Win.Spyware.53371-2 also known as Password-Stealer ( 0001c3801 ), TrojWare.Win32.PSW.OnlineGames.~MCA, Win32:Susn-K [Trj]. Malware Analysis of Win.Spyware.53371-2 – THERMALTINCK.EXE Created files: %SYSDIR%\THERMALTINC.DLL %SYSDIR%\THERMALTINCK.EXE Detected by UnHackMe: THERMALTINCK.EXE Default location: %SYSDIR%\THERMALTINCK.EXE Dropper hash(md5): 33e20c41f9acc7954ac4f90816ea3ed2 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain…

Continue reading →

Spyware[AdWare:not-a-virus]/MSIL.Solimba also known as Gen:Variant.Adware.Solimba.1, Trojan.Repacked, Gen:Variant.Adware.Solimba. Malware Analysis of Spyware[AdWare:not-a-virus]/MSIL.Solimba – DOWNLOADMR.EXE Created files: %TEMP%\NSK2305.TMP %TEMP%\NSK2306.TMP\DOWNLOADMR.EXE Detected by UnHackMe: DOWNLOADMR.EXE DEFAULT LOCATION: %TEMP%\NSK2306.TMP\DOWNLOADMR.EXE Dropper hash(md5): d717ac4a9e217fd7d60adbe3d28b5a0e UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form of malware,…

Continue reading →

Win.Spyware.57835-2 also known as Trojan.PWS.OnlineGames.ZQO, TrojanSpy:Win32/Treemz.gen!A, Troj.Spy.W32.Agent.kZ4o. Malware Analysis of Win.Spyware.57835-2 – XUNTXN.DLL Created files: %SYSTEMDRIVE%\SAND-BOX\5ED5DB6DB8E6A4CFE76705EB098D36C9.EXE.BAT %SYSDIR%\XUNTXN.DLL %SYSDIR%\XUNTXNK.EXE Detected by UnHackMe: XUNTXN.DLL Default location: %SYSDIR%\XUNTXN.DLL Dropper hash(md5): 5ed5db6db8e6a4cfe76705eb098d36c9 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form of…

Continue reading →

Win.Spyware.73885-1 also known as BehavesLike.Win32.PWSOnlineGames.mh, W32/Onlinegames.OST!tr.pws, Trojan.WOW.Win32.7108. Malware Analysis of Win.Spyware.73885-1 – 90058796.DLL Created files: %TEMP%\90058796.DLL %TEMP%\MJ.DLL Detected by UnHackMe: 90058796.DLL DEFAULT LOCATION: %TEMP%\90058796.DLL Dropper hash(md5): d4a26452f80b95964599e1df8cb7d9df UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form of malware,…

Continue reading →

Spyware ( 00011e2a1 ) also known as Trojan.Win32.Generic!BT, Trj/Genetic.gen, Trojan.PerfKey.Win32.13. Malware Analysis of Spyware ( 00011e2a1 ) – GHOSTWB.DLL Created files: %SYSDIR%\GHOSTHK.DLL %SYSDIR%\GHOSTR.EXE %SYSDIR%\GHOSTWB.DLL %SYSDIR%\INST.DAT %SYSDIR%\PK.BIN Detected by UnHackMe: GHOSTWB.DLL Default location: %SYSDIR%\GHOSTWB.DLL Dropper hash(md5): d723ea90bdb19d30ec8aef209d34ceea UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which…

Continue reading →

Spyware ( 000059411 ) also known as TR/Perfloger.X.31, Riskware.Win32.Perflogger.hrpn, Trojan.Win32.Peflog.30. Malware Analysis of Spyware ( 000059411 ) – GHOSTR.EXE Created files: %SYSDIR%\GHOST.EXE %SYSDIR%\GHOSTHK.DLL %SYSDIR%\GHOSTR.EXE %SYSDIR%\GHOSTWB.DLL %SYSDIR%\INST.DAT Detected by UnHackMe: GHOSTR.EXE Default location: %SYSDIR%\GHOSTR.EXE Dropper hash(md5): d723ea90bdb19d30ec8aef209d34ceea UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which…

Continue reading →

Spyware[AdWare:not-a-virus]/Win32.WinAD also known as Riskware.Win32.WinAD.wlau, Trojan.Generic.3115772, Trojan.Generic.3115772. Malware Analysis of Spyware[AdWare:not-a-virus]/Win32.WinAD – WINADSLAVE.EXE Created files: %Program Files%\Windows AdService\Info.txt %Program Files%\Windows AdService\WinAdMaster.dll %Program Files%\Windows AdService\WinAdServ.exe %Program Files%\Windows AdService\WinAdSlave.exe %WINDIR%\SYSTEM32\IDE21201.VXD Detected by UnHackMe: WINADSLAVE.EXE Default location: %PROGRAM FILES%\WINDOWS ADSERVICE\WINADSLAVE.EXE Dropper hash(md5): 952a118006ab4de118b0a83de6ee599b UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe…

