Spyware ( 004b90fc1 ) also known as static engine – malicious, Trojan.Agent.BKRZ, Trojan.Agent/Gen-MalPE. Malware Analysis of Spyware ( 004b90fc1 ) – QIXO.EXE Created files: %TEMP%\DED2E3472E5D790992466875BC8ADBE9.JSON %TEMP%\TMP8988D338.BAT %APPDATA%\LIATR\QIXO.EXE %APPDATA%\MIINXY\DOCIW.TMP %APPDATA%\SCVHOST.EXE Autostart registry keys: HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\UPDATE: “%APPDATA%\SCVHOST.EXE” HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\UPDATE: “%APPDATA%\SCVHOST.EXE” Detected by UnHackMe: QIXO.EXE DEFAULT LOCATION: %APPDATA%\LIATR\QIXO.EXE Dropper hash(md5): 6d7c68cc2d530f9270fe8353cd0a153f UnHackMe removes malware invisible for your antivirus! UnHackMe is…

Continue reading →

Spyware.Omaneat!8.E0A9 (cloud:tlzrHhtxKsS) also known as Trj/GdSda.A, malicious_confidence_89% (D), Gen:Variant.MSILPerseus.69723. Malware Analysis of Spyware.Omaneat!8.E0A9 (cloud:tlzrHhtxKsS) – WIPESHADOW.EXE Created files: %TEMP%\TMP1231315510.TMP %APPDATA%\MONITOR\GUARD\1 %APPDATA%\MONITOR\SCREENSHOTS\03-21-2017\8.14 AM %APPDATA%\WIPESHADOW.EXE %SYSDIR%\TASKS\UPDATE\802D60CB-57D7-4142-8B1F-C9541531AE0E Detected by UnHackMe: WIPESHADOW.EXE DEFAULT LOCATION: %APPDATA%\WIPESHADOW.EXE Dropper hash(md5): f34a8b050d594ae13de10936384e0027 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it…

Continue reading →

Spyware:Win32/Look2Me also known as Look2Me (v), Adware/Look2Me.k, not-a-virus:AdWare.Win32.Look2Me.k. Malware Analysis of Spyware:Win32/Look2Me – AQCESSIBILITYCPL.DLL Created files: %LOCAL APPDATA%\MICROSOFT\WINDOWS\1033\STRUCTUREDQUERYSCHEMA.BIN %SYSDIR%\AQCESSIBILITYCPL.DLL %SYSDIR%\FGST30.DLL %SYSDIR%\IMCLASS.DLL %SYSDIR%\MFIAVI32.DLL Autostart registry keys: HKLM\SOFTWARE\CLASSES\CLSID\{3858998F-4367-46EF-99F6-9BD76440132E}\INPROCSERVER32\: “%SYSDIR%\MFIAVI32.DLL” HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\ADAPTIVEDISPLAYBRIGHTNESS\DLLNAME: “%SYSDIR%\MFIAVI32.DLL” Detected by UnHackMe: AQCESSIBILITYCPL.DLL Default location: %SYSDIR%\AQCESSIBILITYCPL.DLL Dropper hash(md5): a3f3375c24bcfa0d187639d674de6ee7 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe…

Continue reading →

Spyware.Zbot!8.16B-kUlclQLj1gU (cloud) also known as Trojan.Dropper.155, TrojanSpy.Zbot!JWW0IJl3pxU, TScope.Trojan.VB. Malware Analysis of Spyware.Zbot!8.16B-kUlclQLj1gU (cloud) – WOKYFAYFQIA.EXE Created files: %LOCAL APPDATA%\MICROSOFT\WINDOWS MAIL\MICROSOFT COMMUNITIES\ACCOUNT{3CC05103-59FD-466A-80E6-12486C131C6E}.OEACCOUNT %TEMP%\6A298489B7562C9E2C0163A571C4DD81.JSON %APPDATA%\FAYQUTEDBO\WOKYFAYFQIA.EXE %APPDATA%\UKTUEWUG\YXUVNUYSCE.AQN %APPDATA%\VYICFUBIOK\XYATCEEMU.DIB Detected by UnHackMe: WOKYFAYFQIA.EXE DEFAULT LOCATION: %APPDATA%\FAYQUTEDBO\WOKYFAYFQIA.EXE Dropper hash(md5): ea975d0ec98a4d85dab8bfb75f81fe90 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means…

