I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free DownloadFully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
VMMREG32.BKP – Trojan Agent removal
File | MD5 | Virus Alias |
---|---|---|
VMMREG32.BKP | 8f0561794f979a70754baf35ebf301fc | Trojan Agent |
VMMREG32.BKP | 8f0561794f979a70754baf35ebf301fc | Trojan Click |
VMMREG32.BKP size: 249856 bytes
VMMREG32.BKP hash: 8F0561794F979A70754BAF35EBF301FC
Created files:
%Program Files%\Mozilla Firefox\extensions\admin@firestarterfox.net\chrome\bor.jar
%SYSDIR%\bootcats.sys
%SYSDIR%\drvhive.ocx
%SYSDIR%\VIDEO.sys
%SYSDIR%\vmmreg32.dll
%SYSDIR%\webmin\VIDEO.bkp
%SYSDIR%\webmin\vmmreg32.bkp
Autostart registry keys:
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\1: %SYSDIR%\winhelp32.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Windows Help Service: %SYSDIR%\winhelp32.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices\Windows Help Service: %SYSDIR%\winhelp32.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce\Windows Help Service: %SYSDIR%\winhelp32.exe
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\load: %SYSDIR%\winhelp32.exe
HKLM\System\CurrentControlSet\Services\VIDEO\Type: 01000000
HKLM\System\CurrentControlSet\Services\VIDEO\Start: 01000000
HKLM\System\CurrentControlSet\Services\VIDEO\DisplayName: VIDEO
HKLM\System\CurrentControlSet\Services\VIDEO\ImagePath: %SYSDIR%\VIDEO.sys
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Windows Help Service: %SYSDIR%\winhelp32.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce\Windows Help Service: %SYSDIR%\winhelp32.exe
Detected by UnHackMe:
VMMREG32.BKP
Default location: %SYSDIR%\WEBMIN\VMMREG32.BKP
Dropper information:
MD5: 07f80bcea04da1af4bb2d52c926c6b57
File size: 164352 bytes