Solved! Use RUNDLL32MGRMGRMGR.EXE (Worm AMN) Removal Guide

Worm No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

RUNDLL32MGRMGRMGR.EXE – Worm AMN removal

FileMD5Virus Alias
RUNDLL32MGRMGRMGR.EXE 963056968f712dce49fed780756eafa3 Worm AMN
RUNDLL32MGRMGRMGR.EXE 963056968f712dce49fed780756eafa3 Trojan XPACK
RUNDLL32MGRMGRMGR.EXE 963056968f712dce49fed780756eafa3 Trojan Generic
RUNDLL32MGRMGRMGR.EXE 963056968f712dce49fed780756eafa3 Trojan Eldorado
RUNDLL32MGRMGRMGR.EXE 963056968f712dce49fed780756eafa3 Trojan Diple
RUNDLL32MGRMGRMGR.EXE 963056968f712dce49fed780756eafa3 Trojan Krap

RUNDLL32MGRMGRMGR.EXE size: 146432 bytes
RUNDLL32MGRMGRMGR.EXE hash: 963056968F712DCE49FED780756EAFA3

Created files:

%Program Files%\Microsoft\WaterMark.exe
%Program Files%\Microsoft\WaterMarkmgr.exe
%Program Files%\Microsoft\WaterMarkmgrmgr.exe
%SysDir%\rundll32mgr.exe
%SysDir%\rundll32mgrmgr.exe
%SysDir%\rundll32mgrmgrmgr.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit: c:\windows\System32\userinit.exe,,c:\program files\Microsoft\watermark.exe

Detected by UnHackMe:

RUNDLL32MGRMGRMGR.EXE
Default location: %SYSDIR%\RUNDLL32MGRMGRMGR.EXE

Dropper information:
MD5: c9f50cbde6a811ce39961fee75df6590
File size: 891258 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images