Continue reading →

Win.Spyware.50450-2 also known as Trojan.PWS.OnlineGames.ZAY, Infostealer.Gampass, Trojan-GameThief.Win32.OnLineGames. Malware Analysis of Win.Spyware.50450-2 – JOHANDYK.EXE Created files: %SYSDIR%\JOHANDY.DLL %SYSDIR%\JOHANDYK.EXE Detected by UnHackMe: JOHANDYK.EXE Default location: %SYSDIR%\JOHANDYK.EXE Dropper hash(md5): 8226f6d9143174342e47ef033e14aaf7 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form of malware,…

Continue reading →

Win.Spyware.62978-2 also known as TROJ_GAMANIA.CG, W32/OnlineGames!tr, TrojanSpy:Win32/Treemz!rfn. Malware Analysis of Win.Spyware.62978-2 – KANDAWFK.EXE Created files: %WINDIR%\SYSTEM32\KANDAWF.DLL %WINDIR%\SYSTEM32\KANDAWFK.EXE Detected by UnHackMe: KANDAWFK.EXE Default location: %SYSDIR%\KANDAWFK.EXE Dropper hash(md5): 039e08974fecec49318469004e79ceb2 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form of malware,…

Continue reading →

Spyware.SyncroAd also known as Adware.WinAD, Win-Trojan/Winad.73728, ADW_WINAD.BX. Malware Analysis of Spyware.SyncroAd – WINADSERV.EXE Created files: %Program Files%\Windows AdService\Info.txt %Program Files%\Windows AdService\WinAdMaster.dll %Program Files%\Windows AdService\WinAdServ.exe %Program Files%\Windows AdService\WinAdSlave.exe %WINDIR%\SYSTEM32\IDE21201.VXD Detected by UnHackMe: WINADSERV.EXE Default location: %PROGRAM FILES%\WINDOWS ADSERVICE\WINADSERV.EXE Dropper hash(md5): 952a118006ab4de118b0a83de6ee599b UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe…

Continue reading →

Spyware.SyncroAd also known as Adware.WinAD, Win-Trojan/Winad.73728, ADW_WINAD.BX. Malware Analysis of Spyware.SyncroAd – WINADSERV.EXE Created files: %Program Files%\Windows AdService\Info.txt %Program Files%\Windows AdService\WinAdMaster.dll %Program Files%\Windows AdService\WinAdServ.exe %Program Files%\Windows AdService\WinAdSlave.exe %WINDIR%\SYSTEM32\IDE21201.VXD Detected by UnHackMe: WINADSERV.EXE Default location: %PROGRAM FILES%\WINDOWS ADSERVICE\WINADSERV.EXE Dropper hash(md5): 952a118006ab4de118b0a83de6ee599b UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe…

Continue reading →

Win.Spyware.52209-2 also known as a variant of Win32/PSW.OnLineGames.NXI, Trojan-GameThief.Win32.OnLineGames.tcnt, Trojan.PWS.OnlineGames.ZAY. Malware Analysis of Win.Spyware.52209-2 – WLLAMEK.EXE Created files: %WINDIR%\SYSTEM32\WLLAME.DLL %WINDIR%\SYSTEM32\WLLAMEK.EXE Detected by UnHackMe: WLLAMEK.EXE Default location: %SYSDIR%\WLLAMEK.EXE Dropper hash(md5): f309f65516e0c835a8f66cf7d1350d9b UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any…

Continue reading →

Win.Spyware.52209-2 also known as a variant of Win32/PSW.OnLineGames.NXI, Trojan-GameThief.Win32.OnLineGames.tcnt, Trojan.PWS.OnlineGames.ZAY. Malware Analysis of Win.Spyware.52209-2 – WLLAMEK.EXE Created files: %WINDIR%\SYSTEM32\WLLAME.DLL %WINDIR%\SYSTEM32\WLLAMEK.EXE Detected by UnHackMe: WLLAMEK.EXE Default location: %SYSDIR%\WLLAMEK.EXE Dropper hash(md5): f309f65516e0c835a8f66cf7d1350d9b UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any…

