Zero day attack Removal: Remove Zero day attack Forever
Let our support team solve your problem with Zero day attack and repair Zero day attack right now!
Leave the detailed description of your Zero day attack problem in the form below. Our support team will contact you in several minutes and give a step-by-step instruction on how to fix Zero day attack problem. Please be specific. Do your best describing the problem. This will help us recommend right and complete Zero day attack problem removal solution.
Describe your problem here and we'll contact you in several minutes:
Warning:
1) We hate spam as much as you do. We will not share your email with any third party or publish it anywhere. Your email is used only to contact you and give you Zero day attack removal solution.
2) All fields of this form are obligatory.
Threat's profile
|
Name of the threat: Zero day attack |
| Command or file name: 991.exe |
| Threat type: Spyware\trojan |
| Affected OS: Win32 (Windows 9x, Windows XP, Windows Vista) |
Zero day attack intrusion method
Zero day attack copies its file(s) to your hard disk. Its typical file name is 991.exe. Then it creates new startup key with name Zero day attack and value 991.exe. You can also find it in your processes list with name 991.exe or Zero day attack.
If you have further questions about Zero day attack, please fill in the form above and we'll contact you shortly.
» Download program to remove Zero day attack (Zero day attack Removal Tool)
Recommended Solution
If you are not sure what to delete, use our award winning program - Zero day attack Removal Tool.
Zero day attack Removal Tool will find and fully remove Zero day attack and all problems associated with Zero day attack virus.
Fast, easy, and handy, Zero day attack Removal Tool protects your computer against Zero day attack that does harm to your computer and breaks your privacy. Zero day attack Removal Tool scans your hard disks and registry and destroys any manifestation of Zero day attack. Standard anti-virus software can do nothing against malicious programs like Zero day attack. Remove Zero day attack straight away!
» Download Zero day attack Removal Tool now for free
How to fix Zero day attack
This problem can be solved manually by deleting all registry keys and files connected with Zero day attack, removing it from starup list and unregistering all corresponding DLLs. Additionally missing DLL's should be restored from distribution in case they are corrupted by Zero day attack.
To get rid of Zero day attack, you should:
1. Kill the following processes and delete the appropriate files:
• adir.dll
• aspi221709.exe
• aspi221719.exe
• aspi223599.exe
• aspi225159.exe
• aspi226099.exe
• aspi226409.exe
• aspi228909.exe
• bpnqxsf.dll
• cdegfr
• csddriver.sys
• dgrgesrgfdgf.tmp
• dial[1].exe
• dminupnp.dll
• dpmomspr.dll
• fdsf
• g32.txt
• her.pt
• iktzetd.dll
• image.gif.exe
• jkt8949kir.tmp
• kbgtpzb.dll
• lt[1].exe
• lzx32.sys
• msimnpwm.exe
• ocmawsnm.exe
• p2hhr.bat
• patch[1].exe
• privcash.exe
• privcash[1].exe
• rdpwiasn.dll
• scane[1].exe
• sdfff
• soc[1].exe
• spmk[1].exe
• ss[1].exe
• swprodte.dll
• swprodte.exe
• topinst.exe
• upperhost.dll
• wdcsadsad
• winmad[1].exe
• winmaz.bat
• winmaz.exe
• winmaz[1].bat
• winmaz[1].exe
• winudu[1].exe
• www.uniblue[1].com
• yaudri.dll
• yes.exe
• yes[1].exe
• zxczxc
• _td10.tmp
• _td11.tmp
• _td12.tmp
• _td13.tmp
• _td14.tmp
• _td15.tmp
• _td16.tmp
• _td17.tmp
• _td18.tmp
• _td19.tmp
• _td1a.tmp
• _td1b.tmp
• _td1c.tmp
• _td1d.tmp
• _td1e.tmp
• _td1f.tmp
• _td23.tmp
• _td29.tmp
• _td3.tmp
• _td4.tmp
• _td5.tmp
• _td6.tmp
• _td7.tmp
• _td8.tmp
• _td9.tmp
• _tda.tmp
• _tdb.tmp
• _tdc.tmp
• _tdd.tmp
• _tde.tmp
• _tdf.tmp
• ~21.tmp
• ~22.tmp
• ~28.tmp
• ~3.tmp
• ~4.tmp
Warning: you should delete only those files which checksums are listed as malicious. There may be valid files with the same names in your system. We recommend you to use Zero day attack Removal Tool for safe problem solution.
