I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free DownloadFully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
WQLZIW.X64.DLL – Trojan Agent removal
File | MD5 | Virus Alias |
---|---|---|
WQLZIW.X64.DLL | 54e21b7dae36a033b7e663765a15b095 | Trojan Agent |
WQLZIW.X64.DLL | 54e21b7dae36a033b7e663765a15b095 | Adware MultiPlug |
WQLZIW.X64.DLL size: 512512 bytes
WQLZIW.X64.DLL hash: 54E21B7DAE36A033B7E663765A15B095
Created files:
C:\Documents and Settings\Administrator\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\pdidaggjnmcfkbnbppnmggimlmcamnlm\2.1\manifest.json
C:\Documents and Settings\Administrator\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\pdidaggjnmcfkbnbppnmggimlmcamnlm\2.1\manifest.json
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pdidaggjnmcfkbnbppnmggimlmcamnlm\2.1\manifest.json
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\pdidaggjnmcfkbnbppnmggimlmcamnlm\2.1\manifest.json
C:\Documents and Settings\Administrator\Local Settings\Application Data\Torch\User Data\Default\Extensions\pdidaggjnmcfkbnbppnmggimlmcamnlm\2.1\manifest.json
C:\Documents and Settings\Guest\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\pdidaggjnmcfkbnbppnmggimlmcamnlm\2.1\manifest.json
C:\Documents and Settings\Guest\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\pdidaggjnmcfkbnbppnmggimlmcamnlm\2.1\manifest.json
C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pdidaggjnmcfkbnbppnmggimlmcamnlm\2.1\manifest.json
C:\Documents and Settings\Guest\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\pdidaggjnmcfkbnbppnmggimlmcamnlm\2.1\manifest.json
C:\Documents and Settings\Guest\Local Settings\Application Data\Torch\User Data\Default\Extensions\pdidaggjnmcfkbnbppnmggimlmcamnlm\2.1\manifest.json
C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\pdidaggjnmcfkbnbppnmggimlmcamnlm\2.1\manifest.json
C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\pdidaggjnmcfkbnbppnmggimlmcamnlm\2.1\manifest.json
C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pdidaggjnmcfkbnbppnmggimlmcamnlm\2.1\manifest.json
C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\pdidaggjnmcfkbnbppnmggimlmcamnlm\2.1\manifest.json
C:\Documents and Settings\HelpAssistant\Local Settings\Application Data\Torch\User Data\Default\Extensions\pdidaggjnmcfkbnbppnmggimlmcamnlm\2.1\manifest.json
C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\pdidaggjnmcfkbnbppnmggimlmcamnlm\2.1\manifest.json
C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\pdidaggjnmcfkbnbppnmggimlmcamnlm\2.1\manifest.json
C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pdidaggjnmcfkbnbppnmggimlmcamnlm\2.1\manifest.json
C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\pdidaggjnmcfkbnbppnmggimlmcamnlm\2.1\manifest.json
C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Torch\User Data\Default\Extensions\pdidaggjnmcfkbnbppnmggimlmcamnlm\2.1\manifest.json
%Program Files%\MySearch\wQlZIW.dll
%Program Files%\MySearch\wQlZIW.tlb
%Program Files%\MySearch\wQlZIW.x64.dll
%Common AppData%\d6ffadbb0bf5d660\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}.20140914042251
%Common AppData%\MySearch\v8sPPnk.exe
%Local AppData%\Chromatic Browser\User Data\Default\Extensions\pdidaggjnmcfkbnbppnmggimlmcamnlm\2.1\manifest.json
%Local AppData%\Comodo\Dragon\User Data\Default\Extensions\pdidaggjnmcfkbnbppnmggimlmcamnlm\2.1\manifest.json
%Local AppData%\Google\Chrome\User Data\Default\Extensions\pdidaggjnmcfkbnbppnmggimlmcamnlm\2.1\manifest.json
%Local AppData%\Google\Chrome SxS\User Data\Default\Extensions\pdidaggjnmcfkbnbppnmggimlmcamnlm\2.1\manifest.json
%Local AppData%\Torch\User Data\Default\Extensions\pdidaggjnmcfkbnbppnmggimlmcamnlm\2.1\manifest.json
%Temp%\3c683ba4\pdidaggjnmcfkbnbppnmggimlmcamnlm\manifest.json
%Temp%\__tmp_00a60861
%Temp%\__tmp_02738f16
%Temp%\__tmp_0f04bc5b
%Temp%\__tmp_11a37f8c
%Temp%\__tmp_13cc7cc1
%Temp%\__tmp_13d55531
%Temp%\__tmp_1a273a3b
%Temp%\__tmp_22687262
Detected by UnHackMe:
WQLZIW.X64.DLL
Default location: %PROGRAM FILES%\MYSEARCH\WQLZIW.X64.DLL
Dropper information:
MD5: e5f8f1bb04519f5af110f4326a5cda14
File size: 1986216 bytes