Spyware ( 0049bc961 ) also known as Troj_Generic.UZOFV, TScope.Malware-Cryptor.SB, TROJ_GEN.R0CBC0UGK14. Malware Analysis of Spyware ( 0049bc961 ) – DMR.EXE Created files: %Program Files%\capicom.dll %Program Files%\dmr.exe %Program Files%\Sdmr.exe %SysDir%\capicom.dll Autostart registry keys: HKLM\Software\Classes\CLSID\{03ACC284-B757-4B8F-9951-86E600D2CD06}\InprocServer32\: “%SysDir%\capicom.dll” HKLM\Software\Classes\CLSID\{17E3A1C3-EA8A-4970-AF29-7F54610B1D4C}\InprocServer32\: “%SysDir%\capicom.dll” HKLM\Software\Classes\CLSID\{22A85CE1-F011-4231-B9E4-7E7A0438F71B}\InprocServer32\: “%SysDir%\capicom.dll” HKLM\Software\Classes\CLSID\{3605B612-C3CF-4ab4-A426-2D853391DB2E}\InprocServer32\: “%SysDir%\capicom.dll” HKLM\Software\Classes\CLSID\{54BA1E8F-818D-407F-949D-BAE1692C5C18}\InprocServer32\: “%SysDir%\capicom.dll” HKLM\Software\Classes\CLSID\{550C8FFB-4DC0-4756-828C-862E6D0AE74F}\InprocServer32\: “%SysDir%\capicom.dll” HKLM\Software\Classes\CLSID\{60A9863A-11FD-4080-850E-A8E184FC3A3C}\InprocServer32\: “%SysDir%\capicom.dll” HKLM\Software\Classes\CLSID\{65104D73-BA60-4160-A95A-4B4782E7AA62}\InprocServer32\: “%SysDir%\capicom.dll” HKLM\Software\Classes\CLSID\{78E61E52-0E57-4456-A2F2-517492BCBF8F}\InprocServer32\: “%SysDir%\capicom.dll” HKLM\Software\Classes\CLSID\{7BF3AC5C-CC84-429A-ACA5-74D916AD6B8C}\InprocServer32\: “%SysDir%\capicom.dll” HKLM\Software\Classes\CLSID\{8C3E4934-9FA4-4693-9253-A29A05F99186}\InprocServer32\: “%SysDir%\capicom.dll” HKLM\Software\Classes\CLSID\{9171C115-7DD9-46BA-B1E5-0ED50AFFC1B8}\InprocServer32\: “%SysDir%\capicom.dll”…

Continue reading →

Heuristic.LooksLike.Win32.Spyware.B also known as Trojan.PSW.Win32.OnlineGame.zgf, W32/OnlineGames.CA.gen!Eldorado, Suspicious File. Malware Analysis of Heuristic.LooksLike.Win32.Spyware.B – TANJSFA2TT2DH.DLL Created files: %WinDir%\Fonts\RCZbVbjCY6wYszD3.Ttf %SysDir%\taNjsFa2tT2Dh.dll Autostart registry keys: HKLM\Software\Classes\CLSID\{37C5D66A-8B1B-4545-8112-3751194F6A4A}\InprocServer32\: “%SysDir%\taNjsFa2tT2Dh.dll” Detected by UnHackMe: TANJSFA2TT2DH.DLL Default location: %SYSDIR%\TANJSFA2TT2DH.DLL Dropper hash(md5): 0d90db1e100e922587037c47009513d8 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does…

Continue reading →

Spyware ( 0045b1d51 ) also known as W32.RadiceC.Trojan, Trojan-Spy/W32.ZBot.430080.AB, TrojanSpy.Zbot!CkRVKLu+uDI. Malware Analysis of Spyware ( 0045b1d51 ) Created files: %Appdata%\Ojuz\osgyov.exe %Temp%\hhcbnaff.exe Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Osgyov: “”%Appdata%\Ojuz\osgyov.exe”” Detected by UnHackMe: OSGYOV.EXE Default location: %APPDATA%\OJUZ\OSGYOV.EXE Dropper hash(md5): e1a64e6ac26b01d2c602856707447e03 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which…