Continue reading →

Win32:Spyware-gen also known as Unclassified Malware, Win32/Treemz!generic, Trojan.Generic.1162376. Malware Analysis of Win32:Spyware-gen – KANDAWF.DLL Created files: %WINDIR%\SYSTEM32\KANDAWF.DLL %WINDIR%\SYSTEM32\KANDAWFK.EXE Detected by UnHackMe: KANDAWF.DLL Default location: %SYSDIR%\KANDAWF.DLL Dropper hash(md5): 039e08974fecec49318469004e79ceb2 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form of…

Continue reading →

Spyware.WinTaskAd also known as Trojan/Win32.Agent, Riskware, Win32:Adware-gen [Adw]. Malware Analysis of Spyware.WinTaskAd – WINADMASTER.DLL Created files: %Program Files%\Windows AdService\Info.txt %Program Files%\Windows AdService\WinAdMaster.dll %Program Files%\Windows AdService\WinAdServ.exe %Program Files%\Windows AdService\WinAdSlave.exe %WINDIR%\SYSTEM32\IDE21201.VXD Detected by UnHackMe: WINADMASTER.DLL Default location: %PROGRAM FILES%\WINDOWS ADSERVICE\WINADMASTER.DLL Dropper hash(md5): 952a118006ab4de118b0a83de6ee599b UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software.…

Continue reading →

Spyware.Recam!8.5E5-ZOVmRhHJaZH (Cloud) also known as Trojan.Win32.Recam.ebohiw, Trojan.GenericKD.3157367, Autoit. Malware Analysis of Spyware.Recam!8.5E5-ZOVmRhHJaZH (Cloud) – P7GZIKCO.EXE Created files: %Appdata%\8qSD0YXO\p7GZikcO.exe %Temp%\Rw1WIrfvaJ.txt Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\qog1Y2eb: “%Appdata%\8qSD0YXO\p7GZikcO.exe” Detected by UnHackMe: P7GZIKCO.EXE Default location: %APPDATA%\8QSD0YXO\P7GZIKCO.EXE Dropper hash(md5): 4cf2b6c41cc43b867dc3598fee827684 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it…

Continue reading →

Spyware.9470 also known as Win32:VB-QQH [Trj], Backdoor/Win32.VB. Malware Analysis of Spyware.9470 – 36KSEFP.EXE Created files: %Temp%\36ksefp.exe %Temp%\~DF64F7.tmp %SysDir%\jmbmx.log Autostart registry keys: HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\5ey32: “C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\36ksefp.exe” Detected by UnHackMe: 36KSEFP.EXE Default location: %TEMP%\36KSEFP.EXE Dropper hash(md5): d838c60a6bfcedfd46ce191926cb66d6 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does…

Continue reading →

Spyware.9470 (B) also known as W32/MalwareS.BFND, Backdoor/VB.olk, Trojan.VBRA.07196. Malware Analysis of Spyware.9470 (B) – 36KSEFP.EXE Created files: %Temp%\36ksefp.exe %Temp%\~DF64F7.tmp %SysDir%\jmbmx.log Autostart registry keys: HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\5ey32: “C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\36ksefp.exe” Detected by UnHackMe: 36KSEFP.EXE Default location: %TEMP%\36KSEFP.EXE Dropper hash(md5): d838c60a6bfcedfd46ce191926cb66d6 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means…

Continue reading →

Spyware/Win32.Limitail also known as TrojanSpy:Win32/Skeeyah.A!rfn, Trojan-Spy.Win32.Recam.ysd, Trojan.GenericKD.3168305. Malware Analysis of Spyware/Win32.Limitail – NMELFPWN.EXE Created files: %Temp%\tSSd.vbs %Temp%\XjRFbFnFUS.txt %Appdata%\CBoWW02c\NMeLFpwN.exe %Appdata%\Install\.Identifier %Appdata%\Install\Host.exe Autostart registry keys: HKLM\Software\Microsoft\Active Setup\Installed Components\{5A0F4150-1225-8W2T-NBQU-SI4744WDS8Y0}\StubPath: “”%Appdata%\Install\Host.exe”” Detected by UnHackMe: NMELFPWN.EXE Default location: %APPDATA%\CBOWW02C\NMELFPWN.EXE Dropper hash(md5): 0959e07315a3cdea9ebfeceebcb64580 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN,…