2. Delete the following malicious folders:
no information
3. Delete the following malicious registry entries and\or values:
• Key: SYSTEM\CurrentControlSet\Control\InitRegKey\mod Value: jpeg
• Key: CLSID\{855875B5-93F3-429D-FF34-660B206D897C} Value: ThreadingModel
• Key: SOFTWARE\Classes\CLSID\{855875B5-93F3-429D-FF34-660B206D897C}\InProcServer32 Value: ThreadingModel
• Key: SOFTWARE\Microsoft\Windows\CurrentVersion\Run\dcdf22a6.exe
• Key: Software\Microsoft\Sft
• Key: CLSID\{31909793-B14A-18FA-1007-0265051CFC2B}\InprocServer32 Value: ThreadingModel
• Key: SOFTWARE\Microsoft\Windows\CurrentVersion\Run\708adabe.exe
• Key: CLSID\{297A111E-5C7F-2744-37B7-08F8EEF35CC6}\InprocServer32
• Key: CLSID\{523455E4-ABCD-ABCD-1114-D709ADD3DDAB}\InProcServer32
• Key: System\CurrentControlSet\Services\hide_evr2 Value: Type
• Key: System\CurrentControlSet\Services\hide_evr2 Value: Start
• Key: System\CurrentControlSet\Services\hide_evr2 Value: ErrorControl
• Key: System\CurrentControlSet\Services\hide_evr2 Value: ImagePath
• Key: System\CurrentControlSet\Services\hide_evr2 Value: DisplayName
• Key: System\CurrentControlSet\Services\hide_evr2\Security Value: Security
• Key: SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HIDE_EVR2 Value: NextInstance
• Key: SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HIDE_EVR2\0000\Control Value: *NewlyCreated*
• Key: SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HIDE_EVR2\0000 Value: Service
• Key: SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HIDE_EVR2\0000 Value: Legacy
• Key: SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HIDE_EVR2\0000 Value: ConfigFlags
• Key: SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HIDE_EVR2\0000 Value: Class
• Key: SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HIDE_EVR2\0000 Value: ClassGUID
• Key: SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_HIDE_EVR2\0000 Value: DeviceDesc
• Key: SYSTEM\CURRENTCONTROLSET\SERVICES\hide_evr2\Enum
• Key: SYSTEM\CURRENTCONTROLSET\SERVICES\hide_evr2\Enum Value: Count
• Key: SYSTEM\CURRENTCONTROLSET\SERVICES\hide_evr2\Enum Value: NextInstance
• Key: SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows Value: AppInit_DLLs
• Key: SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\acac Value: Startup
• Key: SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\acac Value: Shutdown
• Key: SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\acac Value: Impersonate
• Key: SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\acac Value: Asynchronous
• Key: SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\acac Value: Image
• Key: SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows Value: AppInit_DLLs
• Key: System\CurrentControlSet\Services\aspi113210 Value: Type
• Key: System\CurrentControlSet\Services\aspi113210 Value: Start
• Key: System\CurrentControlSet\Services\aspi113210 Value: ErrorControl
• Key: System\CurrentControlSet\Services\aspi113210 Value: ImagePath
• Key: System\CurrentControlSet\Services\aspi113210 Value: DisplayName
• Key: System\CurrentControlSet\Services\aspi113210\Security Value: Security
• Key: System\CurrentControlSet\Services\aspi113210 Value: ObjectName
• Key: SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_ASPI113210 Value: NextInstance
• Key: SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_ASPI113210\0000\Control Value: *NewlyCreated*
• Key: SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_ASPI113210\0000 Value: Service
• Key: SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_ASPI113210\0000 Value: Legacy
• Key: SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_ASPI113210\0000 Value: ConfigFlags
• Key: SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_ASPI113210\0000 Value: Class
