly.D. Malware Analysis of Trojan.KeyLogger.1957 – MRHMMS.DLL Created files: %WinDir%\mrhmms.dll %WinDir%\mrhmms.exe %WinDir%\mrhmms.hma Autostart registry keys: HKLM\Software\Microsoft\Active Setup\Installed Components\{53E21AD1-EA21-BEA2-12C1-EAA1214AA1AC}\stubpath: “%WinDir%\mrhmms.exe” Detected by UnHackMe: MRHMMS.DLL Default location: %WinDir%\MRHMMS.DLL Dropper hash(md5): 22b67b33606c3359a261143eb03506cb Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN,…

Continue reading

Backdoor.KeyLogger

Backdoor.KeyLogger also known as Backdoor.Win32.Shiz, Backdoor.Win32.Shiz.CHHM, SHeur4.TMF. Malware Analysis of Backdoor.KeyLogger – AUDPSG.EXE Created files: %Temp%\1.tmp %Temp%\3EC.tmp %Temp%\40C.tmp %WinDir%\AppPatch\audpsg.exe Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\userinit: “%WinDir%\apppatch\audpsg.exe” HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit: “%SysDir%\userinit.exe,%WinDir%\apppatch\audpsg.exe,” HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\load: “%WinDir%\apppatch\audpsg.exe” HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\run: “%WinDir%\apppatch\audpsg.exe” Detected by UnHackMe: AUDPSG.EXE Default location: %WinDir%\APPPATCH\AUDPSG.EXE Dropper hash(md5): 4036c9d8f600c9dbd173c9af3e44b080 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible…

Continue reading

Backdoor.KeyLogger

Backdoor.KeyLogger also known as Backdoor.Win32.Shiz, Backdoor.Win32.Shiz.CHHM, SHeur4.TMF. Malware Analysis of Backdoor.KeyLogger – AUDPSG.EXE Created files: %Temp%\1.tmp %Temp%\3EC.tmp %Temp%\40C.tmp %WinDir%\AppPatch\audpsg.exe Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\userinit: “%WinDir%\apppatch\audpsg.exe” HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit: “%SysDir%\userinit.exe,%WinDir%\apppatch\audpsg.exe,” HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\load: “%WinDir%\apppatch\audpsg.exe” HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\run: “%WinDir%\apppatch\audpsg.exe” Detected by UnHackMe: AUDPSG.EXE Default location: %WinDir%\APPPATCH\AUDPSG.EXE Dropper hash(md5): 4036c9d8f600c9dbd173c9af3e44b080 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible…

Continue reading

Trojan.KeyLogger.28086

Trojan.KeyLogger.28086 also known as Backdoor.Agent.IMN, BehavesLike.Win32.Dropper.fh, Gen:Variant.Barys.2440. Malware Analysis of Trojan.KeyLogger.28086 – IMSERVER.EXE Created files: %Appdata%\Imminent\Logs\11-02-2016 %Temp%\fud.bat %Temp%\IMServer.exe %Temp%\IMServer.sfx.exe Detected by UnHackMe: IMSERVER.EXE Default location: %TEMP%\IMSERVER.EXE Dropper hash(md5): d15294ff5f65ab9014ef33c709195480 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain…

Continue reading

Troj.Spy.W32.KeyLogger

Troj.Spy.W32.KeyLogger also known as Gen:Variant.VBKrypt.23 (B), HW32.Packed.891C, W32/Vobfus.GEW.worm. Malware Analysis of Troj.Spy.W32.KeyLogger – HUEERA.EXE Created files: %Profile%\hueera.exe Detected by UnHackMe: HUEERA.EXE Default location: %PROFILE%\HUEERA.EXE Dropper hash(md5): c6d8c5def414266dc0478a381f0c5550 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form…

Continue reading

Trojan.Keylogger.Win32.47864

Trojan.Keylogger.Win32.47864 also known as PUP/YAC. Malware Analysis of Trojan.Keylogger.Win32.47864 – VFST.DLL Created files: %Program Files%\Elex-tech\YAC\tws\unsevzip.dll %Program Files%\Elex-tech\YAC\tws\unzip32.dll %Program Files%\Elex-tech\YAC\tws\vfst.dll %Program Files%\Elex-tech\YAC\tws\w32tools.dll %Program Files%\Elex-tech\YAC\tws\x64\psmgr.dll Autostart registry keys: HKLM\Software\Classes\CLSID\{5411D116-5A37-47D4-B154-5F7FCD9062F0}\InprocServer32\: “%Program Files%\Elex-tech\YAC\iSafeRKScanShell.dll” HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\iSafe\DisplayName: “YAC(Yet Another Cleaner!)” HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\iSafe\UninstallString: “%Program Files%\Elex-tech\YAC\uninstall.exe” HKLM\System\CurrentControlSet\Services\iSafeKrnl\ImagePath: “\??\%Program Files%\Elex-tech\YAC\iSafeKrnl.sys” HKLM\System\CurrentControlSet\Services\iSafeKrnl\DisplayName: “YAC Mini-Filter Driver” HKLM\System\CurrentControlSet\Services\iSafeKrnlBoot\ImagePath: “system32\DRIVERS\iSafeKrnlBoot.sys” HKLM\System\CurrentControlSet\Services\iSafeKrnlBoot\DisplayName: “YAC Boot Driver” HKLM\System\CurrentControlSet\Services\iSafeKrnlKit\ImagePath: “\??\%Program Files%\Elex-tech\YAC\iSafeKrnlKit.sys” HKLM\System\CurrentControlSet\Services\iSafeKrnlKit\DisplayName: “YAC Kit…

Continue reading

DeepScan:Generic.Keylogger.2.18DDDA29 (B)

DeepScan:Generic.Keylogger.2.18DDDA29 (B) also known as Worm.AutoRun.Win32.28027, Worm.Win32.Autorun.344064[h], WORM_SWISYN.SM. Malware Analysis of DeepScan:Generic.Keylogger.2.18DDDA29 (B) – X0HLNJ7WQKCX.EXE Created files: %Appdata%\data.dat %Appdata%\Thing.exe %Temp%\X0HLNJ7WQKCX.exe Autostart registry keys: HKLM\Software\Microsoft\Active Setup\Installed Components\{DE7D1BF1-8CC3-43AC-D7EB-4ED2EAA0CE2A}\StubPath: “%Appdata%\Thing.exe” HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\run\BoooooNiger: “%Appdata%\Thing.exe” HKLM\Software\Microsoft\Windows\CurrentVersion\Run\BoooooNiger: “%Appdata%\Thing.exe” HKCU\Software\Microsoft\Active Setup\Installed Components\{DE7D1BF1-8CC3-43AC-D7EB-4ED2EAA0CE2A}\StubPath: “%Appdata%\Thing.exe” HKCU\Software\Microsoft\Windows\CurrentVersion\Run\BoooooNiger: “%Appdata%\Thing.exe” Detected by UnHackMe: X0HLNJ7WQKCX.EXE Default location: %TEMP%\X0HLNJ7WQKCX.EXE Dropper hash(md5): c5fba39eeacb7c0a920d8deff047427e Share This: UnHackMe removes malware invisible for your…

Continue reading

WordPress SEO fine-tune by Meta SEO Pack from Poradnik Webmastera