DeepScan:Generic.Keylogger.2.18DDDA29 also known as Worm.Win32.AutoRun!O, Worm.Win32.AutoRun.cdlp, TrojWare.Win32.Cosmu.BHL. Malware Analysis of DeepScan:Generic.Keylogger.2.18DDDA29 – X0HLNJ7WQKCX.EXE Created files: %Appdata%\data.dat %Appdata%\Thing.exe %Temp%\X0HLNJ7WQKCX.exe Autostart registry keys: HKLM\Software\Microsoft\Active Setup\Installed Components\{DE7D1BF1-8CC3-43AC-D7EB-4ED2EAA0CE2A}\StubPath: “%Appdata%\Thing.exe” HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\run\BoooooNiger: “%Appdata%\Thing.exe” HKLM\Software\Microsoft\Windows\CurrentVersion\Run\BoooooNiger: “%Appdata%\Thing.exe” HKCU\Software\Microsoft\Active Setup\Installed Components\{DE7D1BF1-8CC3-43AC-D7EB-4ED2EAA0CE2A}\StubPath: “%Appdata%\Thing.exe” HKCU\Software\Microsoft\Windows\CurrentVersion\Run\BoooooNiger: “%Appdata%\Thing.exe” Detected by UnHackMe: X0HLNJ7WQKCX.EXE Default location: %TEMP%\X0HLNJ7WQKCX.EXE Dropper hash(md5): c5fba39eeacb7c0a920d8deff047427e UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible…

Continue reading →

Trojan.Agent/Gen-Keylogger also known as W32/SchwarzeSonne.B!tr, Generic.Keylogger.3.E6F20A07, Worm.AutoRun!+sEYQYWKfnc. Malware Analysis of Trojan.Agent/Gen-Keylogger – 141414.EXE Created files: %Temp%\141414.exe %Temp%\fsg.exe %SysDir%\_xx_server.exe Detected by UnHackMe: 141414.EXE Default location: %TEMP%\141414.EXE Dropper hash(md5): c5e9c10012f15a98b069be4c2db1e630 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form of…

Continue reading →

Trojan.Keylogger-723 also known as Win32:Malware-gen, Win32/SchwarzeSonne.K, Backdoor.Win32.Whimoo.on. Malware Analysis of Trojan.Keylogger-723 – 141414.EXE Created files: %Temp%\141414.exe %Temp%\fsg.exe %SysDir%\_xx_server.exe Detected by UnHackMe: 141414.EXE Default location: %TEMP%\141414.EXE Dropper hash(md5): c5e9c10012f15a98b069be4c2db1e630 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form of…

Continue reading →

Generic.Keylogger.3.E6F20A07 (B) also known as Trojan ( 7000000f1 ), Trojan.Win32.Whimoo.bosqi, Backdoor.Whimoo. Malware Analysis of Generic.Keylogger.3.E6F20A07 (B) – 141414.EXE Created files: %Temp%\141414.exe %Temp%\fsg.exe %SysDir%\_xx_server.exe Detected by UnHackMe: 141414.EXE Default location: %TEMP%\141414.EXE Dropper hash(md5): c5e9c10012f15a98b069be4c2db1e630 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does…

Continue reading →

Generic.Keylogger.3.E6F20A07 also known as Win32/SchwarzeSonne.K, Trojan ( 7000000f1 ). Malware Analysis of Generic.Keylogger.3.E6F20A07 – 141414.EXE Created files: %Temp%\141414.exe %Temp%\fsg.exe %SysDir%\_xx_server.exe Detected by UnHackMe: 141414.EXE Default location: %TEMP%\141414.EXE Dropper hash(md5): c5e9c10012f15a98b069be4c2db1e630 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any…