Continue reading →

Spyware.ZeuS.AI also known as Win32/Tnega.VNafeGC, TROJ_GEN.F47V0601. Malware Analysis of Spyware.ZeuS.AI Created files: %Appdata%\Imminent\Logs\06-06-2014 %Profile%\cVd81U\dAcpU.sxfw %Profile%\cVd81U\regsvsc.exe Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce\oRt67S: “C:\DOCUME~1\ADMINI~1\cVd81U\regsvsc.exe” Detected by UnHackMe: REGSVSC.EXE Default location: %PROFILE%\CVD81U\REGSVSC.EXE Dropper hash(md5): 334a79332cd508f053142bca0ed00e3a UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any…

Continue reading →

Spyware/Win32.SpyEyes also known as Trojan/Spy.SpyEyes.fpr, PE:Trojan.Win32.Generic.1280FB82!310442882, Win.Trojan.Spyeyes-26. Malware Analysis of Spyware/Win32.SpyEyes Created files: %Startup%\oweeaxce.exe %Profile%\pbhycmud.log %Program Files%\Google\Chrome\Application\dmlconf.dat %Program Files%\gtprqkgn\oweeaxce.exe %Program Files%\Microsoft\DesktopLayer.exe %Program Files%\Microsoft\DesktopLayermgr.exe %Temp%\d9f20973ca9f21622d3dbf6001adf33fSrv.exe %Temp%\d9f20973ca9f21622d3dbf6001adf33fSrvmgr.exe Detected by UnHackMe: DESKTOPLAYERMGR.EXE Default location: %PROGRAM FILES%\MICROSOFT\DESKTOPLAYERMGR.EXE UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does…

Continue reading →

PE:Spyware.Zbot!6.14FB also known as Gen:Variant.Kazy.371452, Trojan.Win32.Panda.cxafnu, RDN/Generic PWS.y!zh. Malware Analysis of PE:Spyware.Zbot!6.14FB Created files: %Temp%\cvray_TexRamp.exe %Temp%\setup.dat Detected by UnHackMe: CVRAY_TEXRAMP.EXE Default location: %TEMP%\CVRAY_TEXRAMP.EXE Dropper hash(md5): 3fb7eb031712930d7226f4b4ba40c46e UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form of malware, including…

Continue reading →

Spyware ( 0040f7e71 ) also known as TR/Changeling.A.681, W32.BialazY.Trojan, Trojan.Zbot.IEN. Malware Analysis of Spyware ( 0040f7e71 ) Created files: %Appdata%\Elajc\hyhu.exe %SysDir%\drivers\6d2f9afcc78f5214.sys Autostart registry keys: HKLM\System\CurrentControlSet\Services\6d2f9afcc78f5214\ImagePath: “\SystemRoot\System32\Drivers\6d2f9afcc78f5214.sys” HKLM\System\CurrentControlSet\Services\6d2f9afcc78f5214\DisplayName: “hyhu.exe” HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Hyhu: “”%Appdata%\Elajc\hyhu.exe”” Detected by UnHackMe: HYHU.EXE Default location: %APPDATA%\ELAJC\HYHU.EXE Dropper hash(md5): 0e88778adc4d5734a08651bae12a3366 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe…

Continue reading →

Spyware.Banker.1548288 also known as Win-Trojan/Hacktool.1548288. Malware Analysis of Spyware.Banker.1548288 Created files: %Program Files%\HideIPPla\hideip.ini %Program Files%\HideIPPla\hideip.tmp %Program Files%\HideIPPla\hideippla.exe %Program Files%\HideIPPla\key %Program Files%\HideIPPla\language\ar.lng Autostart registry keys: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Hide IP Platinum\DisplayName: “Hide IP Platinum V3.50 ?? UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not…

