Solved! Use ATIECLE.EXE (Virus Sality) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

ATIECLE.EXE – Virus Sality removal

File MD5 Virus Alias
ATIECLE.EXE bafff79735374453c6dbeb4e0ccf8181 Virus Sality
ATIECLE.EXE bafff79735374453c6dbeb4e0ccf8181 Trojan Krap
ATIECLE.EXE bafff79735374453c6dbeb4e0ccf8181 Backdoor Farfli

ATIECLE.EXE size: 335872 bytes
ATIECLE.EXE hash: BAFFF79735374453C6DBEB4E0CCF8181

Created files:

%WinDir%\atiecle.exe
%Temp%\{275BD67F-2574-4ADF-BB41-EE4DD4097A04}-GoogleUpdateSetup.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\.Net CLR\Type: 10010000
HKLM\System\CurrentControlSet\Services\.Net CLR\Start: 02000000
HKLM\System\CurrentControlSet\Services\.Net CLR\DisplayName: Microsoft .Net Framework COM+ Support
HKLM\System\CurrentControlSet\Services\.Net CLR\ImagePath: %WinDir%\atiecle.exe
HKLM\System\CurrentControlSet\Services\.Net CLR\Description: Microsoft .NET and Windows XP COM+ Integration with SOAP

Detected by UnHackMe:

ATIECLE.EXE
Default location: %WinDir%\ATIECLE.EXE

Dropper information:
MD5: bafff79735374453c6dbeb4e0ccf8181
File size: 335872 bytes

Leave a Reply