Continue reading →

Spyware.SCKeyLogger!rem also known as TrojanSpy.SCKeyLog.ey, Keylog-SClog, Virus.Win32.SCkeylog!IK. Malware Analysis of Spyware.SCKeyLogger!rem – SKADYCHUOT.EXE Created files: %Program Files%\Google\Chrome\Application\47.0.2526.106\xinput1_3.dll %SysDir%\skadychuot.dll %SysDir%\skadychuot.exe %SysDir%\touhcydaks.dat Autostart registry keys: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\skadychuot: “%SysDir%\skadychuot.exe” HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\skadychuot\DllName: “skadychuot.dll” HKLM\Software\Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\LocalServer32\: “”%Program Files%\Google\Chrome\Application\47.0.2526.106\delegate_execute.exe”” HKLM\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}\StubPath: “”%Program Files%\Google\Chrome\Application\47.0.2526.106\Installer\chrmstp.exe” –configure-user-settings –verbose-logging –system-level –multi-install –chrome” HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome\UninstallString: “”%Program Files%\Google\Chrome\Application\47.0.2526.106\Installer\setup.exe” –uninstall –multi-install –chrome –system-level” Detected by UnHackMe: SKADYCHUOT.EXE Default location:…

Continue reading →

a variant of Win32/KeyLogger.Ardamax.NAY also known as W32/Ardamax.KN!tr, Keylog-Ardamax. Malware Analysis of a variant of Win32/KeyLogger.Ardamax.NAY – OKBY.EXE Created files: %SysDir%\28463\OKBY.006 %SysDir%\28463\OKBY.007 %SysDir%\28463\OKBY.exe %SysDir%\internetexplorer.exe C:\exec1.exe Autostart registry keys: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\SlideShow32: “c:\windows\system32\internetexplorer.exe” HKLM\Software\Microsoft\Windows\CurrentVersion\Run\OKBY Agent: “%SysDir%\28463\OKBY.exe” Detected by UnHackMe: OKBY.EXE Default location: %SYSDIR%\28463\OKBY.EXE Dropper hash(md5): c0e76a9fb3b4051f5f495bb2aba935f0 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most…

Continue reading →

Dropped:Application.Keylogger.Ardamax.Gen (B) also known as SMG.Heur!cg1, Trojan.DR.Ardamax.Gen.3, Win32/Ardamax.N. Malware Analysis of Dropped:Application.Keylogger.Ardamax.Gen (B) – EXEC1.EXE Created files: %SysDir%\28463\OKBY.exe %SysDir%\internetexplorer.exe C:\exec1.exe C:\exec2.exe Autostart registry keys: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\SlideShow32: “c:\windows\system32\internetexplorer.exe” HKLM\Software\Microsoft\Windows\CurrentVersion\Run\OKBY Agent: “%SysDir%\28463\OKBY.exe” Detected by UnHackMe: EXEC1.EXE Default location: C:\EXEC1.EXE Dropper hash(md5): c0e76a9fb3b4051f5f495bb2aba935f0 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is…

Continue reading →

Dropped:Generic.Keylogger.1939C1D5 (B) also known as Dropped:Generic.Keylogger.1939C1D5, Dropped:Generic.Keylogger.1939C1D5. Malware Analysis of Dropped:Generic.Keylogger.1939C1D5 (B) – C5C946631B976AA8DA287548BF8BA140.EXE Created files: %WinDir%\c5c946631b976aa8da287548bf8ba140.exe Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Anonymous: “C:\Windows\c5c946631b976aa8da287548bf8ba140.exe” Detected by UnHackMe: C5C946631B976AA8DA287548BF8BA140.EXE Default location: %WinDir%\C5C946631B976AA8DA287548BF8BA140.EXE Dropper hash(md5): c5c946631b976aa8da287548bf8ba140 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not…

Continue reading →

Dropped:Generic.Keylogger.1939C1D5 (B) also known as Dropped:Generic.Keylogger.1939C1D5, Dropped:Generic.Keylogger.1939C1D5. Malware Analysis of Dropped:Generic.Keylogger.1939C1D5 (B) – C5C946631B976AA8DA287548BF8BA140.EXE Created files: %WinDir%\c5c946631b976aa8da287548bf8ba140.exe Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Anonymous: “C:\Windows\c5c946631b976aa8da287548bf8ba140.exe” Detected by UnHackMe: C5C946631B976AA8DA287548BF8BA140.EXE Default location: %WinDir%\C5C946631B976AA8DA287548BF8BA140.EXE Dropper hash(md5): c5c946631b976aa8da287548bf8ba140 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not…