Continue reading →

Spyware.21157 also known as Trojan.Win32.Generic!BT, Trojan.Win32.GuaGua.dytydp, a variant of Win32/GuaGua.A potentially unwanted. Malware Analysis of Spyware.21157 – 272C41F3-2A5F-4807-A06B-08A62E464542.EXE Created files: %APPDATA%\272C41F3-2A5F-4807-A06B-08A62E464542.EXE Detected by UnHackMe: 272C41F3-2A5F-4807-A06B-08A62E464542.EXE DEFAULT LOCATION: %APPDATA%\272C41F3-2A5F-4807-A06B-08A62E464542.EXE Dropper hash(md5): 0df5012315c8ce06019b41b12e343079 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain…

Continue reading →

Spyware.Zbot!8.16B-BUxH6HJJI2N (cloud) also known as Gen:Variant.Symmi.68654 (B), TSPY_VBZBOT.SMQ, trojanspy.win32.skeeyah.a!rfn. Malware Analysis of Spyware.Zbot!8.16B-BUxH6HJJI2N (cloud) – GYUTBEAHA.EXE Created files: %STARTUP%\CHROME.VBS %APPDATA%\CHROME.EXE %APPDATA%\IKFOFUQIU\GYUTBEAHA.EXE %APPDATA%\ISAXMOYQ\YGYLSYUP.XYG %APPDATA%\OCOFYWKOHAWU\KOGOYWITSUY.TMP Detected by UnHackMe: GYUTBEAHA.EXE DEFAULT LOCATION: %APPDATA%\IKFOFUQIU\GYUTBEAHA.EXE Dropper hash(md5): 025717f6c564b6f7a1d0c62c4c2ae6fd UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does…

Continue reading →

Win.Spyware.Zbot-1275 also known as Gen:Variant.Barys.9561, TrojWare.Win32.Kazy.MKD, GenericATG-FVW!EC58D535727B. Malware Analysis of Win.Spyware.Zbot-1275 – IWRET.EXE Created files: %APPDATA%\DIHYXA\VIYG.YMU %APPDATA%\U %APPDATA%\ULUK\IWRET.EXE %APPDATA%\?? Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\{ADF1683A-B057-ED55-39E4-30FB418341C3}: “” HKCU\Software\Microsoft\Windows\CurrentVersion\Run\{ADF1683A-2A57-ED55-39E4-30FB418341C3}: “” Detected by UnHackMe: IWRET.EXE DEFAULT LOCATION: %APPDATA%\ULUK\IWRET.EXE Dropper hash(md5): 1056e33834c9e79b9691a9eab5ece695 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which…

Continue reading →

Spyware[Porn-Dialer:not-a-virus]/Win32.Coneti also known as Trojan/W32.Agent.57856.LY, a variant of Win32/Dialer.Connetti, Gen:Variant.Graftor.Elzob.3947. Malware Analysis of Spyware[Porn-Dialer:not-a-virus]/Win32.Coneti – VIRUSSHARE_F1EA9C29BD4D80A6E85A412CBE960178.EXE Created files: %START MENU%\VIRUSSHARE_F1EA9C29BD4D80A6E85A412CBE960178.EXE %PROFILE%\DESKTOP\VIRUSSHARE_F1EA9C29BD4D80A6E85A412CBE960178.EXE Detected by UnHackMe: VIRUSSHARE_F1EA9C29BD4D80A6E85A412CBE960178.EXE DEFAULT LOCATION: %START MENU%\VIRUSSHARE_F1EA9C29BD4D80A6E85A412CBE960178.EXE Dropper hash(md5): f1ea9c29bd4d80a6e85a412cbe960178 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not…