• Key: SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_ASPI113210\0000 Value: ClassGUID
• Key: SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_ASPI113210\0000 Value: DeviceDesc
• Key: SYSTEM\CURRENTCONTROLSET\SERVICES\aspi113210\Enum
• Key: SYSTEM\CURRENTCONTROLSET\SERVICES\aspi113210\Enum Value: Count
• Key: SYSTEM\CURRENTCONTROLSET\SERVICES\aspi113210\Enum Value: NextInstance
• Key: System\CurrentControlSet\Enum\Root\LEGACY_ASPI113210\0000\Control Value: ActiveService
• Key: Software\Microsoft\swprodte Value: RepB
• Key: System\CurrentControlSet\Services\aspi113210 Value: ImagePath
• Key: SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler Value: {855875B5-93F3-429D-FF34-660B206D897C}
• Key: SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\swprodte Value: DllName
• Key: SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\swprodte Value: Startup
• Key: SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\swprodte Value: Shutdown
• Key: SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\swprodte Value: Impersonate
• Key: SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\swprodte Value: Asynchronous
• Key: SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows Value: AppInit_DLLs
• Key: SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows Value: AppInit_DLLs
• Key: SYSTEM\CurrentControlSet\Control\InitRegKey\mod Value: fake
• Key: SYSTEM\CurrentControlSet\Control\InitRegKey\mod Value: inject
• Key: SYSTEM\CURRENTCONTROLSET\ENUM\Root\LEGACY_HIDE_EVR2\0000\Control Value: ActiveService
• Key: System\CurrentControlSet\Services\CsdDriver Value: ImagePath
• Key: System\CurrentControlSet\Services\CsdDriver Value: DisplayName
• Key: System\CurrentControlSet\Services\CsdDriver\Security Value: Security
• Key: SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_CSDDRIVER Value: NextInstance
• Key: SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_CSDDRIVER\0000\Control Value: *NewlyCreated*
• Key: SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_CSDDRIVER\0000 Value: Service
• Key: SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_CSDDRIVER\0000 Value: Legacy
• Key: SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_CSDDRIVER\0000 Value: ConfigFlags
• Key: SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_CSDDRIVER\0000 Value: Class
• Key: SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_CSDDRIVER\0000 Value: ClassGUID
• Key: SYSTEM\CURRENTCONTROLSET\ENUM\ROOT\LEGACY_CSDDRIVER\0000 Value: DeviceDesc
• Key: SYSTEM\CURRENTCONTROLSET\SERVICES\CsdDriver\Enum
• Key: SYSTEM\CURRENTCONTROLSET\SERVICES\CsdDriver\Enum Value: Count
• Key: SYSTEM\CURRENTCONTROLSET\SERVICES\CsdDriver\Enum Value: NextInstance
• Key: SYSTEM\CURRENTCONTROLSET\ENUM\Root\LEGACY_CSDDRIVER\0000\Control Value: ActiveService
• Key: System\CurrentControlSet\Services\CsdDriver Value: Type
• Key: System\CurrentControlSet\Services\CsdDriver Value: Start
• Key: System\CurrentControlSet\Services\CsdDriver Value: ErrorControl
Warning: If value is listed for some registry entries, you should only clear these values and leave keys with such values untouched. We recommend you to use Zero day attack Removal Tool for safe problem solution.
Here are the descriptions of problems connected with Zero day attack and 991.exe we received earlier:
991.exe boots automatically
Problem Summary: 991.exe boots automatically
when my computer starts up a lot numbers.exe apears on my task manager includling 991.exe and a lot of other .exe programs that i got installed on my pc
Our support has contacted the author of this message, Hector Ortega, and helped to solve his problem.
Next threat: Zero Day Attack 2 »
Learn more about Zero day attack and 991.exe »
« Back to catalog
Solution: 3724
|