Continue reading →

Trojan.Win32.KeyLogger.NDW also known as W32/KeyLogger.NDW!tr.spy, Win32/Trojan.Spy.ad9, Dropped:Generic.Keylogger.1939C1D5. Malware Analysis of Trojan.Win32.KeyLogger.NDW – C5C946631B976AA8DA287548BF8BA140.EXE Created files: %WinDir%\c5c946631b976aa8da287548bf8ba140.exe Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Anonymous: “C:\Windows\c5c946631b976aa8da287548bf8ba140.exe” Detected by UnHackMe: C5C946631B976AA8DA287548BF8BA140.EXE Default location: %WinDir%\C5C946631B976AA8DA287548BF8BA140.EXE Dropper hash(md5): c5c946631b976aa8da287548bf8ba140 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain…

Continue reading →

Trojan.Win32.KeyLogger.NDW also known as W32/KeyLogger.NDW!tr.spy, Win32/Trojan.Spy.ad9, Dropped:Generic.Keylogger.1939C1D5. Malware Analysis of Trojan.Win32.KeyLogger.NDW – C5C946631B976AA8DA287548BF8BA140.EXE Created files: %WinDir%\c5c946631b976aa8da287548bf8ba140.exe Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Anonymous: “C:\Windows\c5c946631b976aa8da287548bf8ba140.exe” Detected by UnHackMe: C5C946631B976AA8DA287548BF8BA140.EXE Default location: %WinDir%\C5C946631B976AA8DA287548BF8BA140.EXE Dropper hash(md5): c5c946631b976aa8da287548bf8ba140 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain…

Continue reading →

Win32/KeyLogger.Ardamax.NAP also known as Riskware ( 0040eff71 ), Dropped:Application.Keylogger.Ardamax.Gen (B), not-a-virus:Monitor.Win32.Ardamax.vl. Malware Analysis of Win32/KeyLogger.Ardamax.NAP – EXEC1.EXE Created files: %SysDir%\28463\OKBY.exe %SysDir%\internetexplorer.exe C:\exec1.exe C:\exec2.exe Autostart registry keys: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\SlideShow32: “c:\windows\system32\internetexplorer.exe” HKLM\Software\Microsoft\Windows\CurrentVersion\Run\OKBY Agent: “%SysDir%\28463\OKBY.exe” Detected by UnHackMe: EXEC1.EXE Default location: C:\EXEC1.EXE Dropper hash(md5): c0e76a9fb3b4051f5f495bb2aba935f0 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software.…

Continue reading →

Dropped:Application.Keylogger.Ardamax also known as BehavesLike.Win32.PWSTravNet.dc, TSPY_ARDAMAX.GA, Riskware ( 0040eff71 ). Malware Analysis of Dropped:Application.Keylogger.Ardamax – EXEC1.EXE Created files: %SysDir%\28463\OKBY.exe %SysDir%\internetexplorer.exe C:\exec1.exe C:\exec2.exe Autostart registry keys: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\SlideShow32: “c:\windows\system32\internetexplorer.exe” HKLM\Software\Microsoft\Windows\CurrentVersion\Run\OKBY Agent: “%SysDir%\28463\OKBY.exe” Detected by UnHackMe: EXEC1.EXE Default location: C:\EXEC1.EXE Dropper hash(md5): c0e76a9fb3b4051f5f495bb2aba935f0 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe…

Continue reading →

Trojan.KeyLogger!NpIRbGOMqPs also known as W32/Spyware.AWM, not-a-virus:Monitor.Win32.Ardamax.x, Keylog-Ardamax. Malware Analysis of Trojan.KeyLogger!NpIRbGOMqPs – OKBY.EXE Created files: %SysDir%\28463\OKBY.006 %SysDir%\28463\OKBY.007 %SysDir%\28463\OKBY.exe %SysDir%\internetexplorer.exe C:\exec1.exe Autostart registry keys: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\SlideShow32: “c:\windows\system32\internetexplorer.exe” HKLM\Software\Microsoft\Windows\CurrentVersion\Run\OKBY Agent: “%SysDir%\28463\OKBY.exe” Detected by UnHackMe: OKBY.EXE Default location: %SYSDIR%\28463\OKBY.EXE Dropper hash(md5): c0e76a9fb3b4051f5f495bb2aba935f0 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100%…