Continue reading →

Spyware ( 004d8c0a1 ) also known as Trojan.Win32.Steam.eihnuv, Trojan.PWS.Steam.12709, Trojan/Generic.ASVCS3S.1E5. Malware Analysis of Spyware ( 004d8c0a1 ) – TIEBKI.EXE Created files: %TEMP%\SKYP\MICROSOFT UPDATE.LNK %TEMP%\SKYP\SERVER.EXE %TEMP%\TIEBKI.EXE %TEMP%\YQYZZT.EXE %STARTUP%\UPDATE.LNK Detected by UnHackMe: TIEBKI.EXE DEFAULT LOCATION: %TEMP%\TIEBKI.EXE Dropper hash(md5): 13023322441f821401b09cb658bb4dff UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN,…

Continue reading →

Spyware.Autoit!8.B6-qFPiXNpB0mS (cloud) also known as PWS:AutoIt/Passup.A, Troj.W32.Badur.m2TY, Trojan.PWS.Steam.12709. Malware Analysis of Spyware.Autoit!8.B6-qFPiXNpB0mS (cloud) – TIEBKI.EXE Created files: %TEMP%\SKYP\MICROSOFT UPDATE.LNK %TEMP%\SKYP\SERVER.EXE %TEMP%\TIEBKI.EXE %TEMP%\YQYZZT.EXE %STARTUP%\UPDATE.LNK Detected by UnHackMe: TIEBKI.EXE DEFAULT LOCATION: %TEMP%\TIEBKI.EXE Dropper hash(md5): 13023322441f821401b09cb658bb4dff UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does…

Continue reading →

Spyware.Pony also known as Trojan[PSW]/Win32.Tepfer, PSW.Generic13.NPP, Gen:Variant.Razy.36607. Malware Analysis of Spyware.Pony – FB_7759.TMP.EXE Created files: %PROFILE%\DOCUMENTS\NEW TEXT DOCUMENT.TXT %TEMP%\FB_7759.TMP %TEMP%\FB_7759.TMP.EXE %TEMP%\FB_7825.TMP %TEMP%\FB_7825.TMP.EXE Autostart registry keys: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\APPLICATION: “%APPDATA%\SAPP.EXE” Detected by UnHackMe: FB_7759.TMP.EXE DEFAULT LOCATION: %TEMP%\FB_7759.TMP.EXE Dropper hash(md5): ec2e0ab5d95fac7a8624bcb85e3895a6 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN,…

Continue reading →

Spyware.Boaxxe.NSIS also known as Mal/Generic-S, TR/Inject.17, Trojan.Win32.Injector. Malware Analysis of Spyware.Boaxxe.NSIS – OPENCANDY.DLL Created files: %TEMP%\GMT-2 %TEMP%\NSD9FB7.TMP\SYSTEM.DLL %TEMP%\OPENCANDY.DLL %TEMP%\STUBBED.3 Detected by UnHackMe: OPENCANDY.DLL DEFAULT LOCATION: %TEMP%\OPENCANDY.DLL Dropper hash(md5): 4aa2e54ba01b15511144cb587fc968c0 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form…

Continue reading →

Spyware ( 0040f5311 ) also known as Trojan.Win32.Zbot.smb (v), malicious_confidence_100% (D), Trojan.Win32.Zbot.smb (v). Malware Analysis of Spyware ( 0040f5311 ) – UKVE.EXE Created files: %STARTUP%-OLD\MUTEX_3.LNK %STARTUP%-OLD\ZOOMIT.EXE %APPDATA%\TOIGMU\UKVE.EXE Autostart registry keys: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\UKVE: “%APPDATA%\TOIGMU\UKVE.EXE” Detected by UnHackMe: UKVE.EXE DEFAULT LOCATION: %APPDATA%\TOIGMU\UKVE.EXE Dropper hash(md5): 5e924670e6904eee73e8f01e800a491e UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus…

