I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Download UnHackMeFully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.
OBJLIBUI.EXE – Trojan Agent removal
File | MD5 | Virus Alias |
---|---|---|
OBJLIBUI.EXE | 16f881ca44448ec16734cc0775529413 | Trojan Agent |
OBJLIBUI.EXE | 16f881ca44448ec16734cc0775529413 | Trojan Hllw |
OBJLIBUI.EXE size: 2217259 bytes
OBJLIBUI.EXE hash: 16F881CA44448EC16734CC0775529413
Created files:
%SysDir%\apifwsql.exe
%SysDir%\apimgrfs.exe
%SysDir%\netusbenv.exe
%SysDir%\objlibui.exe
%SysDir%\schdwintapi.ocx
%SysDir%\spoolcds.dll
%SysDir%\themeuichk.dll
%SysDir%\uiwdmsvc.exe
%SysDir%\winpdbdhcp.exe
%Temp%\advsec32.dll
Autostart registry keys:
HKLM\Software\Microsoft\Active Setup\Installed Components\{22d7f312-b0f6-11d2-94ab-0080c33c7e95}\StubPath: rundll32.exe %WinDir%\System32\themeuichk.dll,ThemesSetupInstallCheck
HKLM\Software\Microsoft\Active Setup\Installed Components\{22d7f312-b0f6-11d2-94ab-0080c33c7e95}\IconsBinary: 43003A005C00570049004E0044004F00570053005C00730079007300740065006D00330032005C0061007000690066007700730071006C002E006500780065000000
HKLM\Software\Microsoft\Active Setup\Installed Components\{22d7f312-b0f6-11d2-94ab-0080c33c7e95}\Version: 1,1,1,2
HKLM\Software\Microsoft\Active Setup\Installed Components\{22d7f312-b0f6-11d2-94ab-0080c33c7e95}\ComponentID: DOTNETFRAMEWORKS
HKLM\Software\Microsoft\Active Setup\Installed Components\{22d7f312-b0f6-11d2-94ab-0080c33c7e95}\DontAsk: 02000000
HKLM\Software\Microsoft\Active Setup\Installed Components\{22d7f312-b0f6-11d2-94ab-0080c33c7e95}\IsInstalled: 01000000
HKLM\Software\Microsoft\Active Setup\Installed Components\{22d7f312-b0f6-11d2-94ab-0080c33c7e95} : Themes Setup
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\recovery: %WinDir%\System32\winpdbdhcp.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\recovery: %WinDir%\System32\winpdbdhcp.exe
Detected by UnHackMe:
OBJLIBUI.EXE
Default location: %SYSDIR%\OBJLIBUI.EXE
Dropper information:
MD5: d7438623119c7893a36aa966b01afea5
File size: 2217259 bytes