I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
QUBVPR.DLL – Trojan PcClient removal
| File | MD5 | Virus Alias |
|---|---|---|
| QUBVPR.DLL | 59d89b7df9606d9f71fcbb1b2e5a1f1f | Trojan PcClient |
| QUBVPR.DLL | 59d89b7df9606d9f71fcbb1b2e5a1f1f | Trojan Generic |
| QUBVPR.DLL | 59d89b7df9606d9f71fcbb1b2e5a1f1f | Trojan Eldorado |
| QUBVPR.DLL | 59d89b7df9606d9f71fcbb1b2e5a1f1f | Trojan Downloader |
| QUBVPR.DLL | 59d89b7df9606d9f71fcbb1b2e5a1f1f | Backdoor PcClien |
| QUBVPR.DLL | 59d89b7df9606d9f71fcbb1b2e5a1f1f | Trojan Agent |
QUBVPR.DLL size: 71236 bytes
QUBVPR.DLL hash: 59D89B7DF9606D9F71FCBB1B2E5A1F1F
Created files:
%SysDir%\drivers\qubvpr.SYS
%SysDir%\qubvpr.dll
Autostart registry keys:
HKLM\System\CurrentControlSet\Services\oqhqbp\Type: 10010000
HKLM\System\CurrentControlSet\Services\oqhqbp\Start: 02000000
HKLM\System\CurrentControlSet\Services\oqhqbp\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\oqhqbp\DisplayName: oqhqbp
HKLM\System\CurrentControlSet\Services\oqhqbp\ImagePath: %WinDir%\System32\svchost.exe -k oqhqbp
HKLM\System\CurrentControlSet\Services\oqhqbp\Description: Microsoft .NET Framework TPM
HKLM\System\CurrentControlSet\Services\oqhqbp\Parameters\ServiceDll: 2500530079007300740065006D0052006F006F00740025005C00530079007300740065006D00330032005C007100750062007600700072002E0064006C006C000000
HKLM\System\CurrentControlSet\Services\yqhqbpdj\Type: 01000000
HKLM\System\CurrentControlSet\Services\yqhqbpdj\Start: 02000000
HKLM\System\CurrentControlSet\Services\yqhqbpdj\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\yqhqbpdj\DisplayName: yqhqbpdj
HKLM\System\CurrentControlSet\Services\yqhqbpdj\ImagePath: %WinDir%\System32\drivers\qubvpr.SYS
Detected by UnHackMe:
QUBVPR.DLL
Default location: %SYSDIR%\QUBVPR.DLL
Dropper information:
MD5: 22110087dcfd1e707752f5e62158f3c6
File size: 194933 bytes