I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
DJOJ.EXE – Trojan QQPass removal
| File | MD5 | Virus Alias |
|---|---|---|
| DJOJ.EXE | 2ea55a490ffb5c4c698e327abc474180 | Trojan QQPass |
| DJOJ.EXE | 2ea55a490ffb5c4c698e327abc474180 | Trojan SuspiciousFile |
| DJOJ.EXE | 2ea55a490ffb5c4c698e327abc474180 | Trojan Generic |
| DJOJ.EXE | 2ea55a490ffb5c4c698e327abc474180 | Trojan Hllw |
| DJOJ.EXE | 2ea55a490ffb5c4c698e327abc474180 | Trojan DNAScan |
| DJOJ.EXE | 2ea55a490ffb5c4c698e327abc474180 | Trojan Small |
DJOJ.EXE size: 475315 bytes
DJOJ.EXE hash: 2EA55A490FFB5C4C698E327ABC474180
Created files:
C:\Documents and Settings\DJOJ.EXE
C:\Documents and Settings\svchost.exe
C:\filedebug
C:\HYZ.EXE
C:\QOO.EXE
C:\System Volume Information\ctfmon.exe
C:\System Volume Information\IIOBMJQ.EXE
%SysDir%\Ms7002.dll
%SysDir%\TPNHLX.EXE
Autostart registry keys:
HKLM\Software\Classes\CLSID\{7CD4138D-4147-420B-9749-00A13B526785}\InprocServer32 : %WinDir%\System32\Ms7002.dll
HKLM\Software\Classes\txtfile\shell\open\command : C:\.\HYZ.EXE %1
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\TXJSXR.EXE: C:\System Volume Information\ctfmon.exe
HKLM\System\CurrentControlSet\Services\NKMMTY.EXE\Type: 10010000
HKLM\System\CurrentControlSet\Services\NKMMTY.EXE\Start: 02000000
HKLM\System\CurrentControlSet\Services\NKMMTY.EXE\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\NKMMTY.EXE\DisplayName: NKMMTY.EXE
HKLM\System\CurrentControlSet\Services\NKMMTY.EXE\ImagePath: C:\Sandboxie\NKMMTY.EXE
Detected by UnHackMe:
DJOJ.EXE
Default location: C:\DOCUMENTS AND SETTINGS\DJOJ.EXE
Dropper information:
MD5: 040c03113ba08997e90a59075dcd9851
File size: 474665 bytes