Solved! Use CIMWCO.EXE (Rootkit TDSS) Removal Guide

Rootkits No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

CIMWCO.EXE – Rootkit TDSS removal

FileMD5Virus Alias
CIMWCO.EXE 00aa301a9e7c9b4ddb877634840acfd0 Rootkit TDSS
CIMWCO.EXE 00aa301a9e7c9b4ddb877634840acfd0 Trojan SuspiciousFile
CIMWCO.EXE 00aa301a9e7c9b4ddb877634840acfd0 Trojan Generic
CIMWCO.EXE 00aa301a9e7c9b4ddb877634840acfd0 Trojan Downloader
CIMWCO.EXE 00aa301a9e7c9b4ddb877634840acfd0 Trojan Graftor

CIMWCO.EXE size: 73330 bytes
CIMWCO.EXE hash: 00AA301A9E7C9B4DDB877634840ACFD0

Created files:

%WinDir%\cimwco.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\Jklmno Qrstuvwx Abc\Type: 10010000
HKLM\System\CurrentControlSet\Services\Jklmno Qrstuvwx Abc\Start: 02000000
HKLM\System\CurrentControlSet\Services\Jklmno Qrstuvwx Abc\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\Jklmno Qrstuvwx Abc\DisplayName: Jklmno Qrstuvwx Abcdefgh Jklm
HKLM\System\CurrentControlSet\Services\Jklmno Qrstuvwx Abc\ImagePath: %WinDir%\cimwco.exe
HKLM\System\CurrentControlSet\Services\Jklmno Qrstuvwx Abc\Description: Jklmnopq Stuvwxyab Defghij Lmnopqrs Uvw

Detected by UnHackMe:

CIMWCO.EXE
Default location: %WinDir%\CIMWCO.EXE

Dropper information:
MD5: 00aa301a9e7c9b4ddb877634840acfd0
File size: 73330 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images