mkfxut.exe - Dangerous
mkfxut.exe
Jeff's Story:
My PC had gotten a bad rootkit that my ISP antivirus software (powered by McAfee) could not detect, nor could fix.
I sought a solution on the Internet and discovered your product and tried out the trial.
You quickly found the rootkit and SAVED my PC!
I haven't had any problems since, and I'm extremely grateful.
Manual removal instructions:
Msnavc32.exe runs from Windows startup registry keys.
Also, Msnavc32 alters the AppInitDLLs registry value to track all started processes and Internet activity.
Msnavc32 copies its body to the Windows\System32 folder.
Msnavc32 can change WinSock2 LSP chain.
It inserts the dolsp.dll into the LSP chain.
Related files:
0er8k4va.exe
Mkfxut.exe
pkdacs.exe
ywrqku.exe
msnavc32.exe
AutoUpdate.exe
winntcreate.exe
vwix32.exe
sysmonnt.exe
winhcek32.exe
qlykdnb.dll
rypgvtoimrl.exe
spwgoc.exe
msnavc32.exe
sysmonnt
hpdll.exe
w?wexec.exe
ffisearch.exe
Delete the files.
They are may be hidden.
C:\Program Files\0er8k4va\0er8k4va.exe
C:\WINDOWS\System32\Mkfxut.exe
C:\WINDOWS\system32\pkdacs.exe
C:\WINDOWS\System32\ywrqku.exe
C:\windows\system32\msnavc32.exe
C:\Program Files\AutoUpdate\AutoUpdate.exe
C:\WINDOWS\System32\winntcreate.exe
C:\WINDOWS\System32\vwix32.exe
C:\WINDOWS\System32\sysmonnt.exe
C:\WINDOWS\System32\winhcek32.exe
C:\WINDOWS\System32\qlykdnb.dll
C:\WINDOWS\System32\rypgvtoimrl.exe
C:\WINDOWS\System32\spwgoc.exe
C:\windows\system32\msnavc32.exe
C:\WINDOWS\System32\sysmonnt
C:\Program Files\hpdll\hpdll.exe
C:\WINDOWS\System32\w?wexec.exe
C:\WINDOWS\isrvs\ffisearch.exe
Removal:
Use RegRun.
Clear Browser Helper Objects list.
Reset to default the AppInitDlls (Anti Spyware module).
Recover LSP using RegRun Winsock2 recovery.
Kill the processes and remove the virus files from Windows startup.