Home / Spyware Encyclopedia / IM.Rampage << Back

Recommendation to Automatically remove IM.Rampage


Our products can remove IM.Rampage and thousands of other Virus and Spyware automatically and instantly.

IM.Rampage Details


  • Category IM
  • Discovered 3/31/2011 7:19:28 PM
  • Modified 1/23/2020 5:17:26 PM
  • Threat Level Critical
  • Category Description
    A threat that is capable to cause Denial-Of-Service attacks against other instant messenger client systems.

The following Files were created:
VALUEFILESIZECOMPANYNAMEVERSIONSIGNATUREDate
Trojan-Dropper.Win32.Small.sv.exe 56320  f1cb2d7dd559e8334b99653cfbe4cb94 
sysw.dll 16384  eaed2163fdfb94b53de0747f451fdf2c 
k1234.exe 32768  c6b16ec101c9dc4fe1ea61d3aa4527ff 
Trojan-Dropper.Win32.Small.t.exe 54924  bdd5368df8de2079c2f029755a2d216a 
Trojan-Dropper.Win32.Small.tb.exe 7168  3b9ece0bab5a337200e0526ddb025143 
HPCHuninstaller.exe 2048  2dc701e92292b92d057c2da4f0e7a27a 
5462bd6198c73b70b5ec70840050c519.exe 258166 1.005462bd6198c73b70b5ec70840050c519 
Trojan-AOL.Win32.Rampage 258166 1.0.0.05a0076d27bc7fef2e93488d516b423d023/01/2020
OUT.BIN 913    
OUT.BIN 885    

The following Registry Entries were created:
..\System\CurrentControlSet\Services\estsprt\(Default)
..\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\"eplrr9"\"{80C400C5-A4E7-40BA-8387-F4C461E0108E}"
..\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\"System"\"{06C7ED5C-8177-4E95-84B1-20FDE5253C23}"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"websrvk"\"%DAS.AU.LS%\Temp\k1234.exe"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"Systems Restart"\"Rundll32.exe snim.dll, DllRegisterServer"
..\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E6CB5474-623A-4622-8BDA-8CD585BE6E7E}\(Default)
..\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnInstallSearch\(Default)
..\Software\Classes\Clsid\{E6CB5474-623A-4622-8BDA-8CD585BE6E7E}\(Default)
..\Software\Classes\Clsid\{C30D4881-1FED-47F7-9DAD-9D5659253B46}\(Default)
..\Software\Classes\Clsid\{80C400C5-A4E7-40BA-8387-F4C461E0108E}\(Default)

Notice
Please note that the following information is not controlled or endorsed by Max Secure Software. They are captured automatically by tools in our malware Research Lab as a result of executing Spyware Files or browsing Internet in virtual environment. Please contact us if you find any information inappropriate for removal. All the work contained in this report is copyrighted and should not be copied without permission from Max Secure Antivirus. We do not recommend browsing or removing these entries on your own manually. We do not take any warranty against the use or result of the use of this information.

Home / Malware Encyclopedia << Back

Max Total Security can detect & quarantine this Malware