Solved! Use WMPSCFGS.EXE (Rootkit ZeroAccess) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

WMPSCFGS.EXE – Rootkit ZeroAccess removal

File MD5 Virus Alias
WMPSCFGS.EXE d9c116fdd6a4795693ca8ac10953b5ba Rootkit ZeroAccess
WMPSCFGS.EXE d9c116fdd6a4795693ca8ac10953b5ba Trojan Generic
WMPSCFGS.EXE d9c116fdd6a4795693ca8ac10953b5ba Trojan Click
WMPSCFGS.EXE d9c116fdd6a4795693ca8ac10953b5ba Trojan BZub
WMPSCFGS.EXE d9c116fdd6a4795693ca8ac10953b5ba Trojan Eldorado
WMPSCFGS.EXE d9c116fdd6a4795693ca8ac10953b5ba Trojan Downloader

WMPSCFGS.EXE size: 640622 bytes
WMPSCFGS.EXE hash: D9C116FDD6A4795693CA8AC10953B5BA

Created files:

C:\killok\killok .exe
%Program Files%\Adobe\acrotray .exe
%Program Files%\Adobe\acrotray.exe
%Program Files Common%\Apple\Apple Application Support\apsdaemon .exe
%Program Files%\internet explorer\wmpscfgs.exe
%SysDir%\ctfmon .exe
%SysDir%\vboxtray .exe
%Local AppData%\Google\Update\googleupdate .exe

Detected by UnHackMe:

WMPSCFGS.EXE
Default location: %PROGRAM FILES%\INTERNET EXPLORER\WMPSCFGS.EXE

Dropper information:
MD5: a944cfc9c046cb850d1e080489418184
File size: 617358 bytes

Leave a Reply