Continue reading →

Spyware.PcDataManager also known as Suspicious file. Malware Analysis of Spyware.PcDataManager Created files: %Program Files%\DRPU PC Data Manager(Basic)\Setting.exe %Program Files%\DRPU PC Data Manager(Basic)\Setting.exe.manifest %Program Files%\DRPU PC Data Manager(Basic)\SHK.exe %Program Files%\DRPU PC Data Manager(Basic)\Shk.exe.manifest %Program Files%\DRPU PC Data Manager(Basic)\Uninstall.exe Autostart registry keys: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\DRPU PC Data Manager(Basic)\DisplayName: “DRPU PC Data Manager(Basic)” HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\DRPU PC Data Manager(Basic)\UnInstallString: “”%Program Files%\DRPU PC…

Continue reading →

Spyware ( 0006f8b91 ) also known as Riskware.Win32.MLW.blcpgb, Application.Generic.178500, not-a-virus:Monitor.Win32.KeyLogger.w. Malware Analysis of Spyware ( 0006f8b91 ) Created files: %SysDir%\kbhookdll.dll %SysDir%\VB6STKIT.DLL Detected by UnHackMe: KBHOOKDLL.DLL Default location: %SYSDIR%\KBHOOKDLL.DLL Dropper hash(md5): d35dcf2476d8ef4d1f570bfc04f74701 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain…

Continue reading →

Spyware.ZeuS.GO also known as Trojan.PWS.Panda.5676, TrojanSpy.Zbot!JOMx61rqM0c, Troj/Zbot-IBY. Malware Analysis of Spyware.ZeuS.GO Created files: %Temp%\OXS4444.bat %Temp%\Uqigz\muer.exe %SysDir%\drivers\ffcc8a4b5a2c813d.sys Detected by UnHackMe: MUER.EXE Default location: %TEMP%\UQIGZ\MUER.EXE UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form of malware, including adware, spyware, viruses,…

Continue reading →

Spyware.Zbot.VXGen also known as TR/Crypt.ZPACK.31649, Malware.QVM10.Gen. Malware Analysis of Spyware.Zbot.VXGen Created files: %Local Appdata%\Identities\{FD9F837C-5851-47A2-A9B3-B6680CCE76B7}\Microsoft\Outlook Express\Offline.dbx %Local Appdata%\Identities\{FD9F837C-5851-47A2-A9B3-B6680CCE76B7}\Microsoft\Outlook Express\Sent Items.dbx %Temp%\tmp1d2d5669\54657675.exe Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ilro.exe: “”%Appdata%\Wehix\ilro.exe”” HKCU\Software\Microsoft\Windows\CurrentVersion\Run\FNModuleUpdater: “%Appdata%\fnmod_32.exe” Detected by UnHackMe: 54657675.EXE Default location: %TEMP%\TMP1D2D5669\54657675.EXE Dropper hash(md5): 14be2e62466778ee925f022f4bf7c8c6 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN,…

Continue reading →

Spyware ( 004462291 ) also known as Trojan/Win32.Agent, WS.Reputation.1, Mal/Generic-S. Malware Analysis of Spyware ( 004462291 ) Created files: %WinDir%\adsminirun.exe %WinDir%\miniads.exe %WinDir%\miniads2.exe %WinDir%\miniads3.exe Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\adsacquy: “%WinDir%\miniads.exe” HKCU\Software\Microsoft\Windows\CurrentVersion\Run\adsmini: “%WinDir%\adsminirun.exe” Detected by UnHackMe: MINIADS3.EXE Default location: %WinDir%\MINIADS3.EXE Dropper hash(md5): 6bc22a931a7466f7afc5d023ed773caf UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe…

Continue reading →

Spyware ( 004960221 ) also known as Obfuscated_GA, Trojan-GameThief.Win32.OnLineGames, TROJ_GEN.R02SC0EBL14. Malware Analysis of Spyware ( 004960221 ) Created files: %Temp%\83tension.dll %Temp%\83tension.exe %Temp%\qinput.png %SysDir%\ImeInject.ime Detected by UnHackMe: 83TENSION.EXE Default location: %TEMP%\83TENSION.EXE UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any…

Continue reading →

Spyware ( 0027d88d1 ) also known as PSW.Banker6.BFOB, RDN/PWS-Banker!cz, Win32/Trojan.Spy.550. Malware Analysis of Spyware ( 0027d88d1 ) Created files: %Appdata%\Microsoft\Protect\S-1-5-21-1659004503-1708537768-1801674531-500\7a0f26ce-c90d-46b5-96e4-4ffff8ea5137 %WinDir%\Darwin.dll Detected by UnHackMe: DARWIN.DLL Default location: %WinDir%\DARWIN.DLL UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form of…

