mysql.exe - Dangerous

%sysdir%\mysql.exe

Jeff's Story:

My PC had gotten a bad rootkit that my ISP antivirus software (powered by McAfee) could not detect, nor could fix.

I sought a solution on the Internet and discovered your product and tried out the trial.

You quickly found the rootkit and SAVED my PC!

I haven't had any problems since, and I'm extremely grateful.

Fix it immediately:

Free Download

Manual removal instructions:

%sysdir%\mysql.exe

mysql.exe s is rootkit Trojan.Bifrose-KP.
mysql.exe s is used to hide files, processes and registry.
mysql.exe s is a user mode rootkit.
Rootrkit injects itself into iexplore.exe.
Rootkit contacts remote hacker server using HTTP session.
Related files:
%SysDir%\mysql.exe s (legitimate file)
%SysDir%\drivers\oreans32.sys (legitimate file)
%SysDir%\plugin1.dat (legitimate file)
%SysDir%\SysPr.prx (legitimate file)

oreans32.sys is created new system driver:
service name: "oreans32"
display name: "oreans32"

Added to registry:
HKLM\SYSTEM\CurrentControlSet\Services\oreans32\

HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\(9B71D88C-C598-4935-C5D1-43AA4DB90836)\stubpath
%SysDir%\mysql.exe s

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mysql
%SysDir%\mysql.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\mysql
%SysDir%\mysql.exe

HKCU\Software\Wget\klg

HKCU\Software\Wget\plg1

HKLM\SOFTWARE\Wget\nck

Remove mysql.exe now!

mysql.exe - Dangerous

%sysdir%\mysql.exe

Jeff's Story:

Fix it immediately:

Manual removal instructions:

Download for free

Links

Select