Spyware ( 00009b291 ) also known as Trojan.Zbot, Trojan.Win32.Generic!SB.0, Win32/Spy.Zbot.YW. Malware Analysis of Spyware ( 00009b291 ) Created files: %Appdata%\Daer\soapvic.iwu %Appdata%\Daer\soapvic.tmp %Appdata%\Uctihu\fidoifw.exe %Local Appdata%\Identities\{FD9F837C-5851-47A2-A9B3-B6680CCE76B7}\Microsoft\Outlook Express\Folders.dbx %Local Appdata%\Identities\{FD9F837C-5851-47A2-A9B3-B6680CCE76B7}\Microsoft\Outlook Express\Inbox.dbx Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\{795B40C1-E216-093E-0854-EA04784E629A}: “”%Appdata%\Uctihu\fidoifw.exe”” Detected by UnHackMe: FIDOIFW.EXE Default location: %APPDATA%\UCTIHU\FIDOIFW.EXE Dropper hash(md5): 8a90f5e04a74a295955147531dbaa778 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most…

Continue reading →

Spyware.ZOE also known as Trojan/Win32.Swisyn, Trojan.Generic.8433055, W32/Swisyn.ag. Malware Analysis of Spyware.ZOE Created files: %WinDir%\winssvchost.exe %Appdata%\114.exe %Appdata%\am5391.exe %Appdata%\am5391.exe UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form of malware, including adware, spyware, viruses, trojans and backdoors. VirusTotal (0/56). System…

Continue reading →

Spyware ( 004458f01 ) also known as PE:Trojan.Win32.Generic.15CB91D4!365662676, PSW.Generic12.XVZ, Trojan:Win32/Dishigy.I. Malware Analysis of Spyware ( 004458f01 ) Created files: %Common Appdata%systemskey.ini C:Documents and SettingsLocalServiceApplication Dataffifssssfdfsf4f.ini %WinDir%disc.exe Detected by UnHackMe: DISC.EXE Default location: %WinDir%DISC.EXE UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does…

Continue reading →

Spyware ( 00404d661 ) also known as Trojan/Win32.Zbot, Troj/Agent-AFTJ, TR/PSW.Zbot.14001. Malware Analysis of Spyware ( 00404d661 ) Created files: %Appdata%\Microsoft\Address Book\Administrator.wab %Appdata%\Onnaij\pigumu.exe Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Pigumu: “”%Appdata%\Onnaij\pigumu.exe”” Detected by UnHackMe: PIGUMU.EXE Default location: %APPDATA%\ONNAIJ\PIGUMU.EXE Dropper hash(md5): f20ae48f1e6b7ff838eea01e556321a6 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN,…

Continue reading →

Spyware ( 004905c91 ) also known as Dropper.Generic8.CBPU, Trojan-Dropper.Win32.Daws (A), Trojan/Win32.Daws. Malware Analysis of Spyware ( 004905c91 ) Created files: %SysDir%\javaj.exe Autostart registry keys: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\javaj: 43 3A 5C 57 49 4E 44 4F 57 53 5C 73 79 73 74 65 6D 33 32 5C 6A 61 76 61 6A 2E 65 78 65 00…

Continue reading →

Spyware.Vnc.A also known as PUA.RAT.VNC-8, Packed/NakedPack, DR/VNC.A.5. Malware Analysis of Spyware.Vnc.A Created files: %SysDir%\vnc\VNCLink.exe %Temp%\E_4\krnln.fnr %Temp%\vnc1.exe %Temp%\ UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form of malware, including adware, spyware, viruses, trojans and backdoors. VirusTotal (0/56). System…