Continue reading →

Spyware.Banker also known as Gen:Variant.Graftor.25377, Gen:Variant.Graftor.25377 (B), Win32:Ransom-APH [Trj]. Malware Analysis of Spyware.Banker Created files: %Local Appdata%\Google\Chrome\User Data\Default\Cache\f_0000a1 %Local Appdata%\Google\Chrome\User Data\Default\Cache\f_0000a2 %Local Appdata%\Google\Chrome\User Data\Default\Cache\f_0000a3 %Local Appdata%\Google\Chrome\User Data\Default\Cache\f_0000a4 %Local Appdata%\Google\Chrome\User Data\Default\Cache\f_0000a5 %Local Appdata%\Google\Chrome\User Data\Default\Cache\f_0000a6 %Local Appdata%\Google\Chrome\User Data\Default\Cache\f_0000a7 %Local Appdata%\Google\Chrome\User Data\Default\Cache\f_0000a8 %Local Appdata%\Google\Chrome\User Data\Default\Extension Rules\000028.log %Local Appdata%\Google\Chrome\User Data\Default\Extension Rules\MANIFEST-000027 %Local Appdata%\Google\Chrome\User Data\Default\Local Storage\https_www.google.ru_0.localstorage %Local Appdata%\Google\Chrome\User Data\Default\Local Storage\https_www.google.ru_0.localstorage-journal…

Continue reading →

Spyware[AdWare:not-a-virus]/Win32.D365 also known as a variant of Win32/ELEX.Q. Malware Analysis of Spyware[AdWare:not-a-virus]/Win32.D365 Created files: %Temp%\DL_00000000\dlskin\layout\default\msgbox.xml %Temp%\DL_00000000\dlskin\style\style.xml %Temp%\dl_74187.exe %Temp%\downloader_helper.ini %Temp%\~7z000.tmp Detected by UnHackMe: DL_74187.EXE Default location: %TEMP%\DL_74187.EXE Dropper hash(md5): c967b864098d15f3565788c0db5073e6 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form…

Continue reading →

Spyware.Zbot.TE also known as Malware.QVM20.Gen, HW32.CDB.D7bf, PWS:Win32/Zbot.GOV. Malware Analysis of Spyware.Zbot.TE Created files: %Appdata%\Microsoft\Address Book\Administrator.wab %Temp%\firefox_updater.exe %Temp%\Sani\voso.exe %SysDir%\drivers\afe296bba4364f4.sys Autostart registry keys: HKLM\System\CurrentControlSet\Services\17a3c\ImagePath: “\??\%SysDir%\drivers\17a3c.sys” HKLM\System\CurrentControlSet\Services\17a3c\DisplayName: “voso.exe” HKLM\System\CurrentControlSet\Services\afe296bba4364f4\ImagePath: “\SystemRoot\System32\Drivers\afe296bba4364f4.sys” HKLM\System\CurrentControlSet\Services\afe296bba4364f4\DisplayName: “voso.exe” HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Voso: “”%Temp%\Sani\voso.exe”” Detected by UnHackMe: VOSO.EXE Default location: %TEMP%\SANI\VOSO.EXE Dropper hash(md5): 1ec6b0ce81fd5aba512467608c848692 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software.…

Continue reading →

Spyware.Gen also known as Logger.AUX, TrojWare.Win32.Perfect.41, W32/PerfLogger.D.gen!Eldorado. Malware Analysis of Spyware.Gen Created files: %SysDir%\svcchk.dll %SysDir%\svccr.exe %SysDir%\svccwb.dll Autostart registry keys: HKLM\Software\Classes\CLSID\{1E1B2879-88FF-11D3-8D96-D7ACAC95951A}\InprocServer32\: “%SysDir%\svccwb.dll” HKLM\Software\Microsoft\Windows\CurrentVersion\Run\svcc: “%SysDir%\svcc.exe” Detected by UnHackMe: SVCCWB.DLL Default location: %SYSDIR%\SVCCWB.DLL Dropper hash(md5): 201060a74323beb44e328de9b9e6276b UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does…