Continue reading →

TrojanSpy.KeyLogger!sw2GaPgNh3g also known as Win32:Malware-gen, Dropped:Generic.Keylogger.1939C1D5, Dropped:Generic.Keylogger.1939C1D5. Malware Analysis of TrojanSpy.KeyLogger!sw2GaPgNh3g – C5C946631B976AA8DA287548BF8BA140.EXE Created files: %WinDir%\c5c946631b976aa8da287548bf8ba140.exe Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Anonymous: “C:\Windows\c5c946631b976aa8da287548bf8ba140.exe” Detected by UnHackMe: C5C946631B976AA8DA287548BF8BA140.EXE Default location: %WinDir%\C5C946631B976AA8DA287548BF8BA140.EXE Dropper hash(md5): c5c946631b976aa8da287548bf8ba140 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain…

Continue reading →

TrojanSpy.KeyLogger!sw2GaPgNh3g also known as Win32:Malware-gen, Dropped:Generic.Keylogger.1939C1D5, Dropped:Generic.Keylogger.1939C1D5. Malware Analysis of TrojanSpy.KeyLogger!sw2GaPgNh3g – C5C946631B976AA8DA287548BF8BA140.EXE Created files: %WinDir%\c5c946631b976aa8da287548bf8ba140.exe Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Anonymous: “C:\Windows\c5c946631b976aa8da287548bf8ba140.exe” Detected by UnHackMe: C5C946631B976AA8DA287548BF8BA140.EXE Default location: %WinDir%\C5C946631B976AA8DA287548BF8BA140.EXE Dropper hash(md5): c5c946631b976aa8da287548bf8ba140 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain…

Continue reading →

probably a variant of Win32/Spy.KeyLogger.NDW also known as Trojan.Win32.KeyLogger.NDW, Dropped:Generic.Keylogger.1939C1D5, Win32:Malware-gen. Malware Analysis of probably a variant of Win32/Spy.KeyLogger.NDW – C5C946631B976AA8DA287548BF8BA140.EXE Created files: %WinDir%\c5c946631b976aa8da287548bf8ba140.exe Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Anonymous: “C:\Windows\c5c946631b976aa8da287548bf8ba140.exe” Detected by UnHackMe: C5C946631B976AA8DA287548BF8BA140.EXE Default location: %WinDir%\C5C946631B976AA8DA287548BF8BA140.EXE Dropper hash(md5): c5c946631b976aa8da287548bf8ba140 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is…

Continue reading →

probably a variant of Win32/Spy.KeyLogger.NDW also known as Trojan.Win32.KeyLogger.NDW, Dropped:Generic.Keylogger.1939C1D5, Win32:Malware-gen. Malware Analysis of probably a variant of Win32/Spy.KeyLogger.NDW – C5C946631B976AA8DA287548BF8BA140.EXE Created files: %WinDir%\c5c946631b976aa8da287548bf8ba140.exe Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Anonymous: “C:\Windows\c5c946631b976aa8da287548bf8ba140.exe” Detected by UnHackMe: C5C946631B976AA8DA287548BF8BA140.EXE Default location: %WinDir%\C5C946631B976AA8DA287548BF8BA140.EXE Dropper hash(md5): c5c946631b976aa8da287548bf8ba140 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is…

Continue reading →

Dropped:Generic.Keylogger.1939C1D5 also known as Trojan.Agent, BehavesLike.Win32.Malware.wsc (mx-v), Trojan[:HEUR]/Win32.AGeneric. Malware Analysis of Dropped:Generic.Keylogger.1939C1D5 – C5C946631B976AA8DA287548BF8BA140.EXE Created files: %WinDir%\c5c946631b976aa8da287548bf8ba140.exe Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Anonymous: “C:\Windows\c5c946631b976aa8da287548bf8ba140.exe” Detected by UnHackMe: C5C946631B976AA8DA287548BF8BA140.EXE Default location: %WinDir%\C5C946631B976AA8DA287548BF8BA140.EXE Dropper hash(md5): c5c946631b976aa8da287548bf8ba140 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not…