Continue reading →

Spyware ( 004472dc1 ) also known as Gen:Variant.MSILKrypt.6, a variant of MSIL/Autorun.Spy.Agent.AU. Malware Analysis of Spyware ( 004472dc1 ) Created files: %Appdata%\Windows Update.exe %Appdata%\WindowsUpdate.exe %Desktop%\newlife.exe %Temp%\SysInfo.txt %Startup%\Temp.exe Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Windows Update: “%Appdata%\WindowsUpdate.exe” Detected by UnHackMe: NEWLIFE.EXE Default location: %DESKTOP%\NEWLIFE.EXE Dropper hash(md5): ef759259cea080f38c65697ca8e6b679 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most…

Continue reading →

Spyware ( 00011dd91 ) also known as Trojan.Win32.SCKeyLog.epgf, Trojan.SCKeyLog.20, W32/SCkeylogger.IHYA-9115. Malware Analysis of Spyware ( 00011dd91 ) Created files: %Temp%67-41 %Temp%ief1.tmp %SysDir%2loops_niw.dat %SysDir%win_spool2.dll %SysDir%win_spool2.exe Detected by UnHackMe: WIN_SPOOL2.EXE Default location: %SYSDIR%WIN_SPOOL2.EXE UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain…

Continue reading →

Spyware ( 0000b10d1 ) also known as Troj/SCKeyLog-O, Trj/Rovaf.A, SC-KeyLog. Malware Analysis of Spyware ( 0000b10d1 ) Created files: %Temp%67-41 %Temp%ief1.tmp %SysDir%2loops_niw.dat %SysDir%win_spool2.dll %SysDir%win_spool2.exe Detected by UnHackMe: WIN_SPOOL2.DLL Default location: %SYSDIR%WIN_SPOOL2.DLL UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain…

Continue reading →

Spyware ( 00430df71 ) also known as Artemis!4E131B5C9385, WS.Reputation.1, TROJ_GEN.R0CBB01A714. Malware Analysis of Spyware ( 00430df71 ) Created files: %Profile%\Local Settings\help.dll %Profile%\Local Settings\tmp.bak Autostart registry keys: HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\run\IMSCMig: “Rundll32.EXE C:\DOCUME~1\ADMINI~1\LOCALS~1\help.dll,NotifyLogonUser” Detected by UnHackMe: HELP.DLL Default location: %PROFILE%\LOCAL SETTINGS\HELP.DLL Dropper hash(md5): 751965c21b888a37748b36faf3c84afe UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe…

Continue reading →

Spyware ( 002891031 ) also known as TSPY_ZBOT.SMIG, Trojan.PWS.Panda.655, Trojan.Agent/Gen-FakeAlert. Malware Analysis of Spyware ( 002891031 ) Created files: %Appdata%\Okyda\kebi.orq %Appdata%\Okyda\kebi.tmp %Appdata%\Riir\edyrv.exe %Local Appdata%\Identities\{FD9F837C-5851-47A2-A9B3-B6680CCE76B7}\Microsoft\Outlook Express\Folders.dbx %Local Appdata%\Identities\{FD9F837C-5851-47A2-A9B3-B6680CCE76B7}\Microsoft\Outlook Express\Inbox.dbx Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\{70C50900-1DAC-9D70-8F9F-914C56DD174D}: “”%Appdata%\Riir\edyrv.exe”” Detected by UnHackMe: EDYRV.EXE Default location: %APPDATA%\RIIR\EDYRV.EXE UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe…

Continue reading →

Spyware.2020search also known as Win.Adware.Iesearchbar-4, Riskware/IESearchBar, Artemis!D5318927BF9A. Malware Analysis of Spyware.2020search Created files: C:\decab.log %Program Files%\Cycle1st\1829A0B3.cfg %Program Files%\Cycle1st\1829A0B3.dll %Program Files%\Cycle1st\blank.bmp %Program Files%\Cycle1st\blankh.bmp Autostart registry keys: HKLM\Software\Classes\CLSID\{B63D81CF-90DC-4d13-8782-9524A2752039}\InprocServer32\: “%Program Files%\Cycle1st\1829A0B3.dll” Detected by UnHackMe: 1829A0B3.DLL Default location: %PROGRAM FILES%\CYCLE1ST\1829A0B3.DLL UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which…