Continue reading →

Spyware.Perfect also known as Generic Malware, Application.PerfectKeylogger.B, Application.PerfectKeylogger.B. Malware Analysis of Spyware.Perfect Created files: %SysDir%\svcchk.dll %SysDir%\svccr.exe %SysDir%\svccwb.dll Autostart registry keys: HKLM\Software\Classes\CLSID\{1E1B2879-88FF-11D3-8D96-D7ACAC95951A}\InprocServer32\: “%SysDir%\svccwb.dll” HKLM\Software\Microsoft\Windows\CurrentVersion\Run\svcc: “%SysDir%\svcc.exe” Detected by UnHackMe: SVCCWB.DLL Default location: %SYSDIR%\SVCCWB.DLL Dropper hash(md5): 201060a74323beb44e328de9b9e6276b UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it…

Continue reading →

Spyware ( 0045b7641 ) also known as Malware.QVM07.Gen, Trojan.PWS.Panda.4379, Troj/Zbot-GHQ. Malware Analysis of Spyware ( 0045b7641 ) Created files: %Appdata%\Microsoft\Address Book\Administrator.wab %Appdata%\Uzulpa\adet.exe Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Adet: “”%Appdata%\Uzulpa\adet.exe”” Detected by UnHackMe: ADET.EXE Default location: %APPDATA%\UZULPA\ADET.EXE Dropper hash(md5): 7b6332de90e25a5b26f7c75910a22e0c UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN,…

Continue reading →

Spyware/Win32.Delf also known as Trojan.GenericKD.1568250, Artemis!EB3EC3F7DC57, Artemis!EB3EC3F7DC57. Malware Analysis of Spyware/Win32.Delf Created files: %Temp%\175E6.dmp %Temp%\77f4_appcompat.txt %SysDir%\eb3ec3f7dc57c249f82ad7523fa490a4.exe %SysDir%\path.dmf %SysDir%\winid.dmf Autostart registry keys: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\winshell: “”%SysDir%\eb3ec3f7dc57c249f82ad7523fa490a4.exe”” Detected by UnHackMe: EB3EC3F7DC57C249F82AD7523FA490A4.EXE Default location: %SYSDIR%\EB3EC3F7DC57C249F82AD7523FA490A4.EXE Dropper hash(md5): eb3ec3f7dc57c249f82ad7523fa490a4 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does…

Continue reading →

Spyware ( 004934bd1 ) also known as W32/Banker.AALH!tr.spy, Trojan.Win32.Banker.AALH, Artemis!AF01F1E92A43. Malware Analysis of Spyware ( 004934bd1 ) Created files: %Temp%\AcroRde32.exe %Temp%\CDELoop.tl %Temp%\funcs.dll Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\UpdatWinCCC: “C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\AcroRde32.exe” Detected by UnHackMe: FUNCS.DLL Default location: %TEMP%\FUNCS.DLL Dropper hash(md5): efa37290f98083a3894b450766bb4ac8 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN,…

Continue reading →

Spyware ( 0029a43a1 ) also known as PE:Stealer.Zbot!1.648A, Trojan.Spy.Zbot-142. Malware Analysis of Spyware ( 0029a43a1 ) Created files: %Appdata%\Microsoft\Address Book\Administrator.wab %Appdata%\Microsoft\Address Book\Administrator.wab~ %Appdata%\Kapos\opse.exe %Appdata%\Okyro\itmy.egq %Appdata%\Okyro\itmy.tmp Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Uxbolun: “”%Appdata%\Kapos\opse.exe”” Detected by UnHackMe: OPSE.EXE Default location: %APPDATA%\KAPOS\OPSE.EXE Dropper hash(md5): 267387c07fbe7e9b33beae5c510ad022 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe…

