I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
iexplore1.exe – Trojan Agent removal
| File | Virus Alias |
|---|---|
| iexplore1.exe | Trojan Agent |
| iexplore1.exe | Trojan Siggen |
| iexplore1.exe | Backdoor Maximus |
Created files:
%SysDir%\MSCOMCTL.OCX – Trojan Agent
%SysDir%\MSN\autorun.dll – Trojan Agent
%SysDir%\MSN\MSNPict.ldb – Trojan Agent
%SysDir%\MSN\recordtime.dll – Trojan Agent
%SysDir%\MSN\save.dll – Trojan Agent
%SysDir%\system\explore1.exe – Trojan Agent
%SysDir%\system\explorer1.exe – Trojan Agent
%SysDir%\system\iexplore1.exe – Trojan Agent
Autostart registry keys:
HKLM\Software\Classes\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}\InprocServer32 : %WinDir%\System32\MSCOMCTL.OCX
HKLM\Software\Classes\CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}\InprocServer32 : %WinDir%\System32\MSCOMCTL.OCX
HKLM\Software\Classes\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}\InprocServer32 : %WinDir%\System32\MSCOMCTL.OCX
HKLM\Software\Classes\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}\InprocServer32 : %WinDir%\System32\MSCOMCTL.OCX
HKLM\Software\Classes\CLSID\{8E3867A3-8586-11D1-B16A-00C0F0283628}\InprocServer32 : %WinDir%\System32\MSCOMCTL.OCX
HKLM\Software\Classes\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\InprocServer32 : %WinDir%\System32\MSCOMCTL.OCX
HKLM\Software\Classes\CLSID\{C27CCE32-8596-11D1-B16A-00C0F0283628}\InprocServer32 : %WinDir%\System32\MSCOMCTL.OCX
HKLM\Software\Classes\CLSID\{C27CCE33-8596-11D1-B16A-00C0F0283628}\InprocServer32 : %WinDir%\System32\MSCOMCTL.OCX
HKLM\Software\Classes\CLSID\{C27CCE34-8596-11D1-B16A-00C0F0283628}\InprocServer32 : %WinDir%\System32\MSCOMCTL.OCX
HKLM\Software\Classes\CLSID\{C27CCE35-8596-11D1-B16A-00C0F0283628}\InprocServer32 : %WinDir%\System32\MSCOMCTL.OCX
HKLM\Software\Classes\CLSID\{C27CCE36-8596-11D1-B16A-00C0F0283628}\InprocServer32 : %WinDir%\System32\MSCOMCTL.OCX
HKLM\Software\Classes\CLSID\{C27CCE37-8596-11D1-B16A-00C0F0283628}\InprocServer32 : %WinDir%\System32\MSCOMCTL.OCX
HKLM\Software\Classes\CLSID\{C27CCE38-8596-11D1-B16A-00C0F0283628}\InprocServer32 : %WinDir%\System32\MSCOMCTL.OCX
HKLM\Software\Classes\CLSID\{C27CCE39-8596-11D1-B16A-00C0F0283628}\InprocServer32 : %WinDir%\System32\MSCOMCTL.OCX
HKLM\Software\Classes\CLSID\{C27CCE3A-8596-11D1-B16A-00C0F0283628}\InprocServer32 : %WinDir%\System32\MSCOMCTL.OCX
HKLM\Software\Classes\CLSID\{C27CCE3B-8596-11D1-B16A-00C0F0283628}\InprocServer32 : %WinDir%\System32\MSCOMCTL.OCX
HKLM\Software\Classes\CLSID\{C27CCE3C-8596-11D1-B16A-00C0F0283628}\InprocServer32 : %WinDir%\System32\MSCOMCTL.OCX
HKLM\Software\Classes\CLSID\{C27CCE3D-8596-11D1-B16A-00C0F0283628}\InprocServer32 : %WinDir%\System32\MSCOMCTL.OCX
HKLM\Software\Classes\CLSID\{C27CCE3E-8596-11D1-B16A-00C0F0283628}\InprocServer32 : %WinDir%\System32\MSCOMCTL.OCX
HKLM\Software\Classes\CLSID\{C27CCE3F-8596-11D1-B16A-00C0F0283628}\InprocServer32 : %WinDir%\System32\MSCOMCTL.OCX
HKLM\Software\Classes\CLSID\{C27CCE40-8596-11D1-B16A-00C0F0283628}\InprocServer32 : %WinDir%\System32\MSCOMCTL.OCX
HKLM\Software\Classes\CLSID\{C27CCE41-8596-11D1-B16A-00C0F0283628}\InprocServer32 : %WinDir%\System32\MSCOMCTL.OCX
HKLM\Software\Classes\CLSID\{C27CCE42-8596-11D1-B16A-00C0F0283628}\InprocServer32 : %WinDir%\System32\MSCOMCTL.OCX
HKLM\Software\Classes\CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}\InprocServer32 : %WinDir%\System32\MSCOMCTL.OCX
HKLM\Software\Classes\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}\InprocServer32 : %WinDir%\System32\MSCOMCTL.OCX
HKLM\Software\Classes\CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}\InprocServer32 : %WinDir%\System32\MSCOMCTL.OCX
Detected by UnHackMe:
iexplore1.exe
Default location: %SysDir%\system\iexplore1.exe
Dropper information:
SHA256: 2c9fcebaa7e435a38600b8678fb42281b502c24ddba3bcce7f5dafe02957d10e
SHA1: 65755d97e4f05120de377572251bd2409d3735a9
MD5: 6f92d54d640bb84122ae6de7732552ea
File size: 3629056 bytes