Continue reading →

Spyware/Win32.Zbot.R74365 also known as Win.Trojan.Tepfer-61, Trojan.VIZ.Gen.1, Trojan.Win32.Zbot.smb (v). Malware Analysis of Spyware/Win32.Zbot.R74365 – OMBAUM.EXE Created files: %LOCAL APPDATA%\MICROSOFT\WINDOWS MAIL\LOCAL FOLDERS\SENT ITEMS\WINMAIL.FOL %LOCAL APPDATA%\MICROSOFT\WINDOWS MAIL\MICROSOFT COMMUNITIES\ACCOUNT{590D00F5-2783-4D8E-972C-BC334CDE86FF}.OEACCOUNT %APPDATA%\FAAT\OMBAUM.EXE %WINDIR%\TEMP\1E0D.TMP %WINDIR%\TEMP\1E3D.TMP Autostart registry keys: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\OMBAUM: “%APPDATA%\FAAT\OMBAUM.EXE” Detected by UnHackMe: OMBAUM.EXE DEFAULT LOCATION: %APPDATA%\FAAT\OMBAUM.EXE Dropper hash(md5): 1b0eb6a955338f5f27049376139cb7ad UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most…

Continue reading →

Win.Spyware.202-2 also known as Win32/Spy.SCKeyLog.O, Trojan.Generic.4097795. Malware Analysis of Win.Spyware.202-2 – GAME_Y.EXE Created files: %SYSDIR%\GAME_Y.DLL %SYSDIR%\GAME_Y.EXE %SYSDIR%\Y_EMAG.DAT Detected by UnHackMe: GAME_Y.EXE Default location: %SYSDIR%\GAME_Y.EXE Dropper hash(md5): 0e548c9fed16b26855758cb522ebbd0d UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form of malware,…

Continue reading →

Spyware ( 00011e2a1 ) also known as Win32.Troj.PerfKey.(kcloud), Trojan[Monitor:not-a-virus]/Win32.Perflogger, Monitor.W32.Gen!c. Malware Analysis of Spyware ( 00011e2a1 ) – SO2GAMESWB.DLL Created files: %SYSDIR%\SO2GAMESHK.DLL %SYSDIR%\SO2GAMESR.EXE %SYSDIR%\SO2GAMESWB.DLL %SYSDIR%\WEB.DAT Autostart registry keys: HKLM\SOFTWARE\CLASSES\CLSID\{1E1B2879-88FF-11D3-8D96-D7ACAC95951A}\INPROCSERVER32\: “%SYSDIR%\SO2GAMESWB.DLL” Detected by UnHackMe: SO2GAMESWB.DLL Default location: %SYSDIR%\SO2GAMESWB.DLL Dropper hash(md5): c4dc20b0f9a0abbec5535469deeba1d6 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe…

Continue reading →

Spyware ( 000059411 ) also known as Generic.Perfloger.DF90E1A8, W32/Perflogger.B, Generic.Perfloger.DF90E1A8. Malware Analysis of Spyware ( 000059411 ) – SO2GAMESR.EXE Created files: %SYSDIR%\SO2GAMES.EXE %SYSDIR%\SO2GAMESHK.DLL %SYSDIR%\SO2GAMESR.EXE %SYSDIR%\SO2GAMESWB.DLL %SYSDIR%\WEB.DAT Autostart registry keys: HKLM\SOFTWARE\CLASSES\CLSID\{1E1B2879-88FF-11D3-8D96-D7ACAC95951A}\INPROCSERVER32\: “%SYSDIR%\SO2GAMESWB.DLL” Detected by UnHackMe: SO2GAMESR.EXE Default location: %SYSDIR%\SO2GAMESR.EXE Dropper hash(md5): c4dc20b0f9a0abbec5535469deeba1d6 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software.…

