I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
WATERMARKMGR.EXE – Trojan SuspiciousFile removal
| File | MD5 | Virus Alias |
|---|---|---|
| WATERMARKMGR.EXE | f88a4192a9d2d8a0bd9381908a5d7635 | Trojan SuspiciousFile |
| WATERMARKMGR.EXE | f88a4192a9d2d8a0bd9381908a5d7635 | Trojan XPACK |
| WATERMARKMGR.EXE | f88a4192a9d2d8a0bd9381908a5d7635 | Trojan Eldorado |
WATERMARKMGR.EXE size: 172544 bytes
WATERMARKMGR.EXE hash: F88A4192A9D2D8A0BD9381908A5D7635
Created files:
%Program Files%\Microsoft\WaterMark.exe
%Program Files%\Microsoft\WaterMarkmgr.exe
%Common AppData%\Apple Computer\Installer Cache\Safari 5.34.52.7\SetupAdmin.exe
%Local AppData%\Google\Chrome\Application\17.0.963.79\avcodec-53.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\avformat-53.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\avutil-51.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\chrome.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\chrome_frame_helper.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\chrome_frame_helper.exe
%Local AppData%\Google\Chrome\Application\17.0.963.79\chrome_launcher.exe
%Local AppData%\Google\Chrome\Application\17.0.963.79\d3dcompiler_43.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\d3dx9_43.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\gcswf32.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\icudt.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Installer\setup.exe
%Local AppData%\Google\Chrome\Application\17.0.963.79\libegl.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\libglesv2.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\am.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\ar.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\bg.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\bn.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\ca.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\cs.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\da.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\de.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\el.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\en-GB.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\en-US.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\es-419.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\es.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\et.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\fa.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\fi.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\fil.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\fr.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\gu.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\he.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\hi.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\hr.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\hu.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\id.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\it.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\ja.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\kn.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\ko.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\lt.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\lv.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\ml.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\mr.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\nb.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\nl.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\pl.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\pt-BR.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\pt-PT.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\ro.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\ru.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\sk.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\sl.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\sr.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\sv.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\sw.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\ta.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\te.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\th.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\tr.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\uk.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\vi.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\zh-CN.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\Locales\zh-TW.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\nacl64.exe
%Local AppData%\Google\Chrome\Application\17.0.963.79\npchrome_frame.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\pdf.dll
%Local AppData%\Google\Chrome\Application\17.0.963.79\ppgooglenaclpluginchrome.dll
Autostart registry keys:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit: c:\windows\System32\userinit.exe,,c:\program files\Microsoft\watermark.exe
Detected by UnHackMe:
WATERMARKMGR.EXE
Default location: %PROGRAM FILES%\MICROSOFT\WATERMARKMGR.EXE
Dropper information:
MD5: 2ac0b65c55647300c3ad35680f4a4740
File size: 348026 bytes