Continue reading →

Spyware ( 00442b511 ) also known as Riskware ( 0040eff71 ), Worm.Luder!PF0ilQ/gy98, W32/Luder-K. Malware Analysis of Spyware ( 00442b511 ) Detected by UnHackMe: WINDOWS OTURUM YONETICISI.EXE Default location: WINDOWS OTURUM YONETICISI.EXE UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain…

Continue reading →

Spyware.NetVizor (Not a Virus) also known as not-a-virus:Monitor.Win32.SpyAgent, Riskware.Win32.SpyAgent.zjhue, Generic.dx!8C6C7993F877. Malware Analysis of Spyware.NetVizor (Not a Virus) Created files: %SysDir%\drivers\npf.sys %SysDir%\packet.dll %SysDir%\sinvfct.dll %SysDir%\WanPacket.dll %SysDir%\wpcap.dll Autostart registry keys: HKLM\System\CurrentControlSet\Services\NPF\ImagePath: “system32\drivers\npf.sys” HKLM\System\CurrentControlSet\Services\NPF\DisplayName: “NetGroup Packet Filter Driver” Detected by UnHackMe: SINVFCT.DLL Default location: %SYSDIR%\SINVFCT.DLL Dropper hash(md5): 8e30bbeefb60bd0cb6c847daa4b2d60f UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with…

Continue reading →

Spyware.9419 also known as Riskware, SystemSnooper.Generic, Win32.SPRSpyAnywhere. Malware Analysis of Spyware.9419 Created files: %SysDir%\drivers\npf.sys %SysDir%\packet.dll %SysDir%\sinvfct.dll %SysDir%\WanPacket.dll %SysDir%\wpcap.dll Autostart registry keys: HKLM\System\CurrentControlSet\Services\NPF\ImagePath: “system32\drivers\npf.sys” HKLM\System\CurrentControlSet\Services\NPF\DisplayName: “NetGroup Packet Filter Driver” Detected by UnHackMe: SINVFCT.DLL Default location: %SYSDIR%\SINVFCT.DLL Dropper hash(md5): 8e30bbeefb60bd0cb6c847daa4b2d60f UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100%…

Continue reading →

Spyware.NetVizor also known as W32/Suspicious_Gen2.WPGW, Generic PWS.y, a variant of Win32/Monitor.Spyagent.NAG. Malware Analysis of Spyware.NetVizor Created files: %WinDir%\imglib.dll %WinDir%\registry.dat %WinDir%\sysk32n.dll Autostart registry keys: HKLM\System\CurrentControlSet\Services\NPF\ImagePath: “system32\drivers\npf.sys” HKLM\System\CurrentControlSet\Services\NPF\DisplayName: “NetGroup Packet Filter Driver” Detected by UnHackMe: SYSK32N.DLL Default location: %WinDir%\SYSK32N.DLL Dropper hash(md5): 8e30bbeefb60bd0cb6c847daa4b2d60f UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe…

Continue reading →

Spyware.NetVizor!rem also known as Medium Risk Malware, W32/Suspicious_Gen2.WPGW, Spyware.NetVizor. Malware Analysis of Spyware.NetVizor!rem Created files: %WinDir%\imglib.dll %WinDir%\registry.dat %WinDir%\sysk32n.dll Autostart registry keys: HKLM\System\CurrentControlSet\Services\NPF\ImagePath: “system32\drivers\npf.sys” HKLM\System\CurrentControlSet\Services\NPF\DisplayName: “NetGroup Packet Filter Driver” Detected by UnHackMe: SYSK32N.DLL Default location: %WinDir%\SYSK32N.DLL Dropper hash(md5): 8e30bbeefb60bd0cb6c847daa4b2d60f UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100%…

Continue reading →

Spyware.OnlineGames.WOW also known as TROJ_GEN.R0C1C0DAJ14, PSW.Agent.BEBI, Gen:Variant.Symmi.38130. Malware Analysis of Spyware.OnlineGames.WOW Created files: %Temp%\w_win.dll Autostart registry keys: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Disker: “rundll32.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\w_win.dll,DW” Detected by UnHackMe: W_WIN.DLL Default location: %TEMP%\W_WIN.DLL Dropper hash(md5): 81c1be3c989c5409fba97859735c2c13 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any…

Continue reading →