Solved! Use QNM.DLL (Trojan Downloader) Removal Guide

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

QNM.DLL – Trojan Downloader removal

FileMD5Virus Alias
QNM.DLL 50fef09cfa75e975532f98e1de297e80 Trojan Downloader
QNM.DLL 50fef09cfa75e975532f98e1de297e80 Trojan (Suspicious File)
QNM.DLL 50fef09cfa75e975532f98e1de297e80 Trojan Artemis
QNM.DLL 50fef09cfa75e975532f98e1de297e80 Trojan Agent
QNM.DLL 50fef09cfa75e975532f98e1de297e80 Trojan Small
QNM.DLL 50fef09cfa75e975532f98e1de297e80 Trojan Scar

QNM.DLL size: 24064 bytes
QNM.DLL hash: 50FEF09CFA75E975532F98E1DE297E80

Created files:

C:\Driver.sys
C:\pci.sys
%SysDir%\ebn.dll
%SysDir%\qnm.dll
%SysDir%\system.exe
%Temp%\IXP000.TMP\QQQSSQ~1.EXE

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\System: %WinDir%\System32\System.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup0: rundll32.exe %WinDir%\System32\advpack.dll,DelNodeRunDLL32 “%Temp%\IXP000.TMP\”
HKLM\System\CurrentControlSet\Services\Driver\Type: 01000000
HKLM\System\CurrentControlSet\Services\Driver\Start: 03000000
HKLM\System\CurrentControlSet\Services\Driver\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\Driver\DisplayName: Driver
HKLM\System\CurrentControlSet\Services\Driver\ImagePath: C:\Driver.sys

Detected by UnHackMe:

QNM.DLL
Default location: %SYSDIR%\QNM.DLL

Dropper information:
MD5: 6a1e0a0ff1755db2bddfdacf57338a76
File size: 225280 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images