Continue reading →

Spyware ( 004bf65d1 ) also known as Win32.Trojan.Spy.Hwwn, Trojan.Win32.Peflog.fzod, Generic.Perfloger.80ACE920. Malware Analysis of Spyware ( 004bf65d1 ) – SO2GAMESHK.DLL Created files: %SYSDIR%\PK.BIN %SYSDIR%\SO2GAMES.EXE %SYSDIR%\SO2GAMESHK.DLL %SYSDIR%\SO2GAMESR.EXE %SYSDIR%\SO2GAMESWB.DLL Autostart registry keys: HKLM\SOFTWARE\CLASSES\CLSID\{1E1B2879-88FF-11D3-8D96-D7ACAC95951A}\INPROCSERVER32\: “%SYSDIR%\SO2GAMESWB.DLL” Detected by UnHackMe: SO2GAMESHK.DLL Default location: %SYSDIR%\SO2GAMESHK.DLL Dropper hash(md5): c4dc20b0f9a0abbec5535469deeba1d6 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software.…

Continue reading →

Malware Analysis of PE:Spyware.Texy!1.64D4 – XDISKFUN.SYS Created files: %Program Files%\29pc\UserInfoLog.txt %Program Files%\29pc\winhzgj.exe %Program Files%\29pc\xdiskfun.sys %Program Files%\29pc\youhua.exe %Program Files%\29pc\zmzy.bat Autostart registry keys: HKLM\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}\StubPath: “”%Program Files%\Google\Chrome\Application\53.0.2785.116\Installer\chrmstp.exe” –configure-user-settings –verbose-logging –system-level –multi-install –chrome” HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome\UninstallString: “”%Program Files%\Google\Chrome\Application\53.0.2785.116\Installer\setup.exe” –uninstall –multi-install –chrome –system-level” Detected by UnHackMe: XDISKFUN.SYS Default location: %PROGRAM FILES%\29PC\XDISKFUN.SYS Dropper hash(md5): d5d38f0764ab6fba605cebabee7ffee1 UnHackMe removes malware invisible for…

Continue reading →

Spyware.PowerSpy also known as a variant of Win32/PowerSpy potentially unsafe, Trojan.Application.Emathi.1, Gen:Variant.Application.Emathi.1. Malware Analysis of Spyware.PowerSpy – WINPS.EXE Created files: %Program Files%\Power Spy\unins000.dat %Program Files%\Power Spy\unins000.exe %Program Files%\Power Spy\winps.exe %TEMP%\STPE1D4.TMP %TEMP%\STPE1D4_TMP.EXE Detected by UnHackMe: WINPS.EXE Default location: %PROGRAM FILES%\POWER SPY\WINPS.EXE Dropper hash(md5): a41c7ddd969d48fe24537cd0a5b2f790 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most…

Continue reading →

Spyware.GameThief also known as TrojanDownloader:Win32/Zegost.E!bit, Trojan.Win32.Farfli, Trojan.Win32.Redosdru.ecmtpm. Malware Analysis of Spyware.GameThief – E241A105.EXE Created files: %WINDIR%\E241A105.EXE Autostart registry keys: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MNOPQR TUVWXYAB DEF\IMAGEPATH: “%WINDIR%\E241A105.EXE” HKLM\System\CurrentControlSet\services\Mnopqr Tuvwxyab Def\DisplayName: “Mnopqr Tuvwxyab Defghijk Mnop” Detected by UnHackMe: E241A105.EXE Default location: %WinDir%\E241A105.EXE Dropper hash(md5): 5848e68c33dcbeff04396de17771a913 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe…