Continue reading →

Dropped:Generic.Keylogger.1939C1D5 also known as Trojan.Agent, BehavesLike.Win32.Malware.wsc (mx-v), Trojan[:HEUR]/Win32.AGeneric. Malware Analysis of Dropped:Generic.Keylogger.1939C1D5 – C5C946631B976AA8DA287548BF8BA140.EXE Created files: %WinDir%\c5c946631b976aa8da287548bf8ba140.exe Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Anonymous: “C:\Windows\c5c946631b976aa8da287548bf8ba140.exe” Detected by UnHackMe: C5C946631B976AA8DA287548BF8BA140.EXE Default location: %WinDir%\C5C946631B976AA8DA287548BF8BA140.EXE Dropper hash(md5): c5c946631b976aa8da287548bf8ba140 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not…

Continue reading →

Dropped:Application.Keylogger.Ardamax.Gen also known as Application.Keylogger.Ardamax.Gen, W32/Ardamax.TFIO-0727, Win32:Ardamax-KW [Trj]. Malware Analysis of Dropped:Application.Keylogger.Ardamax.Gen – EXEC1.EXE Created files: %SysDir%\28463\OKBY.exe %SysDir%\internetexplorer.exe C:\exec1.exe C:\exec2.exe Autostart registry keys: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\SlideShow32: “c:\windows\system32\internetexplorer.exe” HKLM\Software\Microsoft\Windows\CurrentVersion\Run\OKBY Agent: “%SysDir%\28463\OKBY.exe” Detected by UnHackMe: EXEC1.EXE Default location: C:\EXEC1.EXE Dropper hash(md5): c0e76a9fb3b4051f5f495bb2aba935f0 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100%…

Continue reading →

Application.Keylogger.Ardamax.Gen also known as Win32:Ardamax-KW [Trj], Riskware ( 0040eff71 ), Win32/Ardamax.N. Malware Analysis of Application.Keylogger.Ardamax.Gen – EXEC1.EXE Created files: %SysDir%\28463\OKBY.exe %SysDir%\internetexplorer.exe C:\exec1.exe C:\exec2.exe Autostart registry keys: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\SlideShow32: “c:\windows\system32\internetexplorer.exe” HKLM\Software\Microsoft\Windows\CurrentVersion\Run\OKBY Agent: “%SysDir%\28463\OKBY.exe” Detected by UnHackMe: EXEC1.EXE Default location: C:\EXEC1.EXE Dropper hash(md5): c0e76a9fb3b4051f5f495bb2aba935f0 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software.…

Continue reading →

PUP.Optional.ArdamaxKeyLogger also known as Trojan/Spy.Ardamax.n, Dropped:Application.Keylogger.Ardamax.Gen (B), BehavesLike.Win32.PWSTravNet.dc. Malware Analysis of PUP.Optional.ArdamaxKeyLogger – EXEC1.EXE Created files: %SysDir%\28463\OKBY.exe %SysDir%\internetexplorer.exe C:\exec1.exe C:\exec2.exe Autostart registry keys: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\SlideShow32: “c:\windows\system32\internetexplorer.exe” HKLM\Software\Microsoft\Windows\CurrentVersion\Run\OKBY Agent: “%SysDir%\28463\OKBY.exe” Detected by UnHackMe: EXEC1.EXE Default location: C:\EXEC1.EXE Dropper hash(md5): c0e76a9fb3b4051f5f495bb2aba935f0 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100%…

Continue reading →

W32/KeyLogger.NDW!tr.spy also known as Win32/Trojan.Spy.ad9, RDN/Generic PWS.y!yw, Trojan.Agent. Malware Analysis of W32/KeyLogger.NDW!tr.spy – C5C946631B976AA8DA287548BF8BA140.EXE Created files: %WinDir%\c5c946631b976aa8da287548bf8ba140.exe Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Anonymous: “C:\Windows\c5c946631b976aa8da287548bf8ba140.exe” Detected by UnHackMe: C5C946631B976AA8DA287548BF8BA140.EXE Default location: %WinDir%\C5C946631B976AA8DA287548BF8BA140.EXE Dropper hash(md5): c5c946631b976aa8da287548bf8ba140 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not…

