hint.exe - Dangerous
hint.exe
Jeff's Story:
My PC had gotten a bad rootkit that my ISP antivirus software (powered by McAfee) could not detect, nor could fix.
I sought a solution on the Internet and discovered your product and tried out the trial.
You quickly found the rootkit and SAVED my PC!
I haven't had any problems since, and I'm extremely grateful.
Manual removal instructions:
Subject lines: Important Data! Read the Result!
Message text: Authorized Researcher Only.
Attached file:
W32/Atak-A harvests email addresses from files on the hard disk.
When first run, W32/Atak-A copies itself to the Windows system folder as hint.exe
Sets the following registry entry to ensure it is run at system startup:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\ load =
W32/Atak-A will also add the following line to the win.ini file to ensure it is run at system startup:
load=C:\WINDOWS\SYSTEM\hint.exe
W32/Atak-A contains the following text inside its code:
-={ 4tt4(k 4g4!n$t N3tSky, B34gl3, MyD00m, L0vG4t3, N4ch!, Bl4st3r }=-
It's better to automatically remove this worm by using RegRun Startup Optimizer.