Continue reading →

Spyware ( 0048be621 ) also known as TROJ_SCAR.ARW, Trojan.Win32.Generic!SB.0, Win32.Troj.Scar.ht.(kcloud). Malware Analysis of Spyware ( 0048be621 ) Created files: %Appdata%\MacromediaFlesh\funcs.dll %Appdata%\MacromediaFlesh\funcs.tmp %Appdata%\MacromediaFlesh\MacromediaFlesh.exe %Appdata%\MacromediaFlesh\MacromediaFlesh_.tmp Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\MacromediaFlesh: “%Appdata%\MacromediaFlesh\MacromediaFlesh.exe” HKLM\System\CurrentControlSet\Services\BITS\Start: 0x00000003 Detected by UnHackMe: MACROMEDIAFLESH.EXE Default location: %APPDATA%\MACROMEDIAFLESH\MACROMEDIAFLESH.EXE UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN,…

Continue reading →

Spyware ( 0048c33b1 ) also known as W32.Clod920.Trojan.5d6b, Trojan.GenericKD.1423749. Malware Analysis of Spyware ( 0048c33b1 ) Created files: %Appdata%\MacromediaFlesh\funcs.dll %Appdata%\MacromediaFlesh\funcs.tmp %Appdata%\MacromediaFlesh\MacromediaFlesh.exe %Appdata%\MacromediaFlesh\MacromediaFlesh_.tmp Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\MacromediaFlesh: “%Appdata%\MacromediaFlesh\MacromediaFlesh.exe” HKLM\System\CurrentControlSet\Services\BITS\Start: 0x00000003 Detected by UnHackMe: FUNCS.DLL Default location: %APPDATA%\MACROMEDIAFLESH\FUNCS.DLL UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which…

Continue reading →

Spyware.AdaEbook also known as TROJ_GEN.R47B1CM, W32/AdaEbook.A.gen!Eldorado, Artemis!494DF6619C4D. Malware Analysis of Spyware.AdaEbook Created files: %WinDir%\pchealth\helpctr\Config\GroupPolicy\User\Scripts\explorer.exe %WinDir%\Temp\111.exe %WinDir%\Temp\222.exe %WinDir%\helpctr\wuem\maf\svchost.exe Autostart registry keys: HKLM\Software\Classes\CLSID\{E8CFC029-8420-4EAE-ADEF-915BDC77E1DC}\LocalServer32\: “%WinDir%\Temp\111.exe” HKLM\System\CurrentControlSet\Services\SharedAccess\Start: 0x00000004 HKLM\System\CurrentControlSet\Services\wscsvc\ImagePath: “%WinDir%\helpctr\wuem\maf\svchost.exe” HKLM\System\CurrentControlSet\Services\wscsvc\Description: “????????????” Detected by UnHackMe: 111.EXE Default location: %WinDir%\TEMP\111.EXE UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means…

Continue reading →

Malware Analysis of Spyware.Agent Created files: C:\Documents and Settings\LocalService\Application Data\ITdnyI\YX.dll %Temp%\0ItgXrUo2.dll C:\Documents and Settings\LocalService\Application Data\ITdnyI\myIRdnw.dll C:\Documents and Settings\LocalService\Application Data\ITdnyI\qAMVf.dll C:\Documents and Settings\LocalService\Application Data\ITdnyI\tCOYh.dll Autostart registry keys: HKLM\System\CurrentControlSet\Services\IPRIP\Security\Security: 01 00 14 80 90 00 00 00 9C 00 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00…

