Necessary At your option Useless Dangerous Windows Programs - Useful, Useless or Malicious
Startupapps.com recommends you:

UnHackMe Warrior Removing rootkits is best done from the "clean" Windows!

UnHackMe Warrior

Blog: New viruses/malware/rootkits. Everyday!

Blog: How to remove malware/Trojans/rootkits using UnHackMe or manually. We know how to remove malware.

Shortcut Antivirus protects against Microsoft LNK and PIF vulnerability, notify a user about found threats and give possibility to immediately remove threats.

StuxnetRemover - free of charge Stuxnet/Tmphider rootkit removal tool.

Blog: System Software Research. What is under the hood? Who is faster? Antiviral and system software under microscope...

Dangerous leeboo11_747.exe - Dangerous

Fix it immediately

leeboo11_747.exe
We suggest you to remove leeboo11_747.exe from your computer as soon as possible.
Leeboo11_747.exe is Trojan/Backdoor.
Kill the process leeboo11_747.exe and remove leeboo11_747.exe from Windows startup.

File: leeboo11_747.exe

Classification:
Code:
Antivirus Version Last Update Result
Avast 4.8.1335.0 2009.08.04 Win32:Trojan-gen {Other}
AVG 8.5.0.406 2009.08.05 -
BitDefender 7.2 2009.08.05 -
Comodo 1872 2009.08.05 -
DrWeb 5.0.0.12182 2009.08.05 -
F-Secure 8.0.14470.0 2009.08.05 -
Kaspersky 7.0.0.125 2009.08.05 -
Microsoft 1.4903 2009.08.04 -
NOD32 4306 2009.08.04 -
Symantec 1.4.4.12 2009.08.05 -

Additional information
File size: 5783646 bytes
MD5 : e6e8cf6d0900c22772a6fd0c016f44e9
SHA1 : d1540ab000918a74c1794c13559f5fd4b6de0c53

Installation
When the program is executed, it creates the following registry subkeys and values:

----------------------------------
Keys deleted:0
----------------------------------

----------------------------------
Keys added:354
----------------------------------
HKLM\SOFTWARE\Classes\AppID\DapCtrlModule.DLL
HKLM\SOFTWARE\Classes\AppID\GVODDownloadServer.EXE
HKLM\SOFTWARE\Classes\AppID\GVODPlayer.DLL
...
HKCU\Software\Baidu\BaiduBar\NoAD
HKCU\Software\Baidu\BaiduBar\NoAD\Page_Allow
HKCU\Software\Baidu\BaiduBar\NoAD\Page_Block

----------------------------------
Values deleted:0
----------------------------------

----------------------------------
Values added:418
----------------------------------
HKLM\SOFTWARE\Classes\AppID\DapCtrlModule.DLL\AppID: "{4F866E61-1F62-4D4A-A3D0-FB6349078FD9}"
HKLM\SOFTWARE\Classes\AppID\GVODDownloadServer.EXE\AppID: "{F87874BC-A67C-4B94-9855-569D84C93E91}"
HKLM\SOFTWARE\Classes\AppID\GVODPlayer.DLL\AppID: "{568D3695-7A09-4FB0-98B7-09DE3C710F29}"
...
HKCU\Software\Baidu\BaiduBar\DisplayMode: 0x00000001
HKCU\Software\Baidu\BaiduBar\DisplayLineMode: 0x00000001
HKCU\Software\Baidu\BaiduBar\IE7DefaultSearch: 0x00000000

----------------------------------
Values modified:38
----------------------------------
HKLM\SOFTWARE\Classes\.rmvb\: "mplayerc.rmvb"
HKLM\SOFTWARE\Classes\.rmvb\: "LBPlayerG.exe.rmvb"
HKLM\SOFTWARE\Classes\.rmvb\Content Type: "video/vnd.rn-realvideo"
...
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Streams\Desktop\TaskbarWinXP: 0C 00 00 00 08 00 00 00 02 00 00 00 00 00 00 00 AA 4F 28 68 48 6A D0 11 8C 78 00 C0 4F D9 18 B4 40 02 00 00 60 0D 00 00 00 00 00 00 16 00 00 00 00 00 00 00 00 00 00 00 16 00 00 00 00 00 00 00 01 00 00 00 01 00 00 00 8B 8A 0D 54 3F 1C 32 4E 81 32 53 0F 6A 50 20 90 2F 00 00 00 60 05 00 00 00 00 00 00 18 00 00 00 00 00 00 00 00 00 00 00 18 00 00 00 00 00 00 00 01 00 00 00
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StuckRects2\Settings: 28 00 00 00 FF FF FF FF 02 00 00 00 03 00 00 00 6B 00 00 00 1E 00 00 00 FE FF FF FF 3C 02 00 00 22 03 00 00 5A 02 00 00
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StuckRects2\Settings: 28 00 00 00 FF FF FF FF 02 00 00 00 03 00 00 00 6B 00 00 00 20 00 00 00 FE FF FF FF 3A 02 00 00 22 03 00 00 5A 02 00 00

