I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
IIOBMJQ.EXE – Trojan QQPass removal
| File | MD5 | Virus Alias |
|---|---|---|
| IIOBMJQ.EXE | 672db9bac0e0a517b39510186866ad8f | Trojan QQPass |
| IIOBMJQ.EXE | 672db9bac0e0a517b39510186866ad8f | Trojan SuspiciousFile |
| IIOBMJQ.EXE | 672db9bac0e0a517b39510186866ad8f | Trojan Generic |
| IIOBMJQ.EXE | 672db9bac0e0a517b39510186866ad8f | Trojan Hllw |
| IIOBMJQ.EXE | 672db9bac0e0a517b39510186866ad8f | Trojan DNAScan |
| IIOBMJQ.EXE | 672db9bac0e0a517b39510186866ad8f | Trojan Small |
IIOBMJQ.EXE size: 475208 bytes
IIOBMJQ.EXE hash: 672DB9BAC0E0A517B39510186866AD8F
Created files:
C:\Documents and Settings\DJOJ.EXE
C:\Documents and Settings\svchost.exe
C:\filedebug
C:\HYZ.EXE
C:\QOO.EXE
C:\System Volume Information\ctfmon.exe
C:\System Volume Information\IIOBMJQ.EXE
%SysDir%\Ms7002.dll
%SysDir%\TPNHLX.EXE
Autostart registry keys:
HKLM\Software\Classes\CLSID\{7CD4138D-4147-420B-9749-00A13B526785}\InprocServer32 : %WinDir%\System32\Ms7002.dll
HKLM\Software\Classes\txtfile\shell\open\command : C:\.\HYZ.EXE %1
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\TXJSXR.EXE: C:\System Volume Information\ctfmon.exe
HKLM\System\CurrentControlSet\Services\NKMMTY.EXE\Type: 10010000
HKLM\System\CurrentControlSet\Services\NKMMTY.EXE\Start: 02000000
HKLM\System\CurrentControlSet\Services\NKMMTY.EXE\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\NKMMTY.EXE\DisplayName: NKMMTY.EXE
HKLM\System\CurrentControlSet\Services\NKMMTY.EXE\ImagePath: C:\Sandboxie\NKMMTY.EXE
Detected by UnHackMe:
IIOBMJQ.EXE
Default location: C:\SYSTEM VOLUME INFORMATION\IIOBMJQ.EXE
Dropper information:
MD5: 040c03113ba08997e90a59075dcd9851
File size: 474665 bytes