Continue reading →

PE:Spyware.KL.Delf!1.6558 also known as Trojan.Win32.Generic.AeS, Heuristic.BehavesLike.Win32.Suspicious.H, Trojan.Crypt.Delf.AL. Malware Analysis of PE:Spyware.KL.Delf!1.6558 Created files: %SysDir%\fdc33961dc77a94818b244ae43bdc093.exe Autostart registry keys: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Firewall Service: 43 3A 5C 57 49 4E 44 4F 57 53 5C 73 79 73 74 65 6D 33 32 5C 66 64 63 33 33 39 36 31 64 63 37 37 61 39 34 38…

Continue reading →

Spyware ( 0048e5cc1 ) also known as Trojan-PWS.Banker6, Suspicious_Gen2.VSUKJ, Win32:Banker-KIG [Trj]. Malware Analysis of Spyware ( 0048e5cc1 ) Created files: %Temp%enviadedemail.tmp %Temp%NBR.exe Detected by UnHackMe: NBR.EXE Default location: %TEMP%NBR.EXE UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form…

Continue reading →

Spyware ( 000115fe1 ) also known as Win32:Obvod-C [Trj], TROJ_OBVOD.AT, RDN/Downloader.a!nw. Malware Analysis of Spyware ( 000115fe1 ) Created files: %WinDir%\Tasks\At98.job %WinDir%\Tasks\At99.job %Local Appdata%\2gqWV0.exe %Program Files%\VMware\VMware Tools\VMwareTray .exe %Program Files%\VMware\VMware Tools\VMwareUser .exe Autostart registry keys: HKLM\System\CurrentControlSet\Services\Schedule\AtTaskMaxHours: 0x00000048 HKLM\System\CurrentControlSet\Services\Schedule\NextAtJobId: 0x00000061 Detected by UnHackMe: 2GQWV0.EXE Default location: %LOCAL APPDATA%\2GQWV0.EXE UnHackMe removes malware invisible for your antivirus! UnHackMe…

Continue reading →

Spyware.PigSearch also known as W32/WSearch, Win-Adware/WSearch.143360. Malware Analysis of Spyware.PigSearch Created files: %Startup%CamZoomer.lnk %Program Files%CamZoomercamzoomer.exe %Program Files%CamZoomercamzoomer.url %Program Files%CamZoomercz16.dll %Program Files%CamZoomercz32.dll %Program Files%CamZoomerhandler.dll %Program Files%CamZoomerKeygen.exe %Program Files%CamZoomerreadme.html %Program Files%CamZoomerunins000.dat %Program Files%CamZoomerunins000.exe %Program Files%CamZoomerE?OAE UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does…

Continue reading →

Spyware.Delf also known as Gen:Variant.Barys.547, Trojan/Win32.Generic.gen, Trojan.PWS.Tibia.2502. Malware Analysis of Spyware.Delf Created files: %Appdata%ffcsos33f.ini %Common Appdata%OVHDLL.exe %Common Appdata%systemskey.ini %Common Templates%REGDLL.exe Detected by UnHackMe: OVHDLL.EXE Default location: %COMMON APPDATA%OVHDLL.EXE UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form of…

Continue reading →

Spyware/Win32.Carberp also known as TrojanSpy.Carberp, Trojan.Agent.AI, Trojan.Win32.Generic!BT. Malware Analysis of Spyware/Win32.Carberp Created files: %Startup%\EhPaUAuhP3k.exe Detected by UnHackMe: EHPAUAUHP3K.EXE Default location: %STARTUP%\EHPAUAUHP3K.EXE UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form of malware, including adware, spyware, viruses, trojans and…

Continue reading →

Heuristic.BehavesLike.Win32.AdSpyware.H also known as Reser.Reputation.1. Malware Analysis of Heuristic.BehavesLike.Win32.AdSpyware.H Created files: %Temp%\nsh3.tmD\System.dll %Temp%\nsh3.tmD\UserInfo.dll %Temp%\nsh3.tmD\workerExtension.dll %Temp%\~DF1016.tmp Detected by UnHackMe: WORKEREXTENSION.DLL Default location: %TEMP%\NSH3.TMD\WORKEREXTENSION.DLL UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form of malware, including adware, spyware, viruses, trojans…

