I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
QQLIVE.EXE – Trojan QQPass removal
| File | MD5 | Virus Alias |
|---|---|---|
| QQLIVE.EXE | 5e95e6131ff0e79ad5df107db915760c | Trojan QQPass |
| QQLIVE.EXE | 5e95e6131ff0e79ad5df107db915760c | Trojan Agent |
QQLIVE.EXE size: 15296 bytes
Created files:
C:\ProgramData\Microsoft\Windows\Common\Utility.dll
C:\ProgramData\Microsoft\Windows\QQlive.exe
Autostart registry keys:
HKLM\System\CurrentControlSet\Services\DisplayName:
HKLM\System\CurrentControlSet\Services\Type: 20000000
HKLM\System\CurrentControlSet\Services\Start: 02000000
HKLM\System\CurrentControlSet\Services\ImagePath: 2500530079007300740065006D0052006F006F00740025005C00730079007300740065006D00330032005C0073007600630068006F00730074002E0065007800650020002D006B0020006E00650074007300760063007300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
HKLM\System\CurrentControlSet\Services\ObjectName: LocalSystemSystem\CurrentControlSet\Services\SOFTWARE\Microsoft\Windows NT\CurrentVersion\netsvcsEnable ClipBook Viewer to store information and share it with remote computers. If the service is stopped, ClipBook Viewer will not be able to share inf
HKLM\System\CurrentControlSet\Services\Description: Provide user experience theme management.Virtual hardware upgrade helper services.Provide support for synchronizing objects between the host and guest operating Systems.Enable support for running virtual machines from a physical disk partitionColl
HKLM\System\CurrentControlSet\Services\Parameters\ServiceDll: 43003A005C00500072006F006700720061006D0044006100740061005C004D006900630072006F0073006F00660074005C00570069006E0064006F00770073005C0045006D0063006300690077002E0064006C006C000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Detected by UnHackMe:
QQLIVE.EXE
Default location: C:\PROGRAMDATA\MICROSOFT\WINDOWS\QQLIVE.EXE