Continue reading →

Spyware.OnlineGames.ub also known as Trojan.Win32.Downloader.14434[h], Trojan-GameThief.Win32.Magania, PWS-OnlineGames.ea. Malware Analysis of Spyware.OnlineGames.ub – 91C7DF6D.DLL Created files: %TEMP%\LIV4B3C.TMP %APPDATA%\MICROSOFT\PROTECT\S-1-5-21-2250177403-3231077850-1239169437-1002\45BAFEE3-5793-4A3B-B7F0-E10B569FD99D %SYSDIR%\91C7DF6D.CFG %SYSDIR%\91C7DF6D.DLL Autostart registry keys: HKLM\Software\Classes\CLSID\{91C7DF6D-AEF5-4136-9252-AF030D7A5931}\InprocServer32\: “91C7DF6D.dll” Detected by UnHackMe: 91C7DF6D.DLL Default location: %SYSDIR%\91C7DF6D.DLL Dropper hash(md5): 042c8e2e687cc6a1a78f874c0db8c5db UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it…

Continue reading →

Spyware[Porn-Dialer:not-a-virus]/Win32.InstantAccess also known as InstantAccess (PUA), Trojan.Wintrim.BH, Dialer.ANS. Malware Analysis of Spyware[Porn-Dialer:not-a-virus]/Win32.InstantAccess – EGDACCESS_1058.DLL Created files: %APPDATA%\MICROSOFT\PROTECT\S-1-5-21-2250177403-3231077850-1239169437-1002\A3796A63-5D84-4C36-AD83-7A7202A6C66D %START MENU%\INSTANT ACCESS.LNK %SYSDIR%\EGDACCESS_1058.DLL %WINDIR%\EXEDIALER.EXE Autostart registry keys: HKLM\SOFTWARE\CLASSES\CLSID\{BFC9677B-8006-4336-9D49-2C797AEFCB9E}\INPROCSERVER32\: “%SYSDIR%\EGDACCESS_1058.DLL” Detected by UnHackMe: EGDACCESS_1058.DLL Default location: %SYSDIR%\EGDACCESS_1058.DLL Dropper hash(md5): 038243a1f241e4ebcb83617f7677b709 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN,…

Continue reading →

W32/Spyware.XXXL-0079 also known as Backdoor/Huigezi.2004.t.Dropper, Trojan.Inject.HD, a variant of Win32/Hupigon. Malware Analysis of W32/Spyware.XXXL-0079 – QQMSGS.EXE Created files: %WINDIR%\TEMP\~DFD1C77CD3DF553275.TMP %WINDIR%\QQMSGS.DLL %WINDIR%\QQMSGS.EXE %WINDIR%\QQMSGSHOOK.DLL Autostart registry keys: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NERWORK DDE IC\IMAGEPATH: “%WINDIR%\QQMSGS.EXE” HKLM\System\CurrentControlSet\services\Nerwork DDE IC\DisplayName: “Nerwork DDE IC” Detected by UnHackMe: QQMSGS.EXE Default location: %WinDir%\QQMSGS.EXE Dropper hash(md5): 05e6ea0c41178327df8433279a78f0ef UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible…

Continue reading →

Spyware.StartPage.214424[h] also known as W32.FakeAV009.Adware, Troj.Gen!c, W32/Trojan.RNJU-1461. Malware Analysis of Spyware.StartPage.214424[h] – SAES.EXE Created files: %COMMON APPDATA%\VCRY\KWSSP.DLL %COMMON APPDATA%\VCRY\KWSUI.DLL %COMMON APPDATA%\VCRY\SAES.EXE %PUBLIC%\DESKTOP\FORQD340.EXE %LOCAL APPDATA%\MICROSOFT\INTERNET EXPLORER\RECOVERY\HIGH\ACTIVE\RECOVERYSTORE.{005CD2CB-62F7-11E6-ABD6-000C2982064B}.DAT Autostart registry keys: HKLM\Software\Classes\PUYK\shell\open\command\: “explorer “%Program Files%\Microsoft %C%9d%8o%9b%8e Emulator\Internat Explorer”” Detected by UnHackMe: SAES.EXE DEFAULT LOCATION: %COMMON APPDATA%\VCRY\SAES.EXE Dropper hash(md5): 08b43abb9e477abb25f37729c3d34cf2 UnHackMe removes malware invisible for your antivirus! UnHackMe is…