Continue reading →

Spyware.Password.Usteal also known as TROJ_GEN.R0CBC0DJ813, TR/ATRAPS.Gen, Gen:Variant.Barys.7356. Malware Analysis of Spyware.Password.Usteal Created files: %Temp%\googel.exe %Temp%\googel.exe.tmp %Startup%\6e1d0a9f2198bf2fcb3838391d245aff.exe Detected by UnHackMe: GOOGEL.EXE Default location: %TEMP%\GOOGEL.EXE UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form of malware, including adware, spyware, viruses,…

Continue reading →

Win32.Spyware also known as Suspicious file, Trojan.Malware.Obscu.Gen.002, RDN/Generic StartPage!bf. Malware Analysis of Win32.Spyware Created files: %Temp%\etilqs_WwBL9pjdYBpScYB %WinDir%\0.00.exe %WinDir%\0.000.exe Detected by UnHackMe: 0.000.EXE Default location: %WinDir%\0.000.EXE UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form of malware, including adware,…

Continue reading →

Spyware.Usteal also known as UStealer.F, Trojan.Win32.UFR.bmnnpr, Trojan/Generic.bcpdm. Malware Analysis of Spyware.Usteal Created files: %Appdata%\4f8d9ea7ffea98cf7cca0b495d6bbbea.exe Detected by UnHackMe: 4F8D9EA7FFEA98CF7CCA0B495D6BBBEA.EXE Default location: %APPDATA%\4F8D9EA7FFEA98CF7CCA0B495D6BBBEA.EXE UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form of malware, including adware, spyware, viruses, trojans and…

Continue reading →

Spyware.ZeuS also known as Gen:Variant.Zusy.62865, Trj/Genetic.gen, Trojan.PWS.Panda.4379. Malware Analysis of Spyware.ZeuS Created files: %Appdata%\Microsoft\Address Book\Administrator.wab %Appdata%\Guucun\asri.exe Detected by UnHackMe: ASRI.EXE Default location: %APPDATA%\GUUCUN\ASRI.EXE UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form of malware, including adware, spyware, viruses,…

Continue reading →

Spyware.Zbot.ED also known as Gen:Variant.Zusy.62862 (B), TrojanSpy.Zbot!ZNrpN4a8OkM, Generic Malware. Malware Analysis of Spyware.Zbot.ED Created files: %Appdata%\Microsoft\Address Book\Administrator.wab %Appdata%\Dyixp\ceekki.exe Detected by UnHackMe: CEEKKI.EXE Default location: %APPDATA%\DYIXP\CEEKKI.EXE UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form of malware, including adware,…

Continue reading →

Win32:Spyware-gen [Spy] also known as Trojan.Win32.A.Scar.20992.F, Win32/Agent.OWW, Trojan/Win32.Scar.gen. Malware Analysis of Win32:Spyware-gen [Spy] Created files: %SysDir%\WinHfib32.exe Detected by UnHackMe: WINHFIB32.EXE Default location: %SYSDIR%\WINHFIB32.EXE UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form of malware, including adware, spyware, viruses,…

Continue reading →

Spyware.Zbot also known as W32/Zbot.AT!tr, PWS:Win32/Zbot.gen!Y, PWS-Zbot.gen.ds. Malware Analysis of Spyware.Zbot Created files: %Appdata%\Microsoft\Address Book\Administrator.wab %Appdata%\Microsoft\Address Book\Administrator.wab~ %Appdata%\Cirae\koelw.exe %Appdata%\Masi\ibcyn.tmp %Local Appdata%\Identities\{FD9F837C-5851-47A2-A9B3-B6680CCE76B7}\Microsoft\Outlook Express\Folders.dbx Detected by UnHackMe: KOELW.EXE Default location: %APPDATA%\CIRAE\KOELW.EXE UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form…

Continue reading →