Dmitry Sokolov recommends UnHackMe!
UnHackMe is a powerful tool against malware.
UnHackMe quickly removes rootkits/malware/adware/browser hijack issues!
(5 / 5)
Gen:Application.Heur.2u1@m0hxqSlO also known as W32/S-a64d6097!Eldorado, Crossrider (fs), BrowserModifier:Win32/IeEnablerCby.
Malware Analysis of Gen:Application.Heur.2u1@m0hxqSlO – 2FE476E0-C722-4983-AD84-11D74EE2DF50-2.EXE
Created files:
%Program Files%\HC-nemAP2V26.09\1293297481.mxaddon
%Program Files%\HC-nemAP2V26.09\2fe476e0-c722-4983-ad84-11d74ee2df50-11.exe
%Program Files%\HC-nemAP2V26.09\2fe476e0-c722-4983-ad84-11d74ee2df50-2.exe
%Program Files%\HC-nemAP2V26.09\2fe476e0-c722-4983-ad84-11d74ee2df50-4.exe
%Program Files%\HC-nemAP2V26.09\2fe476e0-c722-4983-ad84-11d74ee2df50-5.exe
Autostart registry keys:
HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110611291198}\InprocServer32\: “%Program Files%\HC-nemAP2V26.09\HC-nemAP2V26.09-bho.dll”
HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220622292298}\InprocServer32\: “%Program Files%\HC-nemAP2V26.09\HC-nemAP2V26.09-bho.dll”
HKLM\Software\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}\InprocServer32\: “%Program Files%\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll”
HKLM\Software\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}\LocalServer32\: “”%Program Files%\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe””
HKLM\Software\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}\LocalServer32\: “”%Program Files%\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe””
HKLM\Software\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}\LocalServer32\: “”%Program Files%\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe””
HKLM\Software\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}\LocalServer32\: “”%Program Files%\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe””
HKLM\Software\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}\LocalServer32\: “”%Program Files%\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe””
HKLM\Software\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}\LocalServer32\: “”%Program Files%\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe””
HKLM\Software\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}\InprocServer32\: “%Program Files%\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll”
HKLM\Software\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}\InProcServer32\: “%Program Files%\globalUpdate\Update\1.3.25.0\psmachine.dll”
HKLM\Software\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}\LocalServer32\: “”%Program Files%\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe””
HKLM\Software\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}\InprocServer32\: “%Program Files%\globalUpdate\Update\1.3.25.0\psmachine.dll”
HKLM\Software\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}\LocalServer32\: “”%Program Files%\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe””
HKLM\Software\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}\LocalServer32\: “”%Program Files%\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe””
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\HC-nemAP2V26.09\DisplayName: “HC-nemAP2V26.09”
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\HC-nemAP2V26.09\UninstallString: “%Program Files%\HC-nemAP2V26.09\Uninstall.exe /fcp=1”
HKLM\System\CurrentControlSet\Services\globalUpdate\ImagePath: “%Program Files%\globalUpdate\Update\GoogleUpdate.exe /svc”
HKLM\System\CurrentControlSet\Services\globalUpdate\DisplayName: “globalUpdate Update Service (globalUpdate)”
HKLM\System\CurrentControlSet\Services\globalUpdatem\ImagePath: “%Program Files%\globalUpdate\Update\GoogleUpdate.exe /medsvc”
HKLM\System\CurrentControlSet\Services\globalUpdatem\DisplayName: “globalUpdate Update Service (globalUpdatem)”
Detected by UnHackMe:
2FE476E0-C722-4983-AD84-11D74EE2DF50-2.EXE
Default location: %PROGRAM FILES%\HC-NEMAP2V26.09\2FE476E0-C722-4983-AD84-11D74EE2DF50-2.EXE
Dropper hash(md5): 3d35facc710cf0732db22f1480e2288c
UnHackMe
removes malware invisible for your antivirus!
UnHackMe is 100% CLEAN, which means it does not contain any form of malware, including adware, spyware, viruses, trojans and backdoors. VirusTotal (0/56).
System Requirements: Windows 2000-Windows 8.1/10. UnHackMe uses minimum of computer resources.