----------------------------------
Files added:205
----------------------------------
C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\AO??.url
C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\?o?¶? Internet Explorer a?AA??.lnk
C:\Documents and Settings\Administrator\Desktop\Internet Explorer.lnk
...
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\LUIIOHEM\info_48[1]
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\VNEWMRCS\background_gradient[1]
C:\Documents and Settings\Administrator\Start Menu\ProgramsInternet Explorer
C:\Program Files\Common Files\Thunder Network\KanKan\Codecs\pncrt.dll
C:\Program Files\Common Files\Thunder Network\KanKan\Codecs\Real\Codecs\atrc.dll
C:\Program Files\Common Files\Thunder Network\KanKan\Codecs\Real\Codecs\cook.dll
...
C:\Program Files\Common Files\Thunder Network\KanKan\{9EFF1953-9694-47B1-AEF6-B2A3FE8BFE9B}.history
C:\Program Files\Common Files\Thunder Network\KanKan\{A4E38A50-618A-4B20-ABC6-551B5C661E9F}.history
C:\Program Files\Common Files\Thunder Network\KanKan\{ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8}.history
C:\Program Files\360adbr.exe
C:\Program Files\baidu\bar\baidubar.dat
C:\Program Files\baidu\bar\BaiduBar.dll
C:\Program Files\baidu\bar\BDBar_tmp\BaiduBar.dll
C:\Program Files\baidu\bar\img\imglist.bmp
C:\Program Files\baidu\bar\img\logo.bmp
C:\Program Files\Leeboo10\al.dll
C:\Program Files\Leeboo10\asyn_frame.dll
C:\Program Files\Leeboo10\backend_agent.dll
C:\Program Files\Leeboo10\BugReport.exe
C:\Program Files\Leeboo10\BugReportU.dll
C:\Program Files\Leeboo10\Codecs\pncrt.dll
C:\Program Files\Leeboo10\Codecs\Real\Codecs\atrc.dll
C:\Program Files\Leeboo10\Codecs\Real\Codecs\cook.dll
...
C:\Program Files\Leeboo10\skin\default\main.xml
C:\Program Files\Leeboo10\skin\default\maing.xml
C:\Program Files\Leeboo10\skin\default\mainn.xml
C:\Program Files\Leeboo10\stream.dll
C:\Program Files\Leeboo10\tsf.dll
C:\Program Files\Leeboo10\unins000.dat
C:\Program Files\Leeboo10\unins000.exe
C:\Program Files\Leeboo10\update.txt
C:\Program Files\Leeboo10\UpdateCtrl.dll
C:\Program Files\Leeboo10\upnp.exe
C:\Program Files\Leeboo10\vd.dll
C:\Program Files\Leeboo10\Whatsnew.txt
C:\Program Files\Leeboo10\xl_stat.dll
C:\Program Files\Leeboo10\zlib1.dll
C:\WINDOWS\ime\IMJPMIG9.exe
C:\WINDOWS\ime\TXPlatform.exe
C:\WINDOWS\system32\codecs\real\atrc.dll
C:\WINDOWS\system32\codecs\real\cook.dll
C:\WINDOWS\system32\codecs\real\drvc.dll
C:\WINDOWS\system32\codecs\real\raac.dll
C:\WINDOWS\system32\codecs\real\RealMediaSplitter.ax
C:\WINDOWS\system32\KB998072.exe
C:\WINDOWS\system32\pub_store.dat
C:\WINDOWS\system32\regsvr32.txt
C:\WINDOWS\Tasks\GoogleUpdate_9_1_1.job
C:\WINDOWS\Tasks\qqupdate2.job
C:\WINDOWS\GoogleUpdate.exe

----------------------------------
Files deleted:8
----------------------------------
C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
C:\Documents and Settings\Administrator\Start Menu\Programs\Internet Explorer.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Games\Internet Backgammon.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Games\Internet Checkers.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Games\Internet Hearts.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Games\Internet Reversi.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Games\Internet Spades.lnk

----------------------------------
Files [attributes?] modified:1
----------------------------------
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat

----------------------------------
Folders added:25
----------------------------------
C:\Documents and Settings\Administrator\Local Settings\Temp\is-I3SU7.tmp
C:\Documents and Settings\All Users\Start Menu\Programs\?°U?¶E??¤??A?
C:\Documents and Settings\All Users\Start Menu\Programs\AO??
C:\Program Files\Common Files\Thunder Network
C:\Program Files\Common Files\Thunder Network\KanKan
C:\Program Files\Common Files\Thunder Network\KanKan\Codecs
C:\Program Files\Common Files\Thunder Network\KanKan\Codecs\Real
C:\Program Files\Common Files\Thunder Network\KanKan\Codecs\Real\Codecs
C:\Program Files\baidu
C:\Program Files\baidu\bar
C:\Program Files\baidu\bar\BDBar_tmp
C:\Program Files\baidu\bar\BDBar_tmp\img
C:\Program Files\baidu\bar\img
C:\Program Files\Leeboo10
C:\Program Files\Leeboo10\cache
C:\Program Files\Leeboo10\Codecs
C:\Program Files\Leeboo10\Codecs\Real
C:\Program Files\Leeboo10\Codecs\Real\Codecs
C:\Program Files\Leeboo10\skin
C:\Program Files\Leeboo10\skin\default
C:\Program Files\Leeboo10\skin\default\images
C:\Program Files\Leeboo10\Update
C:\Program Files\Leeboo10\?µcO?°?a
C:\WINDOWS\system32\codecs
C:\WINDOWS\system32\codecs\real

----------------------------------
Folders deleted:0
----------------------------------

----------------------------------
Total changes:1049
----------------------------------

-------------------------------------------------------------------------------------
Detected by RegRun Reanimator:

Item Name: 360adig
Author: Unknown
Related File: C:\Program Files\360adig.exe
Type: Registry Run

Item Name: qqupdate2
Author: Unknown
Related File: C:\WINDOWS\system32\KB983971.exe
Type: Scheduled Tasks

Removal Results: Success
Number of reboot: 1
-------------------------------------------------------------------------------------
360adig.exe

Code:
Antivirus Version Last Update Result
Avast 4.8.1335.0 2009.08.06 -
AVG 8.5.0.406 2009.08.05 Downloader.Swizzor
BitDefender 7.2 2009.08.06 -
Comodo 1882 2009.08.06 -
DrWeb 5.0.0.12182 2009.08.06 -
F-Secure 8.0.14470.0 2009.08.06 -
Kaspersky 7.0.0.125 2009.08.06 -
Microsoft 1.4903 2009.08.06 -
NOD32 4310 2009.08.05 -
Symantec 1.4.4.12 2009.08.06 -

Additional information
File size: 567296 bytes
MD5...: 01f46c0bb7417c22f4e1b3e8be3ad99a
SHA1..: bddf538e4584c3e837c15705851f0e84ef072a73
-------------------------------------------------------------------------------------
KB983971.exe

Code:
Antivirus Version Last Update Result
Avast 4.8.1335.0 2009.08.02 -
AVG 8.5.0.406 2009.08.02 -
BitDefender 7.2 2009.08.03 Gen:Trojan.Heur.cmW@XEZo6vl
Comodo 1844 2009.08.03 -
DrWeb 5.0.0.12182 2009.08.03 -
F-Secure 8.0.14470.0 2009.08.03 Suspicious:W32/Malware!Gemini
Kaspersky 7.0.0.125 2009.08.03 -
Microsoft 1.4903 2009.08.02 -
NOD32 4299 2009.08.02 -
Symantec 1.4.4.12 2009.08.03 -

Additional information
File size: 43936 bytes
MD5 : feb171317973bdfc781ffa759ee892be
SHA1 : 5a26c0a23ebf0c9aa3f601221cb4d995d1ff0b2d
-------------------------------------------------------------------------------------
Recommended software:
UnHackMe anti-rootkit and anti-malware
http://www.unhackme.com
RegRun Security Suite (Good choice for removal and protection)

Remove LEEBOO11_747.EXE.HTM now!

Install UnHackMe Install RegRun

Virus Problem? Google Redirects? Ads? Slow?

  1. First download the latest version UnHackMe: Download UnHackMe.
  2. Open the archive and start the unhackme_setup.exe.
  3. When the installation is over you will see the main UnHackMe screen.
  4. Click on the Advanced button and choose “Send report to the support center” in the popup menu. Follow the instructions. The report file (regrunlog.txt) will be saved on your Desktop.
  5. Go to the Support Center. Attach it to your ticket and click on the Browse button and then to the regrunlog.txt file. Don’t insert the report text directly into the message text! We won’t be able to analyse such a report. Describe your problem in detail. Add the screenshot, your antivirus log or suspicious files.

Constantly updated. Last update: February 5 2012

Fix Windows PC's Fast! Automated Software Repairs damaged & slow windows systems in 1 click.


Quick Links
What's new?
RSS Feed
Add to AppDatabase
Ask Experts
Join forum
Links

Articles
Virus or not? SPTD####.sys
What is mc21.tmp, mc22.tmp, mc23.tmp?

Select
Necessary
Useless
At your option
Dangerous
Copyright © 1998-2012 Greatis Software