Continue reading →

W32/KeyLogger.NDW!tr.spy also known as Win32/Trojan.Spy.ad9, RDN/Generic PWS.y!yw, Trojan.Agent. Malware Analysis of W32/KeyLogger.NDW!tr.spy – C5C946631B976AA8DA287548BF8BA140.EXE Created files: %WinDir%\c5c946631b976aa8da287548bf8ba140.exe Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Anonymous: “C:\Windows\c5c946631b976aa8da287548bf8ba140.exe” Detected by UnHackMe: C5C946631B976AA8DA287548BF8BA140.EXE Default location: %WinDir%\C5C946631B976AA8DA287548BF8BA140.EXE Dropper hash(md5): c5c946631b976aa8da287548bf8ba140 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not…

Continue reading →

Heuristic.BehavesLike.Win32.Keylogger.J also known as Win32/QQPass.CQ, probably a variant of Win32/PSW.QQPass.JF, TSPY_QQPASS.BXM. Malware Analysis of Heuristic.BehavesLike.Win32.Keylogger.J – MSXJJW.DLL Created files: %SysDir%\drivers\meckda.exe %SysDir%\hx1.bat %SysDir%\msxjjw.dll %SysDir%\msxjjw.exe %SysDir%\severe.exe Autostart registry keys: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\meckda: “%SysDir%\msxjjw.exe” HKLM\Software\Microsoft\Windows\CurrentVersion\Run\msxjjw: “%SysDir%\severe.exe” HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell: “Explorer.exe %SysDir%\drivers\conime.exe” Detected by UnHackMe: MSXJJW.DLL Default location: %SYSDIR%\MSXJJW.DLL Dropper hash(md5): fa8cc4aa3c51fdd5efc593f8dd79e9e6 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible…

Continue reading →

Trojan.KeyLogger!tPJtjtLns14 also known as Win32/Trojan.Spy.632, Keylogger.Ardamax, TrojWare.Win32.Spy.Ardamax.~S. Malware Analysis of Trojan.KeyLogger!tPJtjtLns14 – BOYL.EXE Created files: %Temp%\@3.tmp %SysDir%\28463\BOYL.001 %SysDir%\28463\BOYL.006 %SysDir%\28463\BOYL.007 %SysDir%\28463\BOYL.exe Autostart registry keys: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\BOYL Agent: “%SysDir%\28463\BOYL.exe” Detected by UnHackMe: BOYL.EXE Default location: %SYSDIR%\28463\BOYL.EXE Dropper hash(md5): 6b189408b36bec7165f7eeff9565b412 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which…

Continue reading →

Trojan.Keylogger.ArdamaxKey.V2.8 also known as Riskware.Win32.Ardamax.bexwz, Aplicacion/Ardamax.o, Win32.Trojan.Ardmax.Hwcu. Malware Analysis of Trojan.Keylogger.ArdamaxKey.V2.8 – BOYL.EXE Created files: %Temp%\@3.tmp %SysDir%\28463\BOYL.001 %SysDir%\28463\BOYL.006 %SysDir%\28463\BOYL.007 %SysDir%\28463\BOYL.exe Autostart registry keys: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\BOYL Agent: “%SysDir%\28463\BOYL.exe” Detected by UnHackMe: BOYL.EXE Default location: %SYSDIR%\28463\BOYL.EXE Dropper hash(md5): 6b189408b36bec7165f7eeff9565b412 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which…

Continue reading →

Trojan.KeyLogger.1801 also known as Win-Trojan/Ardamax.484864.B, Win32/Trojan.Spy.632, Malware_fam.gw. Malware Analysis of Trojan.KeyLogger.1801 – BOYL.EXE Created files: %Temp%\@3.tmp %SysDir%\28463\BOYL.001 %SysDir%\28463\BOYL.006 %SysDir%\28463\BOYL.007 %SysDir%\28463\BOYL.exe Autostart registry keys: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\BOYL Agent: “%SysDir%\28463\BOYL.exe” Detected by UnHackMe: BOYL.EXE Default location: %SYSDIR%\28463\BOYL.EXE Dropper hash(md5): 6b189408b36bec7165f7eeff9565b412 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which…

Continue reading →