Solved! Use OQNMNJ.SYS (Virus Sality) Removal Guide

Virus No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

OQNMNJ.SYS – Virus Sality removal

File MD5 Virus Alias
OQNMNJ.SYS 3ecc72712703b51f3cd4bcefe38ea758 Virus Sality
OQNMNJ.SYS 3ecc72712703b51f3cd4bcefe38ea758 Trojan Agent

OQNMNJ.SYS size: 5477 bytes
OQNMNJ.SYS hash: 3ECC72712703B51F3CD4BCEFE38EA758

Created files:

C:\KUKU400alpha
%SysDir%\drivers\oqnmnj.sys
%SysDir%\wmdrtc32.dll
%SysDir%\wmdrtc32.dl_
%WinDir%\windows.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\PROGRAM: %WinDir%\WINDOWS.exe
HKLM\System\CurrentControlSet\Services\NdisFileServices32\Type: 01000000
HKLM\System\CurrentControlSet\Services\NdisFileServices32\Start: 02000000
HKLM\System\CurrentControlSet\Services\NdisFileServices32\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\NdisFileServices32\DisplayName: NdisFileServices32
HKLM\System\CurrentControlSet\Services\NdisFileServices32\ImagePath: %WinDir%\System32\drivers\oqnmnj.sys

Detected by UnHackMe:

OQNMNJ.SYS
Default location: %SYSDIR%\DRIVERS\OQNMNJ.SYS

Dropper information:
MD5: d841316ed451836b135df9ff57c048f2
File size: 286720 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images