Continue reading →

Spyware[Dialer:not-a-virus]/Win32.E-Group also known as TROJ_DIALER.AIN, Dialer.Egroup.DB (B), TROJ_DIALER.AIN. Malware Analysis of Spyware[Dialer:not-a-virus]/Win32.E-Group – EGDIAL.DLL Created files: %START MENU%\VIZITUS.LNK %SYSDIR%\EGDHTML_1020.DLL %SYSDIR%\EGDIAL.DLL %WINDIR%\EXEDIALER.EXE Autostart registry keys: HKLM\SOFTWARE\CLASSES\CLSID\{2ABE804B-4D3A-41BF-A172-304627874B45}\INPROCSERVER32\: “%SYSDIR%\EGDHTML_1020.DLL” HKLM\SOFTWARE\CLASSES\CLSID\{94742E3F-D9A1-4780-9A87-2FFA43655DA2}\INPROCSERVER32\: “%SYSDIR%\EGDIAL.DLL” Detected by UnHackMe: EGDIAL.DLL Default location: %SYSDIR%\EGDIAL.DLL Dropper hash(md5): 2694e7e866aad8ba9f05c3dcb1d065c7 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100%…

Continue reading →

Spyware.OnlineGames.rust also known as Trojan/PSW.GamePass.acbw, Mal_OLGM-15, Trojan ( 0001140e1 ). Malware Analysis of Spyware.OnlineGames.rust – QANHLLAO.DLL Created files: %SYSDIR%\QANHLLAO.DLL %SYSDIR%\QANHLLAOK.EXE Detected by UnHackMe: QANHLLAO.DLL Default location: %SYSDIR%\QANHLLAO.DLL Dropper hash(md5): c14e06323338df19acdac68d11945127 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any…

Continue reading →

Win.Spyware.59313-2 also known as HEUR:Trojan.Win32.Generic, Win32:Susn-K [Trj], W32.OnlineGamesFAC.Worm. Malware Analysis of Win.Spyware.59313-2 – QENSNG.DLL Created files: %SYSDIR%\QENSNG.DLL %SYSDIR%\QENSNGK.EXE Autostart registry keys: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs: “qensng.dll” Detected by UnHackMe: QENSNG.DLL Default location: %SYSDIR%\QENSNG.DLL Dropper hash(md5): 9f3f29b5dc4d53fd14e5ef80fe812ae8 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it…

Continue reading →

Spyware.Dialer.CapreDeam.98184.ACJ also known as Dialer.CarpeDiem, Dialer.Carped.S. Malware Analysis of Spyware.Dialer.CapreDeam.98184.ACJ – 24AB27B375C0455731C4A9C30D727167.EXE Created files: %WINDIR%\TEMP\MT\24AB27B375C0455731C4A9C30D727167.EXE Detected by UnHackMe: 24AB27B375C0455731C4A9C30D727167.EXE Default location: %WinDir%\TEMP\MT\24AB27B375C0455731C4A9C30D727167.EXE Dropper hash(md5): 24ab27b375c0455731c4a9c30d727167 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form of malware, including adware,…

Continue reading →

Win.Spyware.49351-2 also known as Win32:Susn-K [Trj], Win32/Treemz.AH, Trojan.PWS.OnlineGames.ZAY. Malware Analysis of Win.Spyware.49351-2 – CAOTXBK.EXE Created files: %SYSDIR%\CAOTXB.DLL %SYSDIR%\CAOTXBK.EXE Autostart registry keys: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs: “caotxb.dll” Detected by UnHackMe: CAOTXBK.EXE Default location: %SYSDIR%\CAOTXBK.EXE Dropper hash(md5): aab19347ddc585cb650eb37e53063343 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it…

Continue reading →