Solved! Use RUNDLL.EXE (Trojan Vlogger) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

RUNDLL.EXE – Trojan Vlogger removal

File MD5 Virus Alias
RUNDLL.EXE 19eca722500302f159f9872fcfed19ee Trojan Vlogger
RUNDLL.EXE 19eca722500302f159f9872fcfed19ee Trojan Generic
RUNDLL.EXE 19eca722500302f159f9872fcfed19ee Trojan Xema
RUNDLL.EXE 19eca722500302f159f9872fcfed19ee Trojan Agent

RUNDLL.EXE size: 164864 bytes
RUNDLL.EXE hash: 19ECA722500302F159F9872FCFED19EE

Created files:

%WinDir%\regsvr.exe
%SysDir%\COMCTL32.OCX
%SysDir%\ijl11pro.dll
%SysDir%\regsvr.exe
%SysDir%\rundll.exe
%SysDir%\winhelp.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell: Explorer.exe rundll.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Yahoo Messengger: %WinDir%\System32\regsvr.exe

Detected by UnHackMe:

RUNDLL.EXE
Default location: %SYSDIR%\RUNDLL.EXE

Dropper information:
MD5: fa1bc9b1da8d4f9064980a865f34fea7
File size: 1159168 bytes

Leave a Reply