I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
MS7002.DLL – Trojan OnLineGames removal
| File | MD5 | Virus Alias |
|---|---|---|
| MS7002.DLL | 876a2a99b81968f5b26e3cbe12063d2b | Trojan OnLineGames |
| MS7002.DLL | 876a2a99b81968f5b26e3cbe12063d2b | Trojan SuspiciousFile |
| MS7002.DLL | 876a2a99b81968f5b26e3cbe12063d2b | Trojan Generic |
| MS7002.DLL | 876a2a99b81968f5b26e3cbe12063d2b | Trojan Eldorado |
| MS7002.DLL | 876a2a99b81968f5b26e3cbe12063d2b | Trojan Downloader |
| MS7002.DLL | 876a2a99b81968f5b26e3cbe12063d2b | Backdoor Maximus |
MS7002.DLL size: 53248 bytes
MS7002.DLL hash: 876A2A99B81968F5B26E3CBE12063D2B
Created files:
C:\Documents and Settings\DJOJ.EXE
C:\Documents and Settings\svchost.exe
C:\filedebug
C:\HYZ.EXE
C:\QOO.EXE
C:\System Volume Information\ctfmon.exe
C:\System Volume Information\IIOBMJQ.EXE
%SysDir%\Ms7002.dll
%SysDir%\TPNHLX.EXE
Autostart registry keys:
HKLM\Software\Classes\CLSID\{7CD4138D-4147-420B-9749-00A13B526785}\InprocServer32 : %WinDir%\System32\Ms7002.dll
HKLM\Software\Classes\txtfile\shell\open\command : C:\.\HYZ.EXE %1
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\TXJSXR.EXE: C:\System Volume Information\ctfmon.exe
HKLM\System\CurrentControlSet\Services\NKMMTY.EXE\Type: 10010000
HKLM\System\CurrentControlSet\Services\NKMMTY.EXE\Start: 02000000
HKLM\System\CurrentControlSet\Services\NKMMTY.EXE\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\NKMMTY.EXE\DisplayName: NKMMTY.EXE
HKLM\System\CurrentControlSet\Services\NKMMTY.EXE\ImagePath: C:\Sandboxie\NKMMTY.EXE
Detected by UnHackMe:
MS7002.DLL
Default location: %SYSDIR%\MS7002.DLL
Dropper information:
MD5: 040c03113ba08997e90a59075dcd9851
File size: 474665 bytes