I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.
SOM2.EXE – Virus Madang removal
| File | MD5 | Virus Alias |
|---|---|---|
| SOM2.EXE | eb31c19802fc0519e5f7438f202618ad | Virus Madang |
| SOM2.EXE | eb31c19802fc0519e5f7438f202618ad | Trojan XPACK |
| SOM2.EXE | eb31c19802fc0519e5f7438f202618ad | Trojan Generic |
SOM2.EXE size: 10240 bytes
SOM2.EXE hash: EB31C19802FC0519E5F7438F202618AD
Created files:
%Program Files%\MSN Gaming Zone\Windows\bckgzm.exe
%Program Files%\MSN Gaming Zone\Windows\chkrzm.exe
%Program Files%\NetMeeting\conf.ray
%Program Files%\Som2.exe
%SysDir%\taskmgr.exe
%SysDir%\Winkomp.exe
%TEMP%\Eqe6.exe
%TEMP%\Flg5.exe
%TEMP%\Ot3.exe
%TEMP%\Sdn7.exe
%TEMP%\Wmg4.exe
\\VBOXSVR\in\Cm.htm.exe
%Common AppData%\Microsoft\Dr Watson\user.dmp
Autostart registry keys:
HKLM\System\CurrentControlSet\Services\A3772wZ\Type: 10010000
HKLM\System\CurrentControlSet\Services\A3772wZ\Start: 03000000
HKLM\System\CurrentControlSet\Services\A3772wZ\DisplayName: A3772wZ
HKLM\System\CurrentControlSet\Services\A3772wZ\ImagePath: \\VBOXSVR\in\Cm.htm.exe
HKLM\System\CurrentControlSet\Services\Winkomp\Type: 10010000
HKLM\System\CurrentControlSet\Services\Winkomp\Start: 02000000
HKLM\System\CurrentControlSet\Services\Winkomp\DisplayName: Winkomp
HKLM\System\CurrentControlSet\Services\Winkomp\ImagePath: %WinDir%\System32\Winkomp.exe
Detected by UnHackMe:
SOM2.EXE
Default location: %PROGRAM FILES%\SOM2.EXE
Dropper information:
MD5: 6105d61c85473fd727b4f65aa00d4df5
File size: 122880 bytes