Continue reading →

Spyware[Porn-Dialer:not-a-virus]/Win32.Unknown also known as Dialer.Cerra.14, Dialer.Generic.58574, Posible_Worm32. Malware Analysis of Spyware[Porn-Dialer:not-a-virus]/Win32.Unknown – D7897F4DF447F8BD988C5FFC41E01F44.EXE Created files: %Desktop%\operacion.url %Startmenu%\operacion.url C:\temp\acc\d7897f4df447f8bd988c5ffc41e01f44\d7897f4df447f8bd988c5ffc41e01f44.exe Detected by UnHackMe: D7897F4DF447F8BD988C5FFC41E01F44.EXE Default location: C:\TEMP\ACC\D7897F4DF447F8BD988C5FFC41E01F44\D7897F4DF447F8BD988C5FFC41E01F44.EXE Dropper hash(md5): d7897f4df447f8bd988c5ffc41e01f44 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form of…

Continue reading →

Spyware.Dialer.Generic.18944.F also known as W32/Spyware-Adult-based!Maximus, W32.Clod65e.Trojan.422c, Dialer ( 00005a461 ). Malware Analysis of Spyware.Dialer.Generic.18944.F – D7897F4DF447F8BD988C5FFC41E01F44.EXE Created files: %Desktop%\operacion.url %Startmenu%\operacion.url C:\temp\acc\d7897f4df447f8bd988c5ffc41e01f44\d7897f4df447f8bd988c5ffc41e01f44.exe Detected by UnHackMe: D7897F4DF447F8BD988C5FFC41E01F44.EXE Default location: C:\TEMP\ACC\D7897F4DF447F8BD988C5FFC41E01F44\D7897F4DF447F8BD988C5FFC41E01F44.EXE Dropper hash(md5): d7897f4df447f8bd988c5ffc41e01f44 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain…

Continue reading →

W32/Spyware-Adult-based!Maximus also known as Dialer.Generic.58574, Dialer.Generic.58574, Dialer.Generic. Malware Analysis of W32/Spyware-Adult-based!Maximus – D7897F4DF447F8BD988C5FFC41E01F44.EXE Created files: %Desktop%\operacion.url %Startmenu%\operacion.url C:\temp\acc\d7897f4df447f8bd988c5ffc41e01f44\d7897f4df447f8bd988c5ffc41e01f44.exe Detected by UnHackMe: D7897F4DF447F8BD988C5FFC41E01F44.EXE Default location: C:\TEMP\ACC\D7897F4DF447F8BD988C5FFC41E01F44\D7897F4DF447F8BD988C5FFC41E01F44.EXE Dropper hash(md5): d7897f4df447f8bd988c5ffc41e01f44 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form of…

Continue reading →

Win32/Adware.SpywareProtect2009 also known as Adware.SpywareProtect2009!VhqoAIvbZ/Y, Trojan.Win32.FraudPack.crfijl. Malware Analysis of Win32/Adware.SpywareProtect2009 – CJYEUNQTSSD.EXE Created files: %Local Appdata%\rrjhxociv\cjyeunqtssd.exe Autostart registry keys: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ruemwdcc: “%Local Appdata%\rrjhxociv\cjyeunqtssd.exe” HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ruemwdcc: “%Local Appdata%\rrjhxociv\cjyeunqtssd.exe” Detected by UnHackMe: CJYEUNQTSSD.EXE Default location: %LOCAL APPDATA%\RRJHXOCIV\CJYEUNQTSSD.EXE Dropper hash(md5): 5f5a0515d301dcf5b3581e9e9258228c UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which…

Continue reading →

Spyware[Porn-Dialer:not-a-virus]/Win32.CapreDeam also known as Dialer.LFQ, Dialer-715, Dialer-RAS.v.gen. Malware Analysis of Spyware[Porn-Dialer:not-a-virus]/Win32.CapreDeam – 5B7848610F961622EDC3859AE0EDEF60.EXE Created files: %Program Files%\Montorgueil\14.05088 %Program Files%\Montorgueil\5b7848610f961622edc3859ae0edef60\5b7848610f961622edc3859ae0edef60.exe %Program Files%\Montorgueil\5b7848610f961622edc3859ae0edef60\5b7848610f961622edc3859ae0edef60.ico %WinDir%\Temp\MT\5b7848610f961622edc3859ae0edef60.exe Detected by UnHackMe: 5B7848610F961622EDC3859AE0EDEF60.EXE Default location: %PROGRAM FILES%\MONTORGUEIL\5B7848610F961622EDC3859AE0EDEF60\5B7848610F961622EDC3859AE0EDEF60.EXE Dropper hash(md5): 5b7848610f961622edc3859ae0edef60 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does…

