I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
YI21.EXE – Trojan Generic removal
| File | MD5 | Virus Alias |
|---|---|---|
| YI21.EXE | eb31c19802fc0519e5f7438f202618ad | Trojan Generic |
YI21.EXE size: 10240 bytes
YI21.EXE hash: EB31C19802FC0519E5F7438F202618AD
Created files:
%Program Files%\MSN Gaming Zone\Windows\bckgzm.exe
%Program Files%\MSN Gaming Zone\Windows\chkrzm.exe
%Program Files%\NetMeeting\conf.nbj
%Program Files%\Windows NT\dialer.gvm
%Program Files%\Yi21.exe
%SysDir%\Winktmt.exe
%TEMP%\Ccn27.exe
%TEMP%\Dgl26.exe
%TEMP%\Lk22.exe
%TEMP%\Lol24.exe
%TEMP%\Mjp25.exe
%TEMP%\Na23.exe
\\VBOXSVR\in\Hfbb.exe
Autostart registry keys:
HKLM\System\CurrentControlSet\Services\S9t6CLp\Type: 10010000
HKLM\System\CurrentControlSet\Services\S9t6CLp\Start: 03000000
HKLM\System\CurrentControlSet\Services\S9t6CLp\DisplayName: S9t6CLp
HKLM\System\CurrentControlSet\Services\S9t6CLp\ImagePath: \\VBOXSVR\in\Hfbb.exe
HKLM\System\CurrentControlSet\Services\Winktmt\Type: 10010000
HKLM\System\CurrentControlSet\Services\Winktmt\Start: 02000000
HKLM\System\CurrentControlSet\Services\Winktmt\DisplayName: Winktmt
HKLM\System\CurrentControlSet\Services\Winktmt\ImagePath: %WinDir%\System32\Winktmt.exe
Detected by UnHackMe:
YI21.EXE
Default location: %PROGRAM FILES%\YI21.EXE
Dropper information:
MD5: 072c284f8c4ceaef0bad56759965f8e4
File size: 95740 bytes
Logging you in...
Loading IntenseDebate Comments...