I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free DownloadFully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
HELPHOST.COM – Worm Autorun removal
File | MD5 | Virus Alias |
---|---|---|
HELPHOST.COM | 0bb0527a877e590e06be7285f60eb954 | Worm Autorun |
HELPHOST.COM | 0bb0527a877e590e06be7285f60eb954 | Trojan SuspiciousFile |
HELPHOST.COM | 0bb0527a877e590e06be7285f60eb954 | Trojan Hllw |
HELPHOST.COM | 0bb0527a877e590e06be7285f60eb954 | Trojan Eldorado |
HELPHOST.COM | 0bb0527a877e590e06be7285f60eb954 | Trojan Agent |
HELPHOST.COM size: 237568 bytes
HELPHOST.COM hash: 0BB0527A877E590E06BE7285F60EB954
Created files:
%WinDir%\Cursors\Boom.vbs
%WinDir%\Fonts\Fonts.exe
%WinDir%\Fonts\tskmgr.exe
%WinDir%\Help\microsoft.hlp
%WinDir%\Media\rndll32.pif
%WinDir%\pchealth\Global.exe
%WinDir%\pchealth\helpctr\binaries\HelpHost.com
%WinDir%\system\KEYBOARD.exe
%SysDir%\dllcache\Default.exe
%SysDir%\dllcache\Global.exe
%SysDir%\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\Global.exe
%SysDir%\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\svchost.exe
%SysDir%\dllcache\Recycler.{645FF040-5081-101B-9F08-00AA002F954E}\system.exe
%SysDir%\dllcache\tskmgr.exe
%SysDir%\drivers\drivers.cab.exe
%SysDir%\regedit.exe
Autostart registry keys:
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\sys: %WinDir%\Fonts\Fonts.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run : %WinDir%\System\KEYBOARD.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce : %WinDir%\System32\dllcache\Default.exe
HKCU\Control Panel\Desktop\SCRNSAVE.EXE: %WinDir%\pchealth\helpctr\binaries\HelpHost.com
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce : %WinDir%\System32\dllcache\Default.exe
Detected by UnHackMe:
HELPHOST.COM
Default location: %WinDir%\PCHEALTH\HELPCTR\BINARIES\HELPHOST.COM
Dropper information:
MD5: 0bb0527a877e590e06be7285f60eb954
File size: 237568 bytes