Dmitry Sokolov recommends UnHackMe!
UnHackMe is a powerful tool against malware.
UnHackMe quickly removes rootkits/malware/adware/browser hijack issues!
(5 / 5)
Application.Win32.MultiPlug.BNJ also known as Gen:Variant.Adware.Graftor.153998, Gen:Variant.Adware.Graftor.153998, a variant of Win32/AdWare.MultiPlug.BN.
Malware Analysis of Application.Win32.MultiPlug.BNJ – JQXHPUFDTCWNHZ.DLL
Created files:
%Program Files%\GoSave\86cTUb79gvMiTc.x64.dll
%Program Files%\YoutubeAdBlocke\jQxHpufDTcwNhZ.dat
%Program Files%\YoutubeAdBlocke\jQxHpufDTcwNhZ.dll
%Program Files%\YoutubeAdBlocke\jQxHpufDTcwNhZ.tlb
%Program Files%\YoutubeAdBlocke\jQxHpufDTcwNhZ.x64.dll
Autostart registry keys:
HKLM\Software\Classes\CLSID\{4e624312-aa83-47fe-a251-563cfb1a59e7}\InprocServer32\: “%Program Files%\YoutubeAdBlocke\jQxHpufDTcwNhZ.dll”
HKLM\Software\Classes\CLSID\{8a946bb2-9094-483d-b39e-7154257e0a64}\InprocServer32\: “%Program Files%\GoSave\86cTUb79gvMiTc.dll”
HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\DisplayName: “WebSearch”
HKLM\Software\Microsoft\Windows\CurrentVersion\Group Policy\History\{35378EAC-683F-11D2-A89A-00C04FBBCFA2}\0\DisplayName: “Local Group Policy”
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Driver Pro_is1\DisplayName: “Driver Pro v3.2.0.2”
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Driver Pro_is1\UninstallString: “”%Program Files%\Driver Pro\unins000.exe” /VERYSILENT”
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\S-3990234681\UninstallString: “”c:\documents and settings\all users\application data\trusted publisher\sw-booster\sw-booster.exe” /uninstall”
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\S-3990234681\DisplayName: “SW-Booster”
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1\DisplayName: “EZDownloader”
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1\UninstallString: “”%Program Files%\EZDownloader\unins000.exe””
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{24c54e38}\UninstallString: “”%SysDir%\RUNDLL32.EXE” “C:\PROGRA~1\DeltaFix\DeltaFix.dll”,_uninstall /un”
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{24c54e38}\DisplayName: “SW-Sustainer”
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}\UninstallString: “”%Common Appdata%\YoutubeAdBlocke\kcp9B3rlcyvb5ve.exe” !x:1 /s /n /i:”ExecuteCommands;UninstallCommands””
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}\DisplayName: “YoutubeAdBlocke”
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}\UninstallString: “”%Common Appdata%\GoSave\6c2RFx0vSWuo6n4.exe” !x:1 /s /n /i:”ExecuteCommands;UninstallCommands””
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}\DisplayName: “GoSave”
HKLM\System\CurrentControlSet\Services\24c54e38\ImagePath: “”%SysDir%\rundll32.exe” “c:\Program Files\DeltaFix\DeltaFix.dll”,serv”
HKLM\System\CurrentControlSet\Services\24c54e38\DisplayName: “DeltaFix”
HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\DisplayName: “WebSearch”
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Driver Pro: “%Program Files%\Driver Pro\DPLauncher.exe”
Detected by UnHackMe:
JQXHPUFDTCWNHZ.DLL
Default location: %PROGRAM FILES%\YOUTUBEADBLOCKE\JQXHPUFDTCWNHZ.DLL
Dropper hash(md5): b5f42da2ff199f144cb08dff6053b48d
UnHackMe
removes malware invisible for your antivirus!
UnHackMe is 100% CLEAN, which means it does not contain any form of malware, including adware, spyware, viruses, trojans and backdoors. VirusTotal (0/56).
System Requirements: Windows 2000-Windows 8.1/10. UnHackMe uses minimum of computer resources.