Continue reading →

Adware.SpywareProtect2009!VhqoAIvbZ/Y also known as BKDR_CYCBOT.SME, Trojan.FakeAV!gen27, Win32:MalOb-IJ [Cryp]. Malware Analysis of Adware.SpywareProtect2009!VhqoAIvbZ/Y – CJYEUNQTSSD.EXE Created files: %Local Appdata%\rrjhxociv\cjyeunqtssd.exe Autostart registry keys: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ruemwdcc: “%Local Appdata%\rrjhxociv\cjyeunqtssd.exe” HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ruemwdcc: “%Local Appdata%\rrjhxociv\cjyeunqtssd.exe” Detected by UnHackMe: CJYEUNQTSSD.EXE Default location: %LOCAL APPDATA%\RRJHXOCIV\CJYEUNQTSSD.EXE Dropper hash(md5): 5f5a0515d301dcf5b3581e9e9258228c UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100%…

Continue reading →

Win.Spyware.Zbot-1275 also known as TrojanSpy.Zbot.eauy, TSPY_ZBOT.SMNN, Win32/Spy.Zbot.AAQ. Malware Analysis of Win.Spyware.Zbot-1275 – NUTUE.EXE Created files: %Appdata%\Microsoft\Address Book\Administrator.wab %Appdata%\Microsoft\Address Book\Administrator.wab~ %Appdata%\Deagop\nutue.exe %Appdata%\Obewza\qexu.syx %Appdata%\Obewza\qexu.tmp Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\{3A8E1CDD-0D31-DA4A-57F0-2451583C0249}: “”%Appdata%\Deagop\nutue.exe”” Detected by UnHackMe: NUTUE.EXE Default location: %APPDATA%\DEAGOP\NUTUE.EXE Dropper hash(md5): cb28583dacb8169106c108fa08b955d0 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN,…

Continue reading →

Spyware also known as Win32/Uguspy.A, Suspicious File. Malware Analysis of Spyware – MRHMMS.DLL Created files: %WinDir%\mrhmms.dll %WinDir%\mrhmms.exe %WinDir%\mrhmms.hma Autostart registry keys: HKLM\Software\Microsoft\Active Setup\Installed Components\{53E21AD1-EA21-BEA2-12C1-EAA1214AA1AC}\stubpath: “%WinDir%\mrhmms.exe” Detected by UnHackMe: MRHMMS.DLL Default location: %WinDir%\MRHMMS.DLL Dropper hash(md5): 22b67b33606c3359a261143eb03506cb UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means…

Continue reading →

Spyware ( 002891031 ) also known as Trojan.Agent!PkaqPp1wCeE, Trojan/Win32.Zbot, Gen:Variant.Kazy.371708. Malware Analysis of Spyware ( 002891031 ) – NUTUE.EXE Created files: %Appdata%\Microsoft\Address Book\Administrator.wab %Appdata%\Microsoft\Address Book\Administrator.wab~ %Appdata%\Deagop\nutue.exe %Appdata%\Obewza\qexu.syx %Appdata%\Obewza\qexu.tmp Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\{3A8E1CDD-0D31-DA4A-57F0-2451583C0249}: “”%Appdata%\Deagop\nutue.exe”” Detected by UnHackMe: NUTUE.EXE Default location: %APPDATA%\DEAGOP\NUTUE.EXE Dropper hash(md5): cb28583dacb8169106c108fa08b955d0 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most…

Continue reading →

Spyware also known as Win32/Uguspy.A, Suspicious File. Malware Analysis of Spyware – MRHMMS.DLL Created files: %WinDir%\mrhmms.dll %WinDir%\mrhmms.exe %WinDir%\mrhmms.hma Autostart registry keys: HKLM\Software\Microsoft\Active Setup\Installed Components\{53E21AD1-EA21-BEA2-12C1-EAA1214AA1AC}\stubpath: “%WinDir%\mrhmms.exe” Detected by UnHackMe: MRHMMS.DLL Default location: %WinDir%\MRHMMS.DLL Dropper hash(md5): 22b67b33606c3359a261143eb03506cb UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means…

Continue reading →

Spyware.Shiz also known as Gen:Heur.FKP.1 (B), Trojan.Win32.Jorik, TROJ_AGENT_045201.TOMB. Malware Analysis of Spyware.Shiz – IMYWLDB.EXE Created files: %Temp%\2.tmp %WinDir%\AppPatch\imywldb.exe Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\userinit: “%WinDir%\apppatch\imywldb.exe” HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit: “%SysDir%\userinit.exe,%WinDir%\apppatch\imywldb.exe,” HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\load: “%WinDir%\apppatch\imywldb.exe” HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\run: “%WinDir%\apppatch\imywldb.exe” Detected by UnHackMe: IMYWLDB.EXE Default location: %WinDir%\APPPATCH\IMYWLDB.EXE Dropper hash(md5): d827556c79ccf90cb635d9a650